@@ -20,6 +20,16 @@
Docs
+
+
+ Book
+
+
+
+
+ API
+
+ Quick Start
diff --git a/docs-generator/src/index.template.html b/docs-generator/src/index.template.html
index 5e21f78..ad20469 100644
--- a/docs-generator/src/index.template.html
+++ b/docs-generator/src/index.template.html
@@ -20,7 +20,7 @@
-
+
@@ -28,6 +28,15 @@
+
diff --git a/docs-generator/src/markdown/api.md b/docs-generator/src/markdown/api.md
index 6a2f483..8132111 100644
--- a/docs-generator/src/markdown/api.md
+++ b/docs-generator/src/markdown/api.md
@@ -1,17 +1,112 @@
The Tauri API
```
-whitelist: { // all whitelist values are default:false
- all: false, // use this flag to enable all API features
- answer: false, // enable rust to direct the UI
- bridge: false, // enable Quasar Bridge
- event: false, // enable binding to message
- execute: false, // enable application execution
- listFiles: false, // list files in a directory
- open: false, // open link in a browser
- readBinaryFile: false, // read binary file from local filesystem
- readTextFile: false, // read text file from local filesystem
- setTitle: false, // set the window title
- writeFile: false // write file to local filesystem
+whitelist: { // all whitelist values are default:false
+ all: false, // use this flag to enable all API features
+ answer: false, // enable rust to direct the UI
+ bridge: false, // enable Tauri Bridge
+ event: false, // enable binding to message
+ execute: false, // enable application execution
+ listFiles: false, // list files in a directory
+ open: false, // open link in a browser
+ readBinaryFile: false, // read binary file from local filesystem
+ readTextFile: false, // read text file from local filesystem
+ setTitle: false, // set the window title
+ writeFile: false // write file to local filesystem
},
```
+
+## Custom commands
+
+Rig your command in `src-tauri/src/cmd.rs` and define it in `src-tauri/src/main.rs`
+### Rust
+
+
+
+If your command is defined in rust as `MyCustomCommand`, you must use `myCustomCommand` in JS.
+
+### ES
+```js
+tauri.invoke({ cmd: 'myCustomCommand', argument: 'thing' })
+```
+Calling this will write the word 'thing' in the Rust console in a Vanilla Tauri app.
+
+## Promise response
+```js
+const response = await tauri.promisified({ cmd: 'myCustomCommand', argument: 'thing' })
+```
+
+
+## Response listener
+If you expect an event, but don't know when, you can add an event listener. This way, when Rust finishes working it merely needs to emit the handle being expected and then your code can react to that.
+
+```js
+// Keep listening
+tauri.addEventListener('key-generated', res => {
+ console.table(res.payload.publicKey)
+})
+```
+
+```js
+// Just listen for one event only.
+tauri.addEventListener('key-generated', res => {
+ console.table(res.payload.publicKey)
+}, true)
+```
+
+## Event
+Here is a `src-tauri/main.rs` file that uses the Event API to rig Rust to listen for an event named `hello`, it then puts that in a `Reply` struct and passes the stringified struct back the WebView as a JSON object as an event `reply`. If you need a more performant version of this, consider using the `Bridge`.
+
+```rust
+// rustlang
+fn main() {
+ tauri::AppBuilder::new()
+ .invoke_handler(|_webview, arg| {
+ use cmd::Cmd::*;
+ let handle = _webview.handle();
+ tauri::event::listen("hello", |msg| {
+
+ #[derive(Serialize)]
+ pub struct Reply {
+ pub msg: String,
+ pub rep: String
+ }
+
+ let reply = Reply {
+ msg: format!("{}", msg).to_string(),
+ rep: "something else".to_string()
+ };
+
+ tauri::event::emit(handle, "reply", serde_json::to_string(&reply).unwrap());
+
+ println!("Message from emit:hello => {}", msg);
+ })
+ .build()
+ .run();
+ }
+});
+```
+
+On the WebView side, your code can look like this:
+```js
+eventToRust () {
+ tauri.emit('hello', this.entry)
+}
+// set up an event listener
+
+tauri.addEventListener('reply', res => {
+ console.table(res)
+ this.entry = res.payload.msg
+})
+```
+
+But as long as `event: true` is set in `tauri.conf.js`, you can always emit from any part of your code. Here are a few more examples of things you can do:
+```rust
+tauri::event::emit(handle, "reply", serde_json::to_string(&reply).unwrap());
+tauri::event::emit(handle, "reply", "{'msg': 'changed by rust emit'}".to_string());
+tauri::event::emit(handle, "reply", "eval(alert('you really should know better'))".to_string());
+```
+
+::: warning
+Because of the way that this injection works, events can be very difficult to trace and may fail silently.
+:::
diff --git a/docs-generator/src/markdown/book.md b/docs-generator/src/markdown/book.md
new file mode 100644
index 0000000..76b8332
--- /dev/null
+++ b/docs-generator/src/markdown/book.md
@@ -0,0 +1,294 @@
+## Get the Book
+::: info Tauri: From Theory to Practice
+Architecting Next-Gen Native-Apps for all Platforms [v1:Rust Edition]
+Author: Daniel Thompson-Yvetot
+Publisher: TBD
+Release: late 2020
+:::
+
+### tl;dr;
+Visit https://opencollective.com/tauri and preorder your copy of the book today. Your donation will support the ongoing development of Tauri, and you will receive advance digital pdf's for your review as chapters are completed. The final book will ship concurrently with the release of 1.0.0 stable.
+
+If you donote 10 USD / month to Tauri, you will get the advance PDF versions as soon as they are released.
+If you just want to donate once, One time donation: 15 USD for pdf and ebook, 30 USD for print version and pdf, 40 USD for all three.
+
+### Introduction
+In 2020, the manufacture of native-apps has become easier and more accessible than ever before. All the same, beginners and seasoned developers alike are confronted with tough choices in a rapidly changing landscape of security and privacy. This is especially true in the semi-trusted environment of user devices.
+
+Tauri takes the guesswork out of the equation, as it was designed from the ground up to embrace new paradigms of secure development and creative flexibility that leverage the language features of Rust and lets you build an app using any frontend framework you like. Find out how you can design, build, audit and deploy tiny, fast, robust, and secure native applications for the major Desktop and Mobile platforms, all from the exact same codebase and in record time - without even needing to know the Rust programming language.
+
+Author Daniel THOMPSON-YVETOT, the principal architect and primary security engineer behind Tauri takes you on a journey from theory to execution, during which you will learn why Tauri was built and how it works under the hood. Together with guest personalities that specialize in OpenSource, DevOps, Security and Enterprise Architecture, this book also presents discourse-formated philosophical discussions and open-source sustainability viewpoints from which your next-gen apps will profit and your users will benefit.
+
+In this book you will follow the author in the iterative evolution of a real project from conception to distribution - all with commentary, complete code resources, built, and packaged Native Apps for reference and staged Capture the Flag (CTF) challenges that progress in difficulty as your comprehension of the system grows.
+
+### About the Topic
+Tauri is a brand new way to make cross-platform native-apps for web, desktop and mobile. At this very moment, the pre-alpha version of this MIT licensed community-based software is being prepared for public release: https://github.com/tauri-apps/tauri
+
+Tauri introduces novel methods for Webview integration and innovative patterns for robust threat evasion. The 1.0 release will ship with a multipurpose white-box analyzer and decompiler for any kind of binary and an integrated CLI for ingesting any type of html; which, when combined, provides developers and security teams with a holistic platform that has never existed as a single unit before.
+
+Tauri bridges communities and opens up new opportunities for everyone from the front end developer all the way to the low-level security and network administrators. Due to this level of complexity and robustness, it is important to publish a reference guide that will necessarily be updated as major versions are released.
+
+### What you will learn
+By the end of this book you will understand:
+- The method and reasoning behind the design of Tauri
+- The options you have when building with Tauri
+- That having a moral compass is possible in software development
+- Why the Rust language makes the most sense as a binding and application layer
+- Why Electron, Cordova, React Native, Capacitor and others are no longer the best choice
+- Why a binary review is important
+
+And you will be able to:
+- Transform a simple website project into a Tauri Native-App
+- Make a variety of Tauri Application Types based on the main Patterns
+- Decompile and analyze your App for Security Issues
+- Publish your App to a variety of App Stores
+- Read and write Rust code
+
+### Stuff you'll get if you preorder
+- Access to a real App built for all platforms available at respective stores (that includes CTF Flags).
+- Exclusive One-Pager cheat sheets made available for each section of the book, including the Appendices.
+- Early access to videos / webcasts.
+- Discounted participation in the “Capture the Flag” event hosted at the launch of the book.
