tauri-apps/tauri
1
1
Fork 0
mirror of https://github.com/tauri-apps/tauri.git synced 2024-07-14 11:00:22 +03:00
Code Issues Packages Projects Releases Wiki Activity

Feat: Improved Security Docstrings and Schema Newline Handling (#10028)

Browse Source 
* Refactor Code Docs

* updated schemas

* cargo fmt whitespace fix

* downgrade cargo-platform to 0.1.7

---------

Co-authored-by: Lucas Nogueira <118899497+lucasfernog-crabnebula@users.noreply.github.com>
This commit is contained in:
Tillmann 2024-06-14 00:31:12 +09:00 committed by GitHub
parent 4ca297b35b
commit b2ff840e83
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
9 changed files with 781 additions and 593 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

652
Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

5
Cargo.toml
View File

@ -44,3 +44,8 @@ codegen-units = 1
lto = true
incremental = false
opt-level = "s"
# Temporary patch to schemars to preserve newlines in docstrings for our reference docs schemas
# See https://github.com/GREsau/schemars/issues/120 for reference
[patch.crates-io]
schemars_derive = { git = 'https://github.com/chippers/schemars.git', branch = 'feat/preserve-description-newlines' }

22
core/tauri-acl-schema/capability-schema.json
View File

@ -1,7 +1,7 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"title": "Capability",
"description": "A grouping and boundary mechanism developers can use to separate windows or plugins functionality from each other at runtime.\n\nIf a window is not matching any capability then it has no access to the IPC layer at all.\n\nThis can be done to create trust groups and reduce impact of vulnerabilities in certain plugins or windows. Windows can be added to a capability by exact name or glob patterns like *, admin-* or main-window.",
"description": "A grouping and boundary mechanism developers can use to isolate access to the IPC layer.\n\n It controls application windows fine grained access to the Tauri core, application, or plugin commands.\n If a window is not matching any capability then it has no access to the IPC layer at all.\n\n This can be done to create groups of windows, based on their required system access, which can reduce\n impact of frontend vulnerabilities in less privileged windows.\n Windows can be added to a capability by exact name (e.g. `main-window`) or glob patterns like `*` or `admin-*`.\n A Window can have none, one, or multiple associated capabilities.\n\n ## Example\n\n ```json\n {\n \"identifier\": \"main-user-files-write\",\n \"description\": \"This capability allows the `main` window on macOS and Windows access to `filesystem` write related commands and `dialog` commands to enable programatic access to files selected by the user.\",\n \"windows\": [\n \"main\"\n ],\n \"permissions\": [\n \"path:default\",\n \"dialog:open\",\n {\n \"identifier\": \"fs:allow-write-text-file\",\n \"allow\": [{ \"path\": \"$HOME/test.txt\" }]\n },\n \"platforms\": [\"macOS\",\"windows\"]\n }\n ```",
"type": "object",
"required": [
"identifier",
@ -9,16 +9,16 @@
],
"properties": {
"identifier": {
"description": "Identifier of the capability.",
"description": "Identifier of the capability.\n\n ## Example\n\n `main-user-files-write`",
"type": "string"
},
"description": {
"description": "Description of the capability.",
"description": "Description of what the capability is intended to allow on associated windows.\n\n It should contain a description of what the grouped permissions should allow.\n\n ## Example\n\n This capability allows the `main` window access to `filesystem` write related\n commands and `dialog` commands to enable programatic access to files selected by the user.",
"default": "",
"type": "string"
},
"remote": {
"description": "Configure remote URLs that can use the capability permissions.",
"description": "Configure remote URLs that can use the capability permissions.\n\n This setting is optional and defaults to not being set, as our\n default use case is that the content is served from our local application.\n\n :::caution\n Make sure you understand the security implications of providing remote\n sources with local system access.\n :::\n\n ## Example\n\n ```json\n {\n \"urls\": [\"https://*.mydomain.dev\"]\n }\n ```",
"anyOf": [
{
"$ref": "#/definitions/CapabilityRemote"
@ -34,28 +34,28 @@
"type": "boolean"
},
"windows": {
"description": "List of windows that uses this capability. Can be a glob pattern.\n\nOn multiwebview windows, prefer [`Self::webviews`] for a fine grained access control.",
"description": "List of windows that are affected by this capability. Can be a glob pattern.\n\n On multiwebview windows, prefer [`Self::webviews`] for a fine grained access control.\n\n ## Example\n\n `[\"main\"]`",
"type": "array",
"items": {
"type": "string"
}
},
"webviews": {
"description": "List of webviews that uses this capability. Can be a glob pattern.\n\nThis is only required when using on multiwebview contexts, by default all child webviews of a window that matches [`Self::windows`] are linked.",
"description": "List of webviews that are affected by this capability. Can be a glob pattern.\n\n This is only required when using on multiwebview contexts, by default\n all child webviews of a window that matches [`Self::windows`] are linked.\n\n ## Example\n\n `[\"sub-webview-one\", \"sub-webview-two\"]`",
"type": "array",
"items": {
"type": "string"
}
},
"permissions": {
"description": "List of permissions attached to this capability. Must include the plugin name as prefix in the form of `${plugin-name}:${permission-name}`.",
"description": "List of permissions attached to this capability.\n\n Must include the plugin name as prefix in the form of `${plugin-name}:${permission-name}`.\n For commands directly implemented in the application itself only `${permission-name}`\n is required.\n\n ## Example\n\n ```json\n [\n \"path:default\",\n \"event:default\",\n \"window:default\",\n \"app:default\",\n \"image:default\",\n \"resources:default\",\n \"menu:default\",\n \"tray:default\",\n \"shell:allow-open\",\n \"dialog:open\",\n {\n \"identifier\": \"fs:allow-write-text-file\",\n \"allow\": [{ \"path\": \"$HOME/test.txt\" }]\n }\n ```",
"type": "array",
"items": {
"$ref": "#/definitions/PermissionEntry"
}
},
"platforms": {
"description": "Target platforms this capability applies. By default all platforms are affected by this capability.",
"description": "Limit which target platforms this capability applies to.\n\n By default all platforms are targeted.\n\n ## Example\n\n `[\"macOS\",\"windows\"]`",
"type": [
"array",
"null"
@ -74,7 +74,7 @@
],
"properties": {
"urls": {
"description": "Remote domains this capability refers to using the [URLPattern standard](https://urlpattern.spec.whatwg.org/).\n\n# Examples\n\n- \"https://*.mydomain.dev\": allows subdomains of mydomain.dev - \"https://mydomain.dev/api/*\": allows any subpath of mydomain.dev/api",
"description": "Remote domains this capability refers to using the [URLPattern standard](https://urlpattern.spec.whatwg.org/).\n\n ## Examples\n\n - \"https://*.mydomain.dev\": allows subdomains of mydomain.dev\n - \"https://mydomain.dev/api/*\": allows any subpath of mydomain.dev/api",
"type": "array",
"items": {
"type": "string"
@ -83,7 +83,7 @@
}
},
"PermissionEntry": {
"description": "An entry for a permission value in a [`Capability`] can be either a raw permission [`Identifier`] or an object that references a permission and extends its scope.",
"description": "An entry for a permission value in a [`Capability`] can be either a raw permission [`Identifier`]\n or an object that references a permission and extends its scope.",
"anyOf": [
{
"description": "Reference a permission or permission set by identifier.",
@ -119,7 +119,7 @@
}
},
"deny": {
"description": "Data that defines what is denied by the scope.",
"description": "Data that defines what is denied by the scope. This should be prioritized by validation logic.",
"type": [
"array",
"null"

4
core/tauri-acl-schema/permission-schema.json
View File

@ -82,7 +82,7 @@
}
},
"Scopes": {
"description": "A restriction of the command/endpoint functionality.\n\nIt can be of any serde serializable type and is used for allowing or preventing certain actions inside a Tauri command.\n\nThe scope is passed to the command and handled/enforced by the command itself.",
"description": "An argument for fine grained behavior control of Tauri commands.\n\n It can be of any serde serializable type and is used to allow or prevent certain actions inside a Tauri command.\n The configured scope is passed to the command and will be enforced by the command implementation.\n\n ## Example\n\n ```json\n {\n \"allow\": [{ \"path\": \"$HOME/**\" }],\n \"deny\": [{ \"path\": \"$HOME/secret.txt\" }]\n }\n ```",
"type": "object",
"properties": {
"allow": {
@ -96,7 +96,7 @@
}
},
"deny": {
"description": "Data that defines what is denied by the scope.",
"description": "Data that defines what is denied by the scope. This should be prioritized by validation logic.",
"type": [
"array",
"null"

4
core/tauri-acl-schema/scope-schema.json
View File

@ -1,7 +1,7 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"title": "Scopes",
"description": "A restriction of the command/endpoint functionality.\n\nIt can be of any serde serializable type and is used for allowing or preventing certain actions inside a Tauri command.\n\nThe scope is passed to the command and handled/enforced by the command itself.",
"description": "An argument for fine grained behavior control of Tauri commands.\n\n It can be of any serde serializable type and is used to allow or prevent certain actions inside a Tauri command.\n The configured scope is passed to the command and will be enforced by the command implementation.\n\n ## Example\n\n ```json\n {\n \"allow\": [{ \"path\": \"$HOME/**\" }],\n \"deny\": [{ \"path\": \"$HOME/secret.txt\" }]\n }\n ```",
"type": "object",
"properties": {
"allow": {
@ -15,7 +15,7 @@
}
},
"deny": {
"description": "Data that defines what is denied by the scope.",
"description": "Data that defines what is denied by the scope. This should be prioritized by validation logic.",
"type": [
"array",
"null"

198
core/tauri-config-schema/schema.json
View File

@ -1,7 +1,7 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"title": "Config",
"description": "The Tauri configuration object. It is read from a file where you can define your frontend assets, configure the bundler and define a tray icon.\n\nThe configuration file is generated by the [`tauri init`](https://tauri.app/v1/api/cli#init) command that lives in your Tauri application source directory (src-tauri).\n\nOnce generated, you may modify it at will to customize your Tauri application.\n\n## File Formats\n\nBy default, the configuration is defined as a JSON file named `tauri.conf.json`.\n\nTauri also supports JSON5 and TOML files via the `config-json5` and `config-toml` Cargo features, respectively. The JSON5 file name must be either `tauri.conf.json` or `tauri.conf.json5`. The TOML file name is `Tauri.toml`.\n\n## Platform-Specific Configuration\n\nIn addition to the default configuration file, Tauri can read a platform-specific configuration from `tauri.linux.conf.json`, `tauri.windows.conf.json`, `tauri.macos.conf.json`, `tauri.android.conf.json` and `tauri.ios.conf.json` (or `Tauri.linux.toml`, `Tauri.windows.toml`, `Tauri.macos.toml`, `Tauri.android.toml` and `Tauri.ios.toml` if the `Tauri.toml` format is used), which gets merged with the main configuration object.\n\n## Configuration Structure\n\nThe configuration is composed of the following objects:\n\n- [`app`](#appconfig): The Tauri configuration - [`build`](#buildconfig): The build configuration - [`bundle`](#bundleconfig): The bundle configurations - [`plugins`](#pluginconfig): The plugins configuration\n\n```json title=\"Example tauri.config.json file\" { \"productName\": \"tauri-app\", \"version\": \"0.1.0\" \"build\": { \"beforeBuildCommand\": \"\", \"beforeDevCommand\": \"\", \"devUrl\": \"../dist\", \"frontendDist\": \"../dist\" }, \"app\": { \"security\": { \"csp\": null }, \"windows\": [ { \"fullscreen\": false, \"height\": 600, \"resizable\": true, \"title\": \"Tauri App\", \"width\": 800 } ] }, \"bundle\": {}, \"plugins\": {} } ```",
"description": "The Tauri configuration object.\n It is read from a file where you can define your frontend assets,\n configure the bundler and define a tray icon.\n\n The configuration file is generated by the\n [`tauri init`](https://tauri.app/v1/api/cli#init) command that lives in\n your Tauri application source directory (src-tauri).\n\n Once generated, you may modify it at will to customize your Tauri application.\n\n ## File Formats\n\n By default, the configuration is defined as a JSON file named `tauri.conf.json`.\n\n Tauri also supports JSON5 and TOML files via the `config-json5` and `config-toml` Cargo features, respectively.\n The JSON5 file name must be either `tauri.conf.json` or `tauri.conf.json5`.\n The TOML file name is `Tauri.toml`.\n\n ## Platform-Specific Configuration\n\n In addition to the default configuration file, Tauri can\n read a platform-specific configuration from `tauri.linux.conf.json`,\n `tauri.windows.conf.json`, `tauri.macos.conf.json`, `tauri.android.conf.json` and `tauri.ios.conf.json`\n (or `Tauri.linux.toml`, `Tauri.windows.toml`, `Tauri.macos.toml`, `Tauri.android.toml` and `Tauri.ios.toml` if the `Tauri.toml` format is used),\n which gets merged with the main configuration object.\n\n ## Configuration Structure\n\n The configuration is composed of the following objects:\n\n - [`app`](#appconfig): The Tauri configuration\n - [`build`](#buildconfig): The build configuration\n - [`bundle`](#bundleconfig): The bundle configurations\n - [`plugins`](#pluginconfig): The plugins configuration\n\n ```json title=\"Example tauri.config.json file\"\n {\n \"productName\": \"tauri-app\",\n \"version\": \"0.1.0\"\n \"build\": {\n \"beforeBuildCommand\": \"\",\n \"beforeDevCommand\": \"\",\n \"devUrl\": \"../dist\",\n \"frontendDist\": \"../dist\"\n },\n \"app\": {\n \"security\": {\n \"csp\": null\n },\n \"windows\": [\n {\n \"fullscreen\": false,\n \"height\": 600,\n \"resizable\": true,\n \"title\": \"Tauri App\",\n \"width\": 800\n }\n ]\n },\n \"bundle\": {},\n \"plugins\": {}\n }\n ```",
"type": "object",
"properties": {
"$schema": {
@ -27,7 +27,7 @@
]
},
"identifier": {
"description": "The application identifier in reverse domain name notation (e.g. `com.tauri.example`). This string must be unique across applications since it is used in system configurations like the bundle ID and path to the webview data directory. This string must contain only alphanumeric characters (AZ, az, and 09), hyphens (-), and periods (.).",
"description": "The application identifier in reverse domain name notation (e.g. `com.tauri.example`).\n This string must be unique across applications since it is used in system configurations like\n the bundle ID and path to the webview data directory.\n This string must contain only alphanumeric characters (AZ, az, and 09), hyphens (-),\n and periods (.).",
"default": "",
"type": "string"
},
@ -299,7 +299,7 @@
"type": "boolean"
},
"maximizable": {
"description": "Whether the window's native maximize button is enabled or not. If resizable is set to false, this setting is ignored.\n\n## Platform-specific\n\n- **macOS:** Disables the \"zoom\" button in the window titlebar, which is also used to enter fullscreen mode. - **Linux / iOS / Android:** Unsupported.",
"description": "Whether the window's native maximize button is enabled or not.\n If resizable is set to false, this setting is ignored.\n\n ## Platform-specific\n\n - **macOS:** Disables the \"zoom\" button in the window titlebar, which is also used to enter fullscreen mode.\n - **Linux / iOS / Android:** Unsupported.",
"default": true,
"type": "boolean"
},
@ -309,7 +309,7 @@
"type": "boolean"
},
"closable": {
"description": "Whether the window's native close button is enabled or not.\n\n## Platform-specific\n\n- **Linux:** \"GTK+ will do its best to convince the window manager not to show a close button. Depending on the system, this function may not have any effect when called on a window that is already visible\" - **iOS / Android:** Unsupported.",
"description": "Whether the window's native close button is enabled or not.\n\n ## Platform-specific\n\n - **Linux:** \"GTK+ will do its best to convince the window manager not to show a close button.\n Depending on the system, this function may not have any effect when called on a window that is already visible\"\n - **iOS / Android:** Unsupported.",
"default": true,
"type": "boolean"
},
@ -329,7 +329,7 @@
"type": "boolean"
},
"transparent": {
"description": "Whether the window is transparent or not.\n\nNote that on `macOS` this requires the `macos-private-api` feature flag, enabled under `tauri > macOSPrivateApi`. WARNING: Using private APIs on `macOS` prevents your application from being accepted to the `App Store`.",
"description": "Whether the window is transparent or not.\n\n Note that on `macOS` this requires the `macos-private-api` feature flag, enabled under `tauri > macOSPrivateApi`.\n WARNING: Using private APIs on `macOS` prevents your application from being accepted to the `App Store`.",
"default": false,
"type": "boolean"
},
@ -404,26 +404,26 @@
"type": "boolean"
},
"tabbingIdentifier": {
"description": "Defines the window [tabbing identifier] for macOS.\n\nWindows with matching tabbing identifiers will be grouped together. If the tabbing identifier is not set, automatic tabbing will be disabled.\n\n[tabbing identifier]: <https://developer.apple.com/documentation/appkit/nswindow/1644704-tabbingidentifier>",
"description": "Defines the window [tabbing identifier] for macOS.\n\n Windows with matching tabbing identifiers will be grouped together.\n If the tabbing identifier is not set, automatic tabbing will be disabled.\n\n [tabbing identifier]: <https://developer.apple.com/documentation/appkit/nswindow/1644704-tabbingidentifier>",
"type": [
"string",
"null"
]
},
"additionalBrowserArgs": {
"description": "Defines additional browser arguments on Windows. By default wry passes `--disable-features=msWebOOUI,msPdfOOUI,msSmartScreenProtection` so if you use this method, you also need to disable these components by yourself if you want.",
"description": "Defines additional browser arguments on Windows. By default wry passes `--disable-features=msWebOOUI,msPdfOOUI,msSmartScreenProtection`\n so if you use this method, you also need to disable these components by yourself if you want.",
"type": [
"string",
"null"
]
},
"shadow": {
"description": "Whether or not the window has shadow.\n\n## Platform-specific\n\n- **Windows:** - `false` has no effect on decorated window, shadow are always ON. - `true` will make ndecorated window have a 1px white border, and on Windows 11, it will have a rounded corners. - **Linux:** Unsupported.",
"description": "Whether or not the window has shadow.\n\n ## Platform-specific\n\n - **Windows:**\n - `false` has no effect on decorated window, shadow are always ON.\n - `true` will make ndecorated window have a 1px white border,\n and on Windows 11, it will have a rounded corners.\n - **Linux:** Unsupported.",
"default": true,
"type": "boolean"
},
"windowEffects": {
"description": "Window effects.\n\nRequires the window to be transparent.\n\n## Platform-specific:\n\n- **Windows**: If using decorations or shadows, you may want to try this workaround <https://github.com/tauri-apps/tao/issues/72#issuecomment-975607891> - **Linux**: Unsupported",
"description": "Window effects.\n\n Requires the window to be transparent.\n\n ## Platform-specific:\n\n - **Windows**: If using decorations or shadows, you may want to try this workaround <https://github.com/tauri-apps/tao/issues/72#issuecomment-975607891>\n - **Linux**: Unsupported",
"anyOf": [
{
"$ref": "#/definitions/WindowEffectsConfig"
@ -439,7 +439,7 @@
"type": "boolean"
},
"parent": {
"description": "Sets the window associated with this label to be the parent of the window to be created.\n\n## Platform-specific\n\n- **Windows**: This sets the passed parent as an owner window to the window to be created. From [MSDN owned windows docs](https://docs.microsoft.com/en-us/windows/win32/winmsg/window-features#owned-windows): - An owned window is always above its owner in the z-order. - The system automatically destroys an owned window when its owner is destroyed. - An owned window is hidden when its owner is minimized. - **Linux**: This makes the new window transient for parent, see <https://docs.gtk.org/gtk3/method.Window.set_transient_for.html> - **macOS**: This adds the window as a child of parent, see <https://developer.apple.com/documentation/appkit/nswindow/1419152-addchildwindow?language=objc>",
"description": "Sets the window associated with this label to be the parent of the window to be created.\n\n ## Platform-specific\n\n - **Windows**: This sets the passed parent as an owner window to the window to be created.\n From [MSDN owned windows docs](https://docs.microsoft.com/en-us/windows/win32/winmsg/window-features#owned-windows):\n - An owned window is always above its owner in the z-order.\n - The system automatically destroys an owned window when its owner is destroyed.\n - An owned window is hidden when its owner is minimized.\n - **Linux**: This makes the new window transient for parent, see <https://docs.gtk.org/gtk3/method.Window.set_transient_for.html>\n - **macOS**: This adds the window as a child of parent, see <https://developer.apple.com/documentation/appkit/nswindow/1419152-addchildwindow?language=objc>",
"type": [
"string",
"null"
@ -454,7 +454,7 @@
"format": "uri"
},
"zoomHotkeysEnabled": {
"description": "Whether page zooming by hotkeys is enabled\n\n## Platform-specific:\n\n- **Windows**: Controls WebView2's [`IsZoomControlEnabled`](https://learn.microsoft.com/en-us/microsoft-edge/webview2/reference/winrt/microsoft_web_webview2_core/corewebview2settings?view=webview2-winrt-1.0.2420.47#iszoomcontrolenabled) setting. - **MacOS / Linux**: Injects a polyfill that zooms in and out with `ctrl/command` + `-/=`, 20% in each step, ranging from 20% to 1000%. Requires `webview:allow-set-webview-zoom` permission\n\n- **Android / iOS**: Unsupported.",
"description": "Whether page zooming by hotkeys is enabled\n\n ## Platform-specific:\n\n - **Windows**: Controls WebView2's [`IsZoomControlEnabled`](https://learn.microsoft.com/en-us/microsoft-edge/webview2/reference/winrt/microsoft_web_webview2_core/corewebview2settings?view=webview2-winrt-1.0.2420.47#iszoomcontrolenabled) setting.\n - **MacOS / Linux**: Injects a polyfill that zooms in and out with `ctrl/command` + `-/=`,\n 20% in each step, ranging from 20% to 1000%. Requires `webview:allow-set-webview-zoom` permission\n\n - **Android / iOS**: Unsupported.",
"default": false,
"type": "boolean"
}
@ -470,7 +470,7 @@
"format": "uri"
},
{
"description": "The path portion of an app URL. For instance, to load `tauri://localhost/users/john`, you can simply provide `users/john` in this configuration.",
"description": "The path portion of an app URL.\n For instance, to load `tauri://localhost/users/john`,\n you can simply provide `users/john` in this configuration.",
"type": "string"
},
{
@ -517,7 +517,7 @@
]
},
{
"description": "Shows the title bar as a transparent overlay over the window's content.\n\nKeep in mind: - The height of the title bar is different on different OS versions, which can lead to window the controls and title not being where you don't expect. - You need to define a custom drag region to make your window draggable, however due to a limitation you can't drag the window when it's not in focus <https://github.com/tauri-apps/tauri/issues/4316>. - The color of the window title depends on the system theme.",
"description": "Shows the title bar as a transparent overlay over the window's content.\n\n Keep in mind:\n - The height of the title bar is different on different OS versions, which can lead to window the controls and title not being where you don't expect.\n - You need to define a custom drag region to make your window draggable, however due to a limitation you can't drag the window when it's not in focus <https://github.com/tauri-apps/tauri/issues/4316>.\n - The color of the window title depends on the system theme.",
"type": "string",
"enum": [
"Overlay"
@ -533,7 +533,7 @@
],
"properties": {
"effects": {
"description": "List of Window effects to apply to the Window. Conflicting effects will apply the first one and ignore the rest.",
"description": "List of Window effects to apply to the Window.\n Conflicting effects will apply the first one and ignore the rest.",
"type": "array",
"items": {
"$ref": "#/definitions/WindowEffect"
@ -559,7 +559,7 @@
"format": "double"
},
"color": {
"description": "Window effect color. Affects [`WindowEffect::Blur`] and [`WindowEffect::Acrylic`] only on Windows 10 v1903+. Doesn't have any effect on Windows 7 or Windows 11.",
"description": "Window effect color. Affects [`WindowEffect::Blur`] and [`WindowEffect::Acrylic`] only\n on Windows 10 v1903+. Doesn't have any effect on Windows 7 or Windows 11.",
"anyOf": [
{
"$ref": "#/definitions/Color"
@ -584,7 +584,7 @@
]
},
{
"description": "*macOS 10.14-**",
"description": "**macOS 10.14-**",
"deprecated": true,
"type": "string",
"enum": [
@ -592,7 +592,7 @@
]
},
{
"description": "*macOS 10.14-**",
"description": "**macOS 10.14-**",
"deprecated": true,
"type": "string",
"enum": [
@ -600,7 +600,7 @@
]
},
{
"description": "*macOS 10.14-**",
"description": "**macOS 10.14-**",
"deprecated": true,
"type": "string",
"enum": [
@ -608,7 +608,7 @@
]
},
{
"description": "*macOS 10.14-**",
"description": "**macOS 10.14-**",
"deprecated": true,
"type": "string",
"enum": [
@ -616,98 +616,98 @@
]
},
{
"description": "*macOS 10.10+**",
"description": "**macOS 10.10+**",
"type": "string",
"enum": [
"titlebar"
]
},
{
"description": "*macOS 10.10+**",
"description": "**macOS 10.10+**",
"type": "string",
"enum": [
"selection"
]
},
{
"description": "*macOS 10.11+**",
"description": "**macOS 10.11+**",
"type": "string",
"enum": [
"menu"
]
},
{
"description": "*macOS 10.11+**",
"description": "**macOS 10.11+**",
"type": "string",
"enum": [
"popover"
]
},
{
"description": "*macOS 10.11+**",
"description": "**macOS 10.11+**",
"type": "string",
"enum": [
"sidebar"
]
},
{
"description": "*macOS 10.14+**",
"description": "**macOS 10.14+**",
"type": "string",
"enum": [
"headerView"
]
},
{
"description": "*macOS 10.14+**",
"description": "**macOS 10.14+**",
"type": "string",
"enum": [
"sheet"
]
},
{
"description": "*macOS 10.14+**",
"description": "**macOS 10.14+**",
"type": "string",
"enum": [
"windowBackground"
]
},
{
"description": "*macOS 10.14+**",
"description": "**macOS 10.14+**",
"type": "string",
"enum": [
"hudWindow"
]
},
{
"description": "*macOS 10.14+**",
"description": "**macOS 10.14+**",
"type": "string",
"enum": [
"fullScreenUI"
]
},
{
"description": "*macOS 10.14+**",
"description": "**macOS 10.14+**",
"type": "string",
"enum": [
"tooltip"
]
},
{
"description": "*macOS 10.14+**",
"description": "**macOS 10.14+**",
"type": "string",
"enum": [
"contentBackground"
]
},
{
"description": "*macOS 10.14+**",
"description": "**macOS 10.14+**",
"type": "string",
"enum": [
"underWindowBackground"
]
},
{
"description": "*macOS 10.14+**",
"description": "**macOS 10.14+**",
"type": "string",
"enum": [
"underPageBackground"
@ -830,7 +830,7 @@
"type": "object",
"properties": {
"csp": {
"description": "The Content Security Policy that will be injected on all HTML files on the built application. If [`dev_csp`](#SecurityConfig.devCsp) is not specified, this value is also injected on dev.\n\nThis is a really important part of the configuration since it helps you ensure your WebView is secured. See <https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP>.",
"description": "The Content Security Policy that will be injected on all HTML files on the built application.\n If [`dev_csp`](#SecurityConfig.devCsp) is not specified, this value is also injected on dev.\n\n This is a really important part of the configuration since it helps you ensure your WebView is secured.\n See <https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP>.",
"anyOf": [
{
"$ref": "#/definitions/Csp"
@ -841,7 +841,7 @@
]
},
"devCsp": {
"description": "The Content Security Policy that will be injected on all HTML files on development.\n\nThis is a really important part of the configuration since it helps you ensure your WebView is secured. See <https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP>.",
"description": "The Content Security Policy that will be injected on all HTML files on development.\n\n This is a really important part of the configuration since it helps you ensure your WebView is secured.\n See <https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP>.",
"anyOf": [
{
"$ref": "#/definitions/Csp"
@ -857,7 +857,7 @@
"type": "boolean"
},
"dangerousDisableAssetCspModification": {
"description": "Disables the Tauri-injected CSP sources.\n\nAt compile time, Tauri parses all the frontend assets and changes the Content-Security-Policy to only allow loading of your own scripts and styles by injecting nonce and hash sources. This stricts your CSP, which may introduce issues when using along with other flexing sources.\n\nThis configuration option allows both a boolean and a list of strings as value. A boolean instructs Tauri to disable the injection for all CSP injections, and a list of strings indicates the CSP directives that Tauri cannot inject.\n\n**WARNING:** Only disable this if you know what you are doing and have properly configured the CSP. Your application might be vulnerable to XSS attacks without this Tauri protection.",
