chore(deps): update typescript-eslint monorepo to v8.61.1

docs(log): some builder methods and defaults (#3460 )
* docs(log): some builder methods and defaults * Too much copy pastes * Merge branch 'v2' into log-docs
2026-06-20 14:50:07 +02:00 · 2026-06-18 20:31:17 +00:00 · 2026-06-17 18:38:28 +08:00 · 2026-06-17 16:25:24 +08:00 · 2026-06-16 11:18:07 +08:00 · 2026-06-15 10:08:31 +02:00
250 changed files with 7692 additions and 2616 deletions
@@ -0,0 +1,6 @@
+---
+"log": minor:feat
+"log-js": minor
+---
+
+Added the `FileOpenStrategy` for log rotation. It defaults to append into existing file if any (previous behaviour), and brings a new feature to create a new file per session: `FileOpenStrategy::Rotate`. 
@@ -0,0 +1,6 @@
+---
+positioner: patch
+positioner-js: patch
+---
+
+Replaced a panic in `calculate_position` with an error return when the window has no associated monitor (e.g. during display sleep or monitor reconfiguration).
@@ -0,0 +1,6 @@
+---
+"log": patch
+"log-js": patch
+---
+
+Removed an unused dependency `byte-unit`.
@@ -19,7 +19,7 @@ tauri-utils = "2.8"
 serde_json = "1"
 thiserror = "2"
 url = "2"
-schemars = "1"
+schemars = "0.8"
 dunce = "1"
 specta = "^2.0.0-rc.16"
 glob = "0.3"
@@ -39,9 +39,3 @@ codegen-units = 1
 lto = true
 incremental = false
 opt-level = "s"
-
-[patch.crates-io]
-tauri = { git = "https://github.com/tauri-apps/tauri.git", tag = "tauri-cef-v3.0.0-alpha.9" }
-tauri-utils = { git = "https://github.com/tauri-apps/tauri.git", tag = "tauri-cef-v3.0.0-alpha.9" }
-tauri-plugin = { git = "https://github.com/tauri-apps/tauri.git", tag = "tauri-cef-v3.0.0-alpha.9" }
-tauri-build = { git = "https://github.com/tauri-apps/tauri.git", tag = "tauri-cef-v3.0.0-alpha.9" }
@@ -1,5 +1,12 @@
 # Changelog

+## \[2.0.40]
+
+### Dependencies
+
+- Upgraded to `barcode-scanner-js@2.4.5`
+- Upgraded to `global-shortcut-js@2.3.2`
+
 ## \[2.0.39]

 ### Dependencies
@@ -1,7 +1,7 @@
 {
  "name": "api",
  "private": true,
-  "version": "2.0.39",
+  "version": "2.0.40",
  "type": "module",
  "scripts": {
    "dev": "vite --clearScreen false",
@@ -11,14 +11,14 @@
  },
  "dependencies": {
    "@tauri-apps/api": "^2.11.0",
-    "@tauri-apps/plugin-barcode-scanner": "^2.4.4",
+    "@tauri-apps/plugin-barcode-scanner": "^2.4.5",
    "@tauri-apps/plugin-biometric": "^2.3.2",
    "@tauri-apps/plugin-cli": "^2.4.1",
    "@tauri-apps/plugin-clipboard-manager": "^2.3.2",
    "@tauri-apps/plugin-dialog": "^2.7.1",
    "@tauri-apps/plugin-fs": "^2.5.1",
    "@tauri-apps/plugin-geolocation": "^2.3.2",
-    "@tauri-apps/plugin-global-shortcut": "^2.3.1",
+    "@tauri-apps/plugin-global-shortcut": "^2.3.2",
    "@tauri-apps/plugin-haptics": "^2.3.2",
    "@tauri-apps/plugin-http": "^2.5.9",
    "@tauri-apps/plugin-nfc": "^2.3.5",
@@ -36,7 +36,7 @@
    "@iconify-json/codicon": "^1.2.49",
    "@iconify-json/ph": "^1.2.2",
    "@sveltejs/vite-plugin-svelte": "^7.0.0",
-    "@tauri-apps/cli-cef": "3.0.0-alpha.5",
+    "@tauri-apps/cli": "2.11.2",
    "@unocss/extractor-svelte": "^66.6.7",
    "svelte": "^5.54.0",
    "unocss": "^66.6.7",
@@ -1,5 +1,12 @@
 # Changelog

+## \[2.0.44]
+
+### Dependencies
+
+- Upgraded to `barcode-scanner@2.4.5`
+- Upgraded to `global-shortcut@2.3.2`
+
 ## \[2.0.43]

 ### Dependencies
@@ -1,7 +1,7 @@
 [package]
 name = "api"
 publish = false
-version = "2.0.43"
+version = "2.0.44"
 description = "An example Tauri Application showcasing the api"
 edition = "2021"
 rust-version = { workspace = true }
@@ -56,12 +56,12 @@ features = [

 [target."cfg(any(target_os = \"macos\", windows, target_os = \"linux\", target_os = \"dragonfly\", target_os = \"freebsd\", target_os = \"openbsd\", target_os = \"netbsd\"))".dependencies]
 tauri-plugin-cli = { path = "../../../plugins/cli", version = "2.4.1" }
-tauri-plugin-global-shortcut = { path = "../../../plugins/global-shortcut", version = "2.3.1" }
+tauri-plugin-global-shortcut = { path = "../../../plugins/global-shortcut", version = "2.3.2" }
 tauri-plugin-updater = { path = "../../../plugins/updater", version = "2.10.1" }
 tauri-plugin-window-state = { path = "../../../plugins/window-state", version = "2.2.0" }

 [target."cfg(any(target_os = \"android\", target_os = \"ios\"))".dependencies]
-tauri-plugin-barcode-scanner = { path = "../../../plugins/barcode-scanner/", version = "2.4.4" }
+tauri-plugin-barcode-scanner = { path = "../../../plugins/barcode-scanner/", version = "2.4.5" }
 tauri-plugin-nfc = { path = "../../../plugins/nfc", version = "2.3.5" }
 tauri-plugin-biometric = { path = "../../../plugins/biometric/", version = "2.3.2" }
 tauri-plugin-geolocation = { path = "../../../plugins/geolocation/", version = "2.3.2" }
@@ -15,14 +15,14 @@
    "@rollup/plugin-node-resolve": "16.0.3",
    "@rollup/plugin-terser": "1.0.0",
    "@rollup/plugin-typescript": "12.3.0",
-    "eslint": "10.2.0",
+    "eslint": "10.4.0",
    "eslint-config-prettier": "10.1.8",
-    "eslint-plugin-security": "4.0.0",
-    "prettier": "3.8.1",
+    "eslint-plugin-security": "4.0.1",
+    "prettier": "3.8.3",
    "rollup": "4.60.3",
    "tslib": "2.8.1",
    "typescript": "6.0.3",
-    "typescript-eslint": "8.58.2"
+    "typescript-eslint": "8.61.1"
  },
  "minimumReleaseAge": 4320,
  "pnpm": {
@@ -1,5 +0,0 @@
-# Automatically generated - DO NOT EDIT!
-
-"$schema" = "../../schemas/schema.json"
-
-commands = ["enable","disable","is_enabled"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-disable"
+description = "Enables the disable command without any pre-configured scope."
+commands.allow = ["disable"]
+
+[[permission]]
+identifier = "deny-disable"
+description = "Denies the disable command without any pre-configured scope."
+commands.deny = ["disable"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-enable"
+description = "Enables the enable command without any pre-configured scope."
+commands.allow = ["enable"]
+
+[[permission]]
+identifier = "deny-enable"
+description = "Denies the enable command without any pre-configured scope."
+commands.deny = ["enable"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-is-enabled"
+description = "Enables the is_enabled command without any pre-configured scope."
+commands.allow = ["is_enabled"]
+
+[[permission]]
+identifier = "deny-is-enabled"
+description = "Denies the is_enabled command without any pre-configured scope."
+commands.deny = ["is_enabled"]
@@ -24,17 +24,10 @@
    },
    "permission": {
      "description": "A list of inlined permissions",
+      "default": [],
      "type": "array",
      "items": {
        "$ref": "#/definitions/Permission"
-      },
-      "default": []
-    },
-    "commands": {
-      "description": "A list of command names that get `allow-$command` and `deny-$command` permissions\nautogenerated on demand instead of being stored as explicit permissions.\n\nSee [`Manifest::command_permission`] and the ACL resolver for how these are expanded.",
-      "type": "array",
-      "items": {
-        "type": "string"
      }
    }
  },
@@ -42,6 +35,9 @@
    "DefaultPermission": {
      "description": "The default permission set of the plugin.\n\nWorks similarly to a permission with the \"default\" identifier.",
      "type": "object",
+      "required": [
+        "permissions"
+      ],
      "properties": {
        "version": {
          "description": "The version of the permission.",
@@ -50,10 +46,10 @@
            "null"
          ],
          "format": "uint64",
-          "minimum": 1
+          "minimum": 1.0
        },
        "description": {
-          "description": "Human-readable description of what the permission does.\nTauri convention is to use `<h4>` headings in markdown content\nfor Tauri documentation generation purposes.",
+          "description": "Human-readable description of what the permission does. Tauri convention is to use `<h4>` headings in markdown content for Tauri documentation generation purposes.",
          "type": [
            "string",
            "null"
@@ -66,14 +62,16 @@
            "type": "string"
          }
        }
-      },
-      "required": [
-        "permissions"
-      ]
+      }
    },
    "PermissionSet": {
      "description": "A set of direct permissions grouped together under a new name.",
      "type": "object",
+      "required": [
+        "description",
+        "identifier",
+        "permissions"
+      ],
      "properties": {
        "identifier": {
          "description": "A unique identifier for the permission.",
@@ -87,19 +85,17 @@
          "description": "All permissions this set contains.",
          "type": "array",
          "items": {
-            "type": "string"
+            "$ref": "#/definitions/PermissionKind"
          }
        }
-      },
-      "required": [
-        "identifier",
-        "description",
-        "permissions"
-      ]
+      }
    },
    "Permission": {
      "description": "Descriptions of explicit privileges of commands.\n\nIt can enable commands to be accessible in the frontend of the application.\n\nIf the scope is defined it can be used to fine grain control the access of individual or multiple commands.",
      "type": "object",
+      "required": [
+        "identifier"
+      ],
      "properties": {
        "version": {
          "description": "The version of the permission.",
@@ -108,14 +104,14 @@
            "null"
          ],
          "format": "uint64",
-          "minimum": 1
+          "minimum": 1.0
        },
        "identifier": {
          "description": "A unique identifier for the permission.",
          "type": "string"
        },
        "description": {
-          "description": "Human-readable description of what the permission does.\nTauri internal convention is to use `<h4>` headings in markdown content\nfor Tauri documentation generation purposes.",
+          "description": "Human-readable description of what the permission does. Tauri internal convention is to use `<h4>` headings in markdown content for Tauri documentation generation purposes.",
          "type": [
            "string",
            "null"
@@ -151,10 +147,7 @@
            "$ref": "#/definitions/Target"
          }
        }
-      },
-      "required": [
-        "identifier"
-      ]
+      }
    },
    "Commands": {
      "description": "Allowed and denied commands inside a permission.\n\nIf two commands clash inside of `allow` and `deny`, it should be denied by default.",
@@ -162,24 +155,24 @@
      "properties": {
        "allow": {
          "description": "Allowed command.",
+          "default": [],
          "type": "array",
          "items": {
            "type": "string"
-          },
-          "default": []
+          }
        },
        "deny": {
          "description": "Denied command, which takes priority.",
+          "default": [],
          "type": "array",
          "items": {
            "type": "string"
-          },
-          "default": []
+          }
        }
      }
    },
    "Scopes": {
-      "description": "An argument for fine grained behavior control of Tauri commands.\n\nIt can be of any serde serializable type and is used to allow or prevent certain actions inside a Tauri command.\nThe configured scope is passed to the command and will be enforced by the command implementation.\n\n## Example\n\n```json\n{\n  \"allow\": [{ \"path\": \"$HOME/**\" }],\n  \"deny\": [{ \"path\": \"$HOME/secret.txt\" }]\n}\n```",
+      "description": "An argument for fine grained behavior control of Tauri commands.\n\nIt can be of any serde serializable type and is used to allow or prevent certain actions inside a Tauri command. The configured scope is passed to the command and will be enforced by the command implementation.\n\n## Example\n\n```json { \"allow\": [{ \"path\": \"$HOME/**\" }], \"deny\": [{ \"path\": \"$HOME/secret.txt\" }] } ```",
      "type": "object",
      "properties": {
        "allow": {
@@ -264,27 +257,84 @@
        {
          "description": "MacOS.",
          "type": "string",
-          "const": "macOS"
+          "enum": [
+            "macOS"
+          ]
        },
        {
          "description": "Windows.",
          "type": "string",
-          "const": "windows"
+          "enum": [
+            "windows"
+          ]
        },
        {
          "description": "Linux.",
          "type": "string",
-          "const": "linux"
+          "enum": [
+            "linux"
+          ]
        },
        {
          "description": "Android.",
          "type": "string",
-          "const": "android"
+          "enum": [
+            "android"
+          ]
        },
        {
          "description": "iOS.",
          "type": "string",
-          "const": "iOS"
+          "enum": [
+            "iOS"
+          ]
+        }
+      ]
+    },
+    "PermissionKind": {
+      "type": "string",
+      "oneOf": [
+        {
+          "description": "Enables the disable command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-disable",
+          "markdownDescription": "Enables the disable command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the disable command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-disable",
+          "markdownDescription": "Denies the disable command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the enable command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-enable",
+          "markdownDescription": "Enables the enable command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the enable command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-enable",
+          "markdownDescription": "Denies the enable command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the is_enabled command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-is-enabled",
+          "markdownDescription": "Enables the is_enabled command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the is_enabled command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-is-enabled",
+          "markdownDescription": "Denies the is_enabled command without any pre-configured scope."
+        },
+        {
+          "description": "This permission set configures if your\napplication can enable or disable auto\nstarting the application on boot.\n\n#### Granted Permissions\n\nIt allows all to check, enable and\ndisable the automatic start on boot.\n\n\n#### This default permission set includes:\n\n- `allow-enable`\n- `allow-disable`\n- `allow-is-enabled`",
+          "type": "string",
+          "const": "default",
+          "markdownDescription": "This permission set configures if your\napplication can enable or disable auto\nstarting the application on boot.\n\n#### Granted Permissions\n\nIt allows all to check, enable and\ndisable the automatic start on boot.\n\n\n#### This default permission set includes:\n\n- `allow-enable`\n- `allow-disable`\n- `allow-is-enabled`"
        }
      ]
    }
@@ -1,5 +1,9 @@
 # Changelog

+## \[2.4.5]
+
+- [`d8645ab3`](https://github.com/tauri-apps/plugins-workspace/commit/d8645ab3e5b508456681eb53275c0837db25aeee) ([#3393](https://github.com/tauri-apps/plugins-workspace/pull/3393) by [@AlexisZankowitch](https://github.com/tauri-apps/plugins-workspace/../../AlexisZankowitch)) Fixed a crash on iOS when `cancel()` is invoked by running the cancel handler on the main thread.
+
 ## \[2.4.4]

 - [`82fbb0c7`](https://github.com/tauri-apps/plugins-workspace/commit/82fbb0c790288eca72af9ade13828ded7700ff90) ([#3221](https://github.com/tauri-apps/plugins-workspace/pull/3221)) On iOS, fixed an application crash happening when the scanner was started when user denied permission before.
@@ -1,6 +1,6 @@
 [package]
 name = "tauri-plugin-barcode-scanner"
-version = "2.4.4"
+version = "2.4.5"
 description = "Scan QR codes, EAN-13 and other kinds of barcodes on Android and iOS"
 edition = { workspace = true }
 authors = { workspace = true }
@@ -337,10 +337,11 @@ class BarcodeScannerPlugin: Plugin, AVCaptureMetadataOutputObjectsDelegate {
  }

  @objc private func cancel(_ invoke: Invoke) {
-    self.invoke?.reject("cancelled")
-
-    destroy()
-    invoke.resolve()
+    DispatchQueue.main.async { [self] in
+      self.invoke?.reject("cancelled")
+      self.destroy()
+      invoke.resolve()
+    }
  }
 }

@@ -1,6 +1,6 @@
 {
  "name": "@tauri-apps/plugin-barcode-scanner",
-  "version": "2.4.4",
+  "version": "2.4.5",
  "description": "Scan QR codes, EAN-13 and other kinds of barcodes on Android and iOS",
  "license": "MIT OR Apache-2.0",
  "authors": [
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-cancel"
+description = "Enables the cancel command without any pre-configured scope."
+commands.allow = ["cancel"]
+
+[[permission]]
+identifier = "deny-cancel"
+description = "Denies the cancel command without any pre-configured scope."
+commands.deny = ["cancel"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-check-permissions"
+description = "Enables the check_permissions command without any pre-configured scope."
+commands.allow = ["check_permissions"]
+
+[[permission]]
+identifier = "deny-check-permissions"
+description = "Denies the check_permissions command without any pre-configured scope."
+commands.deny = ["check_permissions"]
@@ -1,5 +0,0 @@
-# Automatically generated - DO NOT EDIT!
-
-"$schema" = "../../schemas/schema.json"
-
-commands = ["scan","cancel","request_permissions","check_permissions","open_app_settings","vibrate"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-open-app-settings"
+description = "Enables the open_app_settings command without any pre-configured scope."
+commands.allow = ["open_app_settings"]
+
+[[permission]]
+identifier = "deny-open-app-settings"
+description = "Denies the open_app_settings command without any pre-configured scope."
+commands.deny = ["open_app_settings"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-request-permissions"
+description = "Enables the request_permissions command without any pre-configured scope."
+commands.allow = ["request_permissions"]
+
+[[permission]]
+identifier = "deny-request-permissions"
+description = "Denies the request_permissions command without any pre-configured scope."
+commands.deny = ["request_permissions"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-scan"
+description = "Enables the scan command without any pre-configured scope."
+commands.allow = ["scan"]
+
+[[permission]]
+identifier = "deny-scan"
+description = "Denies the scan command without any pre-configured scope."
+commands.deny = ["scan"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-vibrate"
+description = "Enables the vibrate command without any pre-configured scope."
+commands.allow = ["vibrate"]
+
+[[permission]]
+identifier = "deny-vibrate"
+description = "Denies the vibrate command without any pre-configured scope."
+commands.deny = ["vibrate"]
@@ -24,17 +24,10 @@
    },
    "permission": {
      "description": "A list of inlined permissions",
+      "default": [],
      "type": "array",
      "items": {
        "$ref": "#/definitions/Permission"
-      },
-      "default": []
-    },
-    "commands": {
-      "description": "A list of command names that get `allow-$command` and `deny-$command` permissions\nautogenerated on demand instead of being stored as explicit permissions.\n\nSee [`Manifest::command_permission`] and the ACL resolver for how these are expanded.",
-      "type": "array",
-      "items": {
-        "type": "string"
      }
    }
  },
@@ -42,6 +35,9 @@
    "DefaultPermission": {
      "description": "The default permission set of the plugin.\n\nWorks similarly to a permission with the \"default\" identifier.",
      "type": "object",
+      "required": [
+        "permissions"
+      ],
      "properties": {
        "version": {
          "description": "The version of the permission.",
@@ -50,10 +46,10 @@
            "null"
          ],
          "format": "uint64",
-          "minimum": 1
+          "minimum": 1.0
        },
        "description": {
-          "description": "Human-readable description of what the permission does.\nTauri convention is to use `<h4>` headings in markdown content\nfor Tauri documentation generation purposes.",
+          "description": "Human-readable description of what the permission does. Tauri convention is to use `<h4>` headings in markdown content for Tauri documentation generation purposes.",
          "type": [
            "string",
            "null"
@@ -66,14 +62,16 @@
            "type": "string"
          }
        }
-      },
-      "required": [
-        "permissions"
-      ]
+      }
    },
    "PermissionSet": {
      "description": "A set of direct permissions grouped together under a new name.",
      "type": "object",
+      "required": [
+        "description",
+        "identifier",
+        "permissions"
+      ],
      "properties": {
        "identifier": {
          "description": "A unique identifier for the permission.",
@@ -87,19 +85,17 @@
          "description": "All permissions this set contains.",
          "type": "array",
          "items": {
-            "type": "string"
+            "$ref": "#/definitions/PermissionKind"
          }
        }
-      },
-      "required": [
-        "identifier",
-        "description",
-        "permissions"
-      ]
+      }
    },
    "Permission": {
      "description": "Descriptions of explicit privileges of commands.\n\nIt can enable commands to be accessible in the frontend of the application.\n\nIf the scope is defined it can be used to fine grain control the access of individual or multiple commands.",
      "type": "object",
+      "required": [
+        "identifier"
+      ],
      "properties": {
        "version": {
          "description": "The version of the permission.",
@@ -108,14 +104,14 @@
            "null"
          ],
          "format": "uint64",
-          "minimum": 1
+          "minimum": 1.0
        },
        "identifier": {
          "description": "A unique identifier for the permission.",
          "type": "string"
        },
        "description": {
-          "description": "Human-readable description of what the permission does.\nTauri internal convention is to use `<h4>` headings in markdown content\nfor Tauri documentation generation purposes.",
+          "description": "Human-readable description of what the permission does. Tauri internal convention is to use `<h4>` headings in markdown content for Tauri documentation generation purposes.",
          "type": [
            "string",
            "null"
@@ -151,10 +147,7 @@
            "$ref": "#/definitions/Target"
          }
        }
-      },
-      "required": [
-        "identifier"
-      ]
+      }
    },
    "Commands": {
      "description": "Allowed and denied commands inside a permission.\n\nIf two commands clash inside of `allow` and `deny`, it should be denied by default.",
@@ -162,24 +155,24 @@
      "properties": {
        "allow": {
          "description": "Allowed command.",
+          "default": [],
          "type": "array",
          "items": {
            "type": "string"
-          },
-          "default": []
+          }
        },
        "deny": {
          "description": "Denied command, which takes priority.",
+          "default": [],
          "type": "array",
          "items": {
            "type": "string"
-          },
-          "default": []
+          }
        }
      }
    },
    "Scopes": {
-      "description": "An argument for fine grained behavior control of Tauri commands.\n\nIt can be of any serde serializable type and is used to allow or prevent certain actions inside a Tauri command.\nThe configured scope is passed to the command and will be enforced by the command implementation.\n\n## Example\n\n```json\n{\n  \"allow\": [{ \"path\": \"$HOME/**\" }],\n  \"deny\": [{ \"path\": \"$HOME/secret.txt\" }]\n}\n```",
+      "description": "An argument for fine grained behavior control of Tauri commands.\n\nIt can be of any serde serializable type and is used to allow or prevent certain actions inside a Tauri command. The configured scope is passed to the command and will be enforced by the command implementation.\n\n## Example\n\n```json { \"allow\": [{ \"path\": \"$HOME/**\" }], \"deny\": [{ \"path\": \"$HOME/secret.txt\" }] } ```",
      "type": "object",
      "properties": {
        "allow": {
@@ -264,27 +257,120 @@
        {
          "description": "MacOS.",
          "type": "string",
-          "const": "macOS"
+          "enum": [
+            "macOS"
+          ]
        },
        {
          "description": "Windows.",
          "type": "string",
-          "const": "windows"
+          "enum": [
+            "windows"
+          ]
        },
        {
          "description": "Linux.",
          "type": "string",
-          "const": "linux"
+          "enum": [
+            "linux"
+          ]
        },
        {
          "description": "Android.",
          "type": "string",
-          "const": "android"
+          "enum": [
+            "android"
+          ]
        },
        {
          "description": "iOS.",
          "type": "string",
-          "const": "iOS"
+          "enum": [
+            "iOS"
+          ]
+        }
+      ]
+    },
+    "PermissionKind": {
+      "type": "string",
+      "oneOf": [
+        {
+          "description": "Enables the cancel command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-cancel",
+          "markdownDescription": "Enables the cancel command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the cancel command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-cancel",
+          "markdownDescription": "Denies the cancel command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the check_permissions command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-check-permissions",
+          "markdownDescription": "Enables the check_permissions command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the check_permissions command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-check-permissions",
+          "markdownDescription": "Denies the check_permissions command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the open_app_settings command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-open-app-settings",
+          "markdownDescription": "Enables the open_app_settings command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the open_app_settings command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-open-app-settings",
+          "markdownDescription": "Denies the open_app_settings command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the request_permissions command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-request-permissions",
+          "markdownDescription": "Enables the request_permissions command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the request_permissions command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-request-permissions",
+          "markdownDescription": "Denies the request_permissions command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the scan command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-scan",
+          "markdownDescription": "Enables the scan command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the scan command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-scan",
+          "markdownDescription": "Denies the scan command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the vibrate command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-vibrate",
+          "markdownDescription": "Enables the vibrate command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the vibrate command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-vibrate",
+          "markdownDescription": "Denies the vibrate command without any pre-configured scope."
+        },
+        {
+          "description": "This permission set configures which\nbarcode scanning features are by default exposed.\n\n#### Granted Permissions\n\nIt allows all barcode related features.\n\n\n#### This default permission set includes:\n\n- `allow-cancel`\n- `allow-check-permissions`\n- `allow-open-app-settings`\n- `allow-request-permissions`\n- `allow-scan`\n- `allow-vibrate`",
+          "type": "string",
+          "const": "default",
+          "markdownDescription": "This permission set configures which\nbarcode scanning features are by default exposed.\n\n#### Granted Permissions\n\nIt allows all barcode related features.\n\n\n#### This default permission set includes:\n\n- `allow-cancel`\n- `allow-check-permissions`\n- `allow-open-app-settings`\n- `allow-request-permissions`\n- `allow-scan`\n- `allow-vibrate`"
        }
      ]
    }
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-authenticate"
+description = "Enables the authenticate command without any pre-configured scope."
+commands.allow = ["authenticate"]
+
+[[permission]]
+identifier = "deny-authenticate"
+description = "Denies the authenticate command without any pre-configured scope."
+commands.deny = ["authenticate"]
@@ -1,5 +0,0 @@
-# Automatically generated - DO NOT EDIT!
-
-"$schema" = "../../schemas/schema.json"
-
-commands = ["authenticate","status"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-status"
+description = "Enables the status command without any pre-configured scope."
+commands.allow = ["status"]
+
+[[permission]]
+identifier = "deny-status"
+description = "Denies the status command without any pre-configured scope."
+commands.deny = ["status"]
@@ -24,17 +24,10 @@
    },
    "permission": {
      "description": "A list of inlined permissions",
+      "default": [],
      "type": "array",
      "items": {
        "$ref": "#/definitions/Permission"
-      },
-      "default": []
-    },
-    "commands": {
-      "description": "A list of command names that get `allow-$command` and `deny-$command` permissions\nautogenerated on demand instead of being stored as explicit permissions.\n\nSee [`Manifest::command_permission`] and the ACL resolver for how these are expanded.",
-      "type": "array",
-      "items": {
-        "type": "string"
      }
    }
  },
@@ -42,6 +35,9 @@
    "DefaultPermission": {
      "description": "The default permission set of the plugin.\n\nWorks similarly to a permission with the \"default\" identifier.",
      "type": "object",
+      "required": [
+        "permissions"
+      ],
      "properties": {
        "version": {
          "description": "The version of the permission.",
@@ -50,10 +46,10 @@
            "null"
          ],
          "format": "uint64",
-          "minimum": 1
+          "minimum": 1.0
        },
        "description": {
-          "description": "Human-readable description of what the permission does.\nTauri convention is to use `<h4>` headings in markdown content\nfor Tauri documentation generation purposes.",
+          "description": "Human-readable description of what the permission does. Tauri convention is to use `<h4>` headings in markdown content for Tauri documentation generation purposes.",
          "type": [
            "string",
            "null"
@@ -66,14 +62,16 @@
            "type": "string"
          }
        }
-      },
-      "required": [
-        "permissions"
-      ]
+      }
    },
    "PermissionSet": {
      "description": "A set of direct permissions grouped together under a new name.",
      "type": "object",
+      "required": [
+        "description",
+        "identifier",
+        "permissions"
+      ],
      "properties": {
        "identifier": {
          "description": "A unique identifier for the permission.",
@@ -87,19 +85,17 @@
          "description": "All permissions this set contains.",
          "type": "array",
          "items": {
-            "type": "string"
+            "$ref": "#/definitions/PermissionKind"
          }
        }
-      },
-      "required": [
-        "identifier",
-        "description",
-        "permissions"
-      ]
+      }
    },
    "Permission": {
      "description": "Descriptions of explicit privileges of commands.\n\nIt can enable commands to be accessible in the frontend of the application.\n\nIf the scope is defined it can be used to fine grain control the access of individual or multiple commands.",
      "type": "object",
+      "required": [
+        "identifier"
+      ],
      "properties": {
        "version": {
          "description": "The version of the permission.",
@@ -108,14 +104,14 @@
            "null"
          ],
          "format": "uint64",
-          "minimum": 1
+          "minimum": 1.0
        },
        "identifier": {
          "description": "A unique identifier for the permission.",
          "type": "string"
        },
        "description": {
-          "description": "Human-readable description of what the permission does.\nTauri internal convention is to use `<h4>` headings in markdown content\nfor Tauri documentation generation purposes.",
+          "description": "Human-readable description of what the permission does. Tauri internal convention is to use `<h4>` headings in markdown content for Tauri documentation generation purposes.",
          "type": [
            "string",
            "null"
@@ -151,10 +147,7 @@
            "$ref": "#/definitions/Target"
          }
        }
-      },
-      "required": [
-        "identifier"
-      ]
+      }
    },
    "Commands": {
      "description": "Allowed and denied commands inside a permission.\n\nIf two commands clash inside of `allow` and `deny`, it should be denied by default.",
@@ -162,24 +155,24 @@
      "properties": {
        "allow": {
          "description": "Allowed command.",
+          "default": [],
          "type": "array",
          "items": {
            "type": "string"
-          },
-          "default": []
+          }
        },
        "deny": {
          "description": "Denied command, which takes priority.",
+          "default": [],
          "type": "array",
          "items": {
            "type": "string"
-          },
-          "default": []
+          }
        }
      }
    },
    "Scopes": {
-      "description": "An argument for fine grained behavior control of Tauri commands.\n\nIt can be of any serde serializable type and is used to allow or prevent certain actions inside a Tauri command.\nThe configured scope is passed to the command and will be enforced by the command implementation.\n\n## Example\n\n```json\n{\n  \"allow\": [{ \"path\": \"$HOME/**\" }],\n  \"deny\": [{ \"path\": \"$HOME/secret.txt\" }]\n}\n```",
+      "description": "An argument for fine grained behavior control of Tauri commands.\n\nIt can be of any serde serializable type and is used to allow or prevent certain actions inside a Tauri command. The configured scope is passed to the command and will be enforced by the command implementation.\n\n## Example\n\n```json { \"allow\": [{ \"path\": \"$HOME/**\" }], \"deny\": [{ \"path\": \"$HOME/secret.txt\" }] } ```",
      "type": "object",
      "properties": {
        "allow": {
@@ -264,27 +257,72 @@
        {
          "description": "MacOS.",
          "type": "string",
-          "const": "macOS"
+          "enum": [
+            "macOS"
+          ]
        },
        {
          "description": "Windows.",
          "type": "string",
-          "const": "windows"
+          "enum": [
+            "windows"
+          ]
        },
        {
          "description": "Linux.",
          "type": "string",
-          "const": "linux"
+          "enum": [
+            "linux"
+          ]
        },
        {
          "description": "Android.",
          "type": "string",
-          "const": "android"
+          "enum": [
+            "android"
+          ]
        },
        {
          "description": "iOS.",
          "type": "string",
-          "const": "iOS"
+          "enum": [
+            "iOS"
+          ]
+        }
+      ]
+    },
+    "PermissionKind": {
+      "type": "string",
+      "oneOf": [
+        {
+          "description": "Enables the authenticate command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-authenticate",
+          "markdownDescription": "Enables the authenticate command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the authenticate command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-authenticate",
+          "markdownDescription": "Denies the authenticate command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the status command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-status",
+          "markdownDescription": "Enables the status command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the status command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-status",
+          "markdownDescription": "Denies the status command without any pre-configured scope."
+        },
+        {
+          "description": "This permission set configures which\nbiometric features are by default exposed.\n\n#### Granted Permissions\n\nIt allows acccess to all biometric commands.\n\n\n#### This default permission set includes:\n\n- `allow-authenticate`\n- `allow-status`",
+          "type": "string",
+          "const": "default",
+          "markdownDescription": "This permission set configures which\nbiometric features are by default exposed.\n\n#### Granted Permissions\n\nIt allows acccess to all biometric commands.\n\n\n#### This default permission set includes:\n\n- `allow-authenticate`\n- `allow-status`"
        }
      ]
    }
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-cli-matches"
+description = "Enables the cli_matches command without any pre-configured scope."
+commands.allow = ["cli_matches"]
+
+[[permission]]
+identifier = "deny-cli-matches"
+description = "Denies the cli_matches command without any pre-configured scope."
+commands.deny = ["cli_matches"]
@@ -1,5 +0,0 @@
-# Automatically generated - DO NOT EDIT!
-
-"$schema" = "../../schemas/schema.json"
-
-commands = ["cli_matches"]
@@ -24,17 +24,10 @@
    },
    "permission": {
      "description": "A list of inlined permissions",
+      "default": [],
      "type": "array",
      "items": {
        "$ref": "#/definitions/Permission"
-      },
-      "default": []
-    },
-    "commands": {
-      "description": "A list of command names that get `allow-$command` and `deny-$command` permissions\nautogenerated on demand instead of being stored as explicit permissions.\n\nSee [`Manifest::command_permission`] and the ACL resolver for how these are expanded.",
-      "type": "array",
-      "items": {
-        "type": "string"
      }
    }
  },
@@ -42,6 +35,9 @@
    "DefaultPermission": {
      "description": "The default permission set of the plugin.\n\nWorks similarly to a permission with the \"default\" identifier.",
      "type": "object",
+      "required": [
+        "permissions"
+      ],
      "properties": {
        "version": {
          "description": "The version of the permission.",
@@ -50,10 +46,10 @@
            "null"
          ],
          "format": "uint64",
-          "minimum": 1
+          "minimum": 1.0
        },
        "description": {
-          "description": "Human-readable description of what the permission does.\nTauri convention is to use `<h4>` headings in markdown content\nfor Tauri documentation generation purposes.",
+          "description": "Human-readable description of what the permission does. Tauri convention is to use `<h4>` headings in markdown content for Tauri documentation generation purposes.",
          "type": [
            "string",
            "null"
@@ -66,14 +62,16 @@
            "type": "string"
          }
        }
-      },
-      "required": [
-        "permissions"
-      ]
+      }
    },
    "PermissionSet": {
      "description": "A set of direct permissions grouped together under a new name.",
      "type": "object",
+      "required": [
+        "description",
+        "identifier",
+        "permissions"
+      ],
      "properties": {
        "identifier": {
          "description": "A unique identifier for the permission.",
@@ -87,19 +85,17 @@
          "description": "All permissions this set contains.",
          "type": "array",
          "items": {
-            "type": "string"
+            "$ref": "#/definitions/PermissionKind"
          }
        }
-      },
-      "required": [
-        "identifier",
-        "description",
-        "permissions"
-      ]
+      }
    },
    "Permission": {
      "description": "Descriptions of explicit privileges of commands.\n\nIt can enable commands to be accessible in the frontend of the application.\n\nIf the scope is defined it can be used to fine grain control the access of individual or multiple commands.",
      "type": "object",
+      "required": [
+        "identifier"
+      ],
      "properties": {
        "version": {
          "description": "The version of the permission.",
@@ -108,14 +104,14 @@
            "null"
          ],
          "format": "uint64",
-          "minimum": 1
+          "minimum": 1.0
        },
        "identifier": {
          "description": "A unique identifier for the permission.",
          "type": "string"
        },
        "description": {
-          "description": "Human-readable description of what the permission does.\nTauri internal convention is to use `<h4>` headings in markdown content\nfor Tauri documentation generation purposes.",
+          "description": "Human-readable description of what the permission does. Tauri internal convention is to use `<h4>` headings in markdown content for Tauri documentation generation purposes.",
          "type": [
            "string",
            "null"
@@ -151,10 +147,7 @@
            "$ref": "#/definitions/Target"
          }
        }
-      },
-      "required": [
-        "identifier"
-      ]
+      }
    },
    "Commands": {
      "description": "Allowed and denied commands inside a permission.\n\nIf two commands clash inside of `allow` and `deny`, it should be denied by default.",
@@ -162,24 +155,24 @@
      "properties": {
        "allow": {
