AmarBego/Rscoop

v1.9.3 Security

This release includes 3 security fixes for security teams reviewing exposed deployments.

Published 7d CLI & Terminal

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 3 known CVEs

Topics

app-installer gui package-manager rust scoop scoop-apps

+3 more

tauri windows windows-package-manager

Affected surfaces

auth rce_ssrf

Summary

AI summary

Updates Release Notes 1.9.2, Emergency Patch, and Release Notes 1.9.3 across a mixed release.

Changes in this release

Type	Severity	Summary	CVE
Security
Security	High	Prevents accidental downgrades during installation. Prevents accidental downgrades during installation. Source: llm_adapter@2026-05-27 Confidence: high	—
Security	High	Improves protection of app updates to ensure trusted files are received. Improves protection of app updates to ensure trusted files are received. Source: granite4.1:30b@2026-05-27-audit Confidence: low	—
Security	High	Restricts opening package and bucket folders to Scoop directories only. Restricts opening package and bucket folders to Scoop directories only. Source: granite4.1:30b@2026-05-27-audit Confidence: low	—
Bugfix
Bugfix	Medium	Fixes bucket updates not running after the last update. Fixes bucket updates not running after the last update. Source: llm_adapter@2026-05-27 Confidence: low	—
Bugfix	Medium	Restores bucket refreshes for GitHub and other HTTPS buckets. Restores bucket refreshes for GitHub and other HTTPS buckets. Source: granite4.1:30b@2026-05-27-audit Confidence: low	—
Bugfix	Low	Makes clipboard, settings, package, bucket, and operation errors easier to understand. Makes clipboard, settings, package, bucket, and operation errors easier to understand. Source: llm_adapter@2026-05-27 Confidence: high	—
Bugfix	Low	Handles unexpected browser and system errors more gracefully. Handles unexpected browser and system errors more gracefully. Source: llm_adapter@2026-05-27 Confidence: high	—
Bugfix	Low	Improves consistency of error messages across the app. Improves consistency of error messages across the app. Source: llm_adapter@2026-05-27 Confidence: low	—
Bugfix	Low	Makes error messages more consistent across the application. Makes error messages more consistent across the application. Source: granite4.1:30b@2026-05-27-audit Confidence: low	—

Full changelog

Release Notes 1.9.3

Emergency Patch

Fixed bucket updates not running after the last update.
Bucket refreshes now work again for GitHub and other HTTPS buckets.
If your package lists looked stale, updating buckets should bring them back in sync.

Release Notes 1.9.2

Security

App updates are now better protected, helping ensure you only receive trusted update files.
Opening package and bucket folders is safer and now stays within your Scoop folders.
The installer now prevents accidental downgrades.

Improvements

Error messages are now more consistent across the app.
Clipboard, saved settings, package, bucket, settings, and operation errors are easier to understand when something goes wrong.
The app handles unexpected browser and system errors more gracefully.

Security Fixes

App updates now enforce trusted file verification to prevent untrusted update files
Opening package and bucket folders is restricted to Scoop directories to avoid directory traversal risks
Installer blocks accidental downgrades

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track AmarBego/Rscoop

Get notified when new releases ship.

About AmarBego/Rscoop

All releases →