"description": "Disables the Tauri-injected CSP sources.\n\n At compile time, Tauri parses all the frontend assets and changes the Content-Security-Policy\n to only allow loading of your own scripts and styles by injecting nonce and hash sources.\n This stricts your CSP, which may introduce issues when using along with other flexing sources.\n\n This configuration option allows both a boolean and a list of strings as value.\n A boolean instructs Tauri to disable the injection for all CSP injections,\n and a list of strings indicates the CSP directives that Tauri cannot inject.\n\n **WARNING:** Only disable this if you know what you are doing and have properly configured the CSP.\n Your application might be vulnerable to XSS attacks without this Tauri protection.",
"default": false,
"allOf": [
{
@ -900,7 +900,7 @@
"additionalProperties": false
},
"Csp": {
"description": "A Content-Security-Policy definition. See <https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP>.",
"description": "A Content-Security-Policy definition.\n See <https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP>.",
"anyOf": [
{
"description": "The entire CSP policy in a single text string.",
@ -916,7 +916,7 @@
]
},
"CspDirectiveSources": {
"description": "A Content-Security-Policy directive source list. See <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/Sources#sources>.",
"description": "A Content-Security-Policy directive source list.\n See <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/Sources#sources>.",
"anyOf": [
{
"description": "An inline list of CSP sources. Same as [`Self::List`], but concatenated with a space separator.",
@ -935,7 +935,7 @@
"description": "The possible values for the `dangerous_disable_asset_csp_modification` config option.",
"anyOf": [
{
"description": "If `true`, disables all CSP modification. `false` is the default value and it configures Tauri to control the CSP.",
"description": "If `true`, disables all CSP modification.\n `false` is the default value and it configures Tauri to control the CSP.",
"type": "boolean"
},
{
@ -969,7 +969,7 @@
"additionalProperties": false
},
"FsScope": {
"description": "Protocol scope definition. It is a list of glob patterns that restrict the API access from the webview.\n\nEach pattern can start with a variable that resolves to a system base directory. The variables are: `$AUDIO`, `$CACHE`, `$CONFIG`, `$DATA`, `$LOCALDATA`, `$DESKTOP`, `$DOCUMENT`, `$DOWNLOAD`, `$EXE`, `$FONT`, `$HOME`, `$PICTURE`, `$PUBLIC`, `$RUNTIME`, `$TEMPLATE`, `$VIDEO`, `$RESOURCE`, `$APP`, `$LOG`, `$TEMP`, `$APPCONFIG`, `$APPDATA`, `$APPLOCALDATA`, `$APPCACHE`, `$APPLOG`.",
"description": "Protocol scope definition.\n It is a list of glob patterns that restrict the API access from the webview.\n\n Each pattern can start with a variable that resolves to a system base directory.\n The variables are: `$AUDIO`, `$CACHE`, `$CONFIG`, `$DATA`, `$LOCALDATA`, `$DESKTOP`,\n `$DOCUMENT`, `$DOWNLOAD`, `$EXE`, `$FONT`, `$HOME`, `$PICTURE`, `$PUBLIC`, `$RUNTIME`,\n `$TEMPLATE`, `$VIDEO`, `$RESOURCE`, `$APP`, `$LOG`, `$TEMP`, `$APPCONFIG`, `$APPDATA`,\n `$APPLOCALDATA`, `$APPCACHE`, `$APPLOG`.",
"anyOf": [
{
"description": "A list of paths that are allowed by this scope.",
@ -991,7 +991,7 @@
}
},
"deny": {
"description": "A list of paths that are not allowed by this scope. This gets precedence over the [`Self::Scope::allow`] list.",
"description": "A list of paths that are not allowed by this scope.\n This gets precedence over the [`Self::Scope::allow`] list.",
"default": [],
"type": "array",
"items": {
@ -999,7 +999,7 @@
}
},
"requireLiteralLeadingDot": {
"description": "Whether or not paths that contain components that start with a `.` will require that `.` appears literally in the pattern; `*`, `?`, `**`, or `[...]` will not match. This is useful because such files are conventionally considered hidden on Unix systems and it might be desirable to skip them when listing files.\n\nDefaults to `true` on Unix systems and `false` on Windows",
"description": "Whether or not paths that contain components that start with a `.`\n will require that `.` appears literally in the pattern; `*`, `?`, `**`,\n or `[...]` will not match. This is useful because such files are\n conventionally considered hidden on Unix systems and it might be\n desirable to skip them when listing files.\n\n Defaults to `true` on Unix systems and `false` on Windows",
"type": [
"boolean",
"null"
@ -1075,7 +1075,7 @@
]
},
"Capability": {
"description": "A grouping and boundary mechanism developers can use to separate windows or plugins functionality from each other at runtime.\n\nIf a window is not matching any capability then it has no access to the IPC layer at all.\n\nThis can be done to create trust groups and reduce impact of vulnerabilities in certain plugins or windows. Windows can be added to a capability by exact name or glob patterns like *, admin-* or main-window.",
"description": "A grouping and boundary mechanism developers can use to isolate access to the IPC layer.\n\n It controls application windows fine grained access to the Tauri core, application, or plugin commands.\n If a window is not matching any capability then it has no access to the IPC layer at all.\n\n This can be done to create groups of windows, based on their required system access, which can reduce\n impact of frontend vulnerabilities in less privileged windows.\n Windows can be added to a capability by exact name (e.g. `main-window`) or glob patterns like `*` or `admin-*`.\n A Window can have none, one, or multiple associated capabilities.\n\n ## Example\n\n ```json\n {\n \"identifier\": \"main-user-files-write\",\n \"description\": \"This capability allows the `main` window on macOS and Windows access to `filesystem` write related commands and `dialog` commands to enable programatic access to files selected by the user.\",\n \"windows\": [\n \"main\"\n ],\n \"permissions\": [\n \"path:default\",\n \"dialog:open\",\n {\n \"identifier\": \"fs:allow-write-text-file\",\n \"allow\": [{ \"path\": \"$HOME/test.txt\" }]\n },\n \"platforms\": [\"macOS\",\"windows\"]\n }\n ```",
"type": "object",
"required": [
"identifier",
@ -1083,16 +1083,16 @@
],
"properties": {
"identifier": {
"description": "Identifier of the capability.",
"description": "Identifier of the capability.\n\n ## Example\n\n `main-user-files-write`",
"type": "string"
},
"description": {
"description": "Description of the capability.",
"description": "Description of what the capability is intended to allow on associated windows.\n\n It should contain a description of what the grouped permissions should allow.\n\n ## Example\n\n This capability allows the `main` window access to `filesystem` write related\n commands and `dialog` commands to enable programatic access to files selected by the user.",
"default": "",
"type": "string"
},
"remote": {
"description": "Configure remote URLs that can use the capability permissions.",
"description": "Configure remote URLs that can use the capability permissions.\n\n This setting is optional and defaults to not being set, as our\n default use case is that the content is served from our local application.\n\n :::caution\n Make sure you understand the security implications of providing remote\n sources with local system access.\n :::\n\n ## Example\n\n ```json\n {\n \"urls\": [\"https://*.mydomain.dev\"]\n }\n ```",
"anyOf": [
{
"$ref": "#/definitions/CapabilityRemote"
@ -1108,28 +1108,28 @@
"type": "boolean"
},
"windows": {
"description": "List of windows that uses this capability. Can be a glob pattern.\n\nOn multiwebview windows, prefer [`Self::webviews`] for a fine grained access control.",
"description": "List of windows that are affected by this capability. Can be a glob pattern.\n\n On multiwebview windows, prefer [`Self::webviews`] for a fine grained access control.\n\n ## Example\n\n `[\"main\"]`",
"type": "array",
"items": {
"type": "string"
}
},
"webviews": {
"description": "List of webviews that uses this capability. Can be a glob pattern.\n\nThis is only required when using on multiwebview contexts, by default all child webviews of a window that matches [`Self::windows`] are linked.",
"description": "List of webviews that are affected by this capability. Can be a glob pattern.\n\n This is only required when using on multiwebview contexts, by default\n all child webviews of a window that matches [`Self::windows`] are linked.\n\n ## Example\n\n `[\"sub-webview-one\", \"sub-webview-two\"]`",
"type": "array",
"items": {
"type": "string"
}
},
"permissions": {
"description": "List of permissions attached to this capability. Must include the plugin name as prefix in the form of `${plugin-name}:${permission-name}`.",
"description": "List of permissions attached to this capability.\n\n Must include the plugin name as prefix in the form of `${plugin-name}:${permission-name}`.\n For commands directly implemented in the application itself only `${permission-name}`\n is required.\n\n ## Example\n\n ```json\n [\n \"path:default\",\n \"event:default\",\n \"window:default\",\n \"app:default\",\n \"image:default\",\n \"resources:default\",\n \"menu:default\",\n \"tray:default\",\n \"shell:allow-open\",\n \"dialog:open\",\n {\n \"identifier\": \"fs:allow-write-text-file\",\n \"allow\": [{ \"path\": \"$HOME/test.txt\" }]\n }\n ```",
"type": "array",
"items": {
"$ref": "#/definitions/PermissionEntry"
}
},
"platforms": {
"description": "Target platforms this capability applies. By default all platforms are affected by this capability.",
"description": "Limit which target platforms this capability applies to.\n\n By default all platforms are targeted.\n\n ## Example\n\n `[\"macOS\",\"windows\"]`",
"type": [
"array",
"null"
@ -1148,7 +1148,7 @@
],
"properties": {
"urls": {
"description": "Remote domains this capability refers to using the [URLPattern standard](https://urlpattern.spec.whatwg.org/).\n\n# Examples\n\n- \"https://*.mydomain.dev\": allows subdomains of mydomain.dev - \"https://mydomain.dev/api/*\": allows any subpath of mydomain.dev/api",
"description": "Remote domains this capability refers to using the [URLPattern standard](https://urlpattern.spec.whatwg.org/).\n\n ## Examples\n\n - \"https://*.mydomain.dev\": allows subdomains of mydomain.dev\n - \"https://mydomain.dev/api/*\": allows any subpath of mydomain.dev/api",
"type": "array",
"items": {
"type": "string"
@ -1157,7 +1157,7 @@
}
},
"PermissionEntry": {
"description": "An entry for a permission value in a [`Capability`] can be either a raw permission [`Identifier`] or an object that references a permission and extends its scope.",
"description": "An entry for a permission value in a [`Capability`] can be either a raw permission [`Identifier`]\n or an object that references a permission and extends its scope.",
"anyOf": [
{
"description": "Reference a permission or permission set by identifier.",
@ -1193,7 +1193,7 @@
}
},
"deny": {
"description": "Data that defines what is denied by the scope.",
"description": "Data that defines what is denied by the scope. This should be prioritized by validation logic.",
"type": [
"array",
"null"
@ -1318,7 +1318,7 @@
]
},
"iconPath": {
"description": "Path to the default icon to use for the tray icon.\n\nNote: this stores the image in raw pixels to the final binary, so keep the icon size (width and height) small or else it's going to bloat your final executable",
"description": "Path to the default icon to use for the tray icon.\n\n Note: this stores the image in raw pixels to the final binary,\n so keep the icon size (width and height) small\n or else it's going to bloat your final executable",
"type": "string"
},
"iconAsTemplate": {
@ -1360,7 +1360,7 @@
]
},
"devUrl": {
"description": "The URL to load in development.\n\nThis is usually an URL to a dev server, which serves your application assets with hot-reload and HMR. Most modern JavaScript bundlers like [vite](https://vitejs.dev/guide/) provides a way to start a dev server by default.\n\nIf you don't have a dev server or don't want to use one, ignore this option and use [`frontendDist`](BuildConfig::frontend_dist) and point to a web assets directory, and Tauri CLI will run its built-in dev server and provide a simple hot-reload experience.",
"description": "The URL to load in development.\n\n This is usually an URL to a dev server, which serves your application assets with hot-reload and HMR.\n Most modern JavaScript bundlers like [vite](https://vitejs.dev/guide/) provides a way to start a dev server by default.\n\n If you don't have a dev server or don't want to use one, ignore this option and use [`frontendDist`](BuildConfig::frontend_dist)\n and point to a web assets directory, and Tauri CLI will run its built-in dev server and provide a simple hot-reload experience.",
"type": [
"string",
"null"
@ -1368,7 +1368,7 @@
"format": "uri"
},
"frontendDist": {
"description": "The path to the application assets (usually the `dist` folder of your javascript bundler) or a URL that could be either a custom protocol registered in the tauri app (for example: `myprotocol://`) or a remote URL (for example: `https://site.com/app`).\n\nWhen a path relative to the configuration file is provided, it is read recursively and all files are embedded in the application binary. Tauri then looks for an `index.html` and serves it as the default entry point for your application.\n\nYou can also provide a list of paths to be embedded, which allows granular control over what files are added to the binary. In this case, all files are added to the root and you must reference it that way in your HTML files.\n\nWhen a URL is provided, the application won't have bundled assets and the application will load that URL by default.",
"description": "The path to the application assets (usually the `dist` folder of your javascript bundler)\n or a URL that could be either a custom protocol registered in the tauri app (for example: `myprotocol://`)\n or a remote URL (for example: `https://site.com/app`).\n\n When a path relative to the configuration file is provided,\n it is read recursively and all files are embedded in the application binary.\n Tauri then looks for an `index.html` and serves it as the default entry point for your application.\n\n You can also provide a list of paths to be embedded, which allows granular control over what files are added to the binary.\n In this case, all files are added to the root and you must reference it that way in your HTML files.\n\n When a URL is provided, the application won't have bundled assets\n and the application will load that URL by default.",
"anyOf": [
{
"$ref": "#/definitions/FrontendDist"
@ -1527,14 +1527,14 @@
]
},
"publisher": {
"description": "The application's publisher. Defaults to the second element in the identifier string. Currently maps to the Manufacturer property of the Windows Installer.",
"description": "The application's publisher. Defaults to the second element in the identifier string.\n Currently maps to the Manufacturer property of the Windows Installer.",
"type": [
"string",
"null"
]
},
"homepage": {
"description": "A url to the home page of your application. If unset, will fallback to `homepage` defined in `Cargo.toml`.\n\nSupported bundle targets: `deb`, `rpm`, `nsis` and `msi`.",
"description": "A url to the home page of your application. If unset, will\n fallback to `homepage` defined in `Cargo.toml`.\n\n Supported bundle targets: `deb`, `rpm`, `nsis` and `msi`.",
"type": [
"string",
"null"
@ -1549,7 +1549,7 @@
}
},
"resources": {
"description": "App resources to bundle. Each resource is a path to a file or directory. Glob patterns are supported.",
"description": "App resources to bundle.\n Each resource is a path to a file or directory.\n Glob patterns are supported.",
"anyOf": [
{
"$ref": "#/definitions/BundleResources"
@ -1567,7 +1567,7 @@
]
},
"license": {
"description": "The package's license identifier to be included in the appropriate bundles. If not set, defaults to the license from the Cargo.toml file.",
"description": "The package's license identifier to be included in the appropriate bundles.\n If not set, defaults to the license from the Cargo.toml file.",
"type": [
"string",
"null"
@ -1581,7 +1581,7 @@
]
},
"category": {
"description": "The application kind.\n\nShould be one of the following: Business, DeveloperTool, Education, Entertainment, Finance, Game, ActionGame, AdventureGame, ArcadeGame, BoardGame, CardGame, CasinoGame, DiceGame, EducationalGame, FamilyGame, KidsGame, MusicGame, PuzzleGame, RacingGame, RolePlayingGame, SimulationGame, SportsGame, StrategyGame, TriviaGame, WordGame, GraphicsAndDesign, HealthcareAndFitness, Lifestyle, Medical, Music, News, Photography, Productivity, Reference, SocialNetworking, Sports, Travel, Utility, Video, Weather.",
"description": "The application kind.\n\n Should be one of the following:\n Business, DeveloperTool, Education, Entertainment, Finance, Game, ActionGame, AdventureGame, ArcadeGame, BoardGame, CardGame, CasinoGame, DiceGame, EducationalGame, FamilyGame, KidsGame, MusicGame, PuzzleGame, RacingGame, RolePlayingGame, SimulationGame, SportsGame, StrategyGame, TriviaGame, WordGame, GraphicsAndDesign, HealthcareAndFitness, Lifestyle, Medical, Music, News, Photography, Productivity, Reference, SocialNetworking, Sports, Travel, Utility, Video, Weather.",
"type": [
"string",
"null"
@ -1612,7 +1612,7 @@
]
},
"externalBin": {
"description": "A list of—either absolute or relative—paths to binaries to embed with your application.\n\nNote that Tauri will look for system-specific binaries following the pattern \"binary-name{-target-triple}{.system-extension}\".\n\nE.g. for the external binary \"my-binary\", Tauri looks for:\n\n- \"my-binary-x86_64-pc-windows-msvc.exe\" for Windows - \"my-binary-x86_64-apple-darwin\" for macOS - \"my-binary-x86_64-unknown-linux-gnu\" for Linux\n\nso don't forget to provide binaries for all targeted platforms.",
"description": "A list of—either absolute or relative—paths to binaries to embed with your application.\n\n Note that Tauri will look for system-specific binaries following the pattern \"binary-name{-target-triple}{.system-extension}\".\n\n E.g. for the external binary \"my-binary\", Tauri looks for:\n\n - \"my-binary-x86_64-pc-windows-msvc.exe\" for Windows\n - \"my-binary-x86_64-apple-darwin\" for macOS\n - \"my-binary-x86_64-unknown-linux-gnu\" for Linux\n\n so don't forget to provide binaries for all targeted platforms.",
"type": [
"array",
"null"
@ -1804,7 +1804,7 @@
]
},
"BundleResources": {
"description": "Definition for bundle resources. Can be either a list of paths to include or a map of source to target paths.",
"description": "Definition for bundle resources.\n Can be either a list of paths to include or a map of source to target paths.",
"anyOf": [
{
"description": "A list of paths to include.",
@ -1918,7 +1918,7 @@
"type": "object",
"properties": {
"digestAlgorithm": {
"description": "Specifies the file digest algorithm to use for creating file signatures. Required for code signing. SHA-256 is recommended.",
"description": "Specifies the file digest algorithm to use for creating file signatures.\n Required for code signing. SHA-256 is recommended.",
"type": [
"string",
"null"
@ -1939,7 +1939,7 @@
]
},
"tsp": {
"description": "Whether to use Time-Stamp Protocol (TSP, a.k.a. RFC 3161) for the timestamp server. Your code signing provider may use a TSP timestamp server, like e.g. SSL.com does. If so, enable TSP by setting to true.",
"description": "Whether to use Time-Stamp Protocol (TSP, a.k.a. RFC 3161) for the timestamp server. Your code signing provider may\n use a TSP timestamp server, like e.g. SSL.com does. If so, enable TSP by setting to true.",
"default": false,
"type": "boolean"
},
@ -1956,7 +1956,7 @@
]
},
"webviewFixedRuntimePath": {