          "description": "Allowed command.",
+          "default": [],
          "type": "array",
          "items": {
            "type": "string"
-          },
-          "default": []
+          }
        },
        "deny": {
          "description": "Denied command, which takes priority.",
+          "default": [],
          "type": "array",
          "items": {
            "type": "string"
-          },
-          "default": []
+          }
        }
      }
    },
    "Scopes": {
-      "description": "An argument for fine grained behavior control of Tauri commands.\n\nIt can be of any serde serializable type and is used to allow or prevent certain actions inside a Tauri command.\nThe configured scope is passed to the command and will be enforced by the command implementation.\n\n## Example\n\n```json\n{\n  \"allow\": [{ \"path\": \"$HOME/**\" }],\n  \"deny\": [{ \"path\": \"$HOME/secret.txt\" }]\n}\n```",
+      "description": "An argument for fine grained behavior control of Tauri commands.\n\nIt can be of any serde serializable type and is used to allow or prevent certain actions inside a Tauri command. The configured scope is passed to the command and will be enforced by the command implementation.\n\n## Example\n\n```json { \"allow\": [{ \"path\": \"$HOME/**\" }], \"deny\": [{ \"path\": \"$HOME/secret.txt\" }] } ```",
      "type": "object",
      "properties": {
        "allow": {
@@ -264,27 +257,60 @@
        {
          "description": "MacOS.",
          "type": "string",
-          "const": "macOS"
+          "enum": [
+            "macOS"
+          ]
        },
        {
          "description": "Windows.",
          "type": "string",
-          "const": "windows"
+          "enum": [
+            "windows"
+          ]
        },
        {
          "description": "Linux.",
          "type": "string",
-          "const": "linux"
+          "enum": [
+            "linux"
+          ]
        },
        {
          "description": "Android.",
          "type": "string",
-          "const": "android"
+          "enum": [
+            "android"
+          ]
        },
        {
          "description": "iOS.",
          "type": "string",
-          "const": "iOS"
+          "enum": [
+            "iOS"
+          ]
+        }
+      ]
+    },
+    "PermissionKind": {
+      "type": "string",
+      "oneOf": [
+        {
+          "description": "Enables the cli_matches command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-cli-matches",
+          "markdownDescription": "Enables the cli_matches command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the cli_matches command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-cli-matches",
+          "markdownDescription": "Denies the cli_matches command without any pre-configured scope."
+        },
+        {
+          "description": "Allows reading the CLI matches\n#### This default permission set includes:\n\n- `allow-cli-matches`",
+          "type": "string",
+          "const": "default",
+          "markdownDescription": "Allows reading the CLI matches\n#### This default permission set includes:\n\n- `allow-cli-matches`"
        }
      ]
    }
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-clear"
+description = "Enables the clear command without any pre-configured scope."
+commands.allow = ["clear"]
+
+[[permission]]
+identifier = "deny-clear"
+description = "Denies the clear command without any pre-configured scope."
+commands.deny = ["clear"]
@@ -1,5 +0,0 @@
-# Automatically generated - DO NOT EDIT!
-
-"$schema" = "../../schemas/schema.json"
-
-commands = ["write_text","read_text","write_image","read_image","write_html","clear"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-read-image"
+description = "Enables the read_image command without any pre-configured scope."
+commands.allow = ["read_image"]
+
+[[permission]]
+identifier = "deny-read-image"
+description = "Denies the read_image command without any pre-configured scope."
+commands.deny = ["read_image"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-read-text"
+description = "Enables the read_text command without any pre-configured scope."
+commands.allow = ["read_text"]
+
+[[permission]]
+identifier = "deny-read-text"
+description = "Denies the read_text command without any pre-configured scope."
+commands.deny = ["read_text"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-write-html"
+description = "Enables the write_html command without any pre-configured scope."
+commands.allow = ["write_html"]
+
+[[permission]]
+identifier = "deny-write-html"
+description = "Denies the write_html command without any pre-configured scope."
+commands.deny = ["write_html"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-write-image"
+description = "Enables the write_image command without any pre-configured scope."
+commands.allow = ["write_image"]
+
+[[permission]]
+identifier = "deny-write-image"
+description = "Denies the write_image command without any pre-configured scope."
+commands.deny = ["write_image"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-write-text"
+description = "Enables the write_text command without any pre-configured scope."
+commands.allow = ["write_text"]
+
+[[permission]]
+identifier = "deny-write-text"
+description = "Denies the write_text command without any pre-configured scope."
+commands.deny = ["write_text"]
@@ -24,17 +24,10 @@
    },
    "permission": {
      "description": "A list of inlined permissions",
+      "default": [],
      "type": "array",
      "items": {
        "$ref": "#/definitions/Permission"
-      },
-      "default": []
-    },
-    "commands": {
-      "description": "A list of command names that get `allow-$command` and `deny-$command` permissions\nautogenerated on demand instead of being stored as explicit permissions.\n\nSee [`Manifest::command_permission`] and the ACL resolver for how these are expanded.",
-      "type": "array",
-      "items": {
-        "type": "string"
      }
    }
  },
@@ -42,6 +35,9 @@
    "DefaultPermission": {
      "description": "The default permission set of the plugin.\n\nWorks similarly to a permission with the \"default\" identifier.",
      "type": "object",
+      "required": [
+        "permissions"
+      ],
      "properties": {
        "version": {
          "description": "The version of the permission.",
@@ -50,10 +46,10 @@
            "null"
          ],
          "format": "uint64",
-          "minimum": 1
+          "minimum": 1.0
        },
        "description": {
-          "description": "Human-readable description of what the permission does.\nTauri convention is to use `<h4>` headings in markdown content\nfor Tauri documentation generation purposes.",
+          "description": "Human-readable description of what the permission does. Tauri convention is to use `<h4>` headings in markdown content for Tauri documentation generation purposes.",
          "type": [
            "string",
            "null"
@@ -66,14 +62,16 @@
            "type": "string"
          }
        }
-      },
-      "required": [
-        "permissions"
-      ]
+      }
    },
    "PermissionSet": {
      "description": "A set of direct permissions grouped together under a new name.",
      "type": "object",
+      "required": [
+        "description",
+        "identifier",
+        "permissions"
+      ],
      "properties": {
        "identifier": {
          "description": "A unique identifier for the permission.",
@@ -87,19 +85,17 @@
          "description": "All permissions this set contains.",
          "type": "array",
          "items": {
-            "type": "string"
+            "$ref": "#/definitions/PermissionKind"
          }
        }
-      },
-      "required": [
-        "identifier",
-        "description",
-        "permissions"
-      ]
+      }
    },
    "Permission": {
      "description": "Descriptions of explicit privileges of commands.\n\nIt can enable commands to be accessible in the frontend of the application.\n\nIf the scope is defined it can be used to fine grain control the access of individual or multiple commands.",
      "type": "object",
+      "required": [
+        "identifier"
+      ],
      "properties": {
        "version": {
          "description": "The version of the permission.",
@@ -108,14 +104,14 @@
            "null"
          ],
          "format": "uint64",
-          "minimum": 1
+          "minimum": 1.0
        },
        "identifier": {
          "description": "A unique identifier for the permission.",
          "type": "string"
        },
        "description": {
-          "description": "Human-readable description of what the permission does.\nTauri internal convention is to use `<h4>` headings in markdown content\nfor Tauri documentation generation purposes.",
+          "description": "Human-readable description of what the permission does. Tauri internal convention is to use `<h4>` headings in markdown content for Tauri documentation generation purposes.",
          "type": [
            "string",
            "null"
@@ -151,10 +147,7 @@
            "$ref": "#/definitions/Target"
          }
        }
-      },
-      "required": [
-        "identifier"
-      ]
+      }
    },
    "Commands": {
      "description": "Allowed and denied commands inside a permission.\n\nIf two commands clash inside of `allow` and `deny`, it should be denied by default.",
@@ -162,24 +155,24 @@
      "properties": {
        "allow": {
          "description": "Allowed command.",
+          "default": [],
          "type": "array",
          "items": {
            "type": "string"
-          },
-          "default": []
+          }
        },
        "deny": {
          "description": "Denied command, which takes priority.",
+          "default": [],
          "type": "array",
          "items": {
            "type": "string"
-          },
-          "default": []
+          }
        }
      }
    },
    "Scopes": {
-      "description": "An argument for fine grained behavior control of Tauri commands.\n\nIt can be of any serde serializable type and is used to allow or prevent certain actions inside a Tauri command.\nThe configured scope is passed to the command and will be enforced by the command implementation.\n\n## Example\n\n```json\n{\n  \"allow\": [{ \"path\": \"$HOME/**\" }],\n  \"deny\": [{ \"path\": \"$HOME/secret.txt\" }]\n}\n```",
+      "description": "An argument for fine grained behavior control of Tauri commands.\n\nIt can be of any serde serializable type and is used to allow or prevent certain actions inside a Tauri command. The configured scope is passed to the command and will be enforced by the command implementation.\n\n## Example\n\n```json { \"allow\": [{ \"path\": \"$HOME/**\" }], \"deny\": [{ \"path\": \"$HOME/secret.txt\" }] } ```",
      "type": "object",
      "properties": {
        "allow": {
@@ -264,27 +257,120 @@
        {
          "description": "MacOS.",
          "type": "string",
-          "const": "macOS"
+          "enum": [
+            "macOS"
+          ]
        },
        {
          "description": "Windows.",
          "type": "string",
-          "const": "windows"
+          "enum": [
+            "windows"
+          ]
        },
        {
          "description": "Linux.",
          "type": "string",
-          "const": "linux"
+          "enum": [
+            "linux"
+          ]
        },
        {
          "description": "Android.",
          "type": "string",
-          "const": "android"
+          "enum": [
+            "android"
+          ]
        },
        {
          "description": "iOS.",
          "type": "string",
-          "const": "iOS"
+          "enum": [
+            "iOS"
+          ]
+        }
+      ]
+    },
+    "PermissionKind": {
+      "type": "string",
+      "oneOf": [
+        {
+          "description": "Enables the clear command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-clear",
+          "markdownDescription": "Enables the clear command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the clear command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-clear",
+          "markdownDescription": "Denies the clear command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the read_image command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-read-image",
+          "markdownDescription": "Enables the read_image command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the read_image command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-read-image",
+          "markdownDescription": "Denies the read_image command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the read_text command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-read-text",
+          "markdownDescription": "Enables the read_text command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the read_text command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-read-text",
+          "markdownDescription": "Denies the read_text command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the write_html command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-write-html",
+          "markdownDescription": "Enables the write_html command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the write_html command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-write-html",
+          "markdownDescription": "Denies the write_html command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the write_image command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-write-image",
+          "markdownDescription": "Enables the write_image command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the write_image command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-write-image",
+          "markdownDescription": "Denies the write_image command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the write_text command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-write-text",
+          "markdownDescription": "Enables the write_text command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the write_text command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-write-text",
+          "markdownDescription": "Denies the write_text command without any pre-configured scope."
+        },
+        {
+          "description": "No features are enabled by default, as we believe\nthe clipboard can be inherently dangerous and it is \napplication specific if read and/or write access is needed.\n\nClipboard interaction needs to be explicitly enabled.\n",
+          "type": "string",
+          "const": "default",
+          "markdownDescription": "No features are enabled by default, as we believe\nthe clipboard can be inherently dangerous and it is \napplication specific if read and/or write access is needed.\n\nClipboard interaction needs to be explicitly enabled.\n"
        }
      ]
    }
@@ -14,7 +14,7 @@
    "@tauri-apps/plugin-deep-link": "2.4.9"
  },
  "devDependencies": {
-    "@tauri-apps/cli-cef": "3.0.0-alpha.5",
+    "@tauri-apps/cli": "2.11.2",
    "typescript": "^6.0.0",
    "vite": "^8.0.1"
  }
@@ -28,6 +28,6 @@
    "@tauri-apps/api": "^2.11.0"
  },
  "devDependencies": {
-    "@tauri-apps/cli-cef": "3.0.0-alpha.5"
+    "@tauri-apps/cli": "2.11.2"
  }
 }
@@ -1,5 +0,0 @@
-# Automatically generated - DO NOT EDIT!
-
-"$schema" = "../../schemas/schema.json"
-
-commands = ["get_current","register","unregister","is_registered"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-get-current"
+description = "Enables the get_current command without any pre-configured scope."
+commands.allow = ["get_current"]
+
+[[permission]]
+identifier = "deny-get-current"
+description = "Denies the get_current command without any pre-configured scope."
+commands.deny = ["get_current"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-is-registered"
+description = "Enables the is_registered command without any pre-configured scope."
+commands.allow = ["is_registered"]
+
+[[permission]]
+identifier = "deny-is-registered"
+description = "Denies the is_registered command without any pre-configured scope."
+commands.deny = ["is_registered"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-register"
+description = "Enables the register command without any pre-configured scope."
+commands.allow = ["register"]
+
+[[permission]]
+identifier = "deny-register"
+description = "Denies the register command without any pre-configured scope."
+commands.deny = ["register"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-unregister"
+description = "Enables the unregister command without any pre-configured scope."
+commands.allow = ["unregister"]
+
+[[permission]]
+identifier = "deny-unregister"
+description = "Denies the unregister command without any pre-configured scope."
+commands.deny = ["unregister"]
@@ -24,17 +24,10 @@
    },
    "permission": {
      "description": "A list of inlined permissions",
+      "default": [],
      "type": "array",
      "items": {
        "$ref": "#/definitions/Permission"
-      },
-      "default": []
-    },
-    "commands": {
-      "description": "A list of command names that get `allow-$command` and `deny-$command` permissions\nautogenerated on demand instead of being stored as explicit permissions.\n\nSee [`Manifest::command_permission`] and the ACL resolver for how these are expanded.",
-      "type": "array",
-      "items": {
-        "type": "string"
      }
    }
  },
@@ -42,6 +35,9 @@
    "DefaultPermission": {
      "description": "The default permission set of the plugin.\n\nWorks similarly to a permission with the \"default\" identifier.",
      "type": "object",
+      "required": [
+        "permissions"
+      ],
      "properties": {
        "version": {
          "description": "The version of the permission.",
@@ -50,10 +46,10 @@
            "null"
          ],
          "format": "uint64",
-          "minimum": 1
+          "minimum": 1.0
        },
        "description": {
-          "description": "Human-readable description of what the permission does.\nTauri convention is to use `<h4>` headings in markdown content\nfor Tauri documentation generation purposes.",
+          "description": "Human-readable description of what the permission does. Tauri convention is to use `<h4>` headings in markdown content for Tauri documentation generation purposes.",
          "type": [
            "string",
            "null"
@@ -66,14 +62,16 @@
            "type": "string"
          }
        }
-      },
-      "required": [
-        "permissions"
-      ]
+      }
    },
    "PermissionSet": {
      "description": "A set of direct permissions grouped together under a new name.",
      "type": "object",
+      "required": [
+        "description",
+        "identifier",
+        "permissions"
+      ],
      "properties": {
        "identifier": {
          "description": "A unique identifier for the permission.",
@@ -87,19 +85,17 @@
          "description": "All permissions this set contains.",
          "type": "array",
          "items": {
-            "type": "string"
+            "$ref": "#/definitions/PermissionKind"
          }
        }
-      },
-      "required": [
-        "identifier",
-        "description",
-        "permissions"
-      ]
+      }
    },
    "Permission": {
      "description": "Descriptions of explicit privileges of commands.\n\nIt can enable commands to be accessible in the frontend of the application.\n\nIf the scope is defined it can be used to fine grain control the access of individual or multiple commands.",
      "type": "object",
+      "required": [
+        "identifier"
+      ],
      "properties": {
        "version": {
          "description": "The version of the permission.",
@@ -108,14 +104,14 @@
            "null"
          ],
          "format": "uint64",
-          "minimum": 1
+          "minimum": 1.0
        },
        "identifier": {
          "description": "A unique identifier for the permission.",
          "type": "string"
        },
        "description": {
-          "description": "Human-readable description of what the permission does.\nTauri internal convention is to use `<h4>` headings in markdown content\nfor Tauri documentation generation purposes.",
+          "description": "Human-readable description of what the permission does. Tauri internal convention is to use `<h4>` headings in markdown content for Tauri documentation generation purposes.",
          "type": [
            "string",
            "null"
@@ -151,10 +147,7 @@
            "$ref": "#/definitions/Target"
          }
        }
-      },
-      "required": [
-        "identifier"
-      ]
+      }
    },
    "Commands": {
      "description": "Allowed and denied commands inside a permission.\n\nIf two commands clash inside of `allow` and `deny`, it should be denied by default.",
@@ -162,24 +155,24 @@
      "properties": {
        "allow": {
          "description": "Allowed command.",
+          "default": [],
          "type": "array",
          "items": {
            "type": "string"
-          },
-          "default": []
+          }
        },
        "deny": {
          "description": "Denied command, which takes priority.",
+          "default": [],
          "type": "array",
          "items": {
            "type": "string"
-          },
-          "default": []
+          }
        }
      }
    },
    "Scopes": {
-      "description": "An argument for fine grained behavior control of Tauri commands.\n\nIt can be of any serde serializable type and is used to allow or prevent certain actions inside a Tauri command.\nThe configured scope is passed to the command and will be enforced by the command implementation.\n\n## Example\n\n```json\n{\n  \"allow\": [{ \"path\": \"$HOME/**\" }],\n  \"deny\": [{ \"path\": \"$HOME/secret.txt\" }]\n}\n```",
+      "description": "An argument for fine grained behavior control of Tauri commands.\n\nIt can be of any serde serializable type and is used to allow or prevent certain actions inside a Tauri command. The configured scope is passed to the command and will be enforced by the command implementation.\n\n## Example\n\n```json { \"allow\": [{ \"path\": \"$HOME/**\" }], \"deny\": [{ \"path\": \"$HOME/secret.txt\" }] } ```",
      "type": "object",
      "properties": {
        "allow": {
@@ -264,27 +257,96 @@
        {
          "description": "MacOS.",
          "type": "string",
-          "const": "macOS"
+          "enum": [
+            "macOS"
+          ]
        },
        {
          "description": "Windows.",
          "type": "string",
-          "const": "windows"
+          "enum": [
+            "windows"
+          ]
        },
        {
          "description": "Linux.",
          "type": "string",
-          "const": "linux"
+          "enum": [
+            "linux"
+          ]
        },
        {
          "description": "Android.",
          "type": "string",
-          "const": "android"
+          "enum": [
+            "android"
+          ]
        },
        {
          "description": "iOS.",
          "type": "string",
-          "const": "iOS"
+          "enum": [
+            "iOS"
+          ]
+        }
+      ]
+    },
+    "PermissionKind": {
+      "type": "string",
+      "oneOf": [
+        {
+          "description": "Enables the get_current command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-get-current",
+          "markdownDescription": "Enables the get_current command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the get_current command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-get-current",
+          "markdownDescription": "Denies the get_current command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the is_registered command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-is-registered",
+          "markdownDescription": "Enables the is_registered command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the is_registered command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-is-registered",
+          "markdownDescription": "Denies the is_registered command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the register command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-register",
+          "markdownDescription": "Enables the register command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the register command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-register",
+          "markdownDescription": "Denies the register command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the unregister command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-unregister",
+          "markdownDescription": "Enables the unregister command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the unregister command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-unregister",
+          "markdownDescription": "Denies the unregister command without any pre-configured scope."
+        },
+        {
+          "description": "Allows reading the opened deep link via the get_current command\n#### This default permission set includes:\n\n- `allow-get-current`",
+          "type": "string",
+          "const": "default",
+          "markdownDescription": "Allows reading the opened deep link via the get_current command\n#### This default permission set includes:\n\n- `allow-get-current`"
        }
      ]
    }
@@ -540,7 +540,7 @@ pub fn init<R: Runtime>() -> TauriPlugin<R, Option<config::Config>> {
            Ok(())
        })
        .on_event(|_app, _event| {
-            #[cfg(desktop)]
+            #[cfg(any(target_os = "macos", target_os = "ios"))]
            if let tauri::RunEvent::Opened { urls } = _event {
                use tauri::Emitter;

