Merge pull request #1 from tauri-apps/v2

V2 merges to forked branch
pull/1029/head
Tahmin Ahmed 1 year ago committed by GitHub
commit 31085b8213
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

@ -0,0 +1,5 @@
---
'single-instance': patch
---
Fix doesn't shutdown immediately.

@ -0,0 +1,6 @@
---
"shell": "patch"
"shell-js": "patch"
---
On Windows, fix `open` can't open file if the file is being used by a program.

@ -0,0 +1,57 @@
---
"authenticator": patch
"autostart": patch
"barcode-scanner": patch
"biometric": patch
"cli": patch
"clipboard-manager": patch
"deep-link": patch
"dialog": patch
"fs": patch
"global-shortcut": patch
"http": patch
"localhost": patch
"log-plugin": patch
"nfc": patch
"notification": patch
"os": patch
"persisted-scope": patch
"positioner": patch
"process": patch
"shell": patch
"single-instance": patch
"sql": patch
"store": patch
"stronghold": patch
"updater": patch
"upload": patch
"websocket": patch
"window-state": patch
"authenticator-js": patch
"autostart-js": patch
"barcode-scanner-js": patch
"biometric-js": patch
"cli-js": patch
"clipboard-manager-js": patch
"deep-link-js": patch
"dialog-js": patch
"fs-js": patch
"global-shortcut-js": patch
"http-js": patch
"log-js": patch
"nfc-js": patch
"notification-js": patch
"os-js": patch
"positioner-js": patch
"process-js": patch
"shell-js": patch
"sql-js": patch
"store-js": patch
"stronghold-js": patch
"updater-js": patch
"upload-js": patch
"websocket-js": patch
"window-state-js": patch
---
Update to tauri beta.8.

6
.gitignore vendored

@ -1,4 +1,8 @@
target target
node_modules node_modules
dist-js dist-js
dist dist
.idea
.vscode
.gradle
**/capabilities/schemas

144
Cargo.lock generated

@ -562,7 +562,7 @@ checksum = "d9b39be18770d11421cdb1b9947a45dd3f37e93092cbf377614828a319d5fee8"
dependencies = [ dependencies = [
"hermit-abi 0.1.19", "hermit-abi 0.1.19",
"libc", "libc",
"winapi 0.3.9", "winapi",
] ]
[[package]] [[package]]
@ -579,7 +579,7 @@ dependencies = [
"log", "log",
"rand 0.7.3", "rand 0.7.3",
"runloop", "runloop",
"winapi 0.3.9", "winapi",
] ]
[[package]] [[package]]
@ -1174,7 +1174,7 @@ checksum = "5a5f741c91823341bebf717d4c71bda820630ce065443b58bd1b7451af008355"
dependencies = [ dependencies = [
"is-terminal", "is-terminal",
"lazy_static", "lazy_static",
"winapi 0.3.9", "winapi",
] ]
[[package]] [[package]]
@ -1633,7 +1633,7 @@ checksum = "1b1d1d91c932ef41c0f2663aa8b0ca0342d444d842c06914aa0a7e352d0bada6"
dependencies = [ dependencies = [
"libc", "libc",
"redox_users", "redox_users",
"winapi 0.3.9", "winapi",
] ]
[[package]] [[package]]
@ -1644,7 +1644,7 @@ checksum = "4ebda144c4fe02d1f7ea1a7d9641b6fc6b580adcfa024ae48797ecdeb6825b4d"
dependencies = [ dependencies = [
"libc", "libc",
"redox_users", "redox_users",
"winapi 0.3.9", "winapi",
] ]
[[package]] [[package]]
@ -1659,7 +1659,7 @@ version = "0.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "330c60081dcc4c72131f8eb70510f1ac07223e5d4163db481a04a0befcffa412" checksum = "330c60081dcc4c72131f8eb70510f1ac07223e5d4163db481a04a0befcffa412"
dependencies = [ dependencies = [
"libloading 0.8.1", "libloading 0.7.4",
] ]
[[package]] [[package]]
@ -1671,7 +1671,7 @@ dependencies = [
"dlopen2_derive", "dlopen2_derive",
"libc", "libc",
"once_cell", "once_cell",
"winapi 0.3.9", "winapi",
] ]
[[package]] [[package]]
@ -2472,7 +2472,7 @@ dependencies = [
"gobject-sys 0.16.3", "gobject-sys 0.16.3",
"libc", "libc",
"system-deps", "system-deps",
"winapi 0.3.9", "winapi",
] ]
[[package]] [[package]]
@ -2485,7 +2485,7 @@ dependencies = [
"gobject-sys 0.18.0", "gobject-sys 0.18.0",
"libc", "libc",
"system-deps", "system-deps",
"winapi 0.3.9", "winapi",
] ]
[[package]] [[package]]
@ -2828,7 +2828,7 @@ checksum = "3c731c3e10504cc8ed35cfe2f1db4c9274c3d35fa486e3b31df46f068ef3e867"
dependencies = [ dependencies = [
"libc", "libc",
"match_cfg", "match_cfg",
"winapi 0.3.9", "winapi",
] ]
[[package]] [[package]]
@ -3266,7 +3266,7 @@ dependencies = [
"jni-sys", "jni-sys",
"log", "log",
"thiserror", "thiserror",
"walkdir 2.4.0", "walkdir",
"windows-sys 0.45.0", "windows-sys 0.45.0",
] ]
@ -3315,16 +3315,6 @@ dependencies = [
"treediff", "treediff",
] ]
[[package]]
name = "kernel32-sys"
version = "0.2.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7507624b29483431c0ba2d82aece8ca6cdba9382bff4ddd0f7490560c056098d"
dependencies = [
"winapi 0.2.8",
"winapi-build",
]
[[package]] [[package]]
name = "keyboard-types" name = "keyboard-types"
version = "0.6.2" version = "0.6.2"
@ -3432,7 +3422,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b67380fd3b2fbe7527a606e18729d21c6f3951633d0500574c4dc22d2d638b9f" checksum = "b67380fd3b2fbe7527a606e18729d21c6f3951633d0500574c4dc22d2d638b9f"
dependencies = [ dependencies = [
"cfg-if", "cfg-if",
"winapi 0.3.9", "winapi",
] ]
[[package]] [[package]]
@ -3471,7 +3461,7 @@ dependencies = [
"cc", "cc",
"libc", "libc",
"pkg-config", "pkg-config",
"walkdir 2.4.0", "walkdir",
] ]
[[package]] [[package]]
@ -3882,7 +3872,7 @@ dependencies = [
"log", "log",
"mio", "mio",
"serde", "serde",
"walkdir 2.4.0", "walkdir",
"windows-sys 0.48.0", "windows-sys 0.48.0",
] ]
@ -3897,7 +3887,7 @@ dependencies = [
"log", "log",
"notify", "notify",
"parking_lot", "parking_lot",
"walkdir 2.4.0", "walkdir",
] ]
[[package]] [[package]]
@ -3907,7 +3897,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "77a8165726e8236064dbb45459242600304b42a5ea24ee2948e18e023bf7ba84" checksum = "77a8165726e8236064dbb45459242600304b42a5ea24ee2948e18e023bf7ba84"
dependencies = [ dependencies = [
"overload", "overload",
"winapi 0.3.9", "winapi",
] ]
[[package]] [[package]]
@ -4065,9 +4055,9 @@ checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5"
[[package]] [[package]]
name = "open" name = "open"
version = "4.2.0" version = "5.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3a083c0c7e5e4a8ec4176346cf61f67ac674e8bfb059d9226e1c54a96b377c12" checksum = "68b3fbb0d52bf0cbb5225ba3d2c303aa136031d43abff98284332a9981ecddec"
dependencies = [ dependencies = [
"is-wsl", "is-wsl",
"libc", "libc",
@ -4146,7 +4136,7 @@ checksum = "006e42d5b888366f1880eda20371fedde764ed2213dc8496f49622fa0c99cd5e"
dependencies = [ dependencies = [
"log", "log",
"serde", "serde",
"winapi 0.3.9", "winapi",
] ]
[[package]] [[package]]
@ -5038,7 +5028,7 @@ dependencies = [
"spin 0.5.2", "spin 0.5.2",
"untrusted 0.7.1", "untrusted 0.7.1",
"web-sys", "web-sys",
"winapi 0.3.9", "winapi",
] ]
[[package]] [[package]]
@ -5277,16 +5267,6 @@ version = "0.3.3"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ef703b7cb59335eae2eb93ceb664c0eb7ea6bf567079d843e09420219668e072" checksum = "ef703b7cb59335eae2eb93ceb664c0eb7ea6bf567079d843e09420219668e072"
[[package]]
name = "same-file"
version = "0.1.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d931a44fdaa43b8637009e7632a02adc4f2b2e0733c08caa4cf00e8da4a117a7"
dependencies = [
"kernel32-sys",
"winapi 0.2.8",
]
[[package]] [[package]]
name = "same-file" name = "same-file"
version = "1.0.6" version = "1.0.6"
@ -5598,7 +5578,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b0d94659ad3c2137fef23ae75b03d5241d633f8acded53d672decfa0e6e0caef" checksum = "b0d94659ad3c2137fef23ae75b03d5241d633f8acded53d672decfa0e6e0caef"
dependencies = [ dependencies = [
"libc", "libc",
"winapi 0.3.9", "winapi",
] ]
[[package]] [[package]]
@ -6281,9 +6261,9 @@ checksum = "69758bda2e78f098e4ccb393021a0963bb3442eac05f135c30f61b7370bbafae"
[[package]] [[package]]
name = "tauri" name = "tauri"
version = "2.0.0-beta.4" version = "2.0.0-beta.8"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bb6b10809e932ed85813fff9ac748cbcc0cf4c78209433b1b6e025660619f2e4" checksum = "b2bd3d5ccf5316833c0f71c645c25585bddf997a16bea652bf3eab8114273cff"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"bytes", "bytes",
@ -6334,9 +6314,9 @@ dependencies = [
[[package]] [[package]]
name = "tauri-build" name = "tauri-build"
version = "2.0.0-beta.3" version = "2.0.0-beta.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e4ea663cde4862231178215d364b3650dade8cb159fc84a1bea5c365689dacd0" checksum = "3ca30dbed856449b41abed13a5a46655ea2196075e09e99e22fe8ed0958b6aee"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"cargo_toml", "cargo_toml",
@ -6353,14 +6333,14 @@ dependencies = [
"tauri-utils", "tauri-utils",
"tauri-winres", "tauri-winres",
"toml 0.8.2", "toml 0.8.2",
"walkdir 2.4.0", "walkdir",
] ]
[[package]] [[package]]
name = "tauri-codegen" name = "tauri-codegen"
version = "2.0.0-beta.3" version = "2.0.0-beta.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "94a770b18aa021b0c8568c8f0d347044a72d349b6a13dd1db28c558832e8e681" checksum = "bf4ed45a0d2a1723ef4ea71d1aa5809c4a8bcaa92de77f6c9a8f4d4f28c5d86a"
dependencies = [ dependencies = [
"base64 0.21.7", "base64 0.21.7",
"brotli", "brotli",
@ -6380,14 +6360,14 @@ dependencies = [
"time", "time",
"url", "url",
"uuid", "uuid",
"walkdir 2.4.0", "walkdir",
] ]
[[package]] [[package]]
name = "tauri-macros" name = "tauri-macros"
version = "2.0.0-beta.3" version = "2.0.0-beta.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "85b100bf9f05a013719fa6c9bf096da42511888b3671d9c22bffa12a030d76a9" checksum = "d0a75661fb86b350141e78ad54ce9c60346149afc5cbf41de2ca60a1ebc252b3"
dependencies = [ dependencies = [
"heck", "heck",
"proc-macro2", "proc-macro2",
@ -6399,9 +6379,9 @@ dependencies = [
[[package]] [[package]]
name = "tauri-plugin" name = "tauri-plugin"
version = "2.0.0-beta.3" version = "2.0.0-beta.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "140c010cfb7120c9276e6e0b0c271dabb7988be2998011f918b669e766224e55" checksum = "e9530f0f0d809e77ff9a93da5ff2483faf8fef2cb8ed125ca7b0172cb92685d4"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"glob", "glob",
@ -6411,7 +6391,7 @@ dependencies = [
"serde_json", "serde_json",
"tauri-utils", "tauri-utils",
"toml 0.8.2", "toml 0.8.2",
"walkdir 1.0.7", "walkdir",
] ]
[[package]] [[package]]
@ -6723,7 +6703,7 @@ dependencies = [
[[package]] [[package]]
name = "tauri-plugin-single-instance" name = "tauri-plugin-single-instance"
version = "2.0.0-beta.1" version = "2.0.0-beta.2"
dependencies = [ dependencies = [
"log", "log",
"serde", "serde",
@ -6860,9 +6840,9 @@ dependencies = [
[[package]] [[package]]
name = "tauri-runtime" name = "tauri-runtime"
version = "2.0.0-beta.3" version = "2.0.0-beta.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dc687ef6571127f0ad9a9bef141ca3f8d9597b7f99949047d5c69ed731cf36c4" checksum = "0381b4b96e1f4f39a24ca6472c9b016151b103a54b1425233007fdbc26cf20a8"
dependencies = [ dependencies = [
"gtk", "gtk",
"http 0.2.11", "http 0.2.11",
@ -6878,9 +6858,9 @@ dependencies = [
[[package]] [[package]]
name = "tauri-runtime-wry" name = "tauri-runtime-wry"
version = "2.0.0-beta.3" version = "2.0.0-beta.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a07b1d76d4159aec5c2cff742e30b0f5b3675a2520b979acbbc66c5f92c99491" checksum = "4eef6a8373c9936b33a58c1bdbdd76fe4603d00ebe72304c0777bf0674e455aa"
dependencies = [ dependencies = [
"cocoa 0.25.0", "cocoa 0.25.0",
"gtk", "gtk",
@ -6892,6 +6872,7 @@ dependencies = [
"tao", "tao",
"tauri-runtime", "tauri-runtime",
"tauri-utils", "tauri-utils",
"url",
"webkit2gtk", "webkit2gtk",
"webview2-com", "webview2-com",
"windows 0.52.0", "windows 0.52.0",
@ -6900,9 +6881,9 @@ dependencies = [
[[package]] [[package]]
name = "tauri-utils" name = "tauri-utils"
version = "2.0.0-beta.3" version = "2.0.0-beta.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2729b59832a96dd05f4f2ced33e2ab976ca60c58c1d675afe6aabc486eb51143" checksum = "92e35e2f9a5ee8539d00dde621f176647747736a388a07c3083a0cc1b96ba6d7"
dependencies = [ dependencies = [
"aes-gcm 0.10.3", "aes-gcm 0.10.3",
"brotli", "brotli",
@ -6931,7 +6912,7 @@ dependencies = [
"thiserror", "thiserror",
"toml 0.8.2", "toml 0.8.2",
"url", "url",
"walkdir 2.4.0", "walkdir",
] ]
[[package]] [[package]]
@ -7466,7 +7447,7 @@ checksum = "89daebc3e6fd160ac4aa9fc8b3bf71e1f74fbf92367ae71fb83a037e8bf164b9"
dependencies = [ dependencies = [
"memoffset 0.9.0", "memoffset 0.9.0",
"tempfile", "tempfile",
"winapi 0.3.9", "winapi",
] ]
[[package]] [[package]]
@ -7647,24 +7628,13 @@ dependencies = [
"libc", "libc",
] ]
[[package]]
name = "walkdir"
version = "1.0.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bb08f9e670fab86099470b97cd2b252d6527f0b3cc1401acdb595ffc9dd288ff"
dependencies = [
"kernel32-sys",
"same-file 0.1.3",
"winapi 0.2.8",
]
[[package]] [[package]]
name = "walkdir" name = "walkdir"
version = "2.4.0" version = "2.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d71d857dc86794ca4c280d616f7da00d2dbfd8cd788846559a6813e6aa4b54ee" checksum = "d71d857dc86794ca4c280d616f7da00d2dbfd8cd788846559a6813e6aa4b54ee"
dependencies = [ dependencies = [
"same-file 1.0.6", "same-file",
"winapi-util", "winapi-util",
] ]
@ -7964,12 +7934,6 @@ dependencies = [
"windows-sys 0.36.1", "windows-sys 0.36.1",
] ]
[[package]]
name = "winapi"
version = "0.2.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "167dc9d6949a9b857f3451275e911c3f44255842c1f7a76f33c55103a909087a"
[[package]] [[package]]
name = "winapi" name = "winapi"
version = "0.3.9" version = "0.3.9"
@ -7980,12 +7944,6 @@ dependencies = [
"winapi-x86_64-pc-windows-gnu", "winapi-x86_64-pc-windows-gnu",
] ]
[[package]]
name = "winapi-build"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2d315eee3b34aca4797b2da6b13ed88266e6d612562a0c46390af8299fc699bc"
[[package]] [[package]]
name = "winapi-i686-pc-windows-gnu" name = "winapi-i686-pc-windows-gnu"
version = "0.4.0" version = "0.4.0"
@ -7998,7 +7956,7 @@ version = "0.1.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f29e6f9198ba0d26b4c9f07dbe6f9ed633e1f3d5b8b414090084349e46a52596" checksum = "f29e6f9198ba0d26b4c9f07dbe6f9ed633e1f3d5b8b414090084349e46a52596"
dependencies = [ dependencies = [
"winapi 0.3.9", "winapi",
] ]
[[package]] [[package]]
@ -8381,7 +8339,7 @@ version = "0.10.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "80d0f4e272c85def139476380b12f9ac60926689dd2e01d4923222f40580869d" checksum = "80d0f4e272c85def139476380b12f9ac60926689dd2e01d4923222f40580869d"
dependencies = [ dependencies = [
"winapi 0.3.9", "winapi",
] ]
[[package]] [[package]]
@ -8406,9 +8364,9 @@ dependencies = [
[[package]] [[package]]
name = "wry" name = "wry"
version = "0.36.0" version = "0.37.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3a9e7b81968555303086ef882a0c213896a76099de4ed0b86a798775c2d54304" checksum = "8b717040ba9771fd88eb428c6ea6b555f8e734ff8534f02c13e8f10d97f5935e"
dependencies = [ dependencies = [
"base64 0.21.7", "base64 0.21.7",
"block", "block",
@ -8432,6 +8390,7 @@ dependencies = [
"objc", "objc",
"objc_id", "objc_id",
"once_cell", "once_cell",
"percent-encoding",
"raw-window-handle 0.6.0", "raw-window-handle 0.6.0",
"serde", "serde",
"serde_json", "serde_json",
@ -8439,7 +8398,6 @@ dependencies = [
"soup3", "soup3",
"tao-macros", "tao-macros",
"thiserror", "thiserror",
"url",
"webkit2gtk", "webkit2gtk",
"webkit2gtk-sys", "webkit2gtk-sys",
"webview2-com", "webview2-com",
@ -8529,7 +8487,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "21e5a325c3cb8398ad6cf859c1135b25dd29e186679cf2da7581d9679f63b38e" checksum = "21e5a325c3cb8398ad6cf859c1135b25dd29e186679cf2da7581d9679f63b38e"
dependencies = [ dependencies = [
"libc", "libc",
"winapi 0.3.9", "winapi",
] ]
[[package]] [[package]]