"description": "Path to the webview fixed runtime to use. Overwrites [`Self::webview_install_mode`] if set.\n\nWill be removed in v2, prefer the [`Self::webview_install_mode`] option.\n\nThe fixed version can be downloaded [on the official website](https://developer.microsoft.com/en-us/microsoft-edge/webview2/#download-section). The `.cab` file must be extracted to a folder and this folder path must be defined on this field.",
"description": "Path to the webview fixed runtime to use. Overwrites [`Self::webview_install_mode`] if set.\n\n Will be removed in v2, prefer the [`Self::webview_install_mode`] option.\n\n The fixed version can be downloaded [on the official website](https://developer.microsoft.com/en-us/microsoft-edge/webview2/#download-section).\n The `.cab` file must be extracted to a folder and this folder path must be defined on this field.",
"type": [
"string",
"null"
@ -1990,7 +1990,7 @@
]
},
"signCommand": {
"description": "Specify a custom command to sign the binaries. This command needs to have a `%1` in it which is just a placeholder for the binary path, which we will detect and replace before calling the command.\n\nExample: ```text sign-cli --arg1 --arg2 %1 ```\n\nBy Default we use `signtool.exe` which can be found only on Windows so if you are on another platform and want to cross-compile and sign you will need to use another tool like `osslsigncode`.",
"description": "Specify a custom command to sign the binaries.\n This command needs to have a `%1` in it which is just a placeholder for the binary path,\n which we will detect and replace before calling the command.\n\n Example:\n ```text\n sign-cli --arg1 --arg2 %1\n ```\n\n By Default we use `signtool.exe` which can be found only on Windows so\n if you are on another platform and want to cross-compile and sign you will\n need to use another tool like `osslsigncode`.",
"type": [
"string",
"null"
@ -2000,7 +2000,7 @@
"additionalProperties": false
},
"WebviewInstallMode": {
"description": "Install modes for the Webview2 runtime. Note that for the updater bundle [`Self::DownloadBootstrapper`] is used.\n\nFor more information see <https://tauri.app/v1/guides/building/windows>.",
"description": "Install modes for the Webview2 runtime.\n Note that for the updater bundle [`Self::DownloadBootstrapper`] is used.\n\n For more information see <https://tauri.app/v1/guides/building/windows>.",
"oneOf": [
{
"description": "Do not install the Webview2 as part of the Windows Installer.",
@ -2019,7 +2019,7 @@
"additionalProperties": false
},
{
"description": "Download the bootstrapper and run it. Requires an internet connection. Results in a smaller installer size, but is not recommended on Windows 7.",
"description": "Download the bootstrapper and run it.\n Requires an internet connection.\n Results in a smaller installer size, but is not recommended on Windows 7.",
"type": "object",
"required": [
"type"
@ -2040,7 +2040,7 @@
"additionalProperties": false
},
{
"description": "Embed the bootstrapper and run it. Requires an internet connection. Increases the installer size by around 1.8MB, but offers better support on Windows 7.",
"description": "Embed the bootstrapper and run it.\n Requires an internet connection.\n Increases the installer size by around 1.8MB, but offers better support on Windows 7.",
"type": "object",
"required": [
"type"
@ -2061,7 +2061,7 @@
"additionalProperties": false
},
{
"description": "Embed the offline installer and run it. Does not require an internet connection. Increases the installer size by around 127MB.",
"description": "Embed the offline installer and run it.\n Does not require an internet connection.\n Increases the installer size by around 127MB.",
"type": "object",
"required": [
"type"
@ -2082,7 +2082,7 @@
"additionalProperties": false
},
{
"description": "Embed a fixed webview2 version and use it at runtime. Increases the installer size by around 180MB.",
"description": "Embed a fixed webview2 version and use it at runtime.\n Increases the installer size by around 180MB.",
"type": "object",
"required": [
"path",
@ -2096,7 +2096,7 @@
]
},
"path": {
"description": "The path to the fixed runtime to use.\n\nThe fixed version can be downloaded [on the official website](https://developer.microsoft.com/en-us/microsoft-edge/webview2/#download-section). The `.cab` file must be extracted to a folder and this folder path must be defined on this field.",
"description": "The path to the fixed runtime to use.\n\n The fixed version can be downloaded [on the official website](https://developer.microsoft.com/en-us/microsoft-edge/webview2/#download-section).\n The `.cab` file must be extracted to a folder and this folder path must be defined on this field.",
"type": "string"
}
},
@ -2178,14 +2178,14 @@
"type": "boolean"
},
"bannerPath": {
"description": "Path to a bitmap file to use as the installation user interface banner. This bitmap will appear at the top of all but the first page of the installer.\n\nThe required dimensions are 493px × 58px.",
"description": "Path to a bitmap file to use as the installation user interface banner.\n This bitmap will appear at the top of all but the first page of the installer.\n\n The required dimensions are 493px × 58px.",
"type": [
"string",
"null"
]
},
"dialogImagePath": {
"description": "Path to a bitmap file to use on the installation user interface dialogs. It is used on the welcome and completion dialogs. The required dimensions are 493px × 312px.",
"description": "Path to a bitmap file to use on the installation user interface dialogs.\n It is used on the welcome and completion dialogs.\n The required dimensions are 493px × 312px.",
"type": [
"string",
"null"
@ -2273,7 +2273,7 @@
]
},
"languages": {
"description": "A list of installer languages. By default the OS language is used. If the OS language is not in the list of languages, the first language will be used. To allow the user to select the language, set `display_language_selector` to `true`.\n\nSee <https://github.com/kichik/nsis/tree/9465c08046f00ccb6eda985abbdbf52c275c6c4d/Contrib/Language%20files> for the complete list of languages.",
"description": "A list of installer languages.\n By default the OS language is used. If the OS language is not in the list of languages, the first language will be used.\n To allow the user to select the language, set `display_language_selector` to `true`.\n\n See <https://github.com/kichik/nsis/tree/9465c08046f00ccb6eda985abbdbf52c275c6c4d/Contrib/Language%20files> for the complete list of languages.",
"type": [
"array",
"null"
@ -2283,7 +2283,7 @@
}
},
"customLanguageFiles": {
"description": "A key-value pair where the key is the language and the value is the path to a custom `.nsh` file that holds the translated text for tauri's custom messages.\n\nSee <https://github.com/tauri-apps/tauri/blob/dev/tooling/bundler/src/bundle/windows/templates/nsis-languages/English.nsh> for an example `.nsh` file.\n\n**Note**: the key must be a valid NSIS language and it must be added to [`NsisConfig`] languages array,",
"description": "A key-value pair where the key is the language and the\n value is the path to a custom `.nsh` file that holds the translated text for tauri's custom messages.\n\n See <https://github.com/tauri-apps/tauri/blob/dev/tooling/bundler/src/bundle/windows/templates/nsis-languages/English.nsh> for an example `.nsh` file.\n\n **Note**: the key must be a valid NSIS language and it must be added to [`NsisConfig`] languages array,",
"type": [
"object",
"null"
@ -2293,7 +2293,7 @@
}
},
"displayLanguageSelector": {
"description": "Whether to display a language selector dialog before the installer and uninstaller windows are rendered or not. By default the OS language is selected, with a fallback to the first language in the `languages` array.",
"description": "Whether to display a language selector dialog before the installer and uninstaller windows are rendered or not.\n By default the OS language is selected, with a fallback to the first language in the `languages` array.",
"default": false,
"type": "boolean"
},
@ -2307,7 +2307,7 @@
]
},
"installerHooks": {
"description": "A path to a `.nsh` file that contains special NSIS macros to be hooked into the main installer.nsi script.\n\nSupported hooks are: - `NSIS_HOOK_PREINSTALL`: This hook runs before copying files, setting registry key values and creating shortcuts. - `NSIS_HOOK_POSTINSTALL`: This hook runs after the installer has finished copying all files, setting the registry keys and created shortcuts. - `NSIS_HOOK_PREUNINSTALL`: This hook runs before removing any files, registry keys and shortcuts. - `NSIS_HOOK_POSTUNINSTALL`: This hook runs after files, registry keys and shortcuts have been removed.\n\n### Example\n\n```nsh !define NSIS_HOOK_PREINSTALL \"NSIS_HOOK_PREINSTALL_\" !macro NSIS_HOOK_PREINSTALL_ MessageBox MB_OK \"PreInstall\" !macroend\n\n!define NSIS_HOOK_POSTINSTALL \"NSIS_HOOK_POSTINSTALL_\" !macro NSIS_HOOK_POSTINSTALL_ MessageBox MB_OK \"PostInstall\" !macroend\n\n!define NSIS_HOOK_PREUNINSTALL \"NSIS_HOOK_PREUNINSTALL_\" !macro NSIS_HOOK_PREUNINSTALL_ MessageBox MB_OK \"PreUnInstall\" !macroend\n\n!define NSIS_HOOK_POSTUNINSTALL \"NSIS_HOOK_POSTUNINSTALL_\" !macro NSIS_HOOK_POSTUNINSTALL_ MessageBox MB_OK \"PostUninstall\" !macroend\n\n```",
"description": "A path to a `.nsh` file that contains special NSIS macros to be hooked into the\n main installer.nsi script.\n\n Supported hooks are:\n - `NSIS_HOOK_PREINSTALL`: This hook runs before copying files, setting registry key values and creating shortcuts.\n - `NSIS_HOOK_POSTINSTALL`: This hook runs after the installer has finished copying all files, setting the registry keys and created shortcuts.\n - `NSIS_HOOK_PREUNINSTALL`: This hook runs before removing any files, registry keys and shortcuts.\n - `NSIS_HOOK_POSTUNINSTALL`: This hook runs after files, registry keys and shortcuts have been removed.\n\n\n ### Example\n\n ```nsh\n !define NSIS_HOOK_PREINSTALL \"NSIS_HOOK_PREINSTALL_\"\n !macro NSIS_HOOK_PREINSTALL_\n MessageBox MB_OK \"PreInstall\"\n !macroend\n\n !define NSIS_HOOK_POSTINSTALL \"NSIS_HOOK_POSTINSTALL_\"\n !macro NSIS_HOOK_POSTINSTALL_\n MessageBox MB_OK \"PostInstall\"\n !macroend\n\n !define NSIS_HOOK_PREUNINSTALL \"NSIS_HOOK_PREUNINSTALL_\"\n !macro NSIS_HOOK_PREUNINSTALL_\n MessageBox MB_OK \"PreUnInstall\"\n !macroend\n\n !define NSIS_HOOK_POSTUNINSTALL \"NSIS_HOOK_POSTUNINSTALL_\"\n !macro NSIS_HOOK_POSTUNINSTALL_\n MessageBox MB_OK \"PostUninstall\"\n !macroend\n\n ```",
"type": [
"string",
"null"
@ -2327,14 +2327,14 @@
]
},
{
"description": "Install the app by default in the `Program Files` folder directory requires Administrator access for the installation.\n\nInstaller metadata will be saved under the `HKLM` registry path.",
"description": "Install the app by default in the `Program Files` folder directory requires Administrator\n access for the installation.\n\n Installer metadata will be saved under the `HKLM` registry path.",
"type": "string",
"enum": [
"perMachine"
]
},
{
"description": "Combines both modes and allows the user to choose at install time whether to install for the current user or per machine. Note that this mode will require Administrator access even if the user wants to install it for the current user only.\n\nInstaller metadata will be saved under the `HKLM` or `HKCU` registry path based on the user's choice.",
"description": "Combines both modes and allows the user to choose at install time\n whether to install for the current user or per machine. Note that this mode\n will require Administrator access even if the user wants to install it for the current user only.\n\n Installer metadata will be saved under the `HKLM` or `HKCU` registry path based on the user's choice.",
"type": "string",
"enum": [
"both"
@ -2423,7 +2423,7 @@
"type": "object",
"properties": {
"bundleMediaFramework": {
"description": "Include additional gstreamer dependencies needed for audio and video playback. This increases the bundle size by ~15-35MB depending on your build system.",
"description": "Include additional gstreamer dependencies needed for audio and video playback.\n This increases the bundle size by ~15-35MB depending on your build system.",
"default": false,
"type": "boolean"
},
@ -2498,14 +2498,14 @@
]
},
"priority": {
"description": "Change the priority of the Debian Package. By default, it is set to `optional`. Recognized Priorities as of now are : `required`, `important`, `standard`, `optional`, `extra`",
"description": "Change the priority of the Debian Package. By default, it is set to `optional`.\n Recognized Priorities as of now are : `required`, `important`, `standard`, `optional`, `extra`",
"type": [
"string",
"null"
]
},
"changelog": {
"description": "Path of the uncompressed Changelog file, to be stored at /usr/share/doc/package-name/changelog.gz. See https://www.debian.org/doc/debian-policy/ch-docs.html#changelog-files-and-release-notes",
"description": "Path of the uncompressed Changelog file, to be stored at /usr/share/doc/package-name/changelog.gz. See\n https://www.debian.org/doc/debian-policy/ch-docs.html#changelog-files-and-release-notes",
"type": [
"string",
"null"
@ -2519,28 +2519,28 @@
]
},
"preInstallScript": {
"description": "Path to script that will be executed before the package is unpacked. See https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html",
"description": "Path to script that will be executed before the package is unpacked. See\n https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html",
"type": [
"string",
"null"
]
},
"postInstallScript": {
"description": "Path to script that will be executed after the package is unpacked. See https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html",
"description": "Path to script that will be executed after the package is unpacked. See\n https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html",
"type": [
"string",
"null"
]
},
"preRemoveScript": {
"description": "Path to script that will be executed before the package is removed. See https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html",
"description": "Path to script that will be executed before the package is removed. See\n https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html",
"type": [
"string",
"null"
]
},
"postRemoveScript": {
"description": "Path to script that will be executed after the package is removed. See https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html",
"description": "Path to script that will be executed after the package is removed. See\n https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html",
"type": [
"string",
"null"
@ -2574,7 +2574,7 @@
}
},
"conflicts": {
"description": "The list of RPM dependencies your application conflicts with. They must not be present in order for the package to be installed.",
"description": "The list of RPM dependencies your application conflicts with. They must not be present\n in order for the package to be installed.",
"type": [
"array",
"null"
@ -2584,7 +2584,7 @@
}
},
"obsoletes": {
"description": "The list of RPM dependencies your application supersedes - if this package is installed, packages listed as “obsoletes” will be automatically removed (if they are present).",
"description": "The list of RPM dependencies your application supersedes - if this package is installed,\n packages listed as “obsoletes” will be automatically removed (if they are present).",
"type": [
"array",
"null"
@ -2621,28 +2621,28 @@
]
},
"preInstallScript": {
"description": "Path to script that will be executed before the package is unpacked. See http://ftp.rpm.org/max-rpm/s1-rpm-inside-scripts.html",
"description": "Path to script that will be executed before the package is unpacked. See\n http://ftp.rpm.org/max-rpm/s1-rpm-inside-scripts.html",
"type": [
"string",
"null"
]
},
"postInstallScript": {
"description": "Path to script that will be executed after the package is unpacked. See http://ftp.rpm.org/max-rpm/s1-rpm-inside-scripts.html",
"description": "Path to script that will be executed after the package is unpacked. See\n http://ftp.rpm.org/max-rpm/s1-rpm-inside-scripts.html",
"type": [
"string",
"null"
]
},
"preRemoveScript": {
"description": "Path to script that will be executed before the package is removed. See http://ftp.rpm.org/max-rpm/s1-rpm-inside-scripts.html",
"description": "Path to script that will be executed before the package is removed. See\n http://ftp.rpm.org/max-rpm/s1-rpm-inside-scripts.html",
"type": [
"string",
"null"
]
},
"postRemoveScript": {
"description": "Path to script that will be executed after the package is removed. See http://ftp.rpm.org/max-rpm/s1-rpm-inside-scripts.html",
"description": "Path to script that will be executed after the package is removed. See\n http://ftp.rpm.org/max-rpm/s1-rpm-inside-scripts.html",
"type": [
"string",
"null"
@ -2674,7 +2674,7 @@
}
},
"minimumSystemVersion": {
"description": "A version string indicating the minimum macOS X version that the bundled application supports. Defaults to `10.13`.\n\nSetting it to `null` completely removes the `LSMinimumSystemVersion` field on the bundle's `Info.plist` and the `MACOSX_DEPLOYMENT_TARGET` environment variable.\n\nAn empty string is considered an invalid value so the default value is used.",
"description": "A version string indicating the minimum macOS X version that the bundled application supports. Defaults to `10.13`.\n\n Setting it to `null` completely removes the `LSMinimumSystemVersion` field on the bundle's `Info.plist`\n and the `MACOSX_DEPLOYMENT_TARGET` environment variable.\n\n An empty string is considered an invalid value so the default value is used.",
"default": "10.13",
"type": [
"string",
@ -2682,7 +2682,7 @@
]
},
"exceptionDomain": {
"description": "Allows your application to communicate with the outside world. It should be a lowercase, without port and protocol domain name.",
"description": "Allows your application to communicate with the outside world.\n It should be a lowercase, without port and protocol domain name.",
"type": [
"string",
"null"
@ -2851,7 +2851,7 @@
"type": "object",
"properties": {
"developmentTeam": {
"description": "The development team. This value is required for iOS development because code signing is enforced. The `APPLE_DEVELOPMENT_TEAM` environment variable can be set to overwrite it.",
"description": "The development team. This value is required for iOS development because code signing is enforced.\n The `APPLE_DEVELOPMENT_TEAM` environment variable can be set to overwrite it.",
"type": [
"string",
"null"
@ -2865,14 +2865,14 @@
"type": "object",
"properties": {
"minSdkVersion": {
"description": "The minimum API level required for the application to run. The Android system will prevent the user from installing the application if the system's API level is lower than the value specified.",
"description": "The minimum API level required for the application to run.\n The Android system will prevent the user from installing the application if the system's API level is lower than the value specified.",
"default": 24,
"type": "integer",
"format": "uint32",
"minimum": 0.0
},
"versionCode": {
"description": "The version code of the application. It is limited to 2,100,000,000 as per Google Play Store requirements.\n\nBy default we use your configured version and perform the following math: versionCode = version.major * 1000000 + version.minor * 1000 + version.patch",
"description": "The version code of the application.\n It is limited to 2,100,000,000 as per Google Play Store requirements.\n\n By default we use your configured version and perform the following math:\n versionCode = version.major * 1000000 + version.minor * 1000 + version.patch",
"type": [
"integer",
"null"

