Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@tauri-apps/api
Advanced tools
@tauri-apps/api is a collection of APIs for building desktop applications using web technologies. It provides a bridge between the frontend and the backend, allowing developers to interact with the operating system and native functionalities from a web-based interface.
Filesystem
The Filesystem API allows you to read and write files on the user's system. This can be useful for saving user data or configuration files.
const { readTextFile, writeFile } = require('@tauri-apps/api/fs');
async function readFile() {
const content = await readTextFile('path/to/file.txt');
console.log(content);
}
async function writeFile() {
await writeFile({ path: 'path/to/file.txt', contents: 'Hello, World!' });
}
Window
The Window API allows you to control the properties of the application window, such as its title and size. This can be useful for customizing the user interface.
const { appWindow } = require('@tauri-apps/api/window');
appWindow.setTitle('New Title');
appWindow.setSize({ width: 800, height: 600 });
Dialog
The Dialog API allows you to open native dialog windows, such as file open/save dialogs. This can be useful for getting user input or selecting files.
const { open } = require('@tauri-apps/api/dialog');
async function openFileDialog() {
const selected = await open({ multiple: true });
console.log(selected);
}
Notification
The Notification API allows you to send native notifications to the user's system. This can be useful for alerting users to important events or updates.
const { sendNotification } = require('@tauri-apps/api/notification');
sendNotification('Hello, this is a notification!');
Process
The Process API allows you to run system commands and interact with the operating system's shell. This can be useful for performing tasks that require system-level access.
const { Command } = require('@tauri-apps/api/shell');
async function runCommand() {
const command = new Command('echo', ['Hello, World!']);
const output = await command.execute();
console.log(output.stdout);
}
Electron is a framework for building cross-platform desktop applications with web technologies. It provides a rich set of APIs for interacting with the operating system, similar to @tauri-apps/api, but is generally heavier in terms of resource usage.
Component | Version |
---|---|
@tauri-apps/api |
Tauri is a polyglot and generic system that is very composable and allows engineers to make a wide variety of applications. It is used for building applications for Desktop Computers using a combination of Rust tools and HTML rendered in a Webview. Apps built with Tauri can ship with any number of pieces of an optional JS API / Rust API so that webviews can control the system via message passing. In fact, developers can extend the default API with their own functionality and bridge the Webview and Rust-based backend easily.
Tauri apps can have custom menus and have tray-type interfaces. They can be updated, and are managed by the user's operating system as expected. They are very small, because they use the system's webview. They do not ship a runtime, since the final binary is compiled from rust. This makes the reversing of Tauri apps not a trivial task.
This is a typescript library that creates cjs
and esm
JavaScript endpoints for you to import into your Frontend framework so that the Webview can call and listen to backend activity. We also ship the pure typescript, because for some frameworks this is more optimal. It uses the message passing of webviews to their hosts.
To learn more about the details of how all of these pieces fit together, please consult this ARCHITECTURE.md document.
The preferred method is to install this module locally as a dependency:
$ pnpm add @tauri-apps/api
$ yarn add @tauri-apps/api
$ npm add @tauri-apps/api
tauri is following Semantic Versioning 2.0.
Code: (c) 2019 - 2021 - The Tauri Programme within The Commons Conservancy.
MIT or MIT/Apache 2.0 where applicable.
Logo: CC-BY-NC-ND
FAQs
Tauri API definitions
The npm package @tauri-apps/api receives a total of 112,424 weekly downloads. As such, @tauri-apps/api popularity was classified as popular.
We found that @tauri-apps/api demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.