@ -10,9 +10,9 @@ resolver = "2"
[workspace.dependencies] [workspace.dependencies]
serde = { version = "1", features = ["derive"] } serde = { version = "1", features = ["derive"] }
log = "0.4" log = "0.4"
tauri = "2.0.0-beta.4" tauri = "2.0.0-beta.8"
tauri-build = "2.0.0-beta.3" tauri-build = "2.0.0-beta.6"
tauri-plugin = "2.0.0-beta.3" tauri-plugin = "2.0.0-beta.6"
serde_json = "1" serde_json = "1"
thiserror = "1" thiserror = "1"
url = "2" url = "2"

@ -24,7 +24,7 @@
| [shell](plugins/shell) | Access the system shell. Allows you to spawn child processes and manage files and URLs using their default application. | ✅ | ✅ | ✅ | ? | ? | | [shell](plugins/shell) | Access the system shell. Allows you to spawn child processes and manage files and URLs using their default application. | ✅ | ✅ | ✅ | ? | ? |
| [single-instance](plugins/single-instance) | Ensure a single instance of your tauri app is running. | ✅ | ? | ✅ | ? | ? | | [single-instance](plugins/single-instance) | Ensure a single instance of your tauri app is running. | ✅ | ? | ✅ | ? | ? |
| [sql](plugins/sql) | Interface with SQL databases. | ✅ | ✅ | ✅ | ? | ? | | [sql](plugins/sql) | Interface with SQL databases. | ✅ | ✅ | ✅ | ? | ? |
| [store](plugins/store) | Persistent key value storage. | ✅ | ✅ | ✅ | ? | ? | | [store](plugins/store) | Persistent key value storage. | ✅ | ✅ | ✅ | ✅ | ✅ |
| [stronghold](plugins/stronghold) | Encrypted, secure database. | ✅ | ✅ | ✅ | ? | ? | | [stronghold](plugins/stronghold) | Encrypted, secure database. | ✅ | ✅ | ✅ | ? | ? |
| [updater](plugins/updater) | In-app updates for Tauri applications. | ✅ | ✅ | ✅ | ? | ? | | [updater](plugins/updater) | In-app updates for Tauri applications. | ✅ | ✅ | ✅ | ? | ? |
| [upload](plugins/upload) | Tauri plugin for file uploads through HTTP. | ✅ | ✅ | ✅ | ? | ? | | [upload](plugins/upload) | Tauri plugin for file uploads through HTTP. | ✅ | ✅ | ✅ | ? | ? |

@ -0,0 +1,23 @@
# Security Policy
**Do not report security vulnerabilities through public GitHub issues.**
**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
Include as much of the following information:
- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- The distribution affected or used to help us with reproduction of the issue
- Step-by-step instructions to reproduce the issue
- Ideally a reproduction repository
- Impact of the issue, including how an attacker might exploit the issue
We prefer to receive reports in English.
## Contact
Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).

@ -9,7 +9,7 @@
"serve": "vite preview" "serve": "vite preview"
}, },
"dependencies": { "dependencies": {
"@tauri-apps/api": "2.0.0-beta.2", "@tauri-apps/api": "2.0.0-beta.3",
"@tauri-apps/plugin-barcode-scanner": "2.0.0-beta.1", "@tauri-apps/plugin-barcode-scanner": "2.0.0-beta.1",
"@tauri-apps/plugin-biometric": "2.0.0-beta.1", "@tauri-apps/plugin-biometric": "2.0.0-beta.1",
"@tauri-apps/plugin-cli": "2.0.0-beta.1", "@tauri-apps/plugin-cli": "2.0.0-beta.1",
@ -30,7 +30,7 @@
"@iconify-json/codicon": "^1.1.37", "@iconify-json/codicon": "^1.1.37",
"@iconify-json/ph": "^1.1.8", "@iconify-json/ph": "^1.1.8",
"@sveltejs/vite-plugin-svelte": "^3.0.1", "@sveltejs/vite-plugin-svelte": "^3.0.1",
"@tauri-apps/cli": "2.0.0-beta.3", "@tauri-apps/cli": "2.0.0-beta.6",
"@unocss/extractor-svelte": "^0.58.0", "@unocss/extractor-svelte": "^0.58.0",
"internal-ip": "^8.0.0", "internal-ip": "^8.0.0",
"svelte": "^4.2.8", "svelte": "^4.2.8",

@ -3,11 +3,5 @@
// SPDX-License-Identifier: MIT // SPDX-License-Identifier: MIT
fn main() { fn main() {
let mut codegen = tauri_build::CodegenContext::new(); tauri_build::build();
if !cfg!(feature = "custom-protocol") {
codegen = codegen.dev();
}
tauri_build::try_build(tauri_build::Attributes::new().codegen(codegen))
.expect("failed to run tauri_build::try_build");
} }

@ -47,15 +47,22 @@
"default": "", "default": "",
"type": "string" "type": "string"
}, },
"context": { "remote": {
"description": "Execution context of the capability.\n\nAt runtime, Tauri filters the IPC command together with the context to determine whether it is allowed or not and its scope.", "description": "Configure remote URLs that can use the capability permissions.",
"default": "local", "anyOf": [
"allOf": [ {
"$ref": "#/definitions/CapabilityRemote"
},
{ {
"$ref": "#/definitions/CapabilityContext" "type": "null"
} }
] ]
}, },
"local": {
"description": "Whether this capability is enabled for local app URLs or not. Defaults to `true`.",
"default": true,
"type": "boolean"
},
"windows": { "windows": {
"description": "List of windows that uses this capability. Can be a glob pattern.\n\nOn multiwebview windows, prefer [`Self::webviews`] for a fine grained access control.", "description": "List of windows that uses this capability. Can be a glob pattern.\n\nOn multiwebview windows, prefer [`Self::webviews`] for a fine grained access control.",
"type": "array", "type": "array",
@ -78,7 +85,7 @@
} }
}, },
"platforms": { "platforms": {
"description": "Target platforms this capability applies. By default all platforms applies.", "description": "Target platforms this capability applies. By default all platforms are affected by this capability.",
"default": [ "default": [
"linux", "linux",
"macOS", "macOS",
@ -93,42 +100,21 @@
} }
} }
}, },
"CapabilityContext": { "CapabilityRemote": {
"description": "Context of the capability.", "description": "Configuration for remote URLs that are associated with the capability.",
"oneOf": [ "type": "object",
{ "required": [
"description": "Capability refers to local URL usage.", "urls"
"type": "string", ],
"enum": [ "properties": {
"local" "urls": {
] "description": "Remote domains this capability refers to. Can use glob patterns.",
}, "type": "array",
{ "items": {
"description": "Capability refers to remote usage.", "type": "string"
"type": "object", }
"required": [
"remote"
],
"properties": {
"remote": {
"type": "object",
"required": [
"urls"
],
"properties": {
"urls": {
"description": "Remote domains this capability refers to. Can use glob patterns.",
"type": "array",
"items": {
"type": "string"
}
}
}
}
},
"additionalProperties": false
} }
] }
}, },
"PermissionEntry": { "PermissionEntry": {
"description": "An entry for a permission value in a [`Capability`] can be either a raw permission [`Identifier`] or an object that references a permission and extends its scope.", "description": "An entry for a permission value in a [`Capability`] can be either a raw permission [`Identifier`] or an object that references a permission and extends its scope.",
@ -5728,6 +5714,13 @@
"webview:allow-print" "webview:allow-print"
] ]
}, },
{
"description": "webview:allow-reparent -> Enables the reparent command without any pre-configured scope.",
"type": "string",
"enum": [
"webview:allow-reparent"
]
},
{ {
"description": "webview:allow-set-webview-focus -> Enables the set_webview_focus command without any pre-configured scope.", "description": "webview:allow-set-webview-focus -> Enables the set_webview_focus command without any pre-configured scope.",
"type": "string", "type": "string",
@ -5798,6 +5791,13 @@
"webview:deny-print" "webview:deny-print"
] ]
}, },
{
"description": "webview:deny-reparent -> Denies the reparent command without any pre-configured scope.",
"type": "string",
"enum": [
"webview:deny-reparent"
]
},
{ {
"description": "webview:deny-set-webview-focus -> Denies the set_webview_focus command without any pre-configured scope.", "description": "webview:deny-set-webview-focus -> Denies the set_webview_focus command without any pre-configured scope.",
"type": "string", "type": "string",

@ -132,7 +132,7 @@ pub fn run() {
cmd::log_operation, cmd::log_operation,
cmd::perform_request, cmd::perform_request,
]) ])
.build(tauri::tauri_build_context!()) .build(tauri::generate_context!())
.expect("error while building tauri application"); .expect("error while building tauri application");
#[cfg(target_os = "macos")] #[cfg(target_os = "macos")]

@ -0,0 +1,23 @@
# Security Policy
**Do not report security vulnerabilities through public GitHub issues.**
**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
Include as much of the following information:
- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- The distribution affected or used to help us with reproduction of the issue
- Step-by-step instructions to reproduce the issue
- Ideally a reproduction repository
- Impact of the issue, including how an attacker might exploit the issue
We prefer to receive reports in English.
## Contact
Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).

@ -1,42 +1,12 @@
# Permissions | Permission | Description |
|------|-----|
## allow-init-auth |`allow-init-auth`|Enables the init_auth command without any pre-configured scope.|
|`deny-init-auth`|Denies the init_auth command without any pre-configured scope.|
Enables the init_auth command without any pre-configured scope. |`allow-register`|Enables the register command without any pre-configured scope.|
|`deny-register`|Denies the register command without any pre-configured scope.|
## deny-init-auth |`allow-sign`|Enables the sign command without any pre-configured scope.|
|`deny-sign`|Denies the sign command without any pre-configured scope.|
Denies the init_auth command without any pre-configured scope. |`allow-verify-registration`|Enables the verify_registration command without any pre-configured scope.|
|`deny-verify-registration`|Denies the verify_registration command without any pre-configured scope.|
## allow-register |`allow-verify-signature`|Enables the verify_signature command without any pre-configured scope.|
|`deny-verify-signature`|Denies the verify_signature command without any pre-configured scope.|
Enables the register command without any pre-configured scope.
## deny-register
Denies the register command without any pre-configured scope.
## allow-sign
Enables the sign command without any pre-configured scope.
## deny-sign
Denies the sign command without any pre-configured scope.
## allow-verify-registration
Enables the verify_registration command without any pre-configured scope.
## deny-verify-registration
Denies the verify_registration command without any pre-configured scope.
## allow-verify-signature
Enables the verify_signature command without any pre-configured scope.
## deny-verify-signature
Denies the verify_signature command without any pre-configured scope.

@ -17,7 +17,6 @@
}, },
"set": { "set": {
"description": "A list of permissions sets defined", "description": "A list of permissions sets defined",
"default": [],
"type": "array", "type": "array",
"items": { "items": {
"$ref": "#/definitions/PermissionSet" "$ref": "#/definitions/PermissionSet"
@ -132,12 +131,25 @@
}, },
"scope": { "scope": {
"description": "Allowed or denied scoped when using this permission.", "description": "Allowed or denied scoped when using this permission.",
"default": {},
"allOf": [ "allOf": [
{ {
"$ref": "#/definitions/Scopes" "$ref": "#/definitions/Scopes"
} }
] ]
},
"platforms": {
"description": "Target platforms this permission applies. By default all platforms are affected by this permission.",
"default": [
"linux",
"macOS",
"windows",
"android",
"iOS"
],
"type": "array",
"items": {
"$ref": "#/definitions/Target"
}
} }
} }
}, },
@ -243,6 +255,46 @@
} }
] ]
}, },
"Target": {
"description": "Platform target.",
"oneOf": [
{
"description": "MacOS.",
"type": "string",
"enum": [
"macOS"
]
},
{
"description": "Windows.",
"type": "string",
"enum": [
"windows"
]
},
{
"description": "Linux.",
"type": "string",
"enum": [
"linux"
]
},
{
"description": "Android.",
"type": "string",
"enum": [
"android"
]
},
{
"description": "iOS.",
"type": "string",
"enum": [
"iOS"
]
}
]
},
"PermissionKind": { "PermissionKind": {
"type": "string", "type": "string",
"oneOf": [ "oneOf": [

@ -0,0 +1,23 @@
# Security Policy
**Do not report security vulnerabilities through public GitHub issues.**
**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
Include as much of the following information:
- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- The distribution affected or used to help us with reproduction of the issue
- Step-by-step instructions to reproduce the issue
- Ideally a reproduction repository
- Impact of the issue, including how an attacker might exploit the issue
We prefer to receive reports in English.
## Contact
Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).

@ -1,26 +1,8 @@
# Permissions | Permission | Description |
|------|-----|
## allow-disable |`allow-disable`|Enables the disable command without any pre-configured scope.|
|`deny-disable`|Denies the disable command without any pre-configured scope.|
Enables the disable command without any pre-configured scope. |`allow-enable`|Enables the enable command without any pre-configured scope.|
|`deny-enable`|Denies the enable command without any pre-configured scope.|
## deny-disable |`allow-is-enabled`|Enables the is_enabled command without any pre-configured scope.|
|`deny-is-enabled`|Denies the is_enabled command without any pre-configured scope.|
Denies the disable command without any pre-configured scope.
## allow-enable
Enables the enable command without any pre-configured scope.
## deny-enable
Denies the enable command without any pre-configured scope.
## allow-is-enabled
Enables the is_enabled command without any pre-configured scope.
## deny-is-enabled
Denies the is_enabled command without any pre-configured scope.

