20

Tauri – toolchain for building highly secure native apps that have tiny binaries

 3 years ago
source link: https://github.com/tauri-apps/tauri
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

qmAfMjQ.png!web TAURI 

Tauri Apps
  footprint:   miniscule
  performance: ludicrous
  flexibility: gymnastic
  security:    hardened

Current Releases

Component Description Version Lin Win Mac tauri.js CLI create, develop and build apps :white_check_mark: :white_check_mark: :white_check_mark: tauri core binding to the low level WEBVIEW :white_check_mark: :white_check_mark: :white_check_mark: tauri api interface with the underlying OS :white_check_mark: :white_check_mark: :white_check_mark: tauri bundler manufacture the final binaries :white_check_mark: :white_check_mark: :white_check_mark: tauri utils common tools for tauri :white_check_mark: :white_check_mark: :white_check_mark: tauri updater [WIP] update the userland app

Introduction

Tauri is a framework for building tiny, blazing fast binaries for all major desktop platforms. Developers can integrate any front-end framework that compiles to HTML, JS and CSS for building their user interface. The backend of the application is a rust-sourced binary with an API that the front-end can interact with.

The user interface in Tauri apps currently leverages Cocoa/WebKit on macOS, gtk-webkit2 on Linux and MSHTML (IE10/11) or Webkit via Edge on Windows. Tauri uses (and contributes to) the MIT licensed project that you can find at webview .

Get Started

If you are interested in making a tauri-app, please visit the documentation website . This README is directed towards those who are interested in contributing to the core library. But if you just want a quick overview about where tauri is at in its development, here's a quick burndown:

App Bundles

  • App Icons
  • Build on MacOS (.app, .dmg)
  • Build on Linux (.deb, AppImage)
  • Build on Windows (.exe, .msi)
  • Copy Buffer
  • Device Notifications (toast)
  • Self Updater (in progress)
  • deeplink RPC (in progress)
  • App Signing (coming soon)
  • Frameless Mode (coming soon)
  • Transparent Mode (coming soon)
  • Multiwindow Mode (coming soon)
  • Tray (coming soon)

API

  • setTitle - set the window title
  • command - make custom API interfaces
  • execute - STDOUT Passthrough with command invocation
  • open - open link in a browser
  • event - two part api consisting of emit and listen
  • httpRequest - command rust to make an http request
  • openDialog - native file chooser dialog
  • saveDialog - native file saver dialog
  • readDir - list files in a directory
  • createDir - create a directory
  • removeDir - remove a directory
  • removeFile - remove a file
  • renameFile - rename a file
  • copyFile - copy a file to a new destination
  • writeFile - write file to local filesystem
  • writeBinaryFile - write binary file to local filesystem
  • readBinaryFile - read binary file from local filesystem
  • readTextFile - read text file from local filesystem

Security Features

  • localhost-free mode ( :fire: )
  • Dynamic ahead of Time Compilation (dAoT) with functional tree-shaking
  • functional Address Space Layout Randomization
  • OTP salting of function names and messages at runtime
  • CSP Injection
  • Frida-based harness for Post-Binary Analysis (in progress)

Comparison between Tauri and Electron

Detail Tauri Electron Binary Size MacOS 0.6 MB (1) 47.7 MB Memory Consumption MacOS 13 MB 34.1 MB Interface Service Provider Varies Chromium Backend Binding Rust Node.js (ECMAScript) Underlying Engine C/C++ V8 (C/C++) FLOSS Yes No Multithreading Yes No Bytecode Delivery Yes No Can Render PDF Yes No Multiple Windows Soon Yes Auto Updater Soon Yes (2) Cross Platform Yes Yes Custom App Icon Yes Yes Windows Binary Yes Yes MacOS Binary Yes Yes Linux Binary Yes Yes iOS Binary Soon No Android Binary Soon No Localhost Server Yes Yes No localhost option Yes No Desktop Tray Soon Yes Splashscreen Yes Yes Sidecar Binaries Yes No

Notes

  1. This is the smallest known binary, depending on your framework the size may be different.
  2. Electron has no native auto updater on Linux, but is offered by electron-packager

Development

Tauri is a system composed of a number of moving pieces:

Infrastructure

  • git for code management
  • github for project management
  • github actions for CI and CD
  • discord for discussions
  • netlify-hosted documentation website

Major Runtimes

  • node.js for running the CLI (deno and pure rust are on the roadmap)
  • cargo for testing, running the dev service, building binaries and as the runtime harness for the webview

Major Languages

  • typescript for the CLI
  • javascript for the JS-side of the API
  • rust for bindings, rust side of the API, harnesses
  • C / obj-c for interfacing with the webviews

Operating systems

Tauri core can be developed on Mac, Linux and Windows, but you are encouraged to use the latest possible operating systems and build tools for your OS.

Contribution Flow

Before you start working on something, it is best to check if there is an existing issue first. Also it is a good idea to stop by the Discord guild and confirm with the team if it makes sense or if someone is already working on it. If you want to read more about this, please see this page .

Documentation

Documentation in a polyglot system is a tricky proposition. To this end, we prefer to use inline documentation of Rust code and at JSDoc in typescript / javascript code. We autocollect these and publish them using Docusaurus v2 and netlify. Here is the hosting repository for the documentation site: https://github.com/tauri-apps/tauri-docs

Testing & Linting

Test all the things! We have a number of test suites, but are always looking to improve our coverage:

  • Rust ( cargo test ) => sourced via inline #[cfg(test)] declarations
  • TS ( jest ) => via spec files
  • Smoke Tests (run on merges to latest)
  • eslint, clippy

CI/CD

We recommend you read this article to understand better how we run our pipelines: https://www.jacobbolda.com/setting-up-ci-and-cd-for-tauri/

Organization

Tauri aims to be a sustainable collective based on principles that guide sustainable free and open software communities . You can get involved in many ways.

This has been done with our best attempt at due diligence and in respect of the original authors. Thankyou - this project would never have been possible without your amazing contribution to open-source and we are honoured to carry the torch further. Of special note:

  • zserge for the original webview approach and go bindings
  • Burtonago for the Cargo Bundle prototype

Contributing

Please make sure to read the Contributing Guide before making a pull request.

Thank you to all the people who already contributed to Tauri!

Special thanks to the development team at Volentix Labs for the encouragement and support in the early phases of Tauri, notably Rhys Parry and Gregory Luneau.

Semver

tauriis following Semantic Versioning 2.0 .

Licenses

Code: (c) 2015 - present - Daniel Thompson-Yvetot, Lucas Nogueira, Tensor, Serge Zaitsev, George Burton and all the other amazing contributors.

MIT or MIT/Apache 2.0 where applicable.

Logo: CC-BY-NC-ND


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK