lockfile

switch to upstream linux backend again
Merge remote-tracking branch 'origin/v2' into plugin/secure-storage
2026-05-01 12:08:06 +02:00 · 2025-11-22 19:50:43 +01:00 · 2025-11-22 19:41:40 +01:00 · 2025-11-22 19:34:38 +01:00 · 2025-11-21 10:47:11 +08:00 · 2025-11-20 22:28:13 +01:00
105 changed files with 2749 additions and 778 deletions
@@ -0,0 +1,6 @@
+---
+"dialog-js": minor:feat
+"dialog": minor:feat
+---
+
+Add `xdg-portal` as an optional feature for `rfd`
@@ -0,0 +1,6 @@
+---
+"log": "minor"
+"log-js": "minor"
+---
+
+Allow specifying a log formatter per target using the `format` method on `Target`.
@@ -78,6 +78,7 @@
        "notification",
        "os",
        "process",
+        "secure-storage",
        "shell",
        "store",
        "updater",
@@ -104,6 +105,7 @@
        "notification-js",
        "os-js",
        "process-js",
+        "secure-storage-js",
        "shell-js",
        "store-js",
        "updater-js"
@@ -282,6 +284,14 @@
      "path": "./plugins/process",
      "manager": "javascript"
    },
+    "secure-storage": {
+      "path": "./plugins/secure-storage",
+      "manager": "rust"
+    },
+    "secure-storage-js": {
+      "path": "./plugins/secure-storage",
+      "manager": "javascript"
+    },
    "shell": {
      "path": "./plugins/shell",
      "manager": "rust"
@@ -0,0 +1,6 @@
+---
+stronghold: patch
+stronghold-js: patch
+---
+
+The `stronghold` plugin is now deprecated and will be removed in v3. The `secure-storage` plugin should be a replacement for most use-cases.
@@ -0,0 +1,6 @@
+---
+"dialog": minor
+"dialog-js": minor
+---
+
+Add `pickerMode` option to file picker (currently only used on iOS)
@@ -0,0 +1,5 @@
+---
+"localhost": patch
+---
+
+Disable caching on responses.
@@ -0,0 +1,6 @@
+---
+"barcode-scanner": patch
+"barcode-scanner-js": patch
+---
+
+Fix the `cameraView` is not removed after scanning in iOS.
@@ -0,0 +1,6 @@
+---
+"log": patch
+"log-js": patch
+---
+
+Fix log file rotation when exceeding `max_file_size`.
@@ -0,0 +1,6 @@
+---
+"nfc": "patch"
+"nfc-js": "patch"
+---
+
+Update return value of `isAvailable` to match TypeScript function signature
@@ -0,0 +1,6 @@
+---
+"updater": minor
+"updater-js": minor
+---
+
+Updater plugin now supports all bundle types: Deb, Rpm and AppImage for Linux; NSiS, MSI for Windows. This was added in https://github.com/tauri-apps/plugins-workspace/pull/2624
@@ -0,0 +1,6 @@
+---
+"upload": minor
+"upload-js": minor
+---
+
+Upload plugin now supports specifying an HTTP method i.e. POST, PUT etc.
@@ -101,6 +101,11 @@ jobs:
              - pnpm-lock.yaml
              - plugins/process/guest-js/**
              - plugins/process/src/api-iife.js
+            secure-storage:
+              - .github/workflows/check-generated-files.yml
+              - pnpm-lock.yaml
+              - plugins/secure-storage/guest-js/**
+              - plugins/secure-storage/src/api-iife.js
            shell:
              - .github/workflows/check-generated-files.yml
              - pnpm-lock.yaml
@@ -11,7 +11,7 @@ on:
      - v2

 permissions:
-  # required for npm provenance
+  # required for oidc token
  id-token: write
  # required to create the GitHub Release
  contents: write
@@ -62,7 +62,6 @@ jobs:
        id: covector
        env:
          CARGO_TARGET_DIR: /mnt/target
-          NODE_AUTH_TOKEN: ${{ secrets.ORG_NPM_TOKEN }}
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
          command: 'version-or-publish'
@@ -98,6 +98,9 @@ jobs:
            tauri-plugin-process:
              - .github/workflows/lint-rust.yml
              - plugins/process/**
+            tauri-plugin-secure-storage:
+              - .github/workflows/lint-rust.yml
+              - plugins/secure-storage/**
            tauri-plugin-shell:
              - .github/workflows/lint-rust.yml
              - plugins/shell/**
@@ -154,4 +157,5 @@ jobs:
        run: cargo clippy --package ${{ matrix.package }} --all-targets -- -D warnings