@ -17,7 +17,6 @@
}, },
"set": { "set": {
"description": "A list of permissions sets defined", "description": "A list of permissions sets defined",
"default": [],
"type": "array", "type": "array",
"items": { "items": {
"$ref": "#/definitions/PermissionSet" "$ref": "#/definitions/PermissionSet"
@ -132,12 +131,25 @@
}, },
"scope": { "scope": {
"description": "Allowed or denied scoped when using this permission.", "description": "Allowed or denied scoped when using this permission.",
"default": {},
"allOf": [ "allOf": [
{ {
"$ref": "#/definitions/Scopes" "$ref": "#/definitions/Scopes"
} }
] ]
},
"platforms": {
"description": "Target platforms this permission applies. By default all platforms are affected by this permission.",
"default": [
"linux",
"macOS",
"windows",
"android",
"iOS"
],
"type": "array",
"items": {
"$ref": "#/definitions/Target"
}
} }
} }
}, },
@ -243,6 +255,46 @@
} }
] ]
}, },
"Target": {
"description": "Platform target.",
"oneOf": [
{
"description": "MacOS.",
"type": "string",
"enum": [
"macOS"
]
},
{
"description": "Windows.",
"type": "string",
"enum": [
"windows"
]
},
{
"description": "Linux.",
"type": "string",
"enum": [
"linux"
]
},
{
"description": "Android.",
"type": "string",
"enum": [
"android"
]
},
{
"description": "iOS.",
"type": "string",
"enum": [
"iOS"
]
}
]
},
"PermissionKind": { "PermissionKind": {
"type": "string", "type": "string",
"oneOf": [ "oneOf": [

@ -1,50 +1,14 @@
# Permissions | Permission | Description |
|------|-----|
## allow-cancel |`allow-cancel`|Enables the cancel command without any pre-configured scope.|
|`deny-cancel`|Denies the cancel command without any pre-configured scope.|
Enables the cancel command without any pre-configured scope. |`allow-check-permissions`|Enables the check_permissions command without any pre-configured scope.|
|`deny-check-permissions`|Denies the check_permissions command without any pre-configured scope.|
## deny-cancel |`allow-open-app-settings`|Enables the open_app_settings command without any pre-configured scope.|
|`deny-open-app-settings`|Denies the open_app_settings command without any pre-configured scope.|
Denies the cancel command without any pre-configured scope. |`allow-request-permissions`|Enables the request_permissions command without any pre-configured scope.|
|`deny-request-permissions`|Denies the request_permissions command without any pre-configured scope.|
## allow-check-permissions |`allow-scan`|Enables the scan command without any pre-configured scope.|
|`deny-scan`|Denies the scan command without any pre-configured scope.|
Enables the check_permissions command without any pre-configured scope. |`allow-vibrate`|Enables the vibrate command without any pre-configured scope.|
|`deny-vibrate`|Denies the vibrate command without any pre-configured scope.|
## deny-check-permissions
Denies the check_permissions command without any pre-configured scope.
## allow-open-app-settings
Enables the open_app_settings command without any pre-configured scope.
## deny-open-app-settings
Denies the open_app_settings command without any pre-configured scope.
## allow-request-permissions
Enables the request_permissions command without any pre-configured scope.
## deny-request-permissions
Denies the request_permissions command without any pre-configured scope.
## allow-scan
Enables the scan command without any pre-configured scope.
## deny-scan
Denies the scan command without any pre-configured scope.
## allow-vibrate
Enables the vibrate command without any pre-configured scope.
## deny-vibrate
Denies the vibrate command without any pre-configured scope.

@ -17,7 +17,6 @@
}, },
"set": { "set": {
"description": "A list of permissions sets defined", "description": "A list of permissions sets defined",
"default": [],
"type": "array", "type": "array",
"items": { "items": {
"$ref": "#/definitions/PermissionSet" "$ref": "#/definitions/PermissionSet"
@ -132,12 +131,25 @@
}, },
"scope": { "scope": {
"description": "Allowed or denied scoped when using this permission.", "description": "Allowed or denied scoped when using this permission.",
"default": {},
"allOf": [ "allOf": [
{ {
"$ref": "#/definitions/Scopes" "$ref": "#/definitions/Scopes"
} }
] ]
},
"platforms": {
"description": "Target platforms this permission applies. By default all platforms are affected by this permission.",
"default": [
"linux",
"macOS",
"windows",
"android",
"iOS"
],
"type": "array",
"items": {
"$ref": "#/definitions/Target"
}
} }
} }
}, },
@ -243,6 +255,46 @@
} }
] ]
}, },
"Target": {
"description": "Platform target.",
"oneOf": [
{
"description": "MacOS.",
"type": "string",
"enum": [
"macOS"
]
},
{
"description": "Windows.",
"type": "string",
"enum": [
"windows"
]
},
{
"description": "Linux.",
"type": "string",
"enum": [
"linux"
]
},
{
"description": "Android.",
"type": "string",
"enum": [
"android"
]
},
{
"description": "iOS.",
"type": "string",
"enum": [
"iOS"
]
}
]
},
"PermissionKind": { "PermissionKind": {
"type": "string", "type": "string",
"oneOf": [ "oneOf": [

@ -0,0 +1,23 @@
# Security Policy
**Do not report security vulnerabilities through public GitHub issues.**
**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
Include as much of the following information:
- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- The distribution affected or used to help us with reproduction of the issue
- Step-by-step instructions to reproduce the issue
- Ideally a reproduction repository
- Impact of the issue, including how an attacker might exploit the issue
We prefer to receive reports in English.
## Contact
Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).

@ -1,18 +1,6 @@
# Permissions | Permission | Description |
|------|-----|
## allow-authenticate |`allow-authenticate`|Enables the authenticate command without any pre-configured scope.|
|`deny-authenticate`|Denies the authenticate command without any pre-configured scope.|
Enables the authenticate command without any pre-configured scope. |`allow-status`|Enables the status command without any pre-configured scope.|
|`deny-status`|Denies the status command without any pre-configured scope.|
## deny-authenticate
Denies the authenticate command without any pre-configured scope.
## allow-status
Enables the status command without any pre-configured scope.
## deny-status
Denies the status command without any pre-configured scope.

@ -17,7 +17,6 @@
}, },
"set": { "set": {
"description": "A list of permissions sets defined", "description": "A list of permissions sets defined",
"default": [],
"type": "array", "type": "array",
"items": { "items": {
"$ref": "#/definitions/PermissionSet" "$ref": "#/definitions/PermissionSet"
@ -132,12 +131,25 @@
}, },
"scope": { "scope": {
"description": "Allowed or denied scoped when using this permission.", "description": "Allowed or denied scoped when using this permission.",
"default": {},
"allOf": [ "allOf": [
{ {
"$ref": "#/definitions/Scopes" "$ref": "#/definitions/Scopes"
} }
] ]
},
"platforms": {
"description": "Target platforms this permission applies. By default all platforms are affected by this permission.",
"default": [
"linux",
"macOS",
"windows",
"android",
"iOS"
],
"type": "array",
"items": {
"$ref": "#/definitions/Target"
}
} }
} }
}, },
@ -243,6 +255,46 @@
} }
] ]
}, },
"Target": {
"description": "Platform target.",
"oneOf": [
{
"description": "MacOS.",
"type": "string",
"enum": [
"macOS"
]
},
{
"description": "Windows.",
"type": "string",
"enum": [
"windows"
]
},
{
"description": "Linux.",
"type": "string",
"enum": [
"linux"
]
},
{
"description": "Android.",
"type": "string",
"enum": [
"android"
]
},
{
"description": "iOS.",
"type": "string",
"enum": [
"iOS"
]
}
]
},
"PermissionKind": { "PermissionKind": {
"type": "string", "type": "string",
"oneOf": [ "oneOf": [

@ -0,0 +1,23 @@
# Security Policy
**Do not report security vulnerabilities through public GitHub issues.**
**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
Include as much of the following information:
- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- The distribution affected or used to help us with reproduction of the issue
- Step-by-step instructions to reproduce the issue
- Ideally a reproduction repository
- Impact of the issue, including how an attacker might exploit the issue
We prefer to receive reports in English.
## Contact
Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).

@ -1,14 +1,5 @@
# Permissions | Permission | Description |
|------|-----|
## allow-cli-matches |`allow-cli-matches`|Enables the cli_matches command without any pre-configured scope.|
|`deny-cli-matches`|Denies the cli_matches command without any pre-configured scope.|
Enables the cli_matches command without any pre-configured scope. |`default`|Allows reading the CLI matches|
## deny-cli-matches
Denies the cli_matches command without any pre-configured scope.
## default
Allows reading the CLI matches

@ -17,7 +17,6 @@
}, },
"set": { "set": {
"description": "A list of permissions sets defined", "description": "A list of permissions sets defined",
"default": [],
"type": "array", "type": "array",
"items": { "items": {
"$ref": "#/definitions/PermissionSet" "$ref": "#/definitions/PermissionSet"
@ -132,12 +131,25 @@
}, },
"scope": { "scope": {
"description": "Allowed or denied scoped when using this permission.", "description": "Allowed or denied scoped when using this permission.",
"default": {},
"allOf": [ "allOf": [
{ {
"$ref": "#/definitions/Scopes" "$ref": "#/definitions/Scopes"
} }
] ]
},
"platforms": {
"description": "Target platforms this permission applies. By default all platforms are affected by this permission.",
"default": [
"linux",
"macOS",
"windows",
"android",
"iOS"
],
"type": "array",
"items": {
"$ref": "#/definitions/Target"
}
} }
} }
}, },
@ -243,6 +255,46 @@
} }
] ]
}, },
"Target": {
"description": "Platform target.",
"oneOf": [
{
"description": "MacOS.",
"type": "string",
"enum": [
"macOS"
]
},
{
"description": "Windows.",
"type": "string",
"enum": [
"windows"
]
},
{
"description": "Linux.",
"type": "string",
"enum": [
"linux"
]
},
{
"description": "Android.",
"type": "string",
"enum": [
"android"
]
},
{
"description": "iOS.",
"type": "string",
"enum": [
"iOS"
]
}
]
},
"PermissionKind": { "PermissionKind": {
"type": "string", "type": "string",
"oneOf": [ "oneOf": [

@ -0,0 +1,23 @@
# Security Policy
**Do not report security vulnerabilities through public GitHub issues.**
**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
Include as much of the following information:
- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- The distribution affected or used to help us with reproduction of the issue
- Step-by-step instructions to reproduce the issue
- Ideally a reproduction repository
- Impact of the issue, including how an attacker might exploit the issue
We prefer to receive reports in English.
## Contact
Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).

@ -1,18 +1,6 @@
# Permissions | Permission | Description |
|------|-----|
## allow-read |`allow-read`|Enables the read command without any pre-configured scope.|
|`deny-read`|Denies the read command without any pre-configured scope.|
Enables the read command without any pre-configured scope. |`allow-write`|Enables the write command without any pre-configured scope.|
|`deny-write`|Denies the write command without any pre-configured scope.|
## deny-read
Denies the read command without any pre-configured scope.
## allow-write
Enables the write command without any pre-configured scope.
## deny-write
Denies the write command without any pre-configured scope.

@ -17,7 +17,6 @@
}, },
"set": { "set": {
"description": "A list of permissions sets defined", "description": "A list of permissions sets defined",
"default": [],
"type": "array", "type": "array",
"items": { "items": {
"$ref": "#/definitions/PermissionSet" "$ref": "#/definitions/PermissionSet"
@ -132,12 +131,25 @@
}, },
"scope": { "scope": {
"description": "Allowed or denied scoped when using this permission.", "description": "Allowed or denied scoped when using this permission.",
"default": {},
"allOf": [ "allOf": [
{ {
"$ref": "#/definitions/Scopes" "$ref": "#/definitions/Scopes"
} }
] ]
},
"platforms": {
"description": "Target platforms this permission applies. By default all platforms are affected by this permission.",
"default": [
"linux",
"macOS",
"windows",
"android",
"iOS"
],
"type": "array",
"items": {
"$ref": "#/definitions/Target"
}
} }
} }
}, },
@ -243,6 +255,46 @@
} }
] ]
}, },
"Target": {
"description": "Platform target.",
"oneOf": [
{
"description": "MacOS.",
"type": "string",
"enum": [
"macOS"
]
},
{
"description": "Windows.",
"type": "string",
"enum": [
"windows"
]
},
{
"description": "Linux.",
"type": "string",
"enum": [
"linux"
]
},
{
"description": "Android.",
"type": "string",
"enum": [
"android"
]
},
{
"description": "iOS.",
"type": "string",
"enum": [
"iOS"
]
}
]
},
"PermissionKind": { "PermissionKind": {
"type": "string", "type": "string",
"oneOf": [ "oneOf": [

@ -0,0 +1,23 @@
# Security Policy
**Do not report security vulnerabilities through public GitHub issues.**
**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
Include as much of the following information:
- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- The distribution affected or used to help us with reproduction of the issue
- Step-by-step instructions to reproduce the issue
- Ideally a reproduction repository
- Impact of the issue, including how an attacker might exploit the issue
We prefer to receive reports in English.
## Contact
Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).

@ -1,14 +1,5 @@
# Permissions | Permission | Description |
|------|-----|
## allow-get-current |`allow-get-current`|Enables the get_current command without any pre-configured scope.|
|`deny-get-current`|Denies the get_current command without any pre-configured scope.|
Enables the get_current command without any pre-configured scope. |`default`|Allows reading the opened deep link via the get_current command|
## deny-get-current
Denies the get_current command without any pre-configured scope.
## default
Allows reading the opened deep link via the get_current command

@ -17,7 +17,6 @@
}, },
"set": { "set": {
"description": "A list of permissions sets defined", "description": "A list of permissions sets defined",
"default": [],
"type": "array", "type": "array",
"items": { "items": {
"$ref": "#/definitions/PermissionSet" "$ref": "#/definitions/PermissionSet"
@ -132,12 +131,25 @@
}, },
"scope": { "scope": {
"description": "Allowed or denied scoped when using this permission.", "description": "Allowed or denied scoped when using this permission.",
"default": {},
"allOf": [ "allOf": [
{ {
"$ref": "#/definitions/Scopes" "$ref": "#/definitions/Scopes"
} }
] ]
},
"platforms": {
"description": "Target platforms this permission applies. By default all platforms are affected by this permission.",
"default": [
"linux",
"macOS",
"windows",
"android",
"iOS"
],
"type": "array",
"items": {
"$ref": "#/definitions/Target"
}
} }
} }
}, },
@ -243,6 +255,46 @@
} }
] ]
}, },
"Target": {
"description": "Platform target.",
"oneOf": [
{
"description": "MacOS.",
"type": "string",
"enum": [
"macOS"
]
},
{
"description": "Windows.",
"type": "string",
"enum": [
"windows"
]
},
{
"description": "Linux.",
"type": "string",
"enum": [
"linux"
]
},
{
"description": "Android.",
"type": "string",
"enum": [
"android"
]
},
{
"description": "iOS.",
"type": "string",
"enum": [
"iOS"
]
}
]
},
"PermissionKind": { "PermissionKind": {
"type": "string", "type": "string",
"oneOf": [ "oneOf": [

@ -1 +1 @@
if("__TAURI__"in window){var __TAURI_PLUGIN_DEEPLINK__=function(e){"use strict";function n(e,n=!1){return window.__TAURI_INTERNALS__.transformCallback(e,n)}async function t(e,n={},t){return window.__TAURI_INTERNALS__.invoke(e,n,t)}var r;async function _(e,r,_){const i="string"==typeof _?.target?{kind:"AnyLabel",label:_.target}:_?.target??{kind:"Any"};return t("plugin:event|listen",{event:e,target:i,handler:n(r)}).then((n=>async()=>async function(e,n){await t("plugin:event|unlisten",{event:e,eventId:n})}(e,n)))}async function i(){return await t("plugin:deep-link|get_current")}return"function"==typeof SuppressedError&&SuppressedError,function(e){e.WINDOW_RESIZED="tauri://resize",e.WINDOW_MOVED="tauri://move",e.WINDOW_CLOSE_REQUESTED="tauri://close-requested",e.WINDOW_DESTROYED="tauri://destroyed",e.WINDOW_FOCUS="tauri://focus",e.WINDOW_BLUR="tauri://blur",e.WINDOW_SCALE_FACTOR_CHANGED="tauri://scale-change",e.WINDOW_THEME_CHANGED="tauri://theme-changed",e.WEBVIEW_CREATED="tauri://webview-created",e.WEBVIEW_FILE_DROP="tauri://file-drop",e.WEBVIEW_FILE_DROP_HOVER="tauri://file-drop-hover",e.WEBVIEW_FILE_DROP_CANCELLED="tauri://file-drop-cancelled"}(r||(r={})),e.getCurrent=i,e.onOpenUrl=async function(e){const n=await i();return null!=n&&e(n),await _("deep-link://new-url",(n=>e(n.payload)))},e}({});Object.defineProperty(window.__TAURI__,"deepLink",{value:__TAURI_PLUGIN_DEEPLINK__})} if("__TAURI__"in window){var __TAURI_PLUGIN_DEEPLINK__=function(e){"use strict";function n(e,n=!1){return window.__TAURI_INTERNALS__.transformCallback(e,n)}async function t(e,n={},t){return window.__TAURI_INTERNALS__.invoke(e,n,t)}var r;async function i(e,r,i){const _="string"==typeof i?.target?{kind:"AnyLabel",label:i.target}:i?.target??{kind:"Any"};return t("plugin:event|listen",{event:e,target:_,handler:n(r)}).then((n=>async()=>async function(e,n){await t("plugin:event|unlisten",{event:e,eventId:n})}(e,n)))}async function _(){return await t("plugin:deep-link|get_current")}return"function"==typeof SuppressedError&&SuppressedError,function(e){e.WINDOW_RESIZED="tauri://resize",e.WINDOW_MOVED="tauri://move",e.WINDOW_CLOSE_REQUESTED="tauri://close-requested",e.WINDOW_DESTROYED="tauri://destroyed",e.WINDOW_FOCUS="tauri://focus",e.WINDOW_BLUR="tauri://blur",e.WINDOW_SCALE_FACTOR_CHANGED="tauri://scale-change",e.WINDOW_THEME_CHANGED="tauri://theme-changed",e.WEBVIEW_CREATED="tauri://webview-created",e.FILE_DROP="tauri://file-drop",e.FILE_DROP_HOVER="tauri://file-drop-hover",e.FILE_DROP_CANCELLED="tauri://file-drop-cancelled"}(r||(r={})),e.getCurrent=_,e.onOpenUrl=async function(e){const n=await _();return null!=n&&e(n),await i("deep-link://new-url",(n=>e(n.payload)))},e}({});Object.defineProperty(window.__TAURI__,"deepLink",{value:__TAURI_PLUGIN_DEEPLINK__})}

@ -0,0 +1,23 @@
# Security Policy
**Do not report security vulnerabilities through public GitHub issues.**
**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
Include as much of the following information:
- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- The distribution affected or used to help us with reproduction of the issue
- Step-by-step instructions to reproduce the issue
- Ideally a reproduction repository
- Impact of the issue, including how an attacker might exploit the issue
We prefer to receive reports in English.
## Contact
Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).