@@ -1,5 +0,0 @@
-# Automatically generated - DO NOT EDIT!
-
-"$schema" = "../../schemas/schema.json"
-
-commands = ["open","save","message"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-message"
+description = "Enables the message command without any pre-configured scope."
+commands.allow = ["message"]
+
+[[permission]]
+identifier = "deny-message"
+description = "Denies the message command without any pre-configured scope."
+commands.deny = ["message"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-open"
+description = "Enables the open command without any pre-configured scope."
+commands.allow = ["open"]
+
+[[permission]]
+identifier = "deny-open"
+description = "Denies the open command without any pre-configured scope."
+commands.deny = ["open"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-save"
+description = "Enables the save command without any pre-configured scope."
+commands.allow = ["save"]
+
+[[permission]]
+identifier = "deny-save"
+description = "Denies the save command without any pre-configured scope."
+commands.deny = ["save"]
@@ -24,17 +24,10 @@
    },
    "permission": {
      "description": "A list of inlined permissions",
+      "default": [],
      "type": "array",
      "items": {
        "$ref": "#/definitions/Permission"
-      },
-      "default": []
-    },
-    "commands": {
-      "description": "A list of command names that get `allow-$command` and `deny-$command` permissions\nautogenerated on demand instead of being stored as explicit permissions.\n\nSee [`Manifest::command_permission`] and the ACL resolver for how these are expanded.",
-      "type": "array",
-      "items": {
-        "type": "string"
      }
    }
  },
@@ -42,6 +35,9 @@
    "DefaultPermission": {
      "description": "The default permission set of the plugin.\n\nWorks similarly to a permission with the \"default\" identifier.",
      "type": "object",
+      "required": [
+        "permissions"
+      ],
      "properties": {
        "version": {
          "description": "The version of the permission.",
@@ -50,10 +46,10 @@
            "null"
          ],
          "format": "uint64",
-          "minimum": 1
+          "minimum": 1.0
        },
        "description": {
-          "description": "Human-readable description of what the permission does.\nTauri convention is to use `<h4>` headings in markdown content\nfor Tauri documentation generation purposes.",
+          "description": "Human-readable description of what the permission does. Tauri convention is to use `<h4>` headings in markdown content for Tauri documentation generation purposes.",
          "type": [
            "string",
            "null"
@@ -66,14 +62,16 @@
            "type": "string"
          }
        }
-      },
-      "required": [
-        "permissions"
-      ]
+      }
    },
    "PermissionSet": {
      "description": "A set of direct permissions grouped together under a new name.",
      "type": "object",
+      "required": [
+        "description",
+        "identifier",
+        "permissions"
+      ],
      "properties": {
        "identifier": {
          "description": "A unique identifier for the permission.",
@@ -87,19 +85,17 @@
          "description": "All permissions this set contains.",
          "type": "array",
          "items": {
-            "type": "string"
+            "$ref": "#/definitions/PermissionKind"
          }
        }
-      },
-      "required": [
-        "identifier",
-        "description",
-        "permissions"
-      ]
+      }
    },
    "Permission": {
      "description": "Descriptions of explicit privileges of commands.\n\nIt can enable commands to be accessible in the frontend of the application.\n\nIf the scope is defined it can be used to fine grain control the access of individual or multiple commands.",
      "type": "object",
+      "required": [
+        "identifier"
+      ],
      "properties": {
        "version": {
          "description": "The version of the permission.",
@@ -108,14 +104,14 @@
            "null"
          ],
          "format": "uint64",
-          "minimum": 1
+          "minimum": 1.0
        },
        "identifier": {
          "description": "A unique identifier for the permission.",
          "type": "string"
        },
        "description": {
-          "description": "Human-readable description of what the permission does.\nTauri internal convention is to use `<h4>` headings in markdown content\nfor Tauri documentation generation purposes.",
+          "description": "Human-readable description of what the permission does. Tauri internal convention is to use `<h4>` headings in markdown content for Tauri documentation generation purposes.",
          "type": [
            "string",
            "null"
@@ -151,10 +147,7 @@
            "$ref": "#/definitions/Target"
          }
        }
-      },
-      "required": [
-        "identifier"
-      ]
+      }
    },
    "Commands": {
      "description": "Allowed and denied commands inside a permission.\n\nIf two commands clash inside of `allow` and `deny`, it should be denied by default.",
@@ -162,24 +155,24 @@
      "properties": {
        "allow": {
          "description": "Allowed command.",
+          "default": [],
          "type": "array",
          "items": {
            "type": "string"
-          },
-          "default": []
+          }
        },
        "deny": {
          "description": "Denied command, which takes priority.",
+          "default": [],
          "type": "array",
          "items": {
            "type": "string"
-          },
-          "default": []
+          }
        }
      }
    },
    "Scopes": {
-      "description": "An argument for fine grained behavior control of Tauri commands.\n\nIt can be of any serde serializable type and is used to allow or prevent certain actions inside a Tauri command.\nThe configured scope is passed to the command and will be enforced by the command implementation.\n\n## Example\n\n```json\n{\n  \"allow\": [{ \"path\": \"$HOME/**\" }],\n  \"deny\": [{ \"path\": \"$HOME/secret.txt\" }]\n}\n```",
+      "description": "An argument for fine grained behavior control of Tauri commands.\n\nIt can be of any serde serializable type and is used to allow or prevent certain actions inside a Tauri command. The configured scope is passed to the command and will be enforced by the command implementation.\n\n## Example\n\n```json { \"allow\": [{ \"path\": \"$HOME/**\" }], \"deny\": [{ \"path\": \"$HOME/secret.txt\" }] } ```",
      "type": "object",
      "properties": {
        "allow": {
@@ -264,27 +257,108 @@
        {
          "description": "MacOS.",
          "type": "string",
-          "const": "macOS"
+          "enum": [
+            "macOS"
+          ]
        },
        {
          "description": "Windows.",
          "type": "string",
-          "const": "windows"
+          "enum": [
+            "windows"
+          ]
        },
        {
          "description": "Linux.",
          "type": "string",
-          "const": "linux"
+          "enum": [
+            "linux"
+          ]
        },
        {
          "description": "Android.",
          "type": "string",
-          "const": "android"
+          "enum": [
+            "android"
+          ]
        },
        {
          "description": "iOS.",
          "type": "string",
-          "const": "iOS"
+          "enum": [
+            "iOS"
+          ]
+        }
+      ]
+    },
+    "PermissionKind": {
+      "type": "string",
+      "oneOf": [
+        {
+          "description": "Enables the ask command without any pre-configured scope. (**DEPRECATED**: This is now an alias to `allow-message` and will be removed in v3)",
+          "type": "string",
+          "const": "allow-ask",
+          "markdownDescription": "Enables the ask command without any pre-configured scope. (**DEPRECATED**: This is now an alias to `allow-message` and will be removed in v3)"
+        },
+        {
+          "description": "Denies the ask command without any pre-configured scope. (**DEPRECATED**: This is now an alias to `deny-message` and will be removed in v3)",
+          "type": "string",
+          "const": "deny-ask",
+          "markdownDescription": "Denies the ask command without any pre-configured scope. (**DEPRECATED**: This is now an alias to `deny-message` and will be removed in v3)"
+        },
+        {
+          "description": "Enables the message command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-message",
+          "markdownDescription": "Enables the message command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the message command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-message",
+          "markdownDescription": "Denies the message command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the open command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-open",
+          "markdownDescription": "Enables the open command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the open command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-open",
+          "markdownDescription": "Denies the open command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the save command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-save",
+          "markdownDescription": "Enables the save command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the save command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-save",
+          "markdownDescription": "Denies the save command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the confirm command without any pre-configured scope. (**DEPRECATED**: This is now an alias to `allow-message` and will be removed in v3)",
+          "type": "string",
+          "const": "allow-confirm",
+          "markdownDescription": "Enables the confirm command without any pre-configured scope. (**DEPRECATED**: This is now an alias to `allow-message` and will be removed in v3)"
+        },
+        {
+          "description": "Denies the confirm command without any pre-configured scope. (**DEPRECATED**: This is now an alias to `deny-message` and will be removed in v3)",
+          "type": "string",
+          "const": "deny-confirm",
+          "markdownDescription": "Denies the confirm command without any pre-configured scope. (**DEPRECATED**: This is now an alias to `deny-message` and will be removed in v3)"
+        },
+        {
+          "description": "This permission set configures the types of dialogs\navailable from the dialog plugin.\n\n#### Granted Permissions\n\nAll dialog types are enabled.\n\n\n\n#### This default permission set includes:\n\n- `allow-message`\n- `allow-save`\n- `allow-open`",
+          "type": "string",
+          "const": "default",
+          "markdownDescription": "This permission set configures the types of dialogs\navailable from the dialog plugin.\n\n#### Granted Permissions\n\nAll dialog types are enabled.\n\n\n\n#### This default permission set includes:\n\n- `allow-message`\n- `allow-save`\n- `allow-open`"
        }
      ]
    }
@@ -20,6 +20,8 @@ ios = { level = "partial", notes = "Access is restricted to Application folder b
 tauri-plugin = { workspace = true, features = ["build"] }
 schemars = { workspace = true }
 serde = { workspace = true }
+toml = "1.0"
+tauri-utils = { workspace = true }