      - name: clippy ${{ matrix.package }} --all-features
+        if: matrix.package != 'tauri-plugin-dialog'
        run: cargo clippy --package ${{ matrix.package }} --all-targets --all-features -- -D warnings
@@ -137,6 +137,11 @@ jobs:
              - Cargo.toml
              - Cargo.lock
              - plugins/process/**
+            tauri-plugin-secure-storage:
+              - .github/workflows/test-rust.yml
+              - Cargo.toml
+              - Cargo.lock
+              - plugins/secure-storage/**
            tauri-plugin-shell:
              - .github/workflows/test-rust.yml
              - Cargo.toml
@@ -219,7 +224,7 @@ jobs:
              target: aarch64-linux-android,
              os: ubuntu-latest,
              runner: 'cross',
-              command: 'build'
+              command: 'build --verbose'
            }

    runs-on: ${{ matrix.platform.os }}
@@ -233,7 +238,7 @@ jobs:
          sudo apt-get update
          sudo apt-get install -y libwebkit2gtk-4.0-dev libwebkit2gtk-4.1-dev

-      - uses: dtolnay/rust-toolchain@1.77.2
+      - uses: dtolnay/rust-toolchain@1.85
        with:
          targets: ${{ matrix.platform.target }}

@@ -246,9 +251,9 @@ jobs:
        run: cargo +stable install cross --git https://github.com/cross-rs/cross

      - name: test ${{ matrix.package }}
-        if: matrix.package != 'tauri-plugin-http'
+        if: matrix.package != 'tauri-plugin-http' && matrix.package != 'tauri-plugin-secure-storage' && matrix.package != 'tauri-plugin-dialog'
        run: ${{ matrix.platform.runner }} ${{ matrix.platform.command }} --package ${{ matrix.package }} --target ${{ matrix.platform.target }} --all-targets --all-features

      - name: test ${{ matrix.package }}
-        if: matrix.package == 'tauri-plugin-http'
+        if: ${{ matrix.package == 'tauri-plugin-http' || matrix.package == 'tauri-plugin-dialog' }}
        run: ${{ matrix.platform.runner }} ${{ matrix.platform.command }} --package ${{ matrix.package }} --target ${{ matrix.platform.target }} --all-targets
@@ -1,2 +1,3 @@
 plugins/*/permissions/autogenerated/
 plugins/*/android/.tauri/tauri-api/build/
+plugins/*/android/build/intermediates/
@@ -117,6 +117,19 @@ version = "0.2.21"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "683d7910e743518b0e34f1186f92494becacb047c7b6bf616c96772180fef923"

+[[package]]
+name = "android-native-keyring-store"
+version = "0.4.0"
+source = "git+https://github.com/FabianLars/android-native-keyring-store#6d59ad7d6a84b1496175754aa00c000a59356da0"
+dependencies = [
+ "base64 0.22.1",
+ "jni",
+ "keyring-core",
+ "ndk-context",
+ "thiserror 2.0.12",
+ "tracing",
+]
+
 [[package]]
 name = "android-tzdata"
 version = "0.1.1"
@@ -230,6 +243,7 @@ dependencies = [
 "tauri-plugin-opener",
 "tauri-plugin-os",
 "tauri-plugin-process",
+ "tauri-plugin-secure-storage",
 "tauri-plugin-shell",
 "tauri-plugin-store",
 "tauri-plugin-updater",
@@ -275,6 +289,17 @@ dependencies = [
 "tauri-plugin-store",
 ]

+[[package]]
+name = "apple-native-keyring-store"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "10f9955235ce557bd0ea2c64d7ff09a887885f515e98572d2640a29520d9c98c"
+dependencies = [
+ "keyring-core",
+ "log",
+ "security-framework 3.5.1",
+]
+
 [[package]]
 name = "arbitrary"
 version = "1.4.1"
@@ -881,6 +906,15 @@ dependencies = [
 "toml 0.8.20",
 ]