@ -1,42 +1,12 @@
# Permissions | Permission | Description |
|------|-----|
## allow-ask |`allow-ask`|Enables the ask command without any pre-configured scope.|
|`deny-ask`|Denies the ask command without any pre-configured scope.|
Enables the ask command without any pre-configured scope. |`allow-confirm`|Enables the confirm command without any pre-configured scope.|
|`deny-confirm`|Denies the confirm command without any pre-configured scope.|
## deny-ask |`allow-message`|Enables the message command without any pre-configured scope.|
|`deny-message`|Denies the message command without any pre-configured scope.|
Denies the ask command without any pre-configured scope. |`allow-open`|Enables the open command without any pre-configured scope.|
|`deny-open`|Denies the open command without any pre-configured scope.|
## allow-confirm |`allow-save`|Enables the save command without any pre-configured scope.|
|`deny-save`|Denies the save command without any pre-configured scope.|
Enables the confirm command without any pre-configured scope.
## deny-confirm
Denies the confirm command without any pre-configured scope.
## allow-message
Enables the message command without any pre-configured scope.
## deny-message
Denies the message command without any pre-configured scope.
## allow-open
Enables the open command without any pre-configured scope.
## deny-open
Denies the open command without any pre-configured scope.
## allow-save
Enables the save command without any pre-configured scope.
## deny-save
Denies the save command without any pre-configured scope.

@ -17,7 +17,6 @@
}, },
"set": { "set": {
"description": "A list of permissions sets defined", "description": "A list of permissions sets defined",
"default": [],
"type": "array", "type": "array",
"items": { "items": {
"$ref": "#/definitions/PermissionSet" "$ref": "#/definitions/PermissionSet"
@ -132,12 +131,25 @@
}, },
"scope": { "scope": {
"description": "Allowed or denied scoped when using this permission.", "description": "Allowed or denied scoped when using this permission.",
"default": {},
"allOf": [ "allOf": [
{ {
"$ref": "#/definitions/Scopes" "$ref": "#/definitions/Scopes"
} }
] ]
},
"platforms": {
"description": "Target platforms this permission applies. By default all platforms are affected by this permission.",
"default": [
"linux",
"macOS",
"windows",
"android",
"iOS"
],
"type": "array",
"items": {
"$ref": "#/definitions/Target"
}
} }
} }
}, },
@ -243,6 +255,46 @@
} }
] ]
}, },
"Target": {
"description": "Platform target.",
"oneOf": [
{
"description": "MacOS.",
"type": "string",
"enum": [
"macOS"
]
},
{
"description": "Windows.",
"type": "string",
"enum": [
"windows"
]
},
{
"description": "Linux.",
"type": "string",
"enum": [
"linux"
]
},
{
"description": "Android.",
"type": "string",
"enum": [
"android"
]
},
{
"description": "iOS.",
"type": "string",
"enum": [
"iOS"
]
}
]
},
"PermissionKind": { "PermissionKind": {
"type": "string", "type": "string",
"oneOf": [ "oneOf": [

File diff suppressed because it is too large Load Diff

@ -17,7 +17,6 @@
}, },
"set": { "set": {
"description": "A list of permissions sets defined", "description": "A list of permissions sets defined",
"default": [],
"type": "array", "type": "array",
"items": { "items": {
"$ref": "#/definitions/PermissionSet" "$ref": "#/definitions/PermissionSet"
@ -132,12 +131,25 @@
}, },
"scope": { "scope": {
"description": "Allowed or denied scoped when using this permission.", "description": "Allowed or denied scoped when using this permission.",
"default": {},
"allOf": [ "allOf": [
{ {
"$ref": "#/definitions/Scopes" "$ref": "#/definitions/Scopes"
} }
] ]
},
"platforms": {
"description": "Target platforms this permission applies. By default all platforms are affected by this permission.",
"default": [
"linux",
"macOS",
"windows",
"android",
"iOS"
],
"type": "array",
"items": {
"$ref": "#/definitions/Target"
}
} }
} }
}, },
@ -243,6 +255,46 @@
} }
] ]
}, },
"Target": {
"description": "Platform target.",
"oneOf": [
{
"description": "MacOS.",
"type": "string",
"enum": [
"macOS"
]
},
{
"description": "Windows.",
"type": "string",
"enum": [
"windows"
]
},
{
"description": "Linux.",
"type": "string",
"enum": [
"linux"
]
},
{
"description": "Android.",
"type": "string",
"enum": [
"android"
]
},
{
"description": "iOS.",
"type": "string",
"enum": [
"iOS"
]
}
]
},
"PermissionKind": { "PermissionKind": {
"type": "string", "type": "string",
"oneOf": [ "oneOf": [

@ -0,0 +1,23 @@
# Security Policy
**Do not report security vulnerabilities through public GitHub issues.**
**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
Include as much of the following information:
- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- The distribution affected or used to help us with reproduction of the issue
- Step-by-step instructions to reproduce the issue
- Ideally a reproduction repository
- Impact of the issue, including how an attacker might exploit the issue
We prefer to receive reports in English.
## Contact
Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).

@ -1,42 +1,12 @@
# Permissions | Permission | Description |
|------|-----|
## allow-is-registered |`allow-is-registered`|Enables the is_registered command without any pre-configured scope.|
|`deny-is-registered`|Denies the is_registered command without any pre-configured scope.|
Enables the is_registered command without any pre-configured scope. |`allow-register`|Enables the register command without any pre-configured scope.|
|`deny-register`|Denies the register command without any pre-configured scope.|
## deny-is-registered |`allow-register-all`|Enables the register_all command without any pre-configured scope.|
|`deny-register-all`|Denies the register_all command without any pre-configured scope.|
Denies the is_registered command without any pre-configured scope. |`allow-unregister`|Enables the unregister command without any pre-configured scope.|
|`deny-unregister`|Denies the unregister command without any pre-configured scope.|
## allow-register |`allow-unregister-all`|Enables the unregister_all command without any pre-configured scope.|
|`deny-unregister-all`|Denies the unregister_all command without any pre-configured scope.|
Enables the register command without any pre-configured scope.
## deny-register
Denies the register command without any pre-configured scope.
## allow-register-all
Enables the register_all command without any pre-configured scope.
## deny-register-all
Denies the register_all command without any pre-configured scope.
## allow-unregister
Enables the unregister command without any pre-configured scope.
## deny-unregister
Denies the unregister command without any pre-configured scope.
## allow-unregister-all
Enables the unregister_all command without any pre-configured scope.
## deny-unregister-all
Denies the unregister_all command without any pre-configured scope.

@ -17,7 +17,6 @@
}, },
"set": { "set": {
"description": "A list of permissions sets defined", "description": "A list of permissions sets defined",
"default": [],
"type": "array", "type": "array",
"items": { "items": {
"$ref": "#/definitions/PermissionSet" "$ref": "#/definitions/PermissionSet"
@ -132,12 +131,25 @@
}, },
"scope": { "scope": {
"description": "Allowed or denied scoped when using this permission.", "description": "Allowed or denied scoped when using this permission.",
"default": {},
"allOf": [ "allOf": [
{ {
"$ref": "#/definitions/Scopes" "$ref": "#/definitions/Scopes"
} }
] ]
},
"platforms": {
"description": "Target platforms this permission applies. By default all platforms are affected by this permission.",
"default": [
"linux",
"macOS",
"windows",
"android",
"iOS"
],
"type": "array",
"items": {
"$ref": "#/definitions/Target"
}
} }
} }
}, },
@ -243,6 +255,46 @@
} }
] ]
}, },
"Target": {
"description": "Platform target.",
"oneOf": [
{
"description": "MacOS.",
"type": "string",
"enum": [
"macOS"
]
},
{
"description": "Windows.",
"type": "string",
"enum": [
"windows"
]
},
{
"description": "Linux.",
"type": "string",
"enum": [
"linux"
]
},
{
"description": "Android.",
"type": "string",
"enum": [
"android"
]
},
{
"description": "iOS.",
"type": "string",
"enum": [
"iOS"
]
}
]
},
"PermissionKind": { "PermissionKind": {
"type": "string", "type": "string",
"oneOf": [ "oneOf": [

@ -0,0 +1,23 @@
# Security Policy
**Do not report security vulnerabilities through public GitHub issues.**
**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
Include as much of the following information:
- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- The distribution affected or used to help us with reproduction of the issue
- Step-by-step instructions to reproduce the issue
- Ideally a reproduction repository
- Impact of the issue, including how an attacker might exploit the issue
We prefer to receive reports in English.
## Contact
Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).

@ -1,38 +1,11 @@
# Permissions | Permission | Description |
|------|-----|
## allow-fetch |`allow-fetch`|Enables the fetch command without any pre-configured scope.|
|`deny-fetch`|Denies the fetch command without any pre-configured scope.|
Enables the fetch command without any pre-configured scope. |`allow-fetch-cancel`|Enables the fetch_cancel command without any pre-configured scope.|
|`deny-fetch-cancel`|Denies the fetch_cancel command without any pre-configured scope.|
## deny-fetch |`allow-fetch-read-body`|Enables the fetch_read_body command without any pre-configured scope.|
|`deny-fetch-read-body`|Denies the fetch_read_body command without any pre-configured scope.|
Denies the fetch command without any pre-configured scope. |`allow-fetch-send`|Enables the fetch_send command without any pre-configured scope.|
|`deny-fetch-send`|Denies the fetch_send command without any pre-configured scope.|
## allow-fetch-cancel |`default`|Allows all fetch operations|
Enables the fetch_cancel command without any pre-configured scope.
## deny-fetch-cancel
Denies the fetch_cancel command without any pre-configured scope.
## allow-fetch-read-body
Enables the fetch_read_body command without any pre-configured scope.
## deny-fetch-read-body
Denies the fetch_read_body command without any pre-configured scope.
## allow-fetch-send
Enables the fetch_send command without any pre-configured scope.
## deny-fetch-send
Denies the fetch_send command without any pre-configured scope.
## default
Allows all fetch operations

@ -17,7 +17,6 @@
}, },
"set": { "set": {
"description": "A list of permissions sets defined", "description": "A list of permissions sets defined",
"default": [],
"type": "array", "type": "array",
"items": { "items": {
"$ref": "#/definitions/PermissionSet" "$ref": "#/definitions/PermissionSet"
@ -132,12 +131,25 @@
}, },
"scope": { "scope": {
"description": "Allowed or denied scoped when using this permission.", "description": "Allowed or denied scoped when using this permission.",
"default": {},
"allOf": [ "allOf": [
{ {
"$ref": "#/definitions/Scopes" "$ref": "#/definitions/Scopes"
} }
] ]
},
"platforms": {
"description": "Target platforms this permission applies. By default all platforms are affected by this permission.",
"default": [
"linux",
"macOS",
"windows",
"android",
"iOS"
],
"type": "array",
"items": {
"$ref": "#/definitions/Target"
}
} }
} }
}, },
@ -243,6 +255,46 @@
} }
] ]
}, },
"Target": {
"description": "Platform target.",
"oneOf": [
{
"description": "MacOS.",
"type": "string",
"enum": [
"macOS"
]
},
{
"description": "Windows.",
"type": "string",
"enum": [
"windows"
]
},
{
"description": "Linux.",
"type": "string",
"enum": [
"linux"
]
},
{
"description": "Android.",
"type": "string",
"enum": [
"android"
]
},
{
"description": "iOS.",
"type": "string",
"enum": [
"iOS"
]
}
]
},
"PermissionKind": { "PermissionKind": {
"type": "string", "type": "string",
"oneOf": [ "oneOf": [

@ -0,0 +1,23 @@
# Security Policy
**Do not report security vulnerabilities through public GitHub issues.**
**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
Include as much of the following information:
- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- The distribution affected or used to help us with reproduction of the issue
- Step-by-step instructions to reproduce the issue
- Ideally a reproduction repository
- Impact of the issue, including how an attacker might exploit the issue
We prefer to receive reports in English.
## Contact
Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).

@ -102,16 +102,6 @@ impl Builder {
on_request(&request, &mut response); on_request(&request, &mut response);
} }
#[cfg(target_os = "linux")]
if let Some(response_csp) =
response.headers.get("Content-Security-Policy")
{
let html = String::from_utf8_lossy(&asset.bytes);
let body =
html.replacen(tauri::utils::html::CSP_TOKEN, response_csp, 1);
asset.bytes = body.as_bytes().to_vec();
}
let mut resp = HttpResponse::from_data(asset.bytes); let mut resp = HttpResponse::from_data(asset.bytes);
for (header, value) in response.headers { for (header, value) in response.headers {
if let Ok(h) = Header::from_bytes(header.as_bytes(), value) { if let Ok(h) = Header::from_bytes(header.as_bytes(), value) {

@ -1,14 +1,5 @@
# Permissions | Permission | Description |
|------|-----|
## allow-log |`allow-log`|Enables the log command without any pre-configured scope.|
|`deny-log`|Denies the log command without any pre-configured scope.|
Enables the log command without any pre-configured scope. |`default`|Allows the log command|
## deny-log
Denies the log command without any pre-configured scope.
## default
Allows the log command

@ -17,7 +17,6 @@
}, },
"set": { "set": {
"description": "A list of permissions sets defined", "description": "A list of permissions sets defined",
"default": [],
"type": "array", "type": "array",
"items": { "items": {
"$ref": "#/definitions/PermissionSet" "$ref": "#/definitions/PermissionSet"
@ -132,12 +131,25 @@
}, },
"scope": { "scope": {
"description": "Allowed or denied scoped when using this permission.", "description": "Allowed or denied scoped when using this permission.",
"default": {},
"allOf": [ "allOf": [
{ {
"$ref": "#/definitions/Scopes" "$ref": "#/definitions/Scopes"
} }
] ]
},
"platforms": {
"description": "Target platforms this permission applies. By default all platforms are affected by this permission.",
"default": [
"linux",
"macOS",
"windows",
"android",
"iOS"
],
"type": "array",
"items": {
"$ref": "#/definitions/Target"
}
} }
} }
}, },
@ -243,6 +255,46 @@
} }
] ]
}, },
"Target": {
"description": "Platform target.",
"oneOf": [
{
"description": "MacOS.",
"type": "string",
"enum": [
"macOS"
]
},
{
"description": "Windows.",
"type": "string",
"enum": [
"windows"
]
},
{
"description": "Linux.",
"type": "string",
"enum": [
"linux"
]
},
{
"description": "Android.",
"type": "string",
"enum": [
"android"
]
},
{
"description": "iOS.",
"type": "string",
"enum": [
"iOS"
]
}
]
},
"PermissionKind": { "PermissionKind": {
"type": "string", "type": "string",
"oneOf": [ "oneOf": [

@ -0,0 +1,23 @@
# Security Policy
**Do not report security vulnerabilities through public GitHub issues.**
**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
Include as much of the following information:
- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- The distribution affected or used to help us with reproduction of the issue
- Step-by-step instructions to reproduce the issue
- Ideally a reproduction repository
- Impact of the issue, including how an attacker might exploit the issue
We prefer to receive reports in English.
## Contact
Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).

