Tauri 2.0 Release Candidate(v2.tauri.app) |
Tauri 2.0 Release Candidate(v2.tauri.app) |
Consider adding something more informative than 'Hardened foundation for your web apps', and maybe an 'About' page.
> What is Tauri?
> Tauri is a framework for building tiny, fast binaries for all major desktop and mobile platforms. Developers can integrate any frontend framework that compiles to HTML, JavaScript, and CSS for building their user experience while leveraging languages such as Rust, Swift, and Kotlin for backend logic when needed.
This ought to be on the front page.
> Hardened foundation for your web apps
The honest description is : smaller faster electron for macos/win/linux/android/ios - written in rust using the OS provided web browser component for tiny binaries. The Tauri developer's focus on security in their marketing is genuine (they have paid for audits) but a little incongruous given what most of it's users want from it which is just a cross-platform UI and/or with a great rust experience.
I have really been enjoying v2 with Leptos with no problems. Ironically the only tricky bit has been setting up permissions for various types of system access (docs are not quite there) but it was simple and made sense once I saw how to do it. I expected a bad experience from the Linux OS web component but it's been excellent in terms of both performance and support on Ubuntu 22.04. The way Tauri can package your app as a .deb or .apk was crazy simple which I also did not expect.
> (Toolkit/Framework) for building cross-platform desktop application using web technologies. Focused on efficiency, security, and size.
My app (very beta) https://meshly.cloud
I wouldn't say the team has been very helpful though. I think I've asked 2 questions on their discord channel. The first the response wasn't unfriendly but they clearly didn't read my message about what I'd already tried and it was along the lines of "just do this as documented here" which was in the message. The second time nobody replied. I self replied with my solutions but no one seemed interested, so it didn't feel like much of a community to start engaging more with.
The testing situation isn't very good. They have an unstable webdriver to try. My existing web code was already covered with playwright tests. I ended up writing a websocket layer to pass all the events and commands to a browser so playwright could drive the browser as if it were a tauri window. I'm happy that I can exercise the whole codebase and share tests between the web app and tauri app, but it's not a great solution. If I were a company making money rather than one person doing a side project I'd love to contribute to the test tooling.
I was just about to start doing something like this as well for end-to-end testing. Do you have that on Github or be willing to share more about your approach?
Otherwise good progress, happy to see it!
After running the migrate tool (via `bun run tauri migrate`) at the end of the guide, I needed to do the following things to get complete it migration.
- the migrate tool ran rust format on my backend code - which I was not using at that point - and it changed my preferred to 2 spaces to 4, so I joined the rustfmt bandwagon and created a config file with my preferred settings
- run `cargo update` to get the new package versions
- modify `tauri.conf.json` as the structure changed, eg. `fileDropEnabled` -> `dragDropEnabled`
- change some imports, as the functions from client api were moved, this was straightforward
- add the plugins `updater` and `dialog` as that functionality has moved from the core to plugins
- change the code that handles the auto-updating, as the api changed as well, but for the better
- the only thing that tripped me up, was that re-building the project didnt't work due to an colliding filename error, but I found a closed issue at their https://github.com/tauri-apps/tauri/issues/10192 which pointed me towards removing `rlib` from the crate-type, which solved that issue.
All in all quite a smooth experience, was done in an 1-2 hours or something, not sure.
Does anyone have a solution to this? Would love to use Tauri as a desktop server and create the WebView. But do I just use ffi for every single class/module/function?
Or does anyone know a more elegant solution to bridge the gap of making a native desktop experience while still leveraging the years of python drivers that have been built up
Is there an hybrid way to deliver with tauri on macos and windows, but electron in linux?
So you could have multiple Tauri apps that all use the same Chromium under-the-hood (this also has benefits that security is maintained better, as it is no longer the responsibility of individual app developers to keep a bundled Chromium up-to-date).
And then if they wanted to, app developers could disable the fallback entirely, so if you don't have that Chromium package installed you just get an error message saying "please install this package". As this is linux we're talking about, I doubt that would be a very onerous demand for these users.
Seem _very_ early days so who knows if it will have legs.
> Dioxus is a Rust library for building apps that run on desktop, web, mobile, and more.
(Dioxus uses Tauri)
Using OS WebViews, you also get the added bonus of security updates which you get for "free" with OS updates (otherwise you have to handle these yourself). There have been some RCE exploits in Electron, so it's something you need to keep an eye out for.