+
+## Outline
+### Chapter 1 - Theory
+(ca. 50 pages - mostly conversational / technical, graphics)
+```
+ 1. Security Starts with You
+ 2. Privacy Ends with ${you}
+ 3. Languages, Dialects and Patterns
+ 4. Toolchains and Syntactic Sugar
+ 5. Production Methodologies
+ 6. Enterprise Readiness
+ 7. Message Queueing
+ 8. Embracing Chaos
+ 9. Distribution Techniques
+10. Licensing Strategies
+```
+
+### Chapter 2 - Practice
+(ca. 130 pages w/ charts, screenshots, code samples)
+
+```
+ 1. Environment Prerequisites
+ - Node, Npm, Yarn, Rustc, Rustup, Buildtools
+ 2. Development Platform Details
+ - MacOS
+ - Windows
+ - Linux
+ - Docker
+ - Virtual Machines
+ - CI / CD
+ 3. Tauri Introduction
+ 4. Tauri Anatomy
+ 5. Tauri Configuration
+ - Files & Folders
+ - Icons
+ - Splash Screens
+ - Window
+ - `tauri.conf.js`
+ 6. Preparing your code
+ - Transpile dynamic imports
+ - Remove webpack chunking
+ - Monolithic Files
+ - Minification strategies
+ 7. Tauri API
+ - Design Considerations
+ - API Usage Patterns
+ - Custom API Functions
+ - Endpoints
+ - All
+ - Answer
+ - Bridge
+ - Event
+ - Execute
+ - List Files
+ - Open
+ - Read Binary File
+ - Read Text File
+ - Set Title
+ - Window
+ - Write File
+ 8. Web APIs
+ 9. Tauri App Extensions
+ - Anatomy
+ - Flow
+ - Registration
+ - Publication
+ - API
+10. Taskbar Integration (Desktop Only)
+ - Anatomy
+ - Integrations
+ - MacOS
+ - Windows
+ - Linux
+11. Security Features
+ - Baseline Rust Features
+ - Functional Address Space Layout Randomization (fASLR)
+ - Ahead of Time (AoT) Compilation
+ - Content Security Policy (CSP)
+ - One Time Pads (OTP)
+ - Embedded Server: False
+ - API Tree-Shaking
+ - Matryoschkasumming (with Tauri-Frida)
+12. Bridges and Brokers
+ - Bridge Patterns
+ - Message hashing with OTP
+ - Plugin Pattern
+ - Kamikaze Function Injection (KFI) Closures
+13. Building
+ - Debugging
+ - Packaging
+ - Minification
+ - Distribution Platform Details
+ - MacOS (.app / .dmg)
+ - Win (.exe / .msi)
+ - Linux Arm64 (.appImage / .deb)
+ - Linux x64 (.appImage / .deb)
+ - iOS (.ipa)
+ - Android (.apk)
+ - PWA Website (with wasm)
+ - Code Signing
+ - Keystores
+ - Certs
+ - Fingerprints
+ - Providing License for End Users
+ - Providers
+ - Keys Files
+ - Self-Updater
+ - Anatomy
+ - Service Provisioning
+ - Github
+ - AWS
+ - Homegrown
+ - Cross-Platform Bundler
+14. Tauri-Frida Harness
+ - Introduction to Reverse Engineering
+ - Toolchain
+ - Usage
+ - Binary Hooking at Runtime
+ - Pointer Evaluation
+ - Spraying, Fuzzing, Spoofing
+ - Report Generation
+ - Recompilation
+ - Post-Binary Analysis
+15. Distribution
+ - Git
+ - Mac Store
+ - iOS Store
+ - Play store
+ - Windows Store
+ - Snap Store
+ - PureOS Store
+ - .deb channels
+ - .tar.gz
+ - homebrew
+ - Fdroid
+ - Cydia
+ - ChromeOS
+ - WASM
+```
+
+### Chapter 3 - Philosophical Discourses
+(ca. 40 pages of essays, some graphics)
+```
+1. Rights and Responsibilities (with Robin van Boven (SFOSC))
+ - Who You are Responsible To
+ - Being a Vendor Comes with Duties
+ - Ubiquitous Resources are Still Precious
+ - Use Policy to Address Responsibilities
+ - Take a Hippocratic Development Oath
+2. Take a More Secure Stance (with Liran Tal (SNYK))
+ - Security Benefits of Frameworks
+ - Encrypt All the Things, All the Time
+ - Constantly Audit Project Dependencies
+ - Harden Yourself, Your Organization and Your Ecosystem
+ - “Do What You Can Until You Run Out of Time.” - [ROBERT C. SEACORD](http://bit.ly/ep35robertseacord)
+3. Production Strategies for Sustainability (with Rhys Parry (Independent))
+ - Develop in the “Perfect” Environment
+ - Minimal Impact for Existing Enterprise Architectures
+ - Use Low-Barrier Tools for Ensuring Wholestack Security
+ - Test the Right Things Intelligently
+ - Post-Binary Analysis and Redistribution - The Last Mile