@ -1,26 +1,8 @@
# Permissions | Permission | Description |
|------|-----|
## allow-is-available |`allow-is-available`|Enables the is_available command without any pre-configured scope.|
|`deny-is-available`|Denies the is_available command without any pre-configured scope.|
Enables the is_available command without any pre-configured scope. |`allow-scan`|Enables the scan command without any pre-configured scope.|
|`deny-scan`|Denies the scan command without any pre-configured scope.|
## deny-is-available |`allow-write`|Enables the write command without any pre-configured scope.|
|`deny-write`|Denies the write command without any pre-configured scope.|
Denies the is_available command without any pre-configured scope.
## allow-scan
Enables the scan command without any pre-configured scope.
## deny-scan
Denies the scan command without any pre-configured scope.
## allow-write
Enables the write command without any pre-configured scope.
## deny-write
Denies the write command without any pre-configured scope.

@ -17,7 +17,6 @@
}, },
"set": { "set": {
"description": "A list of permissions sets defined", "description": "A list of permissions sets defined",
"default": [],
"type": "array", "type": "array",
"items": { "items": {
"$ref": "#/definitions/PermissionSet" "$ref": "#/definitions/PermissionSet"
@ -132,12 +131,25 @@
}, },
"scope": { "scope": {
"description": "Allowed or denied scoped when using this permission.", "description": "Allowed or denied scoped when using this permission.",
"default": {},
"allOf": [ "allOf": [
{ {
"$ref": "#/definitions/Scopes" "$ref": "#/definitions/Scopes"
} }
] ]
},
"platforms": {
"description": "Target platforms this permission applies. By default all platforms are affected by this permission.",
"default": [
"linux",
"macOS",
"windows",
"android",
"iOS"
],
"type": "array",
"items": {
"$ref": "#/definitions/Target"
}
} }
} }
}, },
@ -243,6 +255,46 @@
} }
] ]
}, },
"Target": {
"description": "Platform target.",
"oneOf": [
{
"description": "MacOS.",
"type": "string",
"enum": [
"macOS"
]
},
{
"description": "Windows.",
"type": "string",
"enum": [
"windows"
]
},
{
"description": "Linux.",
"type": "string",
"enum": [
"linux"
]
},
{
"description": "Android.",
"type": "string",
"enum": [
"android"
]
},
{
"description": "iOS.",
"type": "string",
"enum": [
"iOS"
]
}
]
},
"PermissionKind": { "PermissionKind": {
"type": "string", "type": "string",
"oneOf": [ "oneOf": [

@ -0,0 +1,23 @@
# Security Policy
**Do not report security vulnerabilities through public GitHub issues.**
**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
Include as much of the following information:
- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- The distribution affected or used to help us with reproduction of the issue
- Step-by-step instructions to reproduce the issue
- Ideally a reproduction repository
- Impact of the issue, including how an attacker might exploit the issue
We prefer to receive reports in English.
## Contact
Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).

@ -1,30 +1,9 @@
# Permissions | Permission | Description |
|------|-----|
## allow-is-permission-granted |`allow-is-permission-granted`|Enables the is_permission_granted command without any pre-configured scope.|
|`deny-is-permission-granted`|Denies the is_permission_granted command without any pre-configured scope.|
Enables the is_permission_granted command without any pre-configured scope. |`allow-notify`|Enables the notify command without any pre-configured scope.|
|`deny-notify`|Denies the notify command without any pre-configured scope.|
## deny-is-permission-granted |`allow-request-permission`|Enables the request_permission command without any pre-configured scope.|
|`deny-request-permission`|Denies the request_permission command without any pre-configured scope.|
Denies the is_permission_granted command without any pre-configured scope. |`default`|Allows requesting permission, checking permission state and sending notifications|
## allow-notify
Enables the notify command without any pre-configured scope.
## deny-notify
Denies the notify command without any pre-configured scope.
## allow-request-permission
Enables the request_permission command without any pre-configured scope.
## deny-request-permission
Denies the request_permission command without any pre-configured scope.
## default
Allows requesting permission, checking permission state and sending notifications

@ -17,7 +17,6 @@
}, },
"set": { "set": {
"description": "A list of permissions sets defined", "description": "A list of permissions sets defined",
"default": [],
"type": "array", "type": "array",
"items": { "items": {
"$ref": "#/definitions/PermissionSet" "$ref": "#/definitions/PermissionSet"
@ -132,12 +131,25 @@
}, },
"scope": { "scope": {
"description": "Allowed or denied scoped when using this permission.", "description": "Allowed or denied scoped when using this permission.",
"default": {},
"allOf": [ "allOf": [
{ {
"$ref": "#/definitions/Scopes" "$ref": "#/definitions/Scopes"
} }
] ]
},
"platforms": {
"description": "Target platforms this permission applies. By default all platforms are affected by this permission.",
"default": [
"linux",
"macOS",
"windows",
"android",
"iOS"
],
"type": "array",
"items": {
"$ref": "#/definitions/Target"
}
} }
} }
}, },
@ -243,6 +255,46 @@
} }
] ]
}, },
"Target": {
"description": "Platform target.",
"oneOf": [
{
"description": "MacOS.",
"type": "string",
"enum": [
"macOS"
]
},
{
"description": "Windows.",
"type": "string",
"enum": [
"windows"
]
},
{
"description": "Linux.",
"type": "string",
"enum": [
"linux"
]
},
{
"description": "Android.",
"type": "string",
"enum": [
"android"
]
},
{
"description": "iOS.",
"type": "string",
"enum": [
"iOS"
]
}
]
},
"PermissionKind": { "PermissionKind": {
"type": "string", "type": "string",
"oneOf": [ "oneOf": [

@ -0,0 +1,23 @@
# Security Policy
**Do not report security vulnerabilities through public GitHub issues.**
**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
Include as much of the following information:
- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- The distribution affected or used to help us with reproduction of the issue
- Step-by-step instructions to reproduce the issue
- Ideally a reproduction repository
- Impact of the issue, including how an attacker might exploit the issue
We prefer to receive reports in English.
## Contact
Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).

@ -1,66 +1,18 @@
# Permissions | Permission | Description |
|------|-----|
## allow-arch |`allow-arch`|Enables the arch command without any pre-configured scope.|
|`deny-arch`|Denies the arch command without any pre-configured scope.|
Enables the arch command without any pre-configured scope. |`allow-exe-extension`|Enables the exe_extension command without any pre-configured scope.|
|`deny-exe-extension`|Denies the exe_extension command without any pre-configured scope.|
## deny-arch |`allow-family`|Enables the family command without any pre-configured scope.|
|`deny-family`|Denies the family command without any pre-configured scope.|
Denies the arch command without any pre-configured scope. |`allow-hostname`|Enables the hostname command without any pre-configured scope.|
|`deny-hostname`|Denies the hostname command without any pre-configured scope.|
## allow-exe-extension |`allow-locale`|Enables the locale command without any pre-configured scope.|
|`deny-locale`|Denies the locale command without any pre-configured scope.|
Enables the exe_extension command without any pre-configured scope. |`allow-os-type`|Enables the os_type command without any pre-configured scope.|
|`deny-os-type`|Denies the os_type command without any pre-configured scope.|
## deny-exe-extension |`allow-platform`|Enables the platform command without any pre-configured scope.|
|`deny-platform`|Denies the platform command without any pre-configured scope.|
Denies the exe_extension command without any pre-configured scope. |`allow-version`|Enables the version command without any pre-configured scope.|
|`deny-version`|Denies the version command without any pre-configured scope.|
## allow-family
Enables the family command without any pre-configured scope.
## deny-family
Denies the family command without any pre-configured scope.
## allow-hostname
Enables the hostname command without any pre-configured scope.
## deny-hostname
Denies the hostname command without any pre-configured scope.
## allow-locale
Enables the locale command without any pre-configured scope.
## deny-locale
Denies the locale command without any pre-configured scope.
## allow-os-type
Enables the os_type command without any pre-configured scope.
## deny-os-type
Denies the os_type command without any pre-configured scope.
## allow-platform
Enables the platform command without any pre-configured scope.
## deny-platform
Denies the platform command without any pre-configured scope.
## allow-version
Enables the version command without any pre-configured scope.
## deny-version
Denies the version command without any pre-configured scope.

@ -17,7 +17,6 @@
}, },
"set": { "set": {
"description": "A list of permissions sets defined", "description": "A list of permissions sets defined",
"default": [],
"type": "array", "type": "array",
"items": { "items": {
"$ref": "#/definitions/PermissionSet" "$ref": "#/definitions/PermissionSet"
@ -132,12 +131,25 @@
}, },
"scope": { "scope": {
"description": "Allowed or denied scoped when using this permission.", "description": "Allowed or denied scoped when using this permission.",
"default": {},
"allOf": [ "allOf": [
{ {
"$ref": "#/definitions/Scopes" "$ref": "#/definitions/Scopes"
} }
] ]
},
"platforms": {
"description": "Target platforms this permission applies. By default all platforms are affected by this permission.",
"default": [
"linux",
"macOS",
"windows",
"android",
"iOS"
],
"type": "array",
"items": {
"$ref": "#/definitions/Target"
}
} }
} }
}, },
@ -243,6 +255,46 @@
} }
] ]
}, },
"Target": {
"description": "Platform target.",
"oneOf": [
{
"description": "MacOS.",
"type": "string",
"enum": [
"macOS"
]
},
{
"description": "Windows.",
"type": "string",
"enum": [
"windows"
]
},
{
"description": "Linux.",
"type": "string",
"enum": [
"linux"
]
},
{
"description": "Android.",
"type": "string",
"enum": [
"android"
]
},
{
"description": "iOS.",
"type": "string",
"enum": [
"iOS"
]
}
]
},
"PermissionKind": { "PermissionKind": {
"type": "string", "type": "string",
"oneOf": [ "oneOf": [

@ -0,0 +1,23 @@
# Security Policy
**Do not report security vulnerabilities through public GitHub issues.**
**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
Include as much of the following information:
- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- The distribution affected or used to help us with reproduction of the issue
- Step-by-step instructions to reproduce the issue
- Ideally a reproduction repository
- Impact of the issue, including how an attacker might exploit the issue
We prefer to receive reports in English.
## Contact
Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).

@ -0,0 +1,23 @@
# Security Policy
**Do not report security vulnerabilities through public GitHub issues.**
**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
Include as much of the following information:
- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- The distribution affected or used to help us with reproduction of the issue
- Step-by-step instructions to reproduce the issue
- Ideally a reproduction repository
- Impact of the issue, including how an attacker might exploit the issue
We prefer to receive reports in English.
## Contact
Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).

@ -1,14 +1,5 @@
# Permissions | Permission | Description |
|------|-----|
## allow-move-window |`allow-move-window`|Enables the move_window command without any pre-configured scope.|
|`deny-move-window`|Denies the move_window command without any pre-configured scope.|
Enables the move_window command without any pre-configured scope. |`default`|Allows the move_window command|
## deny-move-window
Denies the move_window command without any pre-configured scope.
## default
Allows the move_window command

@ -17,7 +17,6 @@
}, },
"set": { "set": {
"description": "A list of permissions sets defined", "description": "A list of permissions sets defined",
"default": [],
"type": "array", "type": "array",
"items": { "items": {
"$ref": "#/definitions/PermissionSet" "$ref": "#/definitions/PermissionSet"
@ -132,12 +131,25 @@
}, },
"scope": { "scope": {
"description": "Allowed or denied scoped when using this permission.", "description": "Allowed or denied scoped when using this permission.",
"default": {},
"allOf": [ "allOf": [
{ {
"$ref": "#/definitions/Scopes" "$ref": "#/definitions/Scopes"
} }
] ]
},
"platforms": {
"description": "Target platforms this permission applies. By default all platforms are affected by this permission.",
"default": [
"linux",
"macOS",
"windows",
"android",
"iOS"
],
"type": "array",
"items": {
"$ref": "#/definitions/Target"
}
} }
} }
}, },
@ -243,6 +255,46 @@
} }
] ]
}, },
"Target": {
"description": "Platform target.",
"oneOf": [
{
"description": "MacOS.",
"type": "string",
"enum": [
"macOS"
]
},
{
"description": "Windows.",
"type": "string",
"enum": [
"windows"
]
},
{
"description": "Linux.",
"type": "string",
"enum": [
"linux"
]
},
{
"description": "Android.",
"type": "string",
"enum": [
"android"
]
},
{
"description": "iOS.",
"type": "string",
"enum": [
"iOS"
]
}
]
},
"PermissionKind": { "PermissionKind": {
"type": "string", "type": "string",
"oneOf": [ "oneOf": [

@ -0,0 +1,23 @@
# Security Policy
**Do not report security vulnerabilities through public GitHub issues.**
**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
Include as much of the following information:
- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- The distribution affected or used to help us with reproduction of the issue
- Step-by-step instructions to reproduce the issue
- Ideally a reproduction repository
- Impact of the issue, including how an attacker might exploit the issue
We prefer to receive reports in English.
## Contact
Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).

@ -1,18 +1,6 @@
# Permissions | Permission | Description |
|------|-----|
## allow-exit |`allow-exit`|Enables the exit command without any pre-configured scope.|
|`deny-exit`|Denies the exit command without any pre-configured scope.|
Enables the exit command without any pre-configured scope. |`allow-restart`|Enables the restart command without any pre-configured scope.|
|`deny-restart`|Denies the restart command without any pre-configured scope.|
## deny-exit
Denies the exit command without any pre-configured scope.
## allow-restart
Enables the restart command without any pre-configured scope.
## deny-restart
Denies the restart command without any pre-configured scope.

@ -17,7 +17,6 @@
}, },
"set": { "set": {
"description": "A list of permissions sets defined", "description": "A list of permissions sets defined",
"default": [],
"type": "array", "type": "array",
"items": { "items": {
"$ref": "#/definitions/PermissionSet" "$ref": "#/definitions/PermissionSet"
@ -132,12 +131,25 @@
}, },
"scope": { "scope": {
"description": "Allowed or denied scoped when using this permission.", "description": "Allowed or denied scoped when using this permission.",
"default": {},
"allOf": [ "allOf": [
{ {
"$ref": "#/definitions/Scopes" "$ref": "#/definitions/Scopes"
} }
] ]
},
"platforms": {
"description": "Target platforms this permission applies. By default all platforms are affected by this permission.",
"default": [
"linux",
"macOS",
"windows",
"android",
"iOS"
],
"type": "array",
"items": {
"$ref": "#/definitions/Target"
}
} }
} }
}, },
@ -243,6 +255,46 @@
} }
] ]
}, },
"Target": {
"description": "Platform target.",
"oneOf": [
{
"description": "MacOS.",
"type": "string",
"enum": [
"macOS"
]
},
{
"description": "Windows.",
"type": "string",
"enum": [
"windows"
]
},
{
"description": "Linux.",
"type": "string",
"enum": [
"linux"
]
},
{
"description": "Android.",
"type": "string",
"enum": [
"android"
]
},
{
"description": "iOS.",
"type": "string",
"enum": [
"iOS"
]
}
]
},
"PermissionKind": { "PermissionKind": {
"type": "string", "type": "string",
"oneOf": [ "oneOf": [

@ -26,6 +26,6 @@ log = { workspace = true }
thiserror = { workspace = true } thiserror = { workspace = true }
shared_child = "1" shared_child = "1"
regex = "1" regex = "1"
open = "4" open = { version = "5", features = [ "shellexecute-on-windows" ] }
encoding_rs = "0.8" encoding_rs = "0.8"
os_pipe = "1" os_pipe = "1"

@ -0,0 +1,23 @@
# Security Policy
**Do not report security vulnerabilities through public GitHub issues.**
**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
Include as much of the following information:
- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- The distribution affected or used to help us with reproduction of the issue
- Step-by-step instructions to reproduce the issue
- Ideally a reproduction repository
- Impact of the issue, including how an attacker might exploit the issue
We prefer to receive reports in English.
## Contact
Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).

@ -1,34 +1,10 @@
# Permissions | Permission | Description |
|------|-----|
## allow-execute |`allow-execute`|Enables the execute command without any pre-configured scope.|
|`deny-execute`|Denies the execute command without any pre-configured scope.|
Enables the execute command without any pre-configured scope. |`allow-kill`|Enables the kill command without any pre-configured scope.|
|`deny-kill`|Denies the kill command without any pre-configured scope.|
## deny-execute |`allow-open`|Enables the open command without any pre-configured scope.|
|`deny-open`|Denies the open command without any pre-configured scope.|
Denies the execute command without any pre-configured scope. |`allow-stdin-write`|Enables the stdin_write command without any pre-configured scope.|
|`deny-stdin-write`|Denies the stdin_write command without any pre-configured scope.|
## allow-kill
Enables the kill command without any pre-configured scope.
## deny-kill
Denies the kill command without any pre-configured scope.
## allow-open
Enables the open command without any pre-configured scope.
## deny-open
Denies the open command without any pre-configured scope.
## allow-stdin-write
Enables the stdin_write command without any pre-configured scope.
## deny-stdin-write
Denies the stdin_write command without any pre-configured scope.