 [dependencies]
 serde = { workspace = true }
@@ -7,6 +7,8 @@ use std::{
    path::{Path, PathBuf},
 };

+use tauri_utils::acl::manifest::PermissionFile;
+
 #[path = "src/scope.rs"]
 #[allow(dead_code)]
 mod scope;
@@ -75,35 +77,35 @@ const BASE_DIR_VARS: &[&str] = &[
    "APPCACHE",
    "APPLOG",
 ];
-// `write_file` and `read_text_file_lines` allow nested commands, so their permissions are
-// manually authored in `permissions/commands/` instead of being autogenerated from this list.
-const COMMANDS: &[&str] = &[
-    "mkdir",
-    "create",
-    "copy_file",
-    "remove",
-    "rename",
-    "truncate",
-    "ftruncate",
-    "write",
-    "write_text_file",
-    "read_dir",
-    "read_file",
-    "read",
-    "open",
-    "read_text_file",
-    "read_text_file_lines_next",
-    "seek",
-    "stat",
-    "lstat",
-    "fstat",
-    "exists",
-    "watch",
+const COMMANDS: &[(&str, &[&str])] = &[
+    ("mkdir", &[]),
+    ("create", &[]),
+    ("copy_file", &[]),
+    ("remove", &[]),
+    ("rename", &[]),
+    ("truncate", &[]),
+    ("ftruncate", &[]),
+    ("write", &[]),
+    ("write_file", &["open", "write"]),
+    ("write_text_file", &[]),
+    ("read_dir", &[]),
+    ("read_file", &[]),
+    ("read", &[]),
+    ("open", &[]),
+    ("read_text_file", &[]),
+    ("read_text_file_lines", &["read_text_file_lines_next"]),
+    ("read_text_file_lines_next", &[]),
+    ("seek", &[]),
+    ("stat", &[]),
+    ("lstat", &[]),
+    ("fstat", &[]),
+    ("exists", &[]),
+    ("watch", &[]),
    // TODO: Remove this in v3
-    "unwatch",
-    "size",
-    "start_accessing_security_scoped_resource",
-    "stop_accessing_security_scoped_resource",
+    ("unwatch", &[]),
+    ("size", &[]),
+    ("start_accessing_security_scoped_resource", &[]),
+    ("stop_accessing_security_scoped_resource", &[]),
 ];