+```
+
+### Chapter 4 - Execution
+(ca. 100 pages w/ code examples, screenshots, graphics)
+```
+1. Base Pattern Evolution
+ - Hermit
+ - Bridge
+ - Cloudish
+ - Cloudbridge
+ - Kamikaze
+ - Multiwin
+ - GLUI
+2. Advanced Patterns
+ - Cryptographic Enclave
+ - Identity Management
+ - Combine an App with a Daemon
+ - IPC / RPC
+ - Integrate with DENO
+3. UI Source Complilation
+ - React
+ - Vue
+ - Angular
+ - Svelte
+ - Gatsby
+4. Building a Real App
+ - Multiparty Password Manager
+ - Design
+ - Prototyping
+ - Testing
+ - Debugging
+ - Packaging
+ - Checksumming
+5. Tauri-Frida
+ - White Box Reversing
+ - Analyzing with Frida
+ - Chaos Experiments
+ - Interface Jacking
+ - Disk Change
+ - Latency
+ - Process Kill
+ - CPU Throttle
+ - Static Analysis Reporting
+ - Binary Repackaging
+ - Inject License Keys
+ - Clear Dead Codepoints
+ - Recalculate integrated checksum
+6. Publishing the App
+ - Git
+ - Mac Store
+ - iOS Store
+ - Play store
+ - Windows Store
+ - Snap Store
+ - PureOS Store
+ - .deb channels
+ - .tar.gz
+ - homebrew
+ - Fdroid
+ - Cydia
+ - ChromeOS
+ - WASM
+7. Publishing an Update
+```
+
+### Chapter 5 - Appendices
+(ca. 120 pages)
+```
+ 1. Configuration Options
+ 2. Files and Repositories
+ 3. Tauri CLI references
+ 4. Tauri API references
+ 5. Important ES6 References
+ 6. Important Rust References
+ 7. App Pattern Charts
+ 8. Tauri-Frida Reference
+ 9. Glossary
+10. Index
+```
+
+## Errata
+Got something that you think should be in the book? Reach out to us and let us know!
diff --git a/docs-generator/src/markdown/quickstart.md b/docs-generator/src/markdown/quickstart.md
index 4307d27..7f51ed1 100644
--- a/docs-generator/src/markdown/quickstart.md
+++ b/docs-generator/src/markdown/quickstart.md
@@ -13,11 +13,25 @@ After tauri has compiled its rust resources, look in the `src-tauri/target/relea
## Add Rust and Build Toolchain
### Windows 64 or 32 bit
-You will need to have Visual Studio and windows-build-tools installed.
-First you should [download](https://aka.ms/buildtools) and install Visual Studio.
+> If you've never installed any of this,
- $ npm install --global windows-build-tools
+First you should [download](https://aka.ms/buildtools) and install Visual Studio MSBuild Tools and C++ build tools.
+
+> This is a big download (over 1GB) and takes the most time
+
+Chocolatey is a great package manager for Windows. Follow these [these official instructions](https://chocolatey.org/install), or just do this:
+
+Then install [nvm-windows](https://github.com/coreybutler/nvm-windows)
+Then install Chocolatey
+
+ # BE SURE YOU ARE IN AN ADMINISTRATIVE PowerShell!
+ > nvm install 10.16.3
+ > nvm use 10.16.3
+ > Set-ExecutionPolicy Bypass -Scope Process -Force; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
+ > choco install yarn
+ >
+
If you are running Windows 64-bit, download and run [rustup‑init.exe](https://win.rustup.rs/x86_64) and then follow the onscreen instructions.
diff --git a/docs-generator/src/pages/Book.vue b/docs-generator/src/pages/Book.vue
new file mode 100644
index 0000000..95927b6
--- /dev/null
+++ b/docs-generator/src/pages/Book.vue
@@ -0,0 +1,57 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/docs-generator/src/pages/Landing.vue b/docs-generator/src/pages/Landing.vue
index f904427..1f29f19 100644
--- a/docs-generator/src/pages/Landing.vue
+++ b/docs-generator/src/pages/Landing.vue
@@ -22,6 +22,13 @@
+
+
+
+> I never understood why HTML/JS etc. should not be separated from rust and processed into a separate area. All frameworks I tested and tried always wanted to squeeze the HTML or design area IN Rust. What if I have a UI team and a backend team? With Tauri it's incredibly easy, I can separate the UI from the code and the frontend developers don't even have to know Rust. - **PeShor**
+
+