@ -17,7 +17,6 @@
}, },
"set": { "set": {
"description": "A list of permissions sets defined", "description": "A list of permissions sets defined",
"default": [],
"type": "array", "type": "array",
"items": { "items": {
"$ref": "#/definitions/PermissionSet" "$ref": "#/definitions/PermissionSet"
@ -132,12 +131,25 @@
}, },
"scope": { "scope": {
"description": "Allowed or denied scoped when using this permission.", "description": "Allowed or denied scoped when using this permission.",
"default": {},
"allOf": [ "allOf": [
{ {
"$ref": "#/definitions/Scopes" "$ref": "#/definitions/Scopes"
} }
] ]
},
"platforms": {
"description": "Target platforms this permission applies. By default all platforms are affected by this permission.",
"default": [
"linux",
"macOS",
"windows",
"android",
"iOS"
],
"type": "array",
"items": {
"$ref": "#/definitions/Target"
}
} }
} }
}, },
@ -243,6 +255,46 @@
} }
] ]
}, },
"Target": {
"description": "Platform target.",
"oneOf": [
{
"description": "MacOS.",
"type": "string",
"enum": [
"macOS"
]
},
{
"description": "Windows.",
"type": "string",
"enum": [
"windows"
]
},
{
"description": "Linux.",
"type": "string",
"enum": [
"linux"
]
},
{
"description": "Android.",
"type": "string",
"enum": [
"android"
]
},
{
"description": "iOS.",
"type": "string",
"enum": [
"iOS"
]
}
]
},
"PermissionKind": { "PermissionKind": {
"type": "string", "type": "string",
"oneOf": [ "oneOf": [

@ -0,0 +1,23 @@
# Security Policy
**Do not report security vulnerabilities through public GitHub issues.**
**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
Include as much of the following information:
- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- The distribution affected or used to help us with reproduction of the issue
- Step-by-step instructions to reproduce the issue
- Ideally a reproduction repository
- Impact of the issue, including how an attacker might exploit the issue
We prefer to receive reports in English.
## Contact
Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).

@ -70,7 +70,8 @@ pub fn init<R: Runtime>(f: Box<SingleInstanceCallback<R>>) -> TauriPlugin<R> {
), ),
); );
} }
std::process::exit(0) app.cleanup_before_exit();
std::process::exit(0);
} }
_ => {} _ => {}
} }

@ -62,7 +62,8 @@ pub fn init<R: Runtime>(f: Box<SingleInstanceCallback<R>>) -> TauriPlugin<R> {
lpData: bytes.as_ptr() as _, lpData: bytes.as_ptr() as _,
}; };
SendMessageW(hwnd, WM_COPYDATA, 0, &cds as *const _ as _); SendMessageW(hwnd, WM_COPYDATA, 0, &cds as *const _ as _);
app.exit(0); app.cleanup_before_exit();
std::process::exit(0);
} }
} }
} else { } else {

@ -0,0 +1,23 @@
# Security Policy
**Do not report security vulnerabilities through public GitHub issues.**
**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
Include as much of the following information:
- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- The distribution affected or used to help us with reproduction of the issue
- Step-by-step instructions to reproduce the issue
- Ideally a reproduction repository
- Impact of the issue, including how an attacker might exploit the issue
We prefer to receive reports in English.
## Contact
Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).

@ -1,34 +1,10 @@
# Permissions | Permission | Description |
|------|-----|
## allow-close |`allow-close`|Enables the close command without any pre-configured scope.|
|`deny-close`|Denies the close command without any pre-configured scope.|
Enables the close command without any pre-configured scope. |`allow-execute`|Enables the execute command without any pre-configured scope.|
|`deny-execute`|Denies the execute command without any pre-configured scope.|
## deny-close |`allow-load`|Enables the load command without any pre-configured scope.|
|`deny-load`|Denies the load command without any pre-configured scope.|
Denies the close command without any pre-configured scope. |`allow-select`|Enables the select command without any pre-configured scope.|
|`deny-select`|Denies the select command without any pre-configured scope.|
## allow-execute
Enables the execute command without any pre-configured scope.
## deny-execute
Denies the execute command without any pre-configured scope.
## allow-load
Enables the load command without any pre-configured scope.
## deny-load
Denies the load command without any pre-configured scope.
## allow-select
Enables the select command without any pre-configured scope.
## deny-select
Denies the select command without any pre-configured scope.

@ -17,7 +17,6 @@
}, },
"set": { "set": {
"description": "A list of permissions sets defined", "description": "A list of permissions sets defined",
"default": [],
"type": "array", "type": "array",
"items": { "items": {
"$ref": "#/definitions/PermissionSet" "$ref": "#/definitions/PermissionSet"
@ -132,12 +131,25 @@
}, },
"scope": { "scope": {
"description": "Allowed or denied scoped when using this permission.", "description": "Allowed or denied scoped when using this permission.",
"default": {},
"allOf": [ "allOf": [
{ {
"$ref": "#/definitions/Scopes" "$ref": "#/definitions/Scopes"
} }
] ]
},
"platforms": {
"description": "Target platforms this permission applies. By default all platforms are affected by this permission.",
"default": [
"linux",
"macOS",
"windows",
"android",
"iOS"
],
"type": "array",
"items": {
"$ref": "#/definitions/Target"
}
} }
} }
}, },
@ -243,6 +255,46 @@
} }
] ]
}, },
"Target": {
"description": "Platform target.",
"oneOf": [
{
"description": "MacOS.",
"type": "string",
"enum": [
"macOS"
]
},
{
"description": "Windows.",
"type": "string",
"enum": [
"windows"
]
},
{
"description": "Linux.",
"type": "string",
"enum": [
"linux"
]
},
{
"description": "Android.",
"type": "string",
"enum": [
"android"
]
},
{
"description": "iOS.",
"type": "string",
"enum": [
"iOS"
]
}
]
},
"PermissionKind": { "PermissionKind": {
"type": "string", "type": "string",
"oneOf": [ "oneOf": [

@ -0,0 +1,23 @@
# Security Policy
**Do not report security vulnerabilities through public GitHub issues.**
**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
Include as much of the following information:
- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- The distribution affected or used to help us with reproduction of the issue
- Step-by-step instructions to reproduce the issue
- Ideally a reproduction repository
- Impact of the issue, including how an attacker might exploit the issue
We prefer to receive reports in English.
## Contact
Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).

@ -0,0 +1,40 @@
plugins {
id("com.android.library")
id("org.jetbrains.kotlin.android")
}
android {
namespace = "app.tauri.store"
compileSdk = 33
defaultConfig {
minSdk = 19
targetSdk = 33
testInstrumentationRunner = "androidx.test.runner.AndroidJUnitRunner"
consumerProguardFiles("consumer-rules.pro")
}
buildTypes {
release {
isMinifyEnabled = false
proguardFiles(
getDefaultProguardFile("proguard-android-optimize.txt"),
"proguard-rules.pro"
)
}
}
compileOptions {
sourceCompatibility = JavaVersion.VERSION_1_8
targetCompatibility = JavaVersion.VERSION_1_8
}
kotlinOptions {
jvmTarget = "1.8"
}
}
dependencies {
implementation("androidx.core:core-ktx:1.9.0")
implementation("com.fasterxml.jackson.core:jackson-databind:2.15.3")
implementation(project(":tauri-android"))
}

@ -0,0 +1,21 @@
# Add project specific ProGuard rules here.
# You can control the set of applied configuration files using the
# proguardFiles setting in build.gradle.
#
# For more details, see
# http://developer.android.com/guide/developing/tools/proguard.html
# If your project uses WebView with JS, uncomment the following
# and specify the fully qualified class name to the JavaScript interface
# class:
#-keepclassmembers class fqcn.of.javascript.interface.for.webview {
# public *;
#}
# Uncomment this to preserve the line number information for
# debugging stack traces.
#-keepattributes SourceFile,LineNumberTable
# If you keep the line number information, uncomment this to
# hide the original source file name.
#-renamesourcefileattribute SourceFile

@ -0,0 +1,2 @@
include ':tauri-android'
project(':tauri-android').projectDir = new File('./.tauri/tauri-api')

@ -0,0 +1,3 @@
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android">
</manifest>

@ -0,0 +1,50 @@
// Copyright 2019-2023 Tauri Programme within The Commons Conservancy
// SPDX-License-Identifier: Apache-2.0
// SPDX-License-Identifier: MIT
package app.tauri.store
import android.app.Activity
import app.tauri.annotation.Command
import app.tauri.annotation.TauriPlugin
import app.tauri.plugin.Invoke
import app.tauri.plugin.Plugin
import com.fasterxml.jackson.databind.JsonNode
import com.fasterxml.jackson.databind.ObjectMapper
import java.io.File
@TauriPlugin
class StorePlugin(private val activity: Activity) : Plugin(activity) {
@Command
fun load(invoke: Invoke) {
try {
val path = invoke.parseArgs(String::class.java)
val file = File(activity.applicationContext.getExternalFilesDir(null), path)
invoke.resolveObject(ObjectMapper().readTree(file))
} catch (ex: Exception) {
invoke.reject(ex.message)
}
}
@Command
fun save(invoke: Invoke) {
try {
val args = invoke.parseArgs(JsonNode::class.java)
val path = args.get("store").asText()
val cache = args.get("cache")
val file = File(activity.applicationContext.getExternalFilesDir(null), path)
if (!file.exists()) {
file.parentFile?.mkdirs()
file.createNewFile()
}
file.writeText(cache.toString())
invoke.resolve()
} catch (ex: Exception) {
invoke.reject(ex.message)
}
}
}

@ -8,5 +8,8 @@ const COMMANDS: &[&str] = &[
]; ];
fn main() { fn main() {
tauri_plugin::Builder::new(COMMANDS).build(); tauri_plugin::Builder::new(COMMANDS)
.android_path("android")
.ios_path("ios")
.build();
} }

@ -0,0 +1,16 @@
{
"object": {
"pins": [
{
"package": "SwiftRs",
"repositoryURL": "https://github.com/Brendonovich/swift-rs",
"state": {
"branch": null,
"revision": "b5ed223fcdab165bc21219c1925dc1e77e2bef5e",
"version": "1.0.6"
}
}
]
},
"version": 1
}

@ -0,0 +1,33 @@
// swift-tools-version:5.3
// Copyright 2019-2023 Tauri Programme within The Commons Conservancy
// SPDX-License-Identifier: Apache-2.0
// SPDX-License-Identifier: MIT
import PackageDescription
let package = Package(
name: "tauri-plugin-store",
platforms: [
.iOS(.v13),
],
products: [
// Products define the executables and libraries a package produces, and make them visible to other packages.
.library(
name: "tauri-plugin-store",
type: .static,
targets: ["tauri-plugin-store"]),
],
dependencies: [
.package(name: "Tauri", path: "../.tauri/tauri-api")
],
targets: [
// Targets are the basic building blocks of a package. A target can define a module or a test suite.
// Targets can depend on other targets in this package, and on products in packages this package depends on.
.target(
name: "tauri-plugin-store",
dependencies: [
.byName(name: "Tauri")
],
path: "Sources")
]
)

@ -0,0 +1,217 @@
// Copyright 2019-2023 Tauri Programme within The Commons Conservancy
// SPDX-License-Identifier: Apache-2.0
// SPDX-License-Identifier: MIT
import Foundation
import SwiftRs
import Tauri
import UIKit
import WebKit
struct SaveStore: Codable {
let store: String
let cache: [String: JSON]
}
class StorePlugin: Plugin {
@objc public func save(_ invoke: Invoke) throws {
do {
let args = try invoke.parseArgs(SaveStore.self)
let store = args.store
let cache = args.cache
let fileURL = getUrlFromPath(path: store, createDirs: true)
try JSONEncoder().encode(cache).write(to: fileURL)
invoke.resolve()
} catch {
invoke.reject(error.localizedDescription)
}
}
@objc public func load(_ invoke: Invoke) throws {
do {
let path = try invoke.parseArgs(String.self)
let fileURL = getUrlFromPath(path: path, createDirs: false)
let data = try String(contentsOf: fileURL)
let passData = dictionary(text: data)
invoke.resolve(passData)
} catch {
invoke.reject(error.localizedDescription)
}
}
func dictionary(text: String) -> [String: Any?] {
if let data = text.data(using: .utf8) {
do {
return try JSONSerialization.jsonObject(with: data, options: []) as! [String: Any]
} catch {
fatalError(error.localizedDescription)
}
}
return [:]
}
func getUrlFromPath(path: String, createDirs: Bool) -> URL {
do {
var url = try FileManager.default
.url(
for: .applicationSupportDirectory,
in: .userDomainMask,
appropriateFor: nil,
create: true
)
let components = path.split(separator: "/").map { element in String(element) }
if components.count == 1 {
return url.appendPath(path: path, isDirectory: false)
}
for i in 0..<components.count {
url = url.appendPath(path: components[i], isDirectory: true)
}
if components.count > 1 && createDirs {
try FileManager.default.createDirectory(at: url, withIntermediateDirectories: true)
}
url = url.appendPath(path: components.last!, isDirectory: false)
return url
} catch {
fatalError(error.localizedDescription)
}
}
}
@_cdecl("init_plugin_store")
func initPlugin() -> Plugin {
return StorePlugin()
}
private extension URL {
func appendPath(path: String, isDirectory: Bool) -> URL {
if #available(iOS 16.0, *) {
return self.appending(path: path, directoryHint: isDirectory ? .isDirectory : .notDirectory)
} else {
return self.appendingPathComponent(path, isDirectory: isDirectory)
}
}
}
public enum JSON : Codable {
case null
case number(NSNumber)
case string(String)
case array([JSON])
case bool(Bool)
case dictionary([String : JSON])
public var value: Any? {
switch self {
case .null: return nil
case .number(let number): return number
case .string(let string): return string
case .bool(let bool): return bool
case .array(let array): return array.map { $0.value }
case .dictionary(let dictionary): return dictionary.mapValues { $0.value }
}
}
public init?(_ value: Any?) {
guard let value = value else {
self = .null
return
}
if let bool = value as? Bool {
self = .bool(bool)
} else if let int = value as? Int {
self = .number(NSNumber(value: int))
} else if let double = value as? Double {
self = .number(NSNumber(value: double))
} else if let string = value as? String {
self = .string(string)
} else if let array = value as? [Any] {
var mapped = [JSON]()
for inner in array {
guard let inner = JSON(inner) else {
return nil
}
mapped.append(inner)
}
self = .array(mapped)
} else if let dictionary = value as? [String : Any] {
var mapped = [String : JSON]()
for (key, inner) in dictionary {
guard let inner = JSON(inner) else {
return nil
}
mapped[key] = inner
}
self = .dictionary(mapped)
} else {
return nil
}
}
public init(from decoder: Decoder) throws {
let container = try decoder.singleValueContainer()
guard !container.decodeNil() else {
self = .null
return
}
if let bool = try container.decodeIfMatched(Bool.self) {
self = .bool(bool)
} else if let int = try container.decodeIfMatched(Int.self) {
self = .number(NSNumber(value: int))
} else if let double = try container.decodeIfMatched(Double.self) {
self = .number(NSNumber(value: double))
} else if let string = try container.decodeIfMatched(String.self) {
self = .string(string)
} else if let array = try container.decodeIfMatched([JSON].self) {
self = .array(array)
} else if let dictionary = try container.decodeIfMatched([String : JSON].self) {
self = .dictionary(dictionary)
} else {
throw DecodingError.typeMismatch(JSON.self, DecodingError.Context(codingPath: decoder.codingPath, debugDescription: "Unable to decode JSON as any of the possible types."))
}
}
public func encode(to encoder: Encoder) throws {
var container = encoder.singleValueContainer()
switch self {
case .null: try container.encodeNil()
case .bool(let bool): try container.encode(bool)
case .number(let number):
if number.objCType.pointee == 0x64 /* 'd' */ {
try container.encode(number.doubleValue)
} else {
try container.encode(number.intValue)
}
case .string(let string): try container.encode(string)
case .array(let array): try container.encode(array)
case .dictionary(let dictionary): try container.encode(dictionary)
}
}
}
fileprivate extension SingleValueDecodingContainer {
func decodeIfMatched<T : Decodable>(_ type: T.Type) throws -> T? {
do {
return try self.decode(T.self)
} catch DecodingError.typeMismatch {
return nil
}
}
}

@ -1,98 +1,26 @@
# Permissions | Permission | Description |
|------|-----|
## allow-clear |`allow-clear`|Enables the clear command without any pre-configured scope.|
|`deny-clear`|Denies the clear command without any pre-configured scope.|
Enables the clear command without any pre-configured scope. |`allow-delete`|Enables the delete command without any pre-configured scope.|
|`deny-delete`|Denies the delete command without any pre-configured scope.|
## deny-clear |`allow-entries`|Enables the entries command without any pre-configured scope.|
|`deny-entries`|Denies the entries command without any pre-configured scope.|
Denies the clear command without any pre-configured scope. |`allow-get`|Enables the get command without any pre-configured scope.|
|`deny-get`|Denies the get command without any pre-configured scope.|
## allow-delete |`allow-has`|Enables the has command without any pre-configured scope.|
|`deny-has`|Denies the has command without any pre-configured scope.|
Enables the delete command without any pre-configured scope. |`allow-keys`|Enables the keys command without any pre-configured scope.|
|`deny-keys`|Denies the keys command without any pre-configured scope.|
## deny-delete |`allow-length`|Enables the length command without any pre-configured scope.|
|`deny-length`|Denies the length command without any pre-configured scope.|
Denies the delete command without any pre-configured scope. |`allow-load`|Enables the load command without any pre-configured scope.|
|`deny-load`|Denies the load command without any pre-configured scope.|
## allow-entries |`allow-reset`|Enables the reset command without any pre-configured scope.|
|`deny-reset`|Denies the reset command without any pre-configured scope.|
Enables the entries command without any pre-configured scope. |`allow-save`|Enables the save command without any pre-configured scope.|
|`deny-save`|Denies the save command without any pre-configured scope.|
## deny-entries |`allow-set`|Enables the set command without any pre-configured scope.|
|`deny-set`|Denies the set command without any pre-configured scope.|
Denies the entries command without any pre-configured scope. |`allow-values`|Enables the values command without any pre-configured scope.|
|`deny-values`|Denies the values command without any pre-configured scope.|
## allow-get
Enables the get command without any pre-configured scope.
## deny-get
Denies the get command without any pre-configured scope.
## allow-has
Enables the has command without any pre-configured scope.
## deny-has
Denies the has command without any pre-configured scope.
## allow-keys
Enables the keys command without any pre-configured scope.
## deny-keys
Denies the keys command without any pre-configured scope.
## allow-length
Enables the length command without any pre-configured scope.
## deny-length
Denies the length command without any pre-configured scope.
## allow-load
Enables the load command without any pre-configured scope.
## deny-load
Denies the load command without any pre-configured scope.
## allow-reset
Enables the reset command without any pre-configured scope.
## deny-reset
Denies the reset command without any pre-configured scope.
## allow-save
Enables the save command without any pre-configured scope.
## deny-save
Denies the save command without any pre-configured scope.
## allow-set
Enables the set command without any pre-configured scope.
## deny-set
Denies the set command without any pre-configured scope.
## allow-values
Enables the values command without any pre-configured scope.
## deny-values
Denies the values command without any pre-configured scope.