 fn main() {
@@ -209,12 +211,59 @@ permissions = [
        }
    }

-    tauri_plugin::Builder::new(COMMANDS)
-        .global_api_script_path("./api-iife.js")
-        .global_scope_schema(
-            schemars::SchemaGenerator::new(schemars::generate::SchemaSettings::draft07())
-                .into_root_schema_for::<FsScopeEntry>(),
-        )
-        .android_path("android")
-        .build();
+    tauri_plugin::Builder::new(
+        &COMMANDS
+            .iter()
+            // FIXME: https://docs.rs/crate/tauri-plugin-fs/2.1.0/builds/1571296
+            .filter(|c| c.1.is_empty())
+            .map(|c| c.0)
+            .collect::<Vec<_>>(),
+    )
+    .global_api_script_path("./api-iife.js")
+    .global_scope_schema(schemars::schema_for!(FsScopeEntry))
+    .android_path("android")
+    .build();
+
+    // workaround to include nested permissions as `tauri_plugin` doesn't support it
+    let permissions_dir = autogenerated.join("commands");
+    for (command, nested_commands) in COMMANDS {
+        if nested_commands.is_empty() {
+            continue;
+        }
+
+        let permission_path = permissions_dir.join(format!("{command}.toml"));
+
+        let content = std::fs::read_to_string(&permission_path)
+            .unwrap_or_else(|_| panic!("failed to read {command}.toml"));
+
+        let mut permission_file = toml::from_str::<PermissionFile>(&content)
+            .unwrap_or_else(|_| panic!("failed to deserialize {command}.toml"));
+
+        for p in permission_file
+            .permission
+            .iter_mut()
+            .filter(|p| p.identifier.starts_with("allow"))
+        {
+            for c in nested_commands.iter().map(|s| s.to_string()) {
+                if !p.commands.allow.contains(&c) {
+                    p.commands.allow.push(c);
+                }
+            }
+        }
+
+        let out = toml::to_string_pretty(&permission_file)
+            .unwrap_or_else(|_| panic!("failed to serialize {command}.toml"));
+        let out = format!(
+            r#"# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+{out}"#
+        );
+
+        if content != out {
+            std::fs::write(permission_path, out)
+                .unwrap_or_else(|_| panic!("failed to write {command}.toml"));
+        }
+    }
 }
@@ -1,5 +0,0 @@
-# Automatically generated - DO NOT EDIT!
-
-"$schema" = "../../schemas/schema.json"
-
-commands = ["mkdir","create","copy_file","remove","rename","truncate","ftruncate","write","write_text_file","read_dir","read_file","read","open","read_text_file","read_text_file_lines_next","seek","stat","lstat","fstat","exists","watch","unwatch","size","start_accessing_security_scoped_resource","stop_accessing_security_scoped_resource"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-copy-file"
+description = "Enables the copy_file command without any pre-configured scope."
+commands.allow = ["copy_file"]
+
+[[permission]]
+identifier = "deny-copy-file"
+description = "Denies the copy_file command without any pre-configured scope."
+commands.deny = ["copy_file"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-create"
+description = "Enables the create command without any pre-configured scope."
+commands.allow = ["create"]
+
+[[permission]]
+identifier = "deny-create"
+description = "Denies the create command without any pre-configured scope."
+commands.deny = ["create"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-exists"
+description = "Enables the exists command without any pre-configured scope."
+commands.allow = ["exists"]
+
+[[permission]]
+identifier = "deny-exists"
+description = "Denies the exists command without any pre-configured scope."
+commands.deny = ["exists"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-fstat"
+description = "Enables the fstat command without any pre-configured scope."
+commands.allow = ["fstat"]
+
+[[permission]]
+identifier = "deny-fstat"
+description = "Denies the fstat command without any pre-configured scope."
+commands.deny = ["fstat"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-ftruncate"
+description = "Enables the ftruncate command without any pre-configured scope."
+commands.allow = ["ftruncate"]
+
+[[permission]]
+identifier = "deny-ftruncate"
+description = "Denies the ftruncate command without any pre-configured scope."
+commands.deny = ["ftruncate"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-lstat"
+description = "Enables the lstat command without any pre-configured scope."
+commands.allow = ["lstat"]
+
+[[permission]]
+identifier = "deny-lstat"
+description = "Denies the lstat command without any pre-configured scope."
+commands.deny = ["lstat"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-mkdir"
+description = "Enables the mkdir command without any pre-configured scope."
+commands.allow = ["mkdir"]
+
+[[permission]]
+identifier = "deny-mkdir"
+description = "Denies the mkdir command without any pre-configured scope."
+commands.deny = ["mkdir"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-open"
+description = "Enables the open command without any pre-configured scope."
+commands.allow = ["open"]
+
+[[permission]]
+identifier = "deny-open"
+description = "Denies the open command without any pre-configured scope."
+commands.deny = ["open"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-read"
+description = "Enables the read command without any pre-configured scope."
+commands.allow = ["read"]
+
+[[permission]]
+identifier = "deny-read"
+description = "Denies the read command without any pre-configured scope."
+commands.deny = ["read"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-read-dir"
+description = "Enables the read_dir command without any pre-configured scope."
+commands.allow = ["read_dir"]
+
+[[permission]]
+identifier = "deny-read-dir"
+description = "Denies the read_dir command without any pre-configured scope."
+commands.deny = ["read_dir"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-read-file"
+description = "Enables the read_file command without any pre-configured scope."
+commands.allow = ["read_file"]
+
+[[permission]]
+identifier = "deny-read-file"
+description = "Denies the read_file command without any pre-configured scope."
+commands.deny = ["read_file"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-read-text-file"
+description = "Enables the read_text_file command without any pre-configured scope."
+commands.allow = ["read_text_file"]
+
+[[permission]]
+identifier = "deny-read-text-file"
+description = "Denies the read_text_file command without any pre-configured scope."
+commands.deny = ["read_text_file"]
@@ -0,0 +1,22 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-read-text-file-lines"
+description = "Enables the read_text_file_lines command without any pre-configured scope."
+
+[permission.commands]
+allow = [
+    "read_text_file_lines",
+    "read_text_file_lines_next",
+]
+deny = []
+
+[[permission]]
+identifier = "deny-read-text-file-lines"
+description = "Denies the read_text_file_lines command without any pre-configured scope."
+
+[permission.commands]
+allow = []
+deny = ["read_text_file_lines"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-read-text-file-lines-next"
+description = "Enables the read_text_file_lines_next command without any pre-configured scope."
+commands.allow = ["read_text_file_lines_next"]
+
+[[permission]]
+identifier = "deny-read-text-file-lines-next"
+description = "Denies the read_text_file_lines_next command without any pre-configured scope."
+commands.deny = ["read_text_file_lines_next"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-remove"
+description = "Enables the remove command without any pre-configured scope."
+commands.allow = ["remove"]
+
+[[permission]]
+identifier = "deny-remove"
+description = "Denies the remove command without any pre-configured scope."
+commands.deny = ["remove"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-rename"
+description = "Enables the rename command without any pre-configured scope."
+commands.allow = ["rename"]
+
+[[permission]]
+identifier = "deny-rename"
+description = "Denies the rename command without any pre-configured scope."
+commands.deny = ["rename"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-seek"
+description = "Enables the seek command without any pre-configured scope."
+commands.allow = ["seek"]
+
+[[permission]]
+identifier = "deny-seek"
+description = "Denies the seek command without any pre-configured scope."
+commands.deny = ["seek"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-size"
+description = "Enables the size command without any pre-configured scope."
+commands.allow = ["size"]
+
+[[permission]]
+identifier = "deny-size"
+description = "Denies the size command without any pre-configured scope."
+commands.deny = ["size"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-start-accessing-security-scoped-resource"
+description = "Enables the start_accessing_security_scoped_resource command without any pre-configured scope."
+commands.allow = ["start_accessing_security_scoped_resource"]
+
+[[permission]]
+identifier = "deny-start-accessing-security-scoped-resource"
+description = "Denies the start_accessing_security_scoped_resource command without any pre-configured scope."
+commands.deny = ["start_accessing_security_scoped_resource"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-stat"
+description = "Enables the stat command without any pre-configured scope."
+commands.allow = ["stat"]
+
+[[permission]]
+identifier = "deny-stat"
+description = "Denies the stat command without any pre-configured scope."
+commands.deny = ["stat"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-stop-accessing-security-scoped-resource"
+description = "Enables the stop_accessing_security_scoped_resource command without any pre-configured scope."
+commands.allow = ["stop_accessing_security_scoped_resource"]
+
+[[permission]]
+identifier = "deny-stop-accessing-security-scoped-resource"
+description = "Denies the stop_accessing_security_scoped_resource command without any pre-configured scope."
+commands.deny = ["stop_accessing_security_scoped_resource"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-truncate"
+description = "Enables the truncate command without any pre-configured scope."
+commands.allow = ["truncate"]
+
+[[permission]]
+identifier = "deny-truncate"
+description = "Denies the truncate command without any pre-configured scope."
+commands.deny = ["truncate"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-unwatch"
+description = "Enables the unwatch command without any pre-configured scope."
+commands.allow = ["unwatch"]
+
+[[permission]]
+identifier = "deny-unwatch"
+description = "Denies the unwatch command without any pre-configured scope."
+commands.deny = ["unwatch"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-watch"
+description = "Enables the watch command without any pre-configured scope."
+commands.allow = ["watch"]
+
+[[permission]]
+identifier = "deny-watch"
+description = "Denies the watch command without any pre-configured scope."
+commands.deny = ["watch"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-write"
+description = "Enables the write command without any pre-configured scope."
+commands.allow = ["write"]
+
+[[permission]]
+identifier = "deny-write"
+description = "Denies the write command without any pre-configured scope."
+commands.deny = ["write"]
@@ -0,0 +1,23 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-write-file"
+description = "Enables the write_file command without any pre-configured scope."
+
+[permission.commands]
+allow = [
+    "write_file",
+    "open",
+    "write",
+]
+deny = []
+
+[[permission]]
+identifier = "deny-write-file"
+description = "Denies the write_file command without any pre-configured scope."
+
+[permission.commands]
+allow = []
+deny = ["write_file"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-write-text-file"
+description = "Enables the write_text_file command without any pre-configured scope."
+commands.allow = ["write_text_file"]
+
+[[permission]]
+identifier = "deny-write-text-file"
+description = "Denies the write_text_file command without any pre-configured scope."
+commands.deny = ["write_text_file"]
@@ -3279,6 +3279,32 @@ Denies the read_text_file command without any pre-configured scope.
 <tr>
 <td>

+`fs:allow-read-text-file-lines`
+
+</td>
+<td>
+
+Enables the read_text_file_lines command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`fs:deny-read-text-file-lines`
+
+</td>
+<td>
+
+Denies the read_text_file_lines command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
 `fs:allow-read-text-file-lines-next`

 </td>
@@ -3591,58 +3617,6 @@ Denies the write command without any pre-configured scope.
 <tr>
 <td>

-`fs:allow-write-text-file`
-
-</td>
-<td>
-
-Enables the write_text_file command without any pre-configured scope.
-
-</td>
-</tr>
-
-<tr>
-<td>
-
-`fs:deny-write-text-file`
-
-</td>
-<td>
-
-Denies the write_text_file command without any pre-configured scope.
-
-</td>
-</tr>
-
-<tr>
-<td>
-
-`fs:allow-read-text-file-lines`
-
-</td>
-<td>
-
-Enables the read_text_file_lines command without any pre-configured scope.
-
-</td>
-</tr>
-
-<tr>
-<td>
-
-`fs:deny-read-text-file-lines`
-
-</td>
-<td>
-
-Denies the read_text_file_lines command without any pre-configured scope.
-
-</td>
-</tr>
-
-<tr>
-<td>
-
 `fs:allow-write-file`

 </td>
@@ -3669,6 +3643,32 @@ Denies the write_file command without any pre-configured scope.
 <tr>
 <td>

+`fs:allow-write-text-file`
+
+</td>
+<td>
+
+Enables the write_text_file command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`fs:deny-write-text-file`
+
+</td>
+<td>
+
+Denies the write_text_file command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
 `fs:create-app-specific-dirs`

 </td>
@@ -1,17 +0,0 @@
-"$schema" = "../schemas/schema.json"
-
-# This command allows nested commands, so its permissions are manually
-# authored here instead of being autogenerated from the `COMMANDS` list in `build.rs`.
-
-[[permission]]
-identifier = "allow-read-text-file-lines"
-description = "Enables the read_text_file_lines command without any pre-configured scope."
-commands.allow = [
-  "read_text_file_lines",
-  "read_text_file_lines_next",
-]
-
-[[permission]]
-identifier = "deny-read-text-file-lines"
-description = "Denies the read_text_file_lines command without any pre-configured scope."
-commands.deny = ["read_text_file_lines"]
@@ -1,18 +0,0 @@
-"$schema" = "../schemas/schema.json"
-
-# This command allows nested commands, so its permissions are manually
-# authored here instead of being autogenerated from the `COMMANDS` list in `build.rs`.
-
-[[permission]]
-identifier = "allow-write-file"
-description = "Enables the write_file command without any pre-configured scope."
-commands.allow = [
-  "write_file",
-  "open",
-  "write",
-]
-
-[[permission]]
-identifier = "deny-write-file"
-description = "Denies the write_file command without any pre-configured scope."
-commands.deny = ["write_file"]
@@ -707,7 +707,7 @@ pub async fn read_text_file_lines_next<R: Runtime>(
    let lines = resource_table.get::<StdLinesResource>(rid)?;

    let ret = StdLinesResource::with_lock(&lines, |lines| -> CommandResult<Vec<u8>> {
-        // This is an optimization to include wether we finished iteration or not (1 or 0)
+        // This is an optimization to include whether we finished iteration or not (1 or 0)
        // at the end of returned vector so we can use `tauri::ipc::Response`
        // and avoid serialization overhead of separate values.
        match lines.next() {
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-check-permissions"
+description = "Enables the check_permissions command without any pre-configured scope."
+commands.allow = ["check_permissions"]
+
+[[permission]]
+identifier = "deny-check-permissions"
+description = "Denies the check_permissions command without any pre-configured scope."
+commands.deny = ["check_permissions"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-clear-permissions"
+description = "Enables the clear_permissions command without any pre-configured scope."
+commands.allow = ["clear_permissions"]
+
+[[permission]]
+identifier = "deny-clear-permissions"
+description = "Denies the clear_permissions command without any pre-configured scope."
+commands.deny = ["clear_permissions"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-clear-watch"
+description = "Enables the clear_watch command without any pre-configured scope."
+commands.allow = ["clear_watch"]
+
+[[permission]]
+identifier = "deny-clear-watch"
+description = "Denies the clear_watch command without any pre-configured scope."
+commands.deny = ["clear_watch"]
@@ -1,5 +0,0 @@
-# Automatically generated - DO NOT EDIT!
-
-"$schema" = "../../schemas/schema.json"
-
-commands = ["get_current_position","watch_position","clear_watch","check_permissions","request_permissions"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-get-current-position"
+description = "Enables the get_current_position command without any pre-configured scope."
+commands.allow = ["get_current_position"]
+
+[[permission]]
+identifier = "deny-get-current-position"
+description = "Denies the get_current_position command without any pre-configured scope."
+commands.deny = ["get_current_position"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-request-permissions"
+description = "Enables the request_permissions command without any pre-configured scope."
+commands.allow = ["request_permissions"]
+
+[[permission]]
+identifier = "deny-request-permissions"
+description = "Denies the request_permissions command without any pre-configured scope."
+commands.deny = ["request_permissions"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-watch-position"
+description = "Enables the watch_position command without any pre-configured scope."
+commands.allow = ["watch_position"]
+
+[[permission]]
+identifier = "deny-watch-position"
+description = "Denies the watch_position command without any pre-configured scope."
+commands.deny = ["watch_position"]
@@ -36,6 +36,32 @@ Denies the check_permissions command without any pre-configured scope.
 <tr>
 <td>

