# [App Name] ยท Tauri desktop A cross-platform desktop app. Rust core, web frontend. Native installers. Local-first by default. ## Source of truth GitHub. Releases are git tags. CI builds + code-signs + notarizes for mac/win/linux on every tag and uploads to GitHub Releases. Auto-update via Tauri's updater plugin. ## Tech stack Tauri 2 + Rust 1.84+ + Vite 6 + React 19 + TypeScript. Tailwind v4 for styling. SQLite (via `tauri-plugin-sql`) for local persistence. Optional cloud sync via your own backend or Cloudflare R2. ## Deploy - Dev: `npm run tauri dev` (hot reload for frontend, rebuild Rust on change) - Build: `npm run tauri build` (produces signed installers in `src-tauri/target/release/bundle/`) - Release: push a `v0.x.x` tag; GitHub Actions builds for all three platforms + uploads installers ## File map - `src/` Vite + React frontend (web) - `src-tauri/src/main.rs` Rust entrypoint, commands, state - `src-tauri/src/commands/` Tauri command modules (callable from JS via `invoke`) - `src-tauri/tauri.conf.json` app config: identifier, version, bundle, updater - `src-tauri/capabilities/` permission scoping for `fs`, `http`, `dialog`, etc. - `.github/workflows/release.yml` cross-platform CI build matrix - `src-tauri/icons/` 32x32, 128x128, 256x256, ICO, ICNS ## .env keys - `TAURI_PRIVATE_KEY` updater signing key (set in GH Actions secrets, NEVER committed) - `TAURI_KEY_PASSWORD` updater key password - `APPLE_CERTIFICATE`, `APPLE_CERTIFICATE_PASSWORD`, `APPLE_SIGNING_IDENTITY` (mac signing) - `APPLE_ID`, `APPLE_PASSWORD`, `APPLE_TEAM_ID` (mac notarization) - `WINDOWS_CERTIFICATE`, `WINDOWS_CERTIFICATE_PASSWORD` (win signing) ## Hard rules - Tauri 2 capability system is opt-in. Declare every filesystem path, HTTP host, and shell command in `src-tauri/capabilities/`. Default-deny. - Heavy work happens in Rust commands, NOT in the frontend. JS is the UI; Rust is the engine. - IPC payloads are typed via `serde::Serialize/Deserialize`. Generate TS types from Rust with `specta` or `ts-rs`. - Updater is signed by your private key. Lose that key and you can't ship updates. - macOS notarization is required for distribution outside the App Store. Set it up in CI before your first public release. - App identifier (`com.yourcompany.yourapp`) is forever. Don't change it after release; updates break. ## Recent significant changes - 2026-05-16: Scaffolded. Locked: Tauri 2 over Electron (binary size, memory, security model), Vite + React over Solid (audience familiarity), SQLite over IndexedDB (Rust ecosystem maturity). ## Next session: start here 1. Update `src-tauri/tauri.conf.json`: identifier, name, version, productName. 2. Generate icons with `npx @tauri-apps/cli icon ./path/to/your-icon.png`. 3. `npm run tauri dev` to test locally. Check it opens, has a menu, hot-reloads. 4. Implement first Rust command. Wire it from the frontend via `invoke`. 5. Set up GitHub Actions release workflow. Test by tagging `v0.0.1`. Verify all three platform binaries.