@ -17,7 +17,6 @@
}, },
"set": { "set": {
"description": "A list of permissions sets defined", "description": "A list of permissions sets defined",
"default": [],
"type": "array", "type": "array",
"items": { "items": {
"$ref": "#/definitions/PermissionSet" "$ref": "#/definitions/PermissionSet"
@ -132,12 +131,25 @@
}, },
"scope": { "scope": {
"description": "Allowed or denied scoped when using this permission.", "description": "Allowed or denied scoped when using this permission.",
"default": {},
"allOf": [ "allOf": [
{ {
"$ref": "#/definitions/Scopes" "$ref": "#/definitions/Scopes"
} }
] ]
},
"platforms": {
"description": "Target platforms this permission applies. By default all platforms are affected by this permission.",
"default": [
"linux",
"macOS",
"windows",
"android",
"iOS"
],
"type": "array",
"items": {
"$ref": "#/definitions/Target"
}
} }
} }
}, },
@ -243,6 +255,46 @@
} }
] ]
}, },
"Target": {
"description": "Platform target.",
"oneOf": [
{
"description": "MacOS.",
"type": "string",
"enum": [
"macOS"
]
},
{
"description": "Windows.",
"type": "string",
"enum": [
"windows"
]
},
{
"description": "Linux.",
"type": "string",
"enum": [
"linux"
]
},
{
"description": "Android.",
"type": "string",
"enum": [
"android"
]
},
{
"description": "iOS.",
"type": "string",
"enum": [
"iOS"
]
}
]
},
"PermissionKind": { "PermissionKind": {
"type": "string", "type": "string",
"oneOf": [ "oneOf": [

@ -0,0 +1,49 @@
// Copyright 2019-2023 Tauri Programme within The Commons Conservancy
// SPDX-License-Identifier: Apache-2.0
// SPDX-License-Identifier: MIT
use crate::Error;
use crate::Runtime;
use crate::Store;
use std::fs::create_dir_all;
use std::fs::read;
use std::fs::File;
use std::io::Write;
use tauri::Manager;
#[cfg(desktop)]
impl<R: Runtime> Store<R> {
pub fn save(&self) -> Result<(), Error> {
let app_dir = self
.app
.path()
.app_data_dir()
.expect("failed to resolve app dir");
let store_path = app_dir.join(&self.path);
create_dir_all(store_path.parent().expect("invalid store path"))?;
let bytes = (self.serialize)(&self.cache).map_err(Error::Serialize)?;
let mut f = File::create(&store_path)?;
f.write_all(&bytes)?;
Ok(())
}
/// Update the store from the on-disk state
pub fn load(&mut self) -> Result<(), Error> {
let app_dir = self
.app
.path()
.app_data_dir()
.expect("failed to resolve app dir");
let store_path = app_dir.join(&self.path);
let bytes = read(store_path)?;
self.cache
.extend((self.deserialize)(&bytes).map_err(Error::Deserialize)?);
Ok(())
}
}

@ -5,10 +5,19 @@
use serde::{Serialize, Serializer}; use serde::{Serialize, Serializer};
use std::path::PathBuf; use std::path::PathBuf;
pub type Result<T> = std::result::Result<T, Error>;
/// The error types. /// The error types.
#[derive(thiserror::Error, Debug)] #[derive(thiserror::Error, Debug)]
#[non_exhaustive] #[non_exhaustive]
pub enum Error { pub enum Error {
#[cfg(mobile)]
#[error(transparent)]
PluginInvoke(#[from] tauri::plugin::mobile::PluginInvokeError),
/// Mobile plugin handled is not initialized, Probably [`StoreBuilder::mobile_plugin_handle`] was not called.
#[cfg(mobile)]
#[error("Mobile plugin handled is not initialized, Perhaps you forgot to call StoreBuilder::mobile_plugin_handle")]
MobilePluginHandleUnInitialized,
#[error("Failed to serialize store. {0}")] #[error("Failed to serialize store. {0}")]
Serialize(Box<dyn std::error::Error + Send + Sync>), Serialize(Box<dyn std::error::Error + Send + Sync>),
#[error("Failed to deserialize store. {0}")] #[error("Failed to deserialize store. {0}")]

@ -11,7 +11,7 @@
html_favicon_url = "https://github.com/tauri-apps/tauri/raw/dev/app-icon.png" html_favicon_url = "https://github.com/tauri-apps/tauri/raw/dev/app-icon.png"
)] )]
pub use error::Error; pub use error::{Error, Result};
use log::warn; use log::warn;
use serde::Serialize; use serde::Serialize;
pub use serde_json::Value as JsonValue; pub use serde_json::Value as JsonValue;
@ -29,6 +29,18 @@ use tauri::{
mod error; mod error;
mod store; mod store;
#[cfg(mobile)]
mod mobile;
#[cfg(mobile)]
use crate::plugin::PluginHandle;
#[cfg(target_os = "android")]
const PLUGIN_IDENTIFIER: &str = "app.tauri.store";
#[cfg(target_os = "ios")]
tauri::ios_plugin_binding!(init_plugin_store);
#[cfg(desktop)]
mod desktop;
#[derive(Serialize, Clone)] #[derive(Serialize, Clone)]
struct ChangePayload<'a> { struct ChangePayload<'a> {
path: &'a Path, path: &'a Path,
@ -36,18 +48,20 @@ struct ChangePayload<'a> {
value: &'a JsonValue, value: &'a JsonValue,
} }
#[derive(Default)] struct StoreCollection<R: Runtime> {
pub struct StoreCollection<R: Runtime> {
stores: Mutex<HashMap<PathBuf, Store<R>>>, stores: Mutex<HashMap<PathBuf, Store<R>>>,
frozen: bool, frozen: bool,
#[cfg(mobile)]
mobile_plugin_handle: PluginHandle<R>,
} }
pub fn with_store<R: Runtime, T, F: FnOnce(&mut Store<R>) -> Result<T, Error>>( fn with_store<R: Runtime, T, F: FnOnce(&mut Store<R>) -> Result<T>>(
app: AppHandle<R>, app: AppHandle<R>,
collection: State<'_, StoreCollection<R>>, collection: State<'_, StoreCollection<R>>,
path: impl AsRef<Path>, path: impl AsRef<Path>,
f: F, f: F,
) -> Result<T, Error> { ) -> Result<T> {
let mut stores = collection.stores.lock().expect("mutex poisoned"); let mut stores = collection.stores.lock().expect("mutex poisoned");
let path = path.as_ref(); let path = path.as_ref();
@ -55,7 +69,17 @@ pub fn with_store<R: Runtime, T, F: FnOnce(&mut Store<R>) -> Result<T, Error>>(
if collection.frozen { if collection.frozen {
return Err(Error::NotFound(path.to_path_buf())); return Err(Error::NotFound(path.to_path_buf()));
} }
let mut store = StoreBuilder::new(path).build(app);
#[allow(unused_mut)]
let mut builder = StoreBuilder::new(path);
#[cfg(mobile)]
{
builder = builder.mobile_plugin_handle(collection.mobile_plugin_handle.clone());
}
let mut store = builder.build(app);
// ignore loading errors, just use the default // ignore loading errors, just use the default
if let Err(err) = store.load() { if let Err(err) = store.load() {
warn!( warn!(
@ -78,7 +102,7 @@ async fn set<R: Runtime>(
path: PathBuf, path: PathBuf,
key: String, key: String,
value: JsonValue, value: JsonValue,
) -> Result<(), Error> { ) -> Result<()> {
with_store(app, stores, path, |store| store.insert(key, value)) with_store(app, stores, path, |store| store.insert(key, value))
} }
@ -88,7 +112,7 @@ async fn get<R: Runtime>(
stores: State<'_, StoreCollection<R>>, stores: State<'_, StoreCollection<R>>,
path: PathBuf, path: PathBuf,
key: String, key: String,
) -> Result<Option<JsonValue>, Error> { ) -> Result<Option<JsonValue>> {
with_store(app, stores, path, |store| Ok(store.get(key).cloned())) with_store(app, stores, path, |store| Ok(store.get(key).cloned()))
} }
@ -98,7 +122,7 @@ async fn has<R: Runtime>(
stores: State<'_, StoreCollection<R>>, stores: State<'_, StoreCollection<R>>,
path: PathBuf, path: PathBuf,
key: String, key: String,
) -> Result<bool, Error> { ) -> Result<bool> {
with_store(app, stores, path, |store| Ok(store.has(key))) with_store(app, stores, path, |store| Ok(store.has(key)))
} }
@ -108,7 +132,7 @@ async fn delete<R: Runtime>(
stores: State<'_, StoreCollection<R>>, stores: State<'_, StoreCollection<R>>,
path: PathBuf, path: PathBuf,
key: String, key: String,
) -> Result<bool, Error> { ) -> Result<bool> {
with_store(app, stores, path, |store| store.delete(key)) with_store(app, stores, path, |store| store.delete(key))
} }
@ -117,7 +141,7 @@ async fn clear<R: Runtime>(
app: AppHandle<R>, app: AppHandle<R>,
stores: State<'_, StoreCollection<R>>, stores: State<'_, StoreCollection<R>>,
path: PathBuf, path: PathBuf,
) -> Result<(), Error> { ) -> Result<()> {
with_store(app, stores, path, |store| store.clear()) with_store(app, stores, path, |store| store.clear())
} }
@ -126,7 +150,7 @@ async fn reset<R: Runtime>(
app: AppHandle<R>, app: AppHandle<R>,
collection: State<'_, StoreCollection<R>>, collection: State<'_, StoreCollection<R>>,
path: PathBuf, path: PathBuf,
) -> Result<(), Error> { ) -> Result<()> {
with_store(app, collection, path, |store| store.reset()) with_store(app, collection, path, |store| store.reset())
} }
@ -135,7 +159,7 @@ async fn keys<R: Runtime>(
app: AppHandle<R>, app: AppHandle<R>,
stores: State<'_, StoreCollection<R>>, stores: State<'_, StoreCollection<R>>,
path: PathBuf, path: PathBuf,
) -> Result<Vec<String>, Error> { ) -> Result<Vec<String>> {
with_store(app, stores, path, |store| { with_store(app, stores, path, |store| {
Ok(store.keys().cloned().collect()) Ok(store.keys().cloned().collect())
}) })
@ -146,7 +170,7 @@ async fn values<R: Runtime>(
app: AppHandle<R>, app: AppHandle<R>,
stores: State<'_, StoreCollection<R>>, stores: State<'_, StoreCollection<R>>,
path: PathBuf, path: PathBuf,
) -> Result<Vec<JsonValue>, Error> { ) -> Result<Vec<JsonValue>> {
with_store(app, stores, path, |store| { with_store(app, stores, path, |store| {
Ok(store.values().cloned().collect()) Ok(store.values().cloned().collect())
}) })
@ -157,7 +181,7 @@ async fn entries<R: Runtime>(
app: AppHandle<R>, app: AppHandle<R>,
stores: State<'_, StoreCollection<R>>, stores: State<'_, StoreCollection<R>>,
path: PathBuf, path: PathBuf,
) -> Result<Vec<(String, JsonValue)>, Error> { ) -> Result<Vec<(String, JsonValue)>> {
with_store(app, stores, path, |store| { with_store(app, stores, path, |store| {
Ok(store Ok(store
.entries() .entries()
@ -171,7 +195,7 @@ async fn length<R: Runtime>(
app: AppHandle<R>, app: AppHandle<R>,
stores: State<'_, StoreCollection<R>>, stores: State<'_, StoreCollection<R>>,
path: PathBuf, path: PathBuf,
) -> Result<usize, Error> { ) -> Result<usize> {
with_store(app, stores, path, |store| Ok(store.len())) with_store(app, stores, path, |store| Ok(store.len()))
} }
@ -180,7 +204,7 @@ async fn load<R: Runtime>(
app: AppHandle<R>, app: AppHandle<R>,
stores: State<'_, StoreCollection<R>>, stores: State<'_, StoreCollection<R>>,
path: PathBuf, path: PathBuf,
) -> Result<(), Error> { ) -> Result<()> {
with_store(app, stores, path, |store| store.load()) with_store(app, stores, path, |store| store.load())
} }
@ -189,7 +213,7 @@ async fn save<R: Runtime>(
app: AppHandle<R>, app: AppHandle<R>,
stores: State<'_, StoreCollection<R>>, stores: State<'_, StoreCollection<R>>,
path: PathBuf, path: PathBuf,
) -> Result<(), Error> { ) -> Result<()> {
with_store(app, stores, path, |store| store.save()) with_store(app, stores, path, |store| store.save())
} }
@ -306,9 +330,17 @@ impl<R: Runtime> Builder<R> {
} }
} }
#[cfg(target_os = "android")]
let handle = _api.register_android_plugin(PLUGIN_IDENTIFIER, "StorePlugin")?;
#[cfg(target_os = "ios")]
let handle = _api.register_ios_plugin(init_plugin_store)?;
app_handle.manage(StoreCollection { app_handle.manage(StoreCollection {
stores: Mutex::new(self.stores), stores: Mutex::new(self.stores),
frozen: self.frozen, frozen: self.frozen,
#[cfg(mobile)]
mobile_plugin_handle: handle,
}); });
Ok(()) Ok(())

@ -0,0 +1,53 @@
// Copyright 2019-2023 Tauri Programme within The Commons Conservancy
// SPDX-License-Identifier: Apache-2.0
// SPDX-License-Identifier: MIT
use tauri::Runtime;
use crate::error::Result;
use crate::Store;
use serde_json::Value;
use std::collections::HashMap;
#[derive(Debug, serde::Serialize, serde::Deserialize)]
#[serde(rename_all = "camelCase")]
pub struct LoadStore {
pub cache: HashMap<String, Value>,
}
#[derive(Debug, serde::Serialize, serde::Deserialize)]
#[serde(rename_all = "camelCase")]
pub struct SaveStore {
pub store: String,
pub cache: HashMap<String, Value>,
}
#[cfg(mobile)]
impl<R: Runtime> Store<R> {
pub fn save(&self) -> Result<()> {
self.mobile_plugin_handle
.as_ref()
.ok_or_else(|| crate::error::Error::MobilePluginHandleUnInitialized)?
.run_mobile_plugin(
"save",
SaveStore {
store: self.path.to_string_lossy().to_string(),
cache: self.cache.clone(),
},
)
.map_err(Into::into)
}
pub fn load(&mut self) -> Result<()> {
let result: Value = self
.mobile_plugin_handle
.as_ref()
.ok_or_else(|| crate::error::Error::MobilePluginHandleUnInitialized)?
.run_mobile_plugin("load", self.path.to_string_lossy().to_string())?;
let map = serde_json::from_value::<HashMap<String, Value>>(result)?;
self.cache.extend(map);
Ok(())
}
}