107
core/tauri-utils/src/acl/capability.rs
View File

@ -42,40 +42,129 @@ impl PermissionEntry {
}
}
/// A grouping and boundary mechanism developers can use to separate windows or plugins functionality from each other at runtime.
/// A grouping and boundary mechanism developers can use to isolate access to the IPC layer.
///
/// It controls application windows fine grained access to the Tauri core, application, or plugin commands.
/// If a window is not matching any capability then it has no access to the IPC layer at all.
///
/// This can be done to create trust groups and reduce impact of vulnerabilities in certain plugins or windows.
/// Windows can be added to a capability by exact name or glob patterns like *, admin-* or main-window.
/// This can be done to create groups of windows, based on their required system access, which can reduce
/// impact of frontend vulnerabilities in less privileged windows.
/// Windows can be added to a capability by exact name (e.g. `main-window`) or glob patterns like `*` or `admin-*`.
/// A Window can have none, one, or multiple associated capabilities.
///
/// ## Example
///
/// ```json
/// {
/// "identifier": "main-user-files-write",
/// "description": "This capability allows the `main` window on macOS and Windows access to `filesystem` write related commands and `dialog` commands to enable programatic access to files selected by the user.",
/// "windows": [
/// "main"
/// ],
/// "permissions": [
/// "path:default",
/// "dialog:open",
/// {
/// "identifier": "fs:allow-write-text-file",
/// "allow": [{ "path": "$HOME/test.txt" }]
/// },
/// "platforms": ["macOS","windows"]
/// }
/// ```
#[derive(Debug, Clone, PartialEq, Serialize, Deserialize)]
#[cfg_attr(feature = "schema", derive(schemars::JsonSchema))]
pub struct Capability {
/// Identifier of the capability.
///
/// ## Example
///
/// `main-user-files-write`
///
pub identifier: String,
/// Description of the capability.
/// Description of what the capability is intended to allow on associated windows.
///
/// It should contain a description of what the grouped permissions should allow.
///
/// ## Example
///
/// This capability allows the `main` window access to `filesystem` write related
/// commands and `dialog` commands to enable programatic access to files selected by the user.
#[serde(default)]
pub description: String,
/// Configure remote URLs that can use the capability permissions.
///
/// This setting is optional and defaults to not being set, as our
/// default use case is that the content is served from our local application.
///
/// :::caution
/// Make sure you understand the security implications of providing remote
/// sources with local system access.
/// :::
///
/// ## Example
///
/// ```json
/// {
/// "urls": ["https://*.mydomain.dev"]
/// }
/// ```
#[serde(default, skip_serializing_if = "Option::is_none")]
pub remote: Option<CapabilityRemote>,
/// Whether this capability is enabled for local app URLs or not. Defaults to `true`.
#[serde(default = "default_capability_local")]
pub local: bool,
/// List of windows that uses this capability. Can be a glob pattern.
/// List of windows that are affected by this capability. Can be a glob pattern.
///
/// On multiwebview windows, prefer [`Self::webviews`] for a fine grained access control.
///
/// ## Example
///
/// `["main"]`
#[serde(default, skip_serializing_if = "Vec::is_empty")]
pub windows: Vec<String>,
/// List of webviews that uses this capability. Can be a glob pattern.
/// List of webviews that are affected by this capability. Can be a glob pattern.
///
/// This is only required when using on multiwebview contexts, by default
/// all child webviews of a window that matches [`Self::windows`] are linked.
///
/// ## Example
///
/// `["sub-webview-one", "sub-webview-two"]`
#[serde(default, skip_serializing_if = "Vec::is_empty")]
pub webviews: Vec<String>,
/// List of permissions attached to this capability. Must include the plugin name as prefix in the form of `${plugin-name}:${permission-name}`.
/// List of permissions attached to this capability.
///
/// Must include the plugin name as prefix in the form of `${plugin-name}:${permission-name}`.
/// For commands directly implemented in the application itself only `${permission-name}`
/// is required.
///
/// ## Example
///
/// ```json
/// [
/// "path:default",
/// "event:default",
/// "window:default",
/// "app:default",
/// "image:default",
/// "resources:default",
/// "menu:default",
/// "tray:default",
/// "shell:allow-open",
/// "dialog:open",
/// {
/// "identifier": "fs:allow-write-text-file",
/// "allow": [{ "path": "$HOME/test.txt" }]
/// }
/// ```
pub permissions: Vec<PermissionEntry>,
/// Target platforms this capability applies. By default all platforms are affected by this capability.
/// Limit which target platforms this capability applies to.
///
/// By default all platforms are targeted.
///
/// ## Example
///
/// `["macOS","windows"]`
#[serde(skip_serializing_if = "Option::is_none")]
pub platforms: Option<Vec<Target>>,
}
@ -91,7 +180,7 @@ fn default_capability_local() -> bool {
pub struct CapabilityRemote {
/// Remote domains this capability refers to using the [URLPattern standard](https://urlpattern.spec.whatwg.org/).
///
/// # Examples
/// ## Examples
///
/// - "https://*.mydomain.dev": allows subdomains of mydomain.dev
/// - "https://mydomain.dev/api/*": allows any subpath of mydomain.dev/api

16
core/tauri-utils/src/acl/mod.rs
View File

@ -126,18 +126,26 @@ pub struct Commands {
pub deny: Vec<String>,
}
/// A restriction of the command/endpoint functionality.
/// An argument for fine grained behavior control of Tauri commands.
///
/// It can be of any serde serializable type and is used for allowing or preventing certain actions inside a Tauri command.
/// It can be of any serde serializable type and is used to allow or prevent certain actions inside a Tauri command.
/// The configured scope is passed to the command and will be enforced by the command implementation.
///
/// The scope is passed to the command and handled/enforced by the command itself.
/// ## Example
///
/// ```json
/// {
/// "allow": [{ "path": "$HOME/**" }],
/// "deny": [{ "path": "$HOME/secret.txt" }]
/// }
/// ```
#[derive(Debug, Default, PartialEq, Clone, Serialize, Deserialize)]
#[cfg_attr(feature = "schema", derive(schemars::JsonSchema))]
pub struct Scopes {
/// Data that defines what is allowed by the scope.
#[serde(skip_serializing_if = "Option::is_none")]
pub allow: Option<Vec<Value>>,
/// Data that defines what is denied by the scope.
/// Data that defines what is denied by the scope. This should be prioritized by validation logic.
#[serde(skip_serializing_if = "Option::is_none")]
pub deny: Option<Vec<Value>>,
}