+[[package]]
+name = "cbc"
+version = "0.1.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "26b52a9543ae338f279b96b0b9fed9c8093744685043739079ce85cd58f289a6"
+dependencies = [
+ "cipher",
+]
+
 [[package]]
 name = "cc"
 version = "1.2.19"
@@ -965,7 +999,7 @@ dependencies = [
 "iana-time-zone",
 "num-traits",
 "serde",
- "windows-link",
+ "windows-link 0.1.1",
 ]

 [[package]]
@@ -3241,6 +3275,15 @@ dependencies = [
 "unicode-segmentation",
 ]

+[[package]]
+name = "keyring-core"
+version = "0.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "64ad182c4841eb5795af9d20e6e020b65a895517f6a41e6358ed8af74ba35d98"
+dependencies = [
+ "log",
+]
+
 [[package]]
 name = "kqueue"
 version = "1.1.1"
@@ -3772,6 +3815,30 @@ dependencies = [
 "serde",
 ]

+[[package]]
+name = "num"
+version = "0.4.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "35bd024e8b2ff75562e5f34e7f4905839deb4b22955ef5e73d2fea1b9813cb23"
+dependencies = [
+ "num-bigint",
+ "num-complex",
+ "num-integer",
+ "num-iter",
+ "num-rational",
+ "num-traits",
+]
+
+[[package]]
+name = "num-bigint"
+version = "0.4.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a5e44f723f1133c9deac646763579fdb3ac745e418f2a7af9cd0c431da1f20b9"
+dependencies = [
+ "num-integer",
+ "num-traits",
+]
+
 [[package]]
 name = "num-bigint-dig"
 version = "0.8.4"
@@ -3789,6 +3856,15 @@ dependencies = [
 "zeroize",
 ]

+[[package]]
+name = "num-complex"
+version = "0.4.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "73f88a1307638156682bada9d7604135552957b7818057dcef22705b4d509495"
+dependencies = [
+ "num-traits",
+]
+
 [[package]]
 name = "num-conv"
 version = "0.1.0"
@@ -3815,6 +3891,17 @@ dependencies = [
 "num-traits",
 ]

+[[package]]
+name = "num-rational"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f83d14da390562dca69fc84082e73e548e1ad308d24accdedd2720017cb37824"
+dependencies = [
+ "num-bigint",
+ "num-integer",
+ "num-traits",
+]
+
 [[package]]
 name = "num-traits"
 version = "0.2.19"
@@ -4565,6 +4652,12 @@ dependencies = [
 "windows-sys 0.59.0",
 ]

+[[package]]
+name = "pollster"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2f3a9f18d041e6d0e102a0a46750538147e5e8992d3b4873aaafee2520b00ce3"
+
 [[package]]
 name = "poly1305"
 version = "0.8.0"
@@ -5094,7 +5187,9 @@ dependencies = [
 "objc2-app-kit",
 "objc2-core-foundation",
 "objc2-foundation 0.3.0",
+ "pollster",
 "raw-window-handle",
+ "urlencoding",
 "wasm-bindgen",
 "wasm-bindgen-futures",
 "web-sys",
@@ -5290,7 +5385,7 @@ dependencies = [
 "openssl-probe",
 "rustls-pki-types",
 "schannel",
- "security-framework 3.2.0",
+ "security-framework 3.5.1",
 ]

 [[package]]
@@ -5437,6 +5532,25 @@ dependencies = [
 "zeroize",
 ]

+[[package]]
+name = "secret-service"
+version = "5.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9a62d7f86047af0077255a29494136b9aaaf697c76ff70b8e49cded4e2623c14"
+dependencies = [
+ "aes",
+ "cbc",
+ "futures-util",
+ "generic-array",
+ "getrandom 0.2.15",
+ "hkdf",
+ "num",
+ "once_cell",
+ "serde",
+ "sha2",
+ "zbus",
+]
+
 [[package]]
 name = "security-framework"
 version = "2.11.1"
@@ -5452,9 +5566,9 @@ dependencies = [

 [[package]]
 name = "security-framework"
-version = "3.2.0"
+version = "3.5.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "271720403f46ca04f7ba6f55d438f8bd878d6b8ca0a1046e8228c4145bcbb316"
+checksum = "b3297343eaf830f66ede390ea39da1d462b6b0c1b000f420d0a83f898bbbe6ef"
 dependencies = [
 "bitflags 2.9.0",
 "core-foundation 0.10.0",
@@ -5465,9 +5579,9 @@ dependencies = [