@ -2,12 +2,12 @@
// SPDX-License-Identifier: Apache-2.0 // SPDX-License-Identifier: Apache-2.0
// SPDX-License-Identifier: MIT // SPDX-License-Identifier: MIT
#[cfg(mobile)]
use crate::plugin::PluginHandle;
use crate::{ChangePayload, Error}; use crate::{ChangePayload, Error};
use serde_json::Value as JsonValue; use serde_json::Value as JsonValue;
use std::{ use std::{
collections::HashMap, collections::HashMap,
fs::{create_dir_all, read, File},
io::Write,
path::{Path, PathBuf}, path::{Path, PathBuf},
}; };
use tauri::{AppHandle, Manager, Runtime}; use tauri::{AppHandle, Manager, Runtime};
@ -30,15 +30,20 @@ fn default_deserialize(
} }
/// Builds a [`Store`] /// Builds a [`Store`]
pub struct StoreBuilder { pub struct StoreBuilder<R: Runtime> {
path: PathBuf, path: PathBuf,
defaults: Option<HashMap<String, JsonValue>>, defaults: Option<HashMap<String, JsonValue>>,
cache: HashMap<String, JsonValue>, cache: HashMap<String, JsonValue>,
serialize: SerializeFn, serialize: SerializeFn,
deserialize: DeserializeFn, deserialize: DeserializeFn,
#[cfg(mobile)]
mobile_plugin_handle: Option<PluginHandle<R>>,
#[cfg(not(mobile))]
_marker: std::marker::PhantomData<R>,
} }
impl StoreBuilder { impl<R: Runtime> StoreBuilder<R> {
/// Creates a new [`StoreBuilder`]. /// Creates a new [`StoreBuilder`].
/// ///
/// # Examples /// # Examples
@ -58,9 +63,19 @@ impl StoreBuilder {
cache: Default::default(), cache: Default::default(),
serialize: default_serialize, serialize: default_serialize,
deserialize: default_deserialize, deserialize: default_deserialize,
#[cfg(mobile)]
mobile_plugin_handle: None,
#[cfg(not(mobile))]
_marker: std::marker::PhantomData,
} }
} }
#[cfg(mobile)]
pub fn mobile_plugin_handle(mut self, handle: PluginHandle<R>) -> Self {
self.mobile_plugin_handle = Some(handle);
self
}
/// Inserts a default key-value pair. /// Inserts a default key-value pair.
/// ///
/// # Examples /// # Examples
@ -148,7 +163,7 @@ impl StoreBuilder {
/// Ok(()) /// Ok(())
/// }); /// });
/// ``` /// ```
pub fn build<R: Runtime>(self, app: AppHandle<R>) -> Store<R> { pub fn build(self, app: AppHandle<R>) -> Store<R> {
Store { Store {
app, app,
path: self.path, path: self.path,
@ -156,56 +171,27 @@ impl StoreBuilder {
cache: self.cache, cache: self.cache,
serialize: self.serialize, serialize: self.serialize,
deserialize: self.deserialize, deserialize: self.deserialize,
#[cfg(mobile)]
mobile_plugin_handle: self.mobile_plugin_handle,
} }
} }
} }
#[derive(Clone)] #[derive(Clone)]
pub struct Store<R: Runtime> { pub struct Store<R: Runtime> {
app: AppHandle<R>, pub(crate) app: AppHandle<R>,
pub(crate) path: PathBuf, pub(crate) path: PathBuf,
defaults: Option<HashMap<String, JsonValue>>, defaults: Option<HashMap<String, JsonValue>>,
cache: HashMap<String, JsonValue>, pub(crate) cache: HashMap<String, JsonValue>,
serialize: SerializeFn, pub(crate) serialize: SerializeFn,
deserialize: DeserializeFn, pub(crate) deserialize: DeserializeFn,
#[cfg(mobile)]
pub(crate) mobile_plugin_handle: Option<PluginHandle<R>>,
} }
impl<R: Runtime> Store<R> { impl<R: Runtime> Store<R> {
/// Update the store from the on-disk state
pub fn load(&mut self) -> Result<(), Error> {
let app_dir = self
.app
.path()
.app_data_dir()
.expect("failed to resolve app dir");
let store_path = app_dir.join(&self.path);
let bytes = read(store_path)?;
self.cache
.extend((self.deserialize)(&bytes).map_err(Error::Deserialize)?);
Ok(())
}
/// Saves the store to disk
pub fn save(&self) -> Result<(), Error> {
let app_dir = self
.app
.path()
.app_data_dir()
.expect("failed to resolve app dir");
let store_path = app_dir.join(&self.path);
create_dir_all(store_path.parent().expect("invalid store path"))?;
let bytes = (self.serialize)(&self.cache).map_err(Error::Serialize)?;
let mut f = File::create(&store_path)?;
f.write_all(&bytes)?;
Ok(())
}
pub fn insert(&mut self, key: String, value: JsonValue) -> Result<(), Error> { pub fn insert(&mut self, key: String, value: JsonValue) -> Result<(), Error> {
self.cache.insert(key.clone(), value.clone()); self.cache.insert(key.clone(), value.clone());
self.app.emit( self.app.emit(

@ -52,8 +52,25 @@ First you need to register the core plugin with Tauri:
fn main() { fn main() {
tauri::Builder::default() tauri::Builder::default()
.plugin(tauri_plugin_stronghold::Builder::new(|password| { .plugin(tauri_plugin_stronghold::Builder::new(|password| {
// TODO: hash the password here with e.g. argon2, blake2b or any other secure algorithm // Hash the password here with e.g. argon2, blake2b or any other secure algorithm
todo!() // Here is an example implementation using the `rust-argon2` crate for hashing the password
use argon2::{hash_raw, Config, Variant, Version};
let config = Config {
lanes: 4,
mem_cost: 10_000,
time_cost: 10,
variant: Variant::Argon2id,
version: Version::Version13,
..Default::default()
};
let salt = "your-salt".as_bytes();
let key = hash_raw(password.as_ref(), salt, &config).expect("failed to hash password");
key.to_vec()
}) })
.build()) .build())
.run(tauri::generate_context!()) .run(tauri::generate_context!())
@ -64,9 +81,57 @@ fn main() {
Afterwards all the plugin's APIs are available through the JavaScript guest bindings: Afterwards all the plugin's APIs are available through the JavaScript guest bindings:
```javascript ```javascript
import { Stronghold, Location } from "@tauri-apps/plugin-stronghold"; import { Stronghold, Location, Client } from "tauri-plugin-stronghold-api";
import { appDataDir } from "@tauri-apps/api/path";
const initStronghold = async () => {
const vaultPath = `${await appDataDir()}/vault.hold`;
const vaultKey = "The key to the vault";
const stronghold = await Stronghold.load(vaultPath, vaultKey);
let client: Client;
const clientName = "name your client";
try {
client = await hold.loadClient(clientName);
} catch {
client = await hold.createClient(clientName);
}
return {
stronghold,
client,
};
};
const { stronghold, client } = await initStronghold();
const store = client.getStore();
const key = "my_key";
// Insert a record to the store
const data = Array.from(new TextEncoder().encode("Hello, World!"));
await store.insert(key, data);
// Read a record from store
const data = await store.get(key);
const value = new TextDecoder().decode(new Uint8Array(data));
// Save your updates
await stronghold.save();
// Remove a record from store
// TODO await store.remove(key);
``` ```
## Contributing ## Contributing

@ -0,0 +1,23 @@
# Security Policy
**Do not report security vulnerabilities through public GitHub issues.**
**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
Include as much of the following information:
- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- The distribution affected or used to help us with reproduction of the issue
- Step-by-step instructions to reproduce the issue
- Ideally a reproduction repository
- Impact of the issue, including how an attacker might exploit the issue
We prefer to receive reports in English.
## Contact
Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).

@ -1,90 +1,24 @@
# Permissions | Permission | Description |
|------|-----|
## allow-create-client |`allow-create-client`|Enables the create_client command without any pre-configured scope.|
|`deny-create-client`|Denies the create_client command without any pre-configured scope.|
Enables the create_client command without any pre-configured scope. |`allow-destroy`|Enables the destroy command without any pre-configured scope.|
|`deny-destroy`|Denies the destroy command without any pre-configured scope.|
## deny-create-client |`allow-execute-procedure`|Enables the execute_procedure command without any pre-configured scope.|
|`deny-execute-procedure`|Denies the execute_procedure command without any pre-configured scope.|
Denies the create_client command without any pre-configured scope. |`allow-get-store-record`|Enables the get_store_record command without any pre-configured scope.|
|`deny-get-store-record`|Denies the get_store_record command without any pre-configured scope.|
## allow-destroy |`allow-initialize`|Enables the initialize command without any pre-configured scope.|
|`deny-initialize`|Denies the initialize command without any pre-configured scope.|
Enables the destroy command without any pre-configured scope. |`allow-load-client`|Enables the load_client command without any pre-configured scope.|
|`deny-load-client`|Denies the load_client command without any pre-configured scope.|
## deny-destroy |`allow-remove-secret`|Enables the remove_secret command without any pre-configured scope.|
|`deny-remove-secret`|Denies the remove_secret command without any pre-configured scope.|
Denies the destroy command without any pre-configured scope. |`allow-remove-store-record`|Enables the remove_store_record command without any pre-configured scope.|
|`deny-remove-store-record`|Denies the remove_store_record command without any pre-configured scope.|
## allow-execute-procedure |`allow-save`|Enables the save command without any pre-configured scope.|
|`deny-save`|Denies the save command without any pre-configured scope.|
Enables the execute_procedure command without any pre-configured scope. |`allow-save-secret`|Enables the save_secret command without any pre-configured scope.|
|`deny-save-secret`|Denies the save_secret command without any pre-configured scope.|
## deny-execute-procedure |`allow-save-store-record`|Enables the save_store_record command without any pre-configured scope.|
|`deny-save-store-record`|Denies the save_store_record command without any pre-configured scope.|
Denies the execute_procedure command without any pre-configured scope.
## allow-get-store-record
Enables the get_store_record command without any pre-configured scope.
## deny-get-store-record
Denies the get_store_record command without any pre-configured scope.
## allow-initialize
Enables the initialize command without any pre-configured scope.
## deny-initialize
Denies the initialize command without any pre-configured scope.
## allow-load-client
Enables the load_client command without any pre-configured scope.
## deny-load-client
Denies the load_client command without any pre-configured scope.
## allow-remove-secret
Enables the remove_secret command without any pre-configured scope.
## deny-remove-secret
Denies the remove_secret command without any pre-configured scope.
## allow-remove-store-record
Enables the remove_store_record command without any pre-configured scope.
## deny-remove-store-record
Denies the remove_store_record command without any pre-configured scope.
## allow-save
Enables the save command without any pre-configured scope.
## deny-save
Denies the save command without any pre-configured scope.
## allow-save-secret
Enables the save_secret command without any pre-configured scope.
## deny-save-secret
Denies the save_secret command without any pre-configured scope.
## allow-save-store-record
Enables the save_store_record command without any pre-configured scope.
## deny-save-store-record
Denies the save_store_record command without any pre-configured scope.

@ -17,7 +17,6 @@
}, },
"set": { "set": {
"description": "A list of permissions sets defined", "description": "A list of permissions sets defined",
"default": [],
"type": "array", "type": "array",
"items": { "items": {
"$ref": "#/definitions/PermissionSet" "$ref": "#/definitions/PermissionSet"
@ -132,12 +131,25 @@
}, },
"scope": { "scope": {
"description": "Allowed or denied scoped when using this permission.", "description": "Allowed or denied scoped when using this permission.",
"default": {},
"allOf": [ "allOf": [
{ {
"$ref": "#/definitions/Scopes" "$ref": "#/definitions/Scopes"
} }
] ]
},
"platforms": {
"description": "Target platforms this permission applies. By default all platforms are affected by this permission.",
"default": [
"linux",
"macOS",
"windows",
"android",
"iOS"
],
"type": "array",
"items": {
"$ref": "#/definitions/Target"
}
} }
} }
}, },
@ -243,6 +255,46 @@
} }
] ]
}, },
"Target": {
"description": "Platform target.",
"oneOf": [
{
"description": "MacOS.",
"type": "string",
"enum": [
"macOS"
]
},
{
"description": "Windows.",
"type": "string",
"enum": [
"windows"
]
},
{
"description": "Linux.",
"type": "string",
"enum": [
"linux"
]
},
{
"description": "Android.",
"type": "string",
"enum": [
"android"
]
},
{
"description": "iOS.",
"type": "string",
"enum": [
"iOS"
]
}
]
},
"PermissionKind": { "PermissionKind": {
"type": "string", "type": "string",
"oneOf": [ "oneOf": [

@ -0,0 +1,23 @@
# Security Policy
**Do not report security vulnerabilities through public GitHub issues.**
**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
Include as much of the following information:
- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- The distribution affected or used to help us with reproduction of the issue
- Step-by-step instructions to reproduce the issue
- Ideally a reproduction repository
- Impact of the issue, including how an attacker might exploit the issue
We prefer to receive reports in English.
## Contact
Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).

@ -1,22 +1,7 @@
# Permissions | Permission | Description |
|------|-----|
## allow-check |`allow-check`|Enables the check command without any pre-configured scope.|
|`deny-check`|Denies the check command without any pre-configured scope.|
Enables the check command without any pre-configured scope. |`allow-download-and-install`|Enables the download_and_install command without any pre-configured scope.|
|`deny-download-and-install`|Denies the download_and_install command without any pre-configured scope.|
## deny-check |`default`|Allows checking for new updates and installing them|
Denies the check command without any pre-configured scope.
## allow-download-and-install
Enables the download_and_install command without any pre-configured scope.
## deny-download-and-install
Denies the download_and_install command without any pre-configured scope.
## default
Allows checking for new updates and installing them

@ -17,7 +17,6 @@
}, },
"set": { "set": {
"description": "A list of permissions sets defined", "description": "A list of permissions sets defined",
"default": [],
"type": "array", "type": "array",
"items": { "items": {
"$ref": "#/definitions/PermissionSet" "$ref": "#/definitions/PermissionSet"
@ -132,12 +131,25 @@
}, },
"scope": { "scope": {
"description": "Allowed or denied scoped when using this permission.", "description": "Allowed or denied scoped when using this permission.",
"default": {},
"allOf": [ "allOf": [
{ {
"$ref": "#/definitions/Scopes" "$ref": "#/definitions/Scopes"
} }
] ]
},
"platforms": {
"description": "Target platforms this permission applies. By default all platforms are affected by this permission.",
"default": [
"linux",
"macOS",
"windows",
"android",
"iOS"
],
"type": "array",
"items": {
"$ref": "#/definitions/Target"
}
} }
} }
}, },
@ -243,6 +255,46 @@
} }
] ]
}, },
"Target": {
"description": "Platform target.",
"oneOf": [
{
"description": "MacOS.",
"type": "string",
"enum": [
"macOS"
]
},
{
"description": "Windows.",
"type": "string",
"enum": [
"windows"
]
},
{
"description": "Linux.",
"type": "string",
"enum": [
"linux"
]
},
{
"description": "Android.",
"type": "string",
"enum": [
"android"
]
},
{
"description": "iOS.",
"type": "string",
"enum": [
"iOS"
]
}
]
},
"PermissionKind": { "PermissionKind": {
"type": "string", "type": "string",
"oneOf": [ "oneOf": [

@ -0,0 +1,23 @@
# Security Policy
**Do not report security vulnerabilities through public GitHub issues.**
**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
Include as much of the following information:
- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
- The location of the affected source code (tag/branch/commit or direct URL)
- Any special configuration required to reproduce the issue
- The distribution affected or used to help us with reproduction of the issue
- Step-by-step instructions to reproduce the issue
- Ideally a reproduction repository
- Impact of the issue, including how an attacker might exploit the issue
We prefer to receive reports in English.
## Contact
Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).

@ -1,18 +1,6 @@
# Permissions | Permission | Description |
|------|-----|
## allow-download |`allow-download`|Enables the download command without any pre-configured scope.|
|`deny-download`|Denies the download command without any pre-configured scope.|
Enables the download command without any pre-configured scope. |`allow-upload`|Enables the upload command without any pre-configured scope.|
|`deny-upload`|Denies the upload command without any pre-configured scope.|
## deny-download
Denies the download command without any pre-configured scope.
## allow-upload
Enables the upload command without any pre-configured scope.
## deny-upload
Denies the upload command without any pre-configured scope.

Some files were not shown because too many files have changed in this diff Show More

Loading…
Cancel
Save