198
tooling/cli/schema.json
View File

@ -1,7 +1,7 @@
{
"$schema": "http://json-schema.org/draft-07/schema#",
"title": "Config",
"description": "The Tauri configuration object. It is read from a file where you can define your frontend assets, configure the bundler and define a tray icon.\n\nThe configuration file is generated by the [`tauri init`](https://tauri.app/v1/api/cli#init) command that lives in your Tauri application source directory (src-tauri).\n\nOnce generated, you may modify it at will to customize your Tauri application.\n\n## File Formats\n\nBy default, the configuration is defined as a JSON file named `tauri.conf.json`.\n\nTauri also supports JSON5 and TOML files via the `config-json5` and `config-toml` Cargo features, respectively. The JSON5 file name must be either `tauri.conf.json` or `tauri.conf.json5`. The TOML file name is `Tauri.toml`.\n\n## Platform-Specific Configuration\n\nIn addition to the default configuration file, Tauri can read a platform-specific configuration from `tauri.linux.conf.json`, `tauri.windows.conf.json`, `tauri.macos.conf.json`, `tauri.android.conf.json` and `tauri.ios.conf.json` (or `Tauri.linux.toml`, `Tauri.windows.toml`, `Tauri.macos.toml`, `Tauri.android.toml` and `Tauri.ios.toml` if the `Tauri.toml` format is used), which gets merged with the main configuration object.\n\n## Configuration Structure\n\nThe configuration is composed of the following objects:\n\n- [`app`](#appconfig): The Tauri configuration - [`build`](#buildconfig): The build configuration - [`bundle`](#bundleconfig): The bundle configurations - [`plugins`](#pluginconfig): The plugins configuration\n\n```json title=\"Example tauri.config.json file\" { \"productName\": \"tauri-app\", \"version\": \"0.1.0\" \"build\": { \"beforeBuildCommand\": \"\", \"beforeDevCommand\": \"\", \"devUrl\": \"../dist\", \"frontendDist\": \"../dist\" }, \"app\": { \"security\": { \"csp\": null }, \"windows\": [ { \"fullscreen\": false, \"height\": 600, \"resizable\": true, \"title\": \"Tauri App\", \"width\": 800 } ] }, \"bundle\": {}, \"plugins\": {} } ```",
"description": "The Tauri configuration object.\n It is read from a file where you can define your frontend assets,\n configure the bundler and define a tray icon.\n\n The configuration file is generated by the\n [`tauri init`](https://tauri.app/v1/api/cli#init) command that lives in\n your Tauri application source directory (src-tauri).\n\n Once generated, you may modify it at will to customize your Tauri application.\n\n ## File Formats\n\n By default, the configuration is defined as a JSON file named `tauri.conf.json`.\n\n Tauri also supports JSON5 and TOML files via the `config-json5` and `config-toml` Cargo features, respectively.\n The JSON5 file name must be either `tauri.conf.json` or `tauri.conf.json5`.\n The TOML file name is `Tauri.toml`.\n\n ## Platform-Specific Configuration\n\n In addition to the default configuration file, Tauri can\n read a platform-specific configuration from `tauri.linux.conf.json`,\n `tauri.windows.conf.json`, `tauri.macos.conf.json`, `tauri.android.conf.json` and `tauri.ios.conf.json`\n (or `Tauri.linux.toml`, `Tauri.windows.toml`, `Tauri.macos.toml`, `Tauri.android.toml` and `Tauri.ios.toml` if the `Tauri.toml` format is used),\n which gets merged with the main configuration object.\n\n ## Configuration Structure\n\n The configuration is composed of the following objects:\n\n - [`app`](#appconfig): The Tauri configuration\n - [`build`](#buildconfig): The build configuration\n - [`bundle`](#bundleconfig): The bundle configurations\n - [`plugins`](#pluginconfig): The plugins configuration\n\n ```json title=\"Example tauri.config.json file\"\n {\n \"productName\": \"tauri-app\",\n \"version\": \"0.1.0\"\n \"build\": {\n \"beforeBuildCommand\": \"\",\n \"beforeDevCommand\": \"\",\n \"devUrl\": \"../dist\",\n \"frontendDist\": \"../dist\"\n },\n \"app\": {\n \"security\": {\n \"csp\": null\n },\n \"windows\": [\n {\n \"fullscreen\": false,\n \"height\": 600,\n \"resizable\": true,\n \"title\": \"Tauri App\",\n \"width\": 800\n }\n ]\n },\n \"bundle\": {},\n \"plugins\": {}\n }\n ```",
"type": "object",
"properties": {
"$schema": {
@ -27,7 +27,7 @@
]
},
"identifier": {
"description": "The application identifier in reverse domain name notation (e.g. `com.tauri.example`). This string must be unique across applications since it is used in system configurations like the bundle ID and path to the webview data directory. This string must contain only alphanumeric characters (AZ, az, and 09), hyphens (-), and periods (.).",
"description": "The application identifier in reverse domain name notation (e.g. `com.tauri.example`).\n This string must be unique across applications since it is used in system configurations like\n the bundle ID and path to the webview data directory.\n This string must contain only alphanumeric characters (AZ, az, and 09), hyphens (-),\n and periods (.).",
"default": "",
"type": "string"
},
@ -299,7 +299,7 @@
"type": "boolean"
},
"maximizable": {
"description": "Whether the window's native maximize button is enabled or not. If resizable is set to false, this setting is ignored.\n\n## Platform-specific\n\n- **macOS:** Disables the \"zoom\" button in the window titlebar, which is also used to enter fullscreen mode. - **Linux / iOS / Android:** Unsupported.",
"description": "Whether the window's native maximize button is enabled or not.\n If resizable is set to false, this setting is ignored.\n\n ## Platform-specific\n\n - **macOS:** Disables the \"zoom\" button in the window titlebar, which is also used to enter fullscreen mode.\n - **Linux / iOS / Android:** Unsupported.",
"default": true,
"type": "boolean"
},
@ -309,7 +309,7 @@
"type": "boolean"
},
"closable": {
"description": "Whether the window's native close button is enabled or not.\n\n## Platform-specific\n\n- **Linux:** \"GTK+ will do its best to convince the window manager not to show a close button. Depending on the system, this function may not have any effect when called on a window that is already visible\" - **iOS / Android:** Unsupported.",
"description": "Whether the window's native close button is enabled or not.\n\n ## Platform-specific\n\n - **Linux:** \"GTK+ will do its best to convince the window manager not to show a close button.\n Depending on the system, this function may not have any effect when called on a window that is already visible\"\n - **iOS / Android:** Unsupported.",
"default": true,
"type": "boolean"
},
@ -329,7 +329,7 @@
"type": "boolean"
},
"transparent": {
"description": "Whether the window is transparent or not.\n\nNote that on `macOS` this requires the `macos-private-api` feature flag, enabled under `tauri > macOSPrivateApi`. WARNING: Using private APIs on `macOS` prevents your application from being accepted to the `App Store`.",
"description": "Whether the window is transparent or not.\n\n Note that on `macOS` this requires the `macos-private-api` feature flag, enabled under `tauri > macOSPrivateApi`.\n WARNING: Using private APIs on `macOS` prevents your application from being accepted to the `App Store`.",
"default": false,
"type": "boolean"
},
@ -404,26 +404,26 @@
"type": "boolean"
},
"tabbingIdentifier": {
"description": "Defines the window [tabbing identifier] for macOS.\n\nWindows with matching tabbing identifiers will be grouped together. If the tabbing identifier is not set, automatic tabbing will be disabled.\n\n[tabbing identifier]: <https://developer.apple.com/documentation/appkit/nswindow/1644704-tabbingidentifier>",
"description": "Defines the window [tabbing identifier] for macOS.\n\n Windows with matching tabbing identifiers will be grouped together.\n If the tabbing identifier is not set, automatic tabbing will be disabled.\n\n [tabbing identifier]: <https://developer.apple.com/documentation/appkit/nswindow/1644704-tabbingidentifier>",
"type": [
"string",
"null"
]
},
"additionalBrowserArgs": {
"description": "Defines additional browser arguments on Windows. By default wry passes `--disable-features=msWebOOUI,msPdfOOUI,msSmartScreenProtection` so if you use this method, you also need to disable these components by yourself if you want.",
"description": "Defines additional browser arguments on Windows. By default wry passes `--disable-features=msWebOOUI,msPdfOOUI,msSmartScreenProtection`\n so if you use this method, you also need to disable these components by yourself if you want.",
"type": [
"string",
"null"
]
},
"shadow": {
"description": "Whether or not the window has shadow.\n\n## Platform-specific\n\n- **Windows:** - `false` has no effect on decorated window, shadow are always ON. - `true` will make ndecorated window have a 1px white border, and on Windows 11, it will have a rounded corners. - **Linux:** Unsupported.",
"description": "Whether or not the window has shadow.\n\n ## Platform-specific\n\n - **Windows:**\n - `false` has no effect on decorated window, shadow are always ON.\n - `true` will make ndecorated window have a 1px white border,\n and on Windows 11, it will have a rounded corners.\n - **Linux:** Unsupported.",
"default": true,
"type": "boolean"
},
"windowEffects": {
"description": "Window effects.\n\nRequires the window to be transparent.\n\n## Platform-specific:\n\n- **Windows**: If using decorations or shadows, you may want to try this workaround <https://github.com/tauri-apps/tao/issues/72#issuecomment-975607891> - **Linux**: Unsupported",
"description": "Window effects.\n\n Requires the window to be transparent.\n\n ## Platform-specific:\n\n - **Windows**: If using decorations or shadows, you may want to try this workaround <https://github.com/tauri-apps/tao/issues/72#issuecomment-975607891>\n - **Linux**: Unsupported",
"anyOf": [
{
"$ref": "#/definitions/WindowEffectsConfig"
@ -439,7 +439,7 @@
"type": "boolean"
},
"parent": {
"description": "Sets the window associated with this label to be the parent of the window to be created.\n\n## Platform-specific\n\n- **Windows**: This sets the passed parent as an owner window to the window to be created. From [MSDN owned windows docs](https://docs.microsoft.com/en-us/windows/win32/winmsg/window-features#owned-windows): - An owned window is always above its owner in the z-order. - The system automatically destroys an owned window when its owner is destroyed. - An owned window is hidden when its owner is minimized. - **Linux**: This makes the new window transient for parent, see <https://docs.gtk.org/gtk3/method.Window.set_transient_for.html> - **macOS**: This adds the window as a child of parent, see <https://developer.apple.com/documentation/appkit/nswindow/1419152-addchildwindow?language=objc>",
"description": "Sets the window associated with this label to be the parent of the window to be created.\n\n ## Platform-specific\n\n - **Windows**: This sets the passed parent as an owner window to the window to be created.\n From [MSDN owned windows docs](https://docs.microsoft.com/en-us/windows/win32/winmsg/window-features#owned-windows):\n - An owned window is always above its owner in the z-order.\n - The system automatically destroys an owned window when its owner is destroyed.\n - An owned window is hidden when its owner is minimized.\n - **Linux**: This makes the new window transient for parent, see <https://docs.gtk.org/gtk3/method.Window.set_transient_for.html>\n - **macOS**: This adds the window as a child of parent, see <https://developer.apple.com/documentation/appkit/nswindow/1419152-addchildwindow?language=objc>",
"type": [
"string",
"null"
@ -454,7 +454,7 @@
"format": "uri"
},
"zoomHotkeysEnabled": {
"description": "Whether page zooming by hotkeys is enabled\n\n## Platform-specific:\n\n- **Windows**: Controls WebView2's [`IsZoomControlEnabled`](https://learn.microsoft.com/en-us/microsoft-edge/webview2/reference/winrt/microsoft_web_webview2_core/corewebview2settings?view=webview2-winrt-1.0.2420.47#iszoomcontrolenabled) setting. - **MacOS / Linux**: Injects a polyfill that zooms in and out with `ctrl/command` + `-/=`, 20% in each step, ranging from 20% to 1000%. Requires `webview:allow-set-webview-zoom` permission\n\n- **Android / iOS**: Unsupported.",
"description": "Whether page zooming by hotkeys is enabled\n\n ## Platform-specific:\n\n - **Windows**: Controls WebView2's [`IsZoomControlEnabled`](https://learn.microsoft.com/en-us/microsoft-edge/webview2/reference/winrt/microsoft_web_webview2_core/corewebview2settings?view=webview2-winrt-1.0.2420.47#iszoomcontrolenabled) setting.\n - **MacOS / Linux**: Injects a polyfill that zooms in and out with `ctrl/command` + `-/=`,\n 20% in each step, ranging from 20% to 1000%. Requires `webview:allow-set-webview-zoom` permission\n\n - **Android / iOS**: Unsupported.",
"default": false,
"type": "boolean"
}
@ -470,7 +470,7 @@
"format": "uri"
},
{
"description": "The path portion of an app URL. For instance, to load `tauri://localhost/users/john`, you can simply provide `users/john` in this configuration.",
"description": "The path portion of an app URL.\n For instance, to load `tauri://localhost/users/john`,\n you can simply provide `users/john` in this configuration.",
"type": "string"
},
{
@ -517,7 +517,7 @@
]
},
{
"description": "Shows the title bar as a transparent overlay over the window's content.\n\nKeep in mind: - The height of the title bar is different on different OS versions, which can lead to window the controls and title not being where you don't expect. - You need to define a custom drag region to make your window draggable, however due to a limitation you can't drag the window when it's not in focus <https://github.com/tauri-apps/tauri/issues/4316>. - The color of the window title depends on the system theme.",
"description": "Shows the title bar as a transparent overlay over the window's content.\n\n Keep in mind:\n - The height of the title bar is different on different OS versions, which can lead to window the controls and title not being where you don't expect.\n - You need to define a custom drag region to make your window draggable, however due to a limitation you can't drag the window when it's not in focus <https://github.com/tauri-apps/tauri/issues/4316>.\n - The color of the window title depends on the system theme.",
"type": "string",
"enum": [
"Overlay"
@ -533,7 +533,7 @@
],
"properties": {
"effects": {
"description": "List of Window effects to apply to the Window. Conflicting effects will apply the first one and ignore the rest.",
"description": "List of Window effects to apply to the Window.\n Conflicting effects will apply the first one and ignore the rest.",
"type": "array",
"items": {
"$ref": "#/definitions/WindowEffect"
@ -559,7 +559,7 @@
"format": "double"
},
"color": {
"description": "Window effect color. Affects [`WindowEffect::Blur`] and [`WindowEffect::Acrylic`] only on Windows 10 v1903+. Doesn't have any effect on Windows 7 or Windows 11.",
"description": "Window effect color. Affects [`WindowEffect::Blur`] and [`WindowEffect::Acrylic`] only\n on Windows 10 v1903+. Doesn't have any effect on Windows 7 or Windows 11.",
"anyOf": [
{
"$ref": "#/definitions/Color"
@ -584,7 +584,7 @@
]
},
{
"description": "*macOS 10.14-**",
"description": "**macOS 10.14-**",
"deprecated": true,
"type": "string",
"enum": [
@ -592,7 +592,7 @@
]
},
{
"description": "*macOS 10.14-**",
"description": "**macOS 10.14-**",
"deprecated": true,
"type": "string",
"enum": [
@ -600,7 +600,7 @@
]
},
{
"description": "*macOS 10.14-**",
"description": "**macOS 10.14-**",
"deprecated": true,
"type": "string",
"enum": [
@ -608,7 +608,7 @@
]
},
{
"description": "*macOS 10.14-**",
"description": "**macOS 10.14-**",
"deprecated": true,
"type": "string",
"enum": [
@ -616,98 +616,98 @@
]
},
{
"description": "*macOS 10.10+**",
"description": "**macOS 10.10+**",
"type": "string",
"enum": [
"titlebar"
]
},
{
"description": "*macOS 10.10+**",
"description": "**macOS 10.10+**",
"type": "string",
"enum": [
"selection"
]
},
{
"description": "*macOS 10.11+**",
"description": "**macOS 10.11+**",
"type": "string",
"enum": [
"menu"
]
},
{
"description": "*macOS 10.11+**",
"description": "**macOS 10.11+**",
"type": "string",
"enum": [
"popover"
]
},
{
"description": "*macOS 10.11+**",
"description": "**macOS 10.11+**",
"type": "string",
"enum": [
"sidebar"
]
},
{
"description": "*macOS 10.14+**",
"description": "**macOS 10.14+**",
"type": "string",
"enum": [
"headerView"
]
},
{
"description": "*macOS 10.14+**",
"description": "**macOS 10.14+**",
"type": "string",
"enum": [
"sheet"
]
},
{
"description": "*macOS 10.14+**",
"description": "**macOS 10.14+**",
"type": "string",
"enum": [
"windowBackground"
]
},
{
"description": "*macOS 10.14+**",
"description": "**macOS 10.14+**",
"type": "string",
"enum": [
"hudWindow"
]
},
{
"description": "*macOS 10.14+**",
"description": "**macOS 10.14+**",
"type": "string",
"enum": [
"fullScreenUI"
]
},
{
"description": "*macOS 10.14+**",
"description": "**macOS 10.14+**",
"type": "string",
"enum": [
"tooltip"
]
},
{
"description": "*macOS 10.14+**",
"description": "**macOS 10.14+**",
"type": "string",
"enum": [
"contentBackground"
]
},
{
"description": "*macOS 10.14+**",
"description": "**macOS 10.14+**",
"type": "string",
"enum": [
"underWindowBackground"
]
},
{
"description": "*macOS 10.14+**",
"description": "**macOS 10.14+**",
"type": "string",
"enum": [
"underPageBackground"
@ -830,7 +830,7 @@
"type": "object",
"properties": {
"csp": {
"description": "The Content Security Policy that will be injected on all HTML files on the built application. If [`dev_csp`](#SecurityConfig.devCsp) is not specified, this value is also injected on dev.\n\nThis is a really important part of the configuration since it helps you ensure your WebView is secured. See <https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP>.",
"description": "The Content Security Policy that will be injected on all HTML files on the built application.\n If [`dev_csp`](#SecurityConfig.devCsp) is not specified, this value is also injected on dev.\n\n This is a really important part of the configuration since it helps you ensure your WebView is secured.\n See <https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP>.",
"anyOf": [
{
"$ref": "#/definitions/Csp"
@ -841,7 +841,7 @@
]
},
"devCsp": {
"description": "The Content Security Policy that will be injected on all HTML files on development.\n\nThis is a really important part of the configuration since it helps you ensure your WebView is secured. See <https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP>.",
"description": "The Content Security Policy that will be injected on all HTML files on development.\n\n This is a really important part of the configuration since it helps you ensure your WebView is secured.\n See <https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP>.",
"anyOf": [
{
"$ref": "#/definitions/Csp"
@ -857,7 +857,7 @@
"type": "boolean"
},
"dangerousDisableAssetCspModification": {
"description": "Disables the Tauri-injected CSP sources.\n\nAt compile time, Tauri parses all the frontend assets and changes the Content-Security-Policy to only allow loading of your own scripts and styles by injecting nonce and hash sources. This stricts your CSP, which may introduce issues when using along with other flexing sources.\n\nThis configuration option allows both a boolean and a list of strings as value. A boolean instructs Tauri to disable the injection for all CSP injections, and a list of strings indicates the CSP directives that Tauri cannot inject.\n\n**WARNING:** Only disable this if you know what you are doing and have properly configured the CSP. Your application might be vulnerable to XSS attacks without this Tauri protection.",