Our application is complex I will give you that, but it isnt just that. Say you want to use WASM you have to check which macos versions you want to support and check the oldest possible webview (it doesn't get updated at the same time as safari), check which subset of WASM that supported, etc. It really is a nightmare of subtitle bugs that are hard and time consuming to reproduce.
OS webviews in our findings have a way worse update cycle than us shipping a new version of the app.
There's also various UX differences in webviews.
It's all fine though, I'd rather have multiple webviews over a bloated app. Used to developing for multiple environments anyways.
They started working on 2.0 with the docs for v1 in a 10% state. I mostly searched through discord threads for tidbits. It was painful.
Expect the documentation for 2.0 to be at 5% for years.
The answer is that Electron forces you to carry a whole Chrome installation around, which is unnecessarily heavy, and (AIUI) you have a node.js backend giving you the means to touch the actual OS, whereas Tauri lets you write Rust (YMMV as to whether that's an advantage). Both Tauri and Electron let you use a web-based interface instead of mucking about with native widgets, which are a pain for cross-platform development.
- File System (Obsidian, Logseq)
- Push Notifications (IM, Social Media, Email)
- USB/Bluetooth (Doesn't work in Safari?)
- Global Hotkeys (Raycast)
- Interfacing with other local Apps (localhost is often blocked)
It’s also something that came about from when web apps on desktop/PWA didn’t have nearly as much reach. With e.g modern macOS support for PWAs you might be able to get away with just the web app now, depending on your target customer.
You can do a lot of things in the browser, but usually it's limited (mainly for security reasons). Having it be an app allows you to better integrate with the OS.
An end-user can continue to use your electron/tauri app for years after a website has long since vanished into the infinite void.
But vunderba you think to yourself and also how did I know what you were thinking just call me the amazing kreskin, "what about a PWA? - you can use that off-line".
PWAs give the deceptive illusion to the laymen that they're installing an actual application as opposed to just a bunch of ephemeral stuff thrown inside the user data folder of the respective browser.
There really isn't a good reason for webviews or electron/tauri that I can tell? Why some people love love love native apps, to the extent they'd rather a dressed up webapps is confusing to me. If it's already a webapps, hell yeah give me the user-agency of extensions, browser history, tabs, back buttons, and hyperlinks or give me death! Anything but the power-stripping captive-audience of native apps!
It would be much better to package your app as a small daemon that hosts a localhost webserver. The daemon can talk to all the system APIs it needs to. Add a desktop icon or shortcut that opens the localhost webpage. The daemon can present just a regular HTML hypertext webapps as usual, so all the usual bits of user-agency can slot into the overall experience.
Theres a lot of usenet-related apps that work like this, that run as daemons, and have web interfaces. Sunshine game streaming too.
It's be great to have some massively multi-platform http-headed app frameworks! That does seem semi missing, especially wrt mobile integration.
It just turns out due to historical reasons, in 2024, "the web" has the most easy-to-get-running cross platform UX system available, where you can produce an icon that people click, and it opens the app. That's basically the long and short of it.
At the end of the day most of the stuff you mentioned doesn't matter because these are, from the beginning, designed as applications that use the web as a way to deliver UI more than anything. Things you mention like back buttons (requiring you to design around stateless hypertext APIs rather than what would be local RPC, and which may be better handled inside the system anyway with e.g. its own undo system) or "browser history" either have large design consequences, or just don't make any sense at all.
To be clear, it's very useful in some cases to have the design you describe (true client/server architecture), and underneath it all Tauri does something like that. But it alone can't fulfill all the use cases something like Tauri or Electron aim to.
> The daemon can talk to all the system APIs it needs to.
That's not the problem, it's the impact on the downstream design, like the fact such a daemon can't cleanly interact with the native windowing context of the (existing) browser or operating system without duplication. You cannot add a proper system menu bar or global shortcuts to the design you described in any way that won't either be sucky and fiddly, or just outright reimplementing what Tauri already does anyway. Or consider alt tabbing and wanting to dial in on a specific app window. There are tons of small things like this that do not work.
I also do file system stuff, and I'm not sure why you would even try doing this from JS when you literally have rust at your fingertips (for example, I use the `native_dialog` crate). Just seems kind of anti-pattern-ish, as JS is not really supposed to have any business logic: it's purely a front-end.
I use OPFS on web for the SQLite database store. But yes, I will be writing an adapter using Taurus SQLite plugin to solve this in the long term.