+`geolocation:allow-clear-permissions`
+
+</td>
+<td>
+
+Enables the clear_permissions command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`geolocation:deny-clear-permissions`
+
+</td>
+<td>
+
+Denies the clear_permissions command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
 `geolocation:allow-clear-watch`

 </td>
@@ -24,17 +24,10 @@
    },
    "permission": {
      "description": "A list of inlined permissions",
+      "default": [],
      "type": "array",
      "items": {
        "$ref": "#/definitions/Permission"
-      },
-      "default": []
-    },
-    "commands": {
-      "description": "A list of command names that get `allow-$command` and `deny-$command` permissions\nautogenerated on demand instead of being stored as explicit permissions.\n\nSee [`Manifest::command_permission`] and the ACL resolver for how these are expanded.",
-      "type": "array",
-      "items": {
-        "type": "string"
      }
    }
  },
@@ -42,6 +35,9 @@
    "DefaultPermission": {
      "description": "The default permission set of the plugin.\n\nWorks similarly to a permission with the \"default\" identifier.",
      "type": "object",
+      "required": [
+        "permissions"
+      ],
      "properties": {
        "version": {
          "description": "The version of the permission.",
@@ -50,10 +46,10 @@
            "null"
          ],
          "format": "uint64",
-          "minimum": 1
+          "minimum": 1.0
        },
        "description": {
-          "description": "Human-readable description of what the permission does.\nTauri convention is to use `<h4>` headings in markdown content\nfor Tauri documentation generation purposes.",
+          "description": "Human-readable description of what the permission does. Tauri convention is to use `<h4>` headings in markdown content for Tauri documentation generation purposes.",
          "type": [
            "string",
            "null"
@@ -66,14 +62,16 @@
            "type": "string"
          }
        }
-      },
-      "required": [
-        "permissions"
-      ]
+      }
    },
    "PermissionSet": {
      "description": "A set of direct permissions grouped together under a new name.",
      "type": "object",
+      "required": [
+        "description",
+        "identifier",
+        "permissions"
+      ],
      "properties": {
        "identifier": {
          "description": "A unique identifier for the permission.",
@@ -87,19 +85,17 @@
          "description": "All permissions this set contains.",
          "type": "array",
          "items": {
-            "type": "string"
+            "$ref": "#/definitions/PermissionKind"
          }
        }
-      },
-      "required": [
-        "identifier",
-        "description",
-        "permissions"
-      ]
+      }
    },
    "Permission": {
      "description": "Descriptions of explicit privileges of commands.\n\nIt can enable commands to be accessible in the frontend of the application.\n\nIf the scope is defined it can be used to fine grain control the access of individual or multiple commands.",
      "type": "object",
+      "required": [
+        "identifier"
+      ],
      "properties": {
        "version": {
          "description": "The version of the permission.",
@@ -108,14 +104,14 @@
            "null"
          ],
          "format": "uint64",
-          "minimum": 1
+          "minimum": 1.0
        },
        "identifier": {
          "description": "A unique identifier for the permission.",
          "type": "string"
        },
        "description": {
-          "description": "Human-readable description of what the permission does.\nTauri internal convention is to use `<h4>` headings in markdown content\nfor Tauri documentation generation purposes.",
+          "description": "Human-readable description of what the permission does. Tauri internal convention is to use `<h4>` headings in markdown content for Tauri documentation generation purposes.",
          "type": [
            "string",
            "null"
@@ -151,10 +147,7 @@
            "$ref": "#/definitions/Target"
          }
        }
-      },
-      "required": [
-        "identifier"
-      ]
+      }
    },
    "Commands": {
      "description": "Allowed and denied commands inside a permission.\n\nIf two commands clash inside of `allow` and `deny`, it should be denied by default.",
@@ -162,24 +155,24 @@
      "properties": {
        "allow": {
          "description": "Allowed command.",
+          "default": [],
          "type": "array",
          "items": {
            "type": "string"
-          },
-          "default": []
+          }
        },
        "deny": {
          "description": "Denied command, which takes priority.",
+          "default": [],
          "type": "array",
          "items": {
            "type": "string"
-          },
-          "default": []
+          }
        }
      }
    },
    "Scopes": {
-      "description": "An argument for fine grained behavior control of Tauri commands.\n\nIt can be of any serde serializable type and is used to allow or prevent certain actions inside a Tauri command.\nThe configured scope is passed to the command and will be enforced by the command implementation.\n\n## Example\n\n```json\n{\n  \"allow\": [{ \"path\": \"$HOME/**\" }],\n  \"deny\": [{ \"path\": \"$HOME/secret.txt\" }]\n}\n```",
+      "description": "An argument for fine grained behavior control of Tauri commands.\n\nIt can be of any serde serializable type and is used to allow or prevent certain actions inside a Tauri command. The configured scope is passed to the command and will be enforced by the command implementation.\n\n## Example\n\n```json { \"allow\": [{ \"path\": \"$HOME/**\" }], \"deny\": [{ \"path\": \"$HOME/secret.txt\" }] } ```",
      "type": "object",
      "properties": {
        "allow": {
@@ -264,27 +257,114 @@
        {
          "description": "MacOS.",
          "type": "string",
-          "const": "macOS"
+          "enum": [
+            "macOS"
+          ]
        },
        {
          "description": "Windows.",
          "type": "string",
-          "const": "windows"
+          "enum": [
+            "windows"
+          ]
        },
        {
          "description": "Linux.",
          "type": "string",
-          "const": "linux"
+          "enum": [
+            "linux"
+          ]
        },
        {
          "description": "Android.",
          "type": "string",
-          "const": "android"
+          "enum": [
+            "android"
+          ]
        },
        {
          "description": "iOS.",
          "type": "string",
-          "const": "iOS"
+          "enum": [
+            "iOS"
+          ]
+        }
+      ]
+    },
+    "PermissionKind": {
+      "type": "string",
+      "oneOf": [
+        {
+          "description": "Enables the check_permissions command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-check-permissions",
+          "markdownDescription": "Enables the check_permissions command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the check_permissions command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-check-permissions",
+          "markdownDescription": "Denies the check_permissions command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the clear_permissions command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-clear-permissions",
+          "markdownDescription": "Enables the clear_permissions command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the clear_permissions command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-clear-permissions",
+          "markdownDescription": "Denies the clear_permissions command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the clear_watch command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-clear-watch",
+          "markdownDescription": "Enables the clear_watch command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the clear_watch command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-clear-watch",
+          "markdownDescription": "Denies the clear_watch command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the get_current_position command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-get-current-position",
+          "markdownDescription": "Enables the get_current_position command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the get_current_position command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-get-current-position",
+          "markdownDescription": "Denies the get_current_position command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the request_permissions command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-request-permissions",
+          "markdownDescription": "Enables the request_permissions command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the request_permissions command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-request-permissions",
+          "markdownDescription": "Denies the request_permissions command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the watch_position command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-watch-position",
+          "markdownDescription": "Enables the watch_position command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the watch_position command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-watch-position",
+          "markdownDescription": "Denies the watch_position command without any pre-configured scope."
        }
      ]
    }
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
renovate[bot]	08db3899b8	chore(deps): update typescript-eslint monorepo to v8.61.1	2026-06-18 20:31:17 +00:00
Tony	41f6274270	docs(log): some builder methods and defaults (#3460 ) * docs(log): some builder methods and defaults * Too much copy pastes * Merge branch 'v2' into log-docs	2026-06-17 18:38:28 +08:00
Bajoca	f08980f123	feat(log): rotate log file on each session (#3445 ) * Update lib.rs * docstring for file_open_strategy * Create log-file-open-strategy.md * Update plugins/log/src/lib.rs Co-authored-by: Tony <68118705+Legend-Master@users.noreply.github.com> --------- Co-authored-by: Tony <68118705+Legend-Master@users.noreply.github.com>	2026-06-17 16:25:24 +08:00
renovate[bot]	78df86f810	chore(deps): update dependency vite to v8.0.16 [security] (#3458 ) * chore(deps): update dependency vite to v8.0.16 [security] * Bump esbuild --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Tony <legendmastertony@gmail.com>	2026-06-16 11:18:07 +08:00
nandanpugalia	aecec42d5d	docs(http): fix connectTimeout option in README (#3451 )	2026-06-15 10:08:31 +02:00
renovate[bot]	0767dcbd5c	chore(deps): update dependency eslint-plugin-security to v4.0.1 (#3452 )	2026-06-15 09:59:15 +02:00
Slava Minamoto	4be7690085	fix(positioner): return error instead of panicking when window has no monitor (#3449 )	2026-06-11 21:05:20 +08:00
dependabot[bot]	c2b3981248	chore(deps): bump tar in /plugins/updater/tests/updater-migration/v1-app (#3448 ) Bumps [tar](https://github.com/composefs/tar-rs) from 0.4.45 to 0.4.46. - [Release notes](https://github.com/composefs/tar-rs/releases) - [Commits](https://github.com/composefs/tar-rs/compare/0.4.45...0.4.46) --- updated-dependencies: - dependency-name: tar dependency-version: 0.4.46 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-06-11 14:44:45 +08:00
beef	0c23b8ecfe	remove unused dependency `byte-unit` from log plugin (#3446 ) * remove unused dependency `byte-unit` from log plugin * Update .changes/rmdep.md Co-authored-by: Tony <68118705+Legend-Master@users.noreply.github.com> * Update .changes/rmdep.md Co-authored-by: Tony <68118705+Legend-Master@users.noreply.github.com> --------- Co-authored-by: Tony <68118705+Legend-Master@users.noreply.github.com>	2026-06-11 14:24:37 +08:00
renovate[bot]	4350ca652d	chore(deps): update rust crate tar to v0.4.46 [security] (#3435 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2026-05-30 22:03:15 +08:00
renovate[bot]	1953f00188	chore(deps): update dependency prettier to v3.8.3 (#3387 )	2026-05-28 16:14:25 +02:00
github-actions[bot]	9883f396dc	Publish New Versions (v2) (#3425 )	2026-05-28 12:06:17 +02:00
zankowitch alexis	d8645ab3e5	fix(barcode-scanner): dispatch iOS cancel() cleanup to the main thread (#3393 ) Signed-off-by: Alexis Zankowitch <a.zankowitch@reply.de>	2026-05-28 11:46:25 +02:00
renovate[bot]	cb863d57c6	chore(deps): update rust crate global-hotkey to 0.8 (#3408 ) Co-authored-by: Fabian-Lars <30730186+FabianLars@users.noreply.github.com>	2026-05-27 11:50:02 +02:00
FabianLars	d67e4f8cdc	chore(deps): update rand	2026-05-27 10:30:18 +02:00
Jsu	e571e0be9d	docs(fs): typo wether -> whether in commands.rs (#3429 )	2026-05-23 21:28:55 +02:00
renovate[bot]	83ac944abf	chore(deps): update dependency @tauri-apps/cli to v2.11.2 (#3427 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2026-05-20 10:07:23 +08:00
dependabot[bot]	0139c54d0e	chore(deps): bump openssl (#3428 ) Bumps [openssl](https://github.com/rust-openssl/rust-openssl) from 0.10.79 to 0.10.80. - [Release notes](https://github.com/rust-openssl/rust-openssl/releases) - [Commits](https://github.com/rust-openssl/rust-openssl/compare/openssl-v0.10.79...openssl-v0.10.80) --- updated-dependencies: - dependency-name: openssl dependency-version: 0.10.80 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-05-20 10:06:59 +08:00
renovate[bot]	cad34b73fa	chore(deps): update dependency eslint to v10.4.0 (#3400 ) * chore(deps): update dependency eslint to v10.4.0 * Fix audit --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Tony <legendmastertony@gmail.com>	2026-05-20 09:58:26 +08:00
Urs de Swardt	c0d64bf7d9	fix: replace panics with error returns (#3420 ) * refactor: replace panics with error returns * fix: lints * chore: add changes md	2026-05-18 21:56:33 +08:00