"description": "Disables the Tauri-injected CSP sources.\n\n At compile time, Tauri parses all the frontend assets and changes the Content-Security-Policy\n to only allow loading of your own scripts and styles by injecting nonce and hash sources.\n This stricts your CSP, which may introduce issues when using along with other flexing sources.\n\n This configuration option allows both a boolean and a list of strings as value.\n A boolean instructs Tauri to disable the injection for all CSP injections,\n and a list of strings indicates the CSP directives that Tauri cannot inject.\n\n **WARNING:** Only disable this if you know what you are doing and have properly configured the CSP.\n Your application might be vulnerable to XSS attacks without this Tauri protection.",
"default": false,
"allOf": [
{
@ -900,7 +900,7 @@
"additionalProperties": false
},
"Csp": {
"description": "A Content-Security-Policy definition. See <https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP>.",
"description": "A Content-Security-Policy definition.\n See <https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP>.",
"anyOf": [
{
"description": "The entire CSP policy in a single text string.",
@ -916,7 +916,7 @@
]
},
"CspDirectiveSources": {
"description": "A Content-Security-Policy directive source list. See <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/Sources#sources>.",
"description": "A Content-Security-Policy directive source list.\n See <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/Sources#sources>.",
"anyOf": [
{
"description": "An inline list of CSP sources. Same as [`Self::List`], but concatenated with a space separator.",
@ -935,7 +935,7 @@
"description": "The possible values for the `dangerous_disable_asset_csp_modification` config option.",
"anyOf": [
{
"description": "If `true`, disables all CSP modification. `false` is the default value and it configures Tauri to control the CSP.",
"description": "If `true`, disables all CSP modification.\n `false` is the default value and it configures Tauri to control the CSP.",
"type": "boolean"
},
{
@ -969,7 +969,7 @@
"additionalProperties": false
},
"FsScope": {
"description": "Protocol scope definition. It is a list of glob patterns that restrict the API access from the webview.\n\nEach pattern can start with a variable that resolves to a system base directory. The variables are: `$AUDIO`, `$CACHE`, `$CONFIG`, `$DATA`, `$LOCALDATA`, `$DESKTOP`, `$DOCUMENT`, `$DOWNLOAD`, `$EXE`, `$FONT`, `$HOME`, `$PICTURE`, `$PUBLIC`, `$RUNTIME`, `$TEMPLATE`, `$VIDEO`, `$RESOURCE`, `$APP`, `$LOG`, `$TEMP`, `$APPCONFIG`, `$APPDATA`, `$APPLOCALDATA`, `$APPCACHE`, `$APPLOG`.",
"description": "Protocol scope definition.\n It is a list of glob patterns that restrict the API access from the webview.\n\n Each pattern can start with a variable that resolves to a system base directory.\n The variables are: `$AUDIO`, `$CACHE`, `$CONFIG`, `$DATA`, `$LOCALDATA`, `$DESKTOP`,\n `$DOCUMENT`, `$DOWNLOAD`, `$EXE`, `$FONT`, `$HOME`, `$PICTURE`, `$PUBLIC`, `$RUNTIME`,\n `$TEMPLATE`, `$VIDEO`, `$RESOURCE`, `$APP`, `$LOG`, `$TEMP`, `$APPCONFIG`, `$APPDATA`,\n `$APPLOCALDATA`, `$APPCACHE`, `$APPLOG`.",
"anyOf": [
{
"description": "A list of paths that are allowed by this scope.",
@ -991,7 +991,7 @@
}
},
"deny": {
"description": "A list of paths that are not allowed by this scope. This gets precedence over the [`Self::Scope::allow`] list.",
"description": "A list of paths that are not allowed by this scope.\n This gets precedence over the [`Self::Scope::allow`] list.",
"default": [],
"type": "array",
"items": {
@ -999,7 +999,7 @@
}
},
"requireLiteralLeadingDot": {
"description": "Whether or not paths that contain components that start with a `.` will require that `.` appears literally in the pattern; `*`, `?`, `**`, or `[...]` will not match. This is useful because such files are conventionally considered hidden on Unix systems and it might be desirable to skip them when listing files.\n\nDefaults to `true` on Unix systems and `false` on Windows",
"description": "Whether or not paths that contain components that start with a `.`\n will require that `.` appears literally in the pattern; `*`, `?`, `**`,\n or `[...]` will not match. This is useful because such files are\n conventionally considered hidden on Unix systems and it might be\n desirable to skip them when listing files.\n\n Defaults to `true` on Unix systems and `false` on Windows",
"type": [
"boolean",
"null"
@ -1075,7 +1075,7 @@
]
},
"Capability": {
"description": "A grouping and boundary mechanism developers can use to separate windows or plugins functionality from each other at runtime.\n\nIf a window is not matching any capability then it has no access to the IPC layer at all.\n\nThis can be done to create trust groups and reduce impact of vulnerabilities in certain plugins or windows. Windows can be added to a capability by exact name or glob patterns like *, admin-* or main-window.",
"description": "A grouping and boundary mechanism developers can use to isolate access to the IPC layer.\n\n It controls application windows fine grained access to the Tauri core, application, or plugin commands.\n If a window is not matching any capability then it has no access to the IPC layer at all.\n\n This can be done to create groups of windows, based on their required system access, which can reduce\n impact of frontend vulnerabilities in less privileged windows.\n Windows can be added to a capability by exact name (e.g. `main-window`) or glob patterns like `*` or `admin-*`.\n A Window can have none, one, or multiple associated capabilities.\n\n ## Example\n\n ```json\n {\n \"identifier\": \"main-user-files-write\",\n \"description\": \"This capability allows the `main` window on macOS and Windows access to `filesystem` write related commands and `dialog` commands to enable programatic access to files selected by the user.\",\n \"windows\": [\n \"main\"\n ],\n \"permissions\": [\n \"path:default\",\n \"dialog:open\",\n {\n \"identifier\": \"fs:allow-write-text-file\",\n \"allow\": [{ \"path\": \"$HOME/test.txt\" }]\n },\n \"platforms\": [\"macOS\",\"windows\"]\n }\n ```",
"type": "object",
"required": [
"identifier",
@ -1083,16 +1083,16 @@
],
"properties": {
"identifier": {
"description": "Identifier of the capability.",
"description": "Identifier of the capability.\n\n ## Example\n\n `main-user-files-write`",
"type": "string"
},
"description": {
"description": "Description of the capability.",
"description": "Description of what the capability is intended to allow on associated windows.\n\n It should contain a description of what the grouped permissions should allow.\n\n ## Example\n\n This capability allows the `main` window access to `filesystem` write related\n commands and `dialog` commands to enable programatic access to files selected by the user.",
"default": "",
"type": "string"
},
"remote": {
"description": "Configure remote URLs that can use the capability permissions.",
"description": "Configure remote URLs that can use the capability permissions.\n\n This setting is optional and defaults to not being set, as our\n default use case is that the content is served from our local application.\n\n :::caution\n Make sure you understand the security implications of providing remote\n sources with local system access.\n :::\n\n ## Example\n\n ```json\n {\n \"urls\": [\"https://*.mydomain.dev\"]\n }\n ```",
"anyOf": [
{
"$ref": "#/definitions/CapabilityRemote"
@ -1108,28 +1108,28 @@
"type": "boolean"
},
"windows": {
"description": "List of windows that uses this capability. Can be a glob pattern.\n\nOn multiwebview windows, prefer [`Self::webviews`] for a fine grained access control.",
"description": "List of windows that are affected by this capability. Can be a glob pattern.\n\n On multiwebview windows, prefer [`Self::webviews`] for a fine grained access control.\n\n ## Example\n\n `[\"main\"]`",
"type": "array",
"items": {
"type": "string"
}
},
"webviews": {
"description": "List of webviews that uses this capability. Can be a glob pattern.\n\nThis is only required when using on multiwebview contexts, by default all child webviews of a window that matches [`Self::windows`] are linked.",
"description": "List of webviews that are affected by this capability. Can be a glob pattern.\n\n This is only required when using on multiwebview contexts, by default\n all child webviews of a window that matches [`Self::windows`] are linked.\n\n ## Example\n\n `[\"sub-webview-one\", \"sub-webview-two\"]`",
"type": "array",
"items": {
"type": "string"
}
},
"permissions": {
"description": "List of permissions attached to this capability. Must include the plugin name as prefix in the form of `${plugin-name}:${permission-name}`.",
"description": "List of permissions attached to this capability.\n\n Must include the plugin name as prefix in the form of `${plugin-name}:${permission-name}`.\n For commands directly implemented in the application itself only `${permission-name}`\n is required.\n\n ## Example\n\n ```json\n [\n \"path:default\",\n \"event:default\",\n \"window:default\",\n \"app:default\",\n \"image:default\",\n \"resources:default\",\n \"menu:default\",\n \"tray:default\",\n \"shell:allow-open\",\n \"dialog:open\",\n {\n \"identifier\": \"fs:allow-write-text-file\",\n \"allow\": [{ \"path\": \"$HOME/test.txt\" }]\n }\n ```",
"type": "array",
"items": {
"$ref": "#/definitions/PermissionEntry"
}
},
"platforms": {
"description": "Target platforms this capability applies. By default all platforms are affected by this capability.",
"description": "Limit which target platforms this capability applies to.\n\n By default all platforms are targeted.\n\n ## Example\n\n `[\"macOS\",\"windows\"]`",
"type": [
"array",
"null"
@ -1148,7 +1148,7 @@
],
"properties": {
"urls": {
"description": "Remote domains this capability refers to using the [URLPattern standard](https://urlpattern.spec.whatwg.org/).\n\n# Examples\n\n- \"https://*.mydomain.dev\": allows subdomains of mydomain.dev - \"https://mydomain.dev/api/*\": allows any subpath of mydomain.dev/api",
"description": "Remote domains this capability refers to using the [URLPattern standard](https://urlpattern.spec.whatwg.org/).\n\n ## Examples\n\n - \"https://*.mydomain.dev\": allows subdomains of mydomain.dev\n - \"https://mydomain.dev/api/*\": allows any subpath of mydomain.dev/api",
"type": "array",
"items": {
"type": "string"
@ -1157,7 +1157,7 @@
}
},
"PermissionEntry": {
"description": "An entry for a permission value in a [`Capability`] can be either a raw permission [`Identifier`] or an object that references a permission and extends its scope.",
"description": "An entry for a permission value in a [`Capability`] can be either a raw permission [`Identifier`]\n or an object that references a permission and extends its scope.",
"anyOf": [
{
"description": "Reference a permission or permission set by identifier.",
@ -1193,7 +1193,7 @@
}
},
"deny": {
"description": "Data that defines what is denied by the scope.",
"description": "Data that defines what is denied by the scope. This should be prioritized by validation logic.",
"type": [
"array",
"null"
@ -1318,7 +1318,7 @@
]
},
"iconPath": {
"description": "Path to the default icon to use for the tray icon.\n\nNote: this stores the image in raw pixels to the final binary, so keep the icon size (width and height) small or else it's going to bloat your final executable",
"description": "Path to the default icon to use for the tray icon.\n\n Note: this stores the image in raw pixels to the final binary,\n so keep the icon size (width and height) small\n or else it's going to bloat your final executable",
"type": "string"
},
"iconAsTemplate": {
@ -1360,7 +1360,7 @@
]
},
"devUrl": {
"description": "The URL to load in development.\n\nThis is usually an URL to a dev server, which serves your application assets with hot-reload and HMR. Most modern JavaScript bundlers like [vite](https://vitejs.dev/guide/) provides a way to start a dev server by default.\n\nIf you don't have a dev server or don't want to use one, ignore this option and use [`frontendDist`](BuildConfig::frontend_dist) and point to a web assets directory, and Tauri CLI will run its built-in dev server and provide a simple hot-reload experience.",
"description": "The URL to load in development.\n\n This is usually an URL to a dev server, which serves your application assets with hot-reload and HMR.\n Most modern JavaScript bundlers like [vite](https://vitejs.dev/guide/) provides a way to start a dev server by default.\n\n If you don't have a dev server or don't want to use one, ignore this option and use [`frontendDist`](BuildConfig::frontend_dist)\n and point to a web assets directory, and Tauri CLI will run its built-in dev server and provide a simple hot-reload experience.",
"type": [
"string",
"null"
@ -1368,7 +1368,7 @@
"format": "uri"
},
"frontendDist": {
"description": "The path to the application assets (usually the `dist` folder of your javascript bundler) or a URL that could be either a custom protocol registered in the tauri app (for example: `myprotocol://`) or a remote URL (for example: `https://site.com/app`).\n\nWhen a path relative to the configuration file is provided, it is read recursively and all files are embedded in the application binary. Tauri then looks for an `index.html` and serves it as the default entry point for your application.\n\nYou can also provide a list of paths to be embedded, which allows granular control over what files are added to the binary. In this case, all files are added to the root and you must reference it that way in your HTML files.\n\nWhen a URL is provided, the application won't have bundled assets and the application will load that URL by default.",
"description": "The path to the application assets (usually the `dist` folder of your javascript bundler)\n or a URL that could be either a custom protocol registered in the tauri app (for example: `myprotocol://`)\n or a remote URL (for example: `https://site.com/app`).\n\n When a path relative to the configuration file is provided,\n it is read recursively and all files are embedded in the application binary.\n Tauri then looks for an `index.html` and serves it as the default entry point for your application.\n\n You can also provide a list of paths to be embedded, which allows granular control over what files are added to the binary.\n In this case, all files are added to the root and you must reference it that way in your HTML files.\n\n When a URL is provided, the application won't have bundled assets\n and the application will load that URL by default.",
"anyOf": [
{
"$ref": "#/definitions/FrontendDist"
@ -1527,14 +1527,14 @@
]
},
"publisher": {
"description": "The application's publisher. Defaults to the second element in the identifier string. Currently maps to the Manufacturer property of the Windows Installer.",
"description": "The application's publisher. Defaults to the second element in the identifier string.\n Currently maps to the Manufacturer property of the Windows Installer.",
"type": [
"string",
"null"
]
},
"homepage": {
"description": "A url to the home page of your application. If unset, will fallback to `homepage` defined in `Cargo.toml`.\n\nSupported bundle targets: `deb`, `rpm`, `nsis` and `msi`.",
"description": "A url to the home page of your application. If unset, will\n fallback to `homepage` defined in `Cargo.toml`.\n\n Supported bundle targets: `deb`, `rpm`, `nsis` and `msi`.",
"type": [
"string",
"null"
@ -1549,7 +1549,7 @@
}
},
"resources": {
"description": "App resources to bundle. Each resource is a path to a file or directory. Glob patterns are supported.",
"description": "App resources to bundle.\n Each resource is a path to a file or directory.\n Glob patterns are supported.",
"anyOf": [
{
"$ref": "#/definitions/BundleResources"
@ -1567,7 +1567,7 @@
]
},
"license": {
"description": "The package's license identifier to be included in the appropriate bundles. If not set, defaults to the license from the Cargo.toml file.",
"description": "The package's license identifier to be included in the appropriate bundles.\n If not set, defaults to the license from the Cargo.toml file.",
"type": [
"string",
"null"
@ -1581,7 +1581,7 @@
]
},
"category": {
"description": "The application kind.\n\nShould be one of the following: Business, DeveloperTool, Education, Entertainment, Finance, Game, ActionGame, AdventureGame, ArcadeGame, BoardGame, CardGame, CasinoGame, DiceGame, EducationalGame, FamilyGame, KidsGame, MusicGame, PuzzleGame, RacingGame, RolePlayingGame, SimulationGame, SportsGame, StrategyGame, TriviaGame, WordGame, GraphicsAndDesign, HealthcareAndFitness, Lifestyle, Medical, Music, News, Photography, Productivity, Reference, SocialNetworking, Sports, Travel, Utility, Video, Weather.",
"description": "The application kind.\n\n Should be one of the following:\n Business, DeveloperTool, Education, Entertainment, Finance, Game, ActionGame, AdventureGame, ArcadeGame, BoardGame, CardGame, CasinoGame, DiceGame, EducationalGame, FamilyGame, KidsGame, MusicGame, PuzzleGame, RacingGame, RolePlayingGame, SimulationGame, SportsGame, StrategyGame, TriviaGame, WordGame, GraphicsAndDesign, HealthcareAndFitness, Lifestyle, Medical, Music, News, Photography, Productivity, Reference, SocialNetworking, Sports, Travel, Utility, Video, Weather.",
"type": [
"string",
"null"
@ -1612,7 +1612,7 @@
]
},
"externalBin": {
"description": "A list of—either absolute or relative—paths to binaries to embed with your application.\n\nNote that Tauri will look for system-specific binaries following the pattern \"binary-name{-target-triple}{.system-extension}\".\n\nE.g. for the external binary \"my-binary\", Tauri looks for:\n\n- \"my-binary-x86_64-pc-windows-msvc.exe\" for Windows - \"my-binary-x86_64-apple-darwin\" for macOS - \"my-binary-x86_64-unknown-linux-gnu\" for Linux\n\nso don't forget to provide binaries for all targeted platforms.",
"description": "A list of—either absolute or relative—paths to binaries to embed with your application.\n\n Note that Tauri will look for system-specific binaries following the pattern \"binary-name{-target-triple}{.system-extension}\".\n\n E.g. for the external binary \"my-binary\", Tauri looks for:\n\n - \"my-binary-x86_64-pc-windows-msvc.exe\" for Windows\n - \"my-binary-x86_64-apple-darwin\" for macOS\n - \"my-binary-x86_64-unknown-linux-gnu\" for Linux\n\n so don't forget to provide binaries for all targeted platforms.",
"type": [
"array",
"null"
@ -1804,7 +1804,7 @@
]
},
"BundleResources": {
"description": "Definition for bundle resources. Can be either a list of paths to include or a map of source to target paths.",
"description": "Definition for bundle resources.\n Can be either a list of paths to include or a map of source to target paths.",
"anyOf": [
{
"description": "A list of paths to include.",
@ -1918,7 +1918,7 @@
"type": "object",
"properties": {
"digestAlgorithm": {
"description": "Specifies the file digest algorithm to use for creating file signatures. Required for code signing. SHA-256 is recommended.",
"description": "Specifies the file digest algorithm to use for creating file signatures.\n Required for code signing. SHA-256 is recommended.",
"type": [
"string",
"null"
@ -1939,7 +1939,7 @@
]
},
"tsp": {
"description": "Whether to use Time-Stamp Protocol (TSP, a.k.a. RFC 3161) for the timestamp server. Your code signing provider may use a TSP timestamp server, like e.g. SSL.com does. If so, enable TSP by setting to true.",
"description": "Whether to use Time-Stamp Protocol (TSP, a.k.a. RFC 3161) for the timestamp server. Your code signing provider may\n use a TSP timestamp server, like e.g. SSL.com does. If so, enable TSP by setting to true.",
"default": false,
"type": "boolean"
},
@ -1956,7 +1956,7 @@
]
},
"webviewFixedRuntimePath": {
