The update checker fetches https://registry.npmjs.org/@larksuite/cli/latest
with a 5-second HTTP client timeout. Under high-latency network conditions
(TUN-mode proxies, VPNs, transcontinental routes), TLS handshake alone can
take 4-6 seconds, causing the check to fail with:
context deadline exceeded (Client.Timeout exceeded while awaiting headers)
Measured example behind a Clash TUN proxy (US node from China):
DNS resolve: ~0ms (fake-ip)
TCP connect: ~0ms (local TUN)
TLS handshake: 4.3-5.9s <-- bottleneck
Total: 4.7-6.3s
curl succeeds because it has no default connect timeout, but the Go HTTP
client with Timeout=5s is too tight. The registry endpoint returns a tiny
JSON payload (<1KB), so 15s is more than enough headroom while still
failing fast on genuinely unreachable networks.
Co-authored-by: 王伟达 <weida.wang@m.com>