Not a huge issue, and wasn't going to be long term anyway, but it did make it go from "you can release this now" to "oh shoot it works everywhere but on mac, now go write an adapter to this 2.0 sqlite plugin with limited docs"
And there's perfectly fine reasons to use OPFS in Tauri, it's a sandboxed file system. You may not want to deal with the native filesystem for security purposes (yes Tauri has permissions, but not sandboxing after-the-fact)
As for WinUI 3, apps are supposed to bundle it, so if you target Windows 11 and run the app on Windows 10, it'll look all rounded and drop-shadowy instead of flat like native Windows 10 apps. Great stuff.
Not even portable Web code, they rather ship a copy of Chrome, and then complain Google has taken over the Web.
It seems so inferior to have the same thing but lose access to the browser's suite of tools/capabilities. What could possibly change other people's opinion or what should I use to reconsider my perspective?
I’m talking from a position of “I have an app that I want to distribute to a population of end users.” If that population happens to be technical your solution would likely work fine. As well if you’re not distributing apps to end users you can do what’s right for you. But if you are you have to meet your users where they’re at.
As well operating outside of the browser has the advantage of OS integration (tray access, alt tab support, etc).
Clearly not true.
Sonarr and Radarr for example installs like a normal app. Then sits in the system tray. If click the system tray, most options inside launch a web browser that brings you to the localhost webapp. https://sonarr.tv/
People seem to assume this would be a hard to handle thing, but you can easily applicationize your local web services. And your local web service daemon can expose things like a system tray, to afford some classic manageability.
This kind of makes it way more lightweight but only in some situations (obv. heavily depending on the functionality of the app).
I used tauri so I could easily make that cross-platform toolbar app.
Some menu items spawn a webview (things like settings), everything else is in Rust.
Explicitly removing the browser capabilities/tools is a feature imo. i.e to hide the moving parts.
Within a browser, the average low tech users may:
- ...install extensions(ad blockers? dark reader?) that interfere with the app in some way.
- ...mess with the back/forward buttons ,corrupting the router/ui state, or just get very curious why the back button kicks them back to the last page instead of closing a fullscreen modal.
- ...bookmark SPA js-driven pages where the ui state is not fully saved in the address bar(via query params, hashes, etc) and surprisingly find them broken/not working as intended when accessing the bookmark again.
- ...try to copy and send the "localhost" link to their friends and complain.(Hold on to your papers - I've seen this behavior at my workplace!)
All of those will generate complains, useless bug reports and sometimes negative reviews. While some (if not most) of the problems can be solved with great software design and extra care, I think solving these problems comes at a cost that can be very well avoided by simply removing these capabilities.
Using WASM, unless you're doing it for some really good reasons, seems like overkill for essentially a front-end layer. I think of the WebView in a Electron/Tauri app as comparable to the Qt Framework. It's not supposed to do any heavy lifting, and trying to do heavy lifting in JS suggests a mis-architecting of the app.
Unless you're just making blogs and content pages, it's just part of writing web apps now
It hardly adds anything in performance if there are too many DOM interactions, and if the performance need is due to compute, all modern computers have a GPU.
Personally I think the ideal scenario would be allowing developers a choice between: 1. Use the native OS renderer 2. Bundle a specific version of some renderer (most likely Chrome) 3. Use a shared library for the renderer (this gets a little trickier with sandbox-based security models, but allows Tauri to ship a renderer without ballooning the bundle size of each individual app)
As a user, I'd be happy with a combo of #1 and #2. Use the native OS renderer by default, but allow me to install a "known good" renderer if I run into problems. Since it sounds like MacOS and Windows both ship better native web renderers than Linux this would likely be an option mostly used by Linux users, who are on average more willing to poke around in the settings to enable a compatibility option.
That makes them also use less memory etc.
On the other hand, if you can work around browser incompatibilities then Tauri will give you a much less wasteful app.
Choose the right tool for your use case.
Another consideration is that any webview<->native bridge is going to impose some kind of bridge toll in the form of serialization and message passing (memcopy) overhead. You can call into WASM from JS synchronously, and share memory between JS and WASM without copying. Sync calls from webview to Tauri native code doesn’t appear to be possible according to https://github.com/tauri-apps/wry/issues/454
Finally, security posture of native code running in the main process is quite different from WASM code in the webview. I maintain a WASM build of QuickJS and I would never run untrusted JS in real native QuickJS, whereas I think it’s probably safe enough to run untrusted JS in QuickJS inside a WASM container