"description": "Path to the webview fixed runtime to use. Overwrites [`Self::webview_install_mode`] if set.\n\nWill be removed in v2, prefer the [`Self::webview_install_mode`] option.\n\nThe fixed version can be downloaded [on the official website](https://developer.microsoft.com/en-us/microsoft-edge/webview2/#download-section). The `.cab` file must be extracted to a folder and this folder path must be defined on this field.",
"description": "Path to the webview fixed runtime to use. Overwrites [`Self::webview_install_mode`] if set.\n\n Will be removed in v2, prefer the [`Self::webview_install_mode`] option.\n\n The fixed version can be downloaded [on the official website](https://developer.microsoft.com/en-us/microsoft-edge/webview2/#download-section).\n The `.cab` file must be extracted to a folder and this folder path must be defined on this field.",
"type": [
"string",
"null"
@ -1990,7 +1990,7 @@
]
},
"signCommand": {
"description": "Specify a custom command to sign the binaries. This command needs to have a `%1` in it which is just a placeholder for the binary path, which we will detect and replace before calling the command.\n\nExample: ```text sign-cli --arg1 --arg2 %1 ```\n\nBy Default we use `signtool.exe` which can be found only on Windows so if you are on another platform and want to cross-compile and sign you will need to use another tool like `osslsigncode`.",
"description": "Specify a custom command to sign the binaries.\n This command needs to have a `%1` in it which is just a placeholder for the binary path,\n which we will detect and replace before calling the command.\n\n Example:\n ```text\n sign-cli --arg1 --arg2 %1\n ```\n\n By Default we use `signtool.exe` which can be found only on Windows so\n if you are on another platform and want to cross-compile and sign you will\n need to use another tool like `osslsigncode`.",
"type": [
"string",
"null"
@ -2000,7 +2000,7 @@
"additionalProperties": false
},
"WebviewInstallMode": {
"description": "Install modes for the Webview2 runtime. Note that for the updater bundle [`Self::DownloadBootstrapper`] is used.\n\nFor more information see <https://tauri.app/v1/guides/building/windows>.",
"description": "Install modes for the Webview2 runtime.\n Note that for the updater bundle [`Self::DownloadBootstrapper`] is used.\n\n For more information see <https://tauri.app/v1/guides/building/windows>.",
"oneOf": [
{
"description": "Do not install the Webview2 as part of the Windows Installer.",
@ -2019,7 +2019,7 @@
"additionalProperties": false
},
{
"description": "Download the bootstrapper and run it. Requires an internet connection. Results in a smaller installer size, but is not recommended on Windows 7.",
"description": "Download the bootstrapper and run it.\n Requires an internet connection.\n Results in a smaller installer size, but is not recommended on Windows 7.",
"type": "object",
"required": [
"type"
@ -2040,7 +2040,7 @@
"additionalProperties": false
},
{
"description": "Embed the bootstrapper and run it. Requires an internet connection. Increases the installer size by around 1.8MB, but offers better support on Windows 7.",
"description": "Embed the bootstrapper and run it.\n Requires an internet connection.\n Increases the installer size by around 1.8MB, but offers better support on Windows 7.",
"type": "object",
"required": [
"type"
@ -2061,7 +2061,7 @@
"additionalProperties": false
},
{
"description": "Embed the offline installer and run it. Does not require an internet connection. Increases the installer size by around 127MB.",
"description": "Embed the offline installer and run it.\n Does not require an internet connection.\n Increases the installer size by around 127MB.",
"type": "object",
"required": [
"type"
@ -2082,7 +2082,7 @@
"additionalProperties": false
},
{
"description": "Embed a fixed webview2 version and use it at runtime. Increases the installer size by around 180MB.",
"description": "Embed a fixed webview2 version and use it at runtime.\n Increases the installer size by around 180MB.",
"type": "object",
"required": [
"path",
@ -2096,7 +2096,7 @@
]
},
"path": {
"description": "The path to the fixed runtime to use.\n\nThe fixed version can be downloaded [on the official website](https://developer.microsoft.com/en-us/microsoft-edge/webview2/#download-section). The `.cab` file must be extracted to a folder and this folder path must be defined on this field.",
"description": "The path to the fixed runtime to use.\n\n The fixed version can be downloaded [on the official website](https://developer.microsoft.com/en-us/microsoft-edge/webview2/#download-section).\n The `.cab` file must be extracted to a folder and this folder path must be defined on this field.",
"type": "string"
}
},
@ -2178,14 +2178,14 @@
"type": "boolean"
},
"bannerPath": {
"description": "Path to a bitmap file to use as the installation user interface banner. This bitmap will appear at the top of all but the first page of the installer.\n\nThe required dimensions are 493px × 58px.",
"description": "Path to a bitmap file to use as the installation user interface banner.\n This bitmap will appear at the top of all but the first page of the installer.\n\n The required dimensions are 493px × 58px.",
"type": [
"string",
"null"
]
},
"dialogImagePath": {
"description": "Path to a bitmap file to use on the installation user interface dialogs. It is used on the welcome and completion dialogs. The required dimensions are 493px × 312px.",
"description": "Path to a bitmap file to use on the installation user interface dialogs.\n It is used on the welcome and completion dialogs.\n The required dimensions are 493px × 312px.",
"type": [
"string",
"null"
@ -2273,7 +2273,7 @@
]
},
"languages": {
"description": "A list of installer languages. By default the OS language is used. If the OS language is not in the list of languages, the first language will be used. To allow the user to select the language, set `display_language_selector` to `true`.\n\nSee <https://github.com/kichik/nsis/tree/9465c08046f00ccb6eda985abbdbf52c275c6c4d/Contrib/Language%20files> for the complete list of languages.",
"description": "A list of installer languages.\n By default the OS language is used. If the OS language is not in the list of languages, the first language will be used.\n To allow the user to select the language, set `display_language_selector` to `true`.\n\n See <https://github.com/kichik/nsis/tree/9465c08046f00ccb6eda985abbdbf52c275c6c4d/Contrib/Language%20files> for the complete list of languages.",
"type": [
"array",
"null"
@ -2283,7 +2283,7 @@
}
},
"customLanguageFiles": {
"description": "A key-value pair where the key is the language and the value is the path to a custom `.nsh` file that holds the translated text for tauri's custom messages.\n\nSee <https://github.com/tauri-apps/tauri/blob/dev/tooling/bundler/src/bundle/windows/templates/nsis-languages/English.nsh> for an example `.nsh` file.\n\n**Note**: the key must be a valid NSIS language and it must be added to [`NsisConfig`] languages array,",
"description": "A key-value pair where the key is the language and the\n value is the path to a custom `.nsh` file that holds the translated text for tauri's custom messages.\n\n See <https://github.com/tauri-apps/tauri/blob/dev/tooling/bundler/src/bundle/windows/templates/nsis-languages/English.nsh> for an example `.nsh` file.\n\n **Note**: the key must be a valid NSIS language and it must be added to [`NsisConfig`] languages array,",
"type": [
"object",
"null"
@ -2293,7 +2293,7 @@
}
},
"displayLanguageSelector": {
"description": "Whether to display a language selector dialog before the installer and uninstaller windows are rendered or not. By default the OS language is selected, with a fallback to the first language in the `languages` array.",
"description": "Whether to display a language selector dialog before the installer and uninstaller windows are rendered or not.\n By default the OS language is selected, with a fallback to the first language in the `languages` array.",
"default": false,
"type": "boolean"
},
@ -2307,7 +2307,7 @@
]
},
"installerHooks": {
"description": "A path to a `.nsh` file that contains special NSIS macros to be hooked into the main installer.nsi script.\n\nSupported hooks are: - `NSIS_HOOK_PREINSTALL`: This hook runs before copying files, setting registry key values and creating shortcuts. - `NSIS_HOOK_POSTINSTALL`: This hook runs after the installer has finished copying all files, setting the registry keys and created shortcuts. - `NSIS_HOOK_PREUNINSTALL`: This hook runs before removing any files, registry keys and shortcuts. - `NSIS_HOOK_POSTUNINSTALL`: This hook runs after files, registry keys and shortcuts have been removed.\n\n### Example\n\n```nsh !define NSIS_HOOK_PREINSTALL \"NSIS_HOOK_PREINSTALL_\" !macro NSIS_HOOK_PREINSTALL_ MessageBox MB_OK \"PreInstall\" !macroend\n\n!define NSIS_HOOK_POSTINSTALL \"NSIS_HOOK_POSTINSTALL_\" !macro NSIS_HOOK_POSTINSTALL_ MessageBox MB_OK \"PostInstall\" !macroend\n\n!define NSIS_HOOK_PREUNINSTALL \"NSIS_HOOK_PREUNINSTALL_\" !macro NSIS_HOOK_PREUNINSTALL_ MessageBox MB_OK \"PreUnInstall\" !macroend\n\n!define NSIS_HOOK_POSTUNINSTALL \"NSIS_HOOK_POSTUNINSTALL_\" !macro NSIS_HOOK_POSTUNINSTALL_ MessageBox MB_OK \"PostUninstall\" !macroend\n\n```",
"description": "A path to a `.nsh` file that contains special NSIS macros to be hooked into the\n main installer.nsi script.\n\n Supported hooks are:\n - `NSIS_HOOK_PREINSTALL`: This hook runs before copying files, setting registry key values and creating shortcuts.\n - `NSIS_HOOK_POSTINSTALL`: This hook runs after the installer has finished copying all files, setting the registry keys and created shortcuts.\n - `NSIS_HOOK_PREUNINSTALL`: This hook runs before removing any files, registry keys and shortcuts.\n - `NSIS_HOOK_POSTUNINSTALL`: This hook runs after files, registry keys and shortcuts have been removed.\n\n\n ### Example\n\n ```nsh\n !define NSIS_HOOK_PREINSTALL \"NSIS_HOOK_PREINSTALL_\"\n !macro NSIS_HOOK_PREINSTALL_\n MessageBox MB_OK \"PreInstall\"\n !macroend\n\n !define NSIS_HOOK_POSTINSTALL \"NSIS_HOOK_POSTINSTALL_\"\n !macro NSIS_HOOK_POSTINSTALL_\n MessageBox MB_OK \"PostInstall\"\n !macroend\n\n !define NSIS_HOOK_PREUNINSTALL \"NSIS_HOOK_PREUNINSTALL_\"\n !macro NSIS_HOOK_PREUNINSTALL_\n MessageBox MB_OK \"PreUnInstall\"\n !macroend\n\n !define NSIS_HOOK_POSTUNINSTALL \"NSIS_HOOK_POSTUNINSTALL_\"\n !macro NSIS_HOOK_POSTUNINSTALL_\n MessageBox MB_OK \"PostUninstall\"\n !macroend\n\n ```",
"type": [
"string",
"null"
@ -2327,14 +2327,14 @@
]
},
{
"description": "Install the app by default in the `Program Files` folder directory requires Administrator access for the installation.\n\nInstaller metadata will be saved under the `HKLM` registry path.",
"description": "Install the app by default in the `Program Files` folder directory requires Administrator\n access for the installation.\n\n Installer metadata will be saved under the `HKLM` registry path.",
"type": "string",
"enum": [
"perMachine"
]
},
{
"description": "Combines both modes and allows the user to choose at install time whether to install for the current user or per machine. Note that this mode will require Administrator access even if the user wants to install it for the current user only.\n\nInstaller metadata will be saved under the `HKLM` or `HKCU` registry path based on the user's choice.",
"description": "Combines both modes and allows the user to choose at install time\n whether to install for the current user or per machine. Note that this mode\n will require Administrator access even if the user wants to install it for the current user only.\n\n Installer metadata will be saved under the `HKLM` or `HKCU` registry path based on the user's choice.",
"type": "string",
"enum": [
"both"
@ -2423,7 +2423,7 @@
"type": "object",
"properties": {
"bundleMediaFramework": {
"description": "Include additional gstreamer dependencies needed for audio and video playback. This increases the bundle size by ~15-35MB depending on your build system.",
"description": "Include additional gstreamer dependencies needed for audio and video playback.\n This increases the bundle size by ~15-35MB depending on your build system.",
"default": false,
"type": "boolean"
},
@ -2498,14 +2498,14 @@
]
},
"priority": {
"description": "Change the priority of the Debian Package. By default, it is set to `optional`. Recognized Priorities as of now are : `required`, `important`, `standard`, `optional`, `extra`",
"description": "Change the priority of the Debian Package. By default, it is set to `optional`.\n Recognized Priorities as of now are : `required`, `important`, `standard`, `optional`, `extra`",
"type": [
"string",
"null"
]
},
"changelog": {
"description": "Path of the uncompressed Changelog file, to be stored at /usr/share/doc/package-name/changelog.gz. See https://www.debian.org/doc/debian-policy/ch-docs.html#changelog-files-and-release-notes",
"description": "Path of the uncompressed Changelog file, to be stored at /usr/share/doc/package-name/changelog.gz. See\n https://www.debian.org/doc/debian-policy/ch-docs.html#changelog-files-and-release-notes",
"type": [
"string",
"null"
@ -2519,28 +2519,28 @@
]
},
"preInstallScript": {
"description": "Path to script that will be executed before the package is unpacked. See https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html",
"description": "Path to script that will be executed before the package is unpacked. See\n https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html",
"type": [
"string",
"null"
]
},
"postInstallScript": {
"description": "Path to script that will be executed after the package is unpacked. See https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html",
"description": "Path to script that will be executed after the package is unpacked. See\n https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html",
"type": [
"string",
"null"
]
},
"preRemoveScript": {
"description": "Path to script that will be executed before the package is removed. See https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html",
"description": "Path to script that will be executed before the package is removed. See\n https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html",
"type": [
"string",
"null"
]
},
"postRemoveScript": {
"description": "Path to script that will be executed after the package is removed. See https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html",
"description": "Path to script that will be executed after the package is removed. See\n https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html",
"type": [
"string",
"null"
@ -2574,7 +2574,7 @@
}
},
"conflicts": {
"description": "The list of RPM dependencies your application conflicts with. They must not be present in order for the package to be installed.",
"description": "The list of RPM dependencies your application conflicts with. They must not be present\n in order for the package to be installed.",
"type": [
"array",
"null"
@ -2584,7 +2584,7 @@
}
},
"obsoletes": {
"description": "The list of RPM dependencies your application supersedes - if this package is installed, packages listed as “obsoletes” will be automatically removed (if they are present).",
"description": "The list of RPM dependencies your application supersedes - if this package is installed,\n packages listed as “obsoletes” will be automatically removed (if they are present).",
"type": [
"array",
"null"
@ -2621,28 +2621,28 @@
]
},
"preInstallScript": {
"description": "Path to script that will be executed before the package is unpacked. See http://ftp.rpm.org/max-rpm/s1-rpm-inside-scripts.html",
"description": "Path to script that will be executed before the package is unpacked. See\n http://ftp.rpm.org/max-rpm/s1-rpm-inside-scripts.html",
"type": [
"string",
"null"
]
},
"postInstallScript": {
"description": "Path to script that will be executed after the package is unpacked. See http://ftp.rpm.org/max-rpm/s1-rpm-inside-scripts.html",
"description": "Path to script that will be executed after the package is unpacked. See\n http://ftp.rpm.org/max-rpm/s1-rpm-inside-scripts.html",
"type": [
"string",
"null"
]
},
"preRemoveScript": {
"description": "Path to script that will be executed before the package is removed. See http://ftp.rpm.org/max-rpm/s1-rpm-inside-scripts.html",
"description": "Path to script that will be executed before the package is removed. See\n http://ftp.rpm.org/max-rpm/s1-rpm-inside-scripts.html",
"type": [
"string",
"null"
]
},
"postRemoveScript": {
"description": "Path to script that will be executed after the package is removed. See http://ftp.rpm.org/max-rpm/s1-rpm-inside-scripts.html",
"description": "Path to script that will be executed after the package is removed. See\n http://ftp.rpm.org/max-rpm/s1-rpm-inside-scripts.html",
"type": [
"string",
"null"
@ -2674,7 +2674,7 @@
}
},
"minimumSystemVersion": {
"description": "A version string indicating the minimum macOS X version that the bundled application supports. Defaults to `10.13`.\n\nSetting it to `null` completely removes the `LSMinimumSystemVersion` field on the bundle's `Info.plist` and the `MACOSX_DEPLOYMENT_TARGET` environment variable.\n\nAn empty string is considered an invalid value so the default value is used.",
"description": "A version string indicating the minimum macOS X version that the bundled application supports. Defaults to `10.13`.\n\n Setting it to `null` completely removes the `LSMinimumSystemVersion` field on the bundle's `Info.plist`\n and the `MACOSX_DEPLOYMENT_TARGET` environment variable.\n\n An empty string is considered an invalid value so the default value is used.",
"default": "10.13",
"type": [
"string",
@ -2682,7 +2682,7 @@
]
},
"exceptionDomain": {
"description": "Allows your application to communicate with the outside world. It should be a lowercase, without port and protocol domain name.",
"description": "Allows your application to communicate with the outside world.\n It should be a lowercase, without port and protocol domain name.",
"type": [
"string",
"null"
@ -2851,7 +2851,7 @@
"type": "object",
"properties": {
"developmentTeam": {
"description": "The development team. This value is required for iOS development because code signing is enforced. The `APPLE_DEVELOPMENT_TEAM` environment variable can be set to overwrite it.",
"description": "The development team. This value is required for iOS development because code signing is enforced.\n The `APPLE_DEVELOPMENT_TEAM` environment variable can be set to overwrite it.",
"type": [
"string",
"null"
@ -2865,14 +2865,14 @@
"type": "object",
"properties": {
"minSdkVersion": {
"description": "The minimum API level required for the application to run. The Android system will prevent the user from installing the application if the system's API level is lower than the value specified.",
"description": "The minimum API level required for the application to run.\n The Android system will prevent the user from installing the application if the system's API level is lower than the value specified.",
"default": 24,
"type": "integer",
"format": "uint32",
"minimum": 0.0
},
"versionCode": {
"description": "The version code of the application. It is limited to 2,100,000,000 as per Google Play Store requirements.\n\nBy default we use your configured version and perform the following math: versionCode = version.major * 1000000 + version.minor * 1000 + version.patch",
"description": "The version code of the application.\n It is limited to 2,100,000,000 as per Google Play Store requirements.\n\n By default we use your configured version and perform the following math:\n versionCode = version.major * 1000000 + version.minor * 1000 + version.patch",
"type": [
"integer",
"null"