 [[package]]
 name = "security-framework-sys"
-version = "2.14.0"
+version = "2.15.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "49db231d56a190491cb4aeda9527f1ad45345af50b0851622a7adb8c03b01c32"
+checksum = "cc1f0cbffaac4852523ce30d8bd3c5cdc873501d96ff467ca09b6767bb8cd5c0"
 dependencies = [
 "core-foundation-sys",
 "libc",
@@ -6816,6 +6930,23 @@ dependencies = [
 "tauri-plugin",
 ]

+[[package]]
+name = "tauri-plugin-secure-storage"
+version = "2.0.0"
+dependencies = [
+ "android-native-keyring-store",
+ "apple-native-keyring-store",
+ "keyring-core",
+ "log",
+ "serde",
+ "serde_json",
+ "tauri",
+ "tauri-plugin",
+ "thiserror 2.0.12",
+ "windows-native-keyring-store",
+ "zbus-secret-service-keyring-store",
+]
+
 [[package]]
 name = "tauri-plugin-shell"
 version = "2.3.3"
@@ -7739,6 +7870,12 @@ dependencies = [
 "serde",
 ]

+[[package]]
+name = "urlencoding"
+version = "2.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "daf8dba3b7eb870caf1ddeed7bc9d2a049f3cfdfae7cb521b087cc33ae4c49da"
+
 [[package]]
 name = "urlpattern"
 version = "0.3.0"
@@ -8261,7 +8398,7 @@ dependencies = [
 "windows-collections",
 "windows-core",
 "windows-future",
- "windows-link",
+ "windows-link 0.1.1",
 "windows-numerics",
 ]

@@ -8282,7 +8419,7 @@ checksum = "4763c1de310c86d75a878046489e2e5ba02c649d185f21c67d4cf8a56d098980"
 dependencies = [
 "windows-implement",
 "windows-interface",
- "windows-link",
+ "windows-link 0.1.1",
 "windows-result",
 "windows-strings 0.4.0",
 ]
@@ -8294,7 +8431,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7a1d6bbefcb7b60acd19828e1bc965da6fcf18a7e39490c5f8be71e54a19ba32"
 dependencies = [
 "windows-core",
- "windows-link",
+ "windows-link 0.1.1",
 ]

 [[package]]
@@ -8325,6 +8462,24 @@ version = "0.1.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "76840935b766e1b0a05c0066835fb9ec80071d4c09a16f6bd5f7e655e3c14c38"

+[[package]]
+name = "windows-link"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f0805222e57f7521d6a62e36fa9163bc891acd422f971defe97d64e70d0a4fe5"
+
+[[package]]
+name = "windows-native-keyring-store"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5d37273ed015cfe7bce6fd684478cdd40435fc84a9ce781404d1fbc61c2d674d"
+dependencies = [
+ "byteorder",
+ "keyring-core",
+ "windows-sys 0.61.2",
+ "zeroize",
+]
+
 [[package]]
 name = "windows-numerics"
 version = "0.2.0"
@@ -8332,7 +8487,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9150af68066c4c5c07ddc0ce30421554771e528bde427614c61038bc2c92c2b1"
 dependencies = [
 "windows-core",
- "windows-link",
+ "windows-link 0.1.1",
 ]

 [[package]]
@@ -8352,7 +8507,7 @@ version = "0.5.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "ad1da3e436dc7653dfdf3da67332e22bff09bb0e28b0239e1624499c7830842e"
 dependencies = [
- "windows-link",
+ "windows-link 0.1.1",
 "windows-result",
 "windows-strings 0.4.0",
 ]
@@ -8363,7 +8518,7 @@ version = "0.3.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c64fd11a4fd95df68efcfee5f44a294fe71b8bc6a91993e2791938abcc712252"
 dependencies = [
- "windows-link",
+ "windows-link 0.1.1",
 ]

 [[package]]
@@ -8372,7 +8527,7 @@ version = "0.3.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "87fa48cc5d406560701792be122a10132491cff9d0aeb23583cc2dcafc847319"
 dependencies = [
- "windows-link",
+ "windows-link 0.1.1",
 ]

 [[package]]
@@ -8381,7 +8536,7 @@ version = "0.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7a2ba9642430ee452d5a7aa78d72907ebe8cfda358e8cb7918a2050581322f97"
 dependencies = [
- "windows-link",
+ "windows-link 0.1.1",
 ]

 [[package]]
@@ -8429,6 +8584,15 @@ dependencies = [
 "windows-targets 0.53.2",
 ]

+[[package]]
+name = "windows-sys"
+version = "0.61.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ae137229bcbd6cdf0f7b80a31df61766145077ddf49416a728b02cb3921ff3fc"
+dependencies = [
+ "windows-link 0.2.1",
+]
+
 [[package]]
 name = "windows-targets"
 version = "0.42.2"
@@ -8497,7 +8661,7 @@ version = "0.1.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e04a5c6627e310a23ad2358483286c7df260c964eb2d003d8efd6d0f4e79265c"
 dependencies = [
- "windows-link",
+ "windows-link 0.1.1",
 ]

 [[package]]
@@ -8932,9 +9096,9 @@ dependencies = [

 [[package]]
 name = "zbus"
-version = "5.9.0"
+version = "5.12.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4bb4f9a464286d42851d18a605f7193b8febaf5b0919d71c6399b7b26e5b0aad"
+checksum = "b622b18155f7a93d1cd2dc8c01d2d6a44e08fb9ebb7b3f9e6ed101488bad6c91"
 dependencies = [
 "async-broadcast",
 "async-executor",
@@ -8957,7 +9121,8 @@ dependencies = [
 "tokio",
 "tracing",
 "uds_windows",
- "windows-sys 0.59.0",
+ "uuid",
+ "windows-sys 0.61.2",
 "winnow 0.7.12",
 "zbus_macros",
 "zbus_names",
@@ -8965,10 +9130,21 @@ dependencies = [
 ]

 [[package]]
-name = "zbus_macros"
-version = "5.9.0"
+name = "zbus-secret-service-keyring-store"
+version = "0.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ef9859f68ee0c4ee2e8cde84737c78e3f4c54f946f2a38645d0d4c7a95327659"
+checksum = "0371a7e111fe248bf8e2d4648faa87b9d59ce4eabc0ff515bc3432a7d8ccf84f"
+dependencies = [
+ "keyring-core",
+ "secret-service",
+ "zbus",
+]
+
+[[package]]
+name = "zbus_macros"
+version = "5.12.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1cdb94821ca8a87ca9c298b5d1cbd80e2a8b67115d99f6e4551ac49e42b6a314"
 dependencies = [
 "proc-macro-crate 3.3.0",
 "proc-macro2",
@@ -26,6 +26,7 @@
    "@tauri-apps/plugin-opener": "^2.5.2",
    "@tauri-apps/plugin-os": "^2.3.2",
    "@tauri-apps/plugin-process": "^2.3.1",
+    "@tauri-apps/plugin-secure-storage": "file:../../plugins/secure-storage",
    "@tauri-apps/plugin-shell": "^2.3.3",
    "@tauri-apps/plugin-store": "^2.4.1",
    "@tauri-apps/plugin-updater": "^2.9.0",
@@ -36,7 +37,7 @@
    "@iconify-json/codicon": "^1.2.12",
    "@iconify-json/ph": "^1.2.2",
    "@sveltejs/vite-plugin-svelte": "^6.0.0",
-    "@tauri-apps/cli": "2.9.1",
+    "@tauri-apps/cli": "2.9.4",
    "@unocss/extractor-svelte": "^66.3.3",
    "svelte": "^5.20.4",
    "unocss": "^66.3.3",
@@ -36,6 +36,7 @@ tauri-plugin-notification = { path = "../../../plugins/notification", version =
 tauri-plugin-os = { path = "../../../plugins/os", version = "2.3.2" }
 tauri-plugin-process = { path = "../../../plugins/process", version = "2.3.1" }
 tauri-plugin-opener = { path = "../../../plugins/opener", version = "2.5.2" }
+tauri-plugin-secure-storage = { path = "../../../plugins/secure-storage" }
 tauri-plugin-shell = { path = "../../../plugins/shell", version = "2.3.3" }
 tauri-plugin-store = { path = "../../../plugins/store", version = "2.4.1" }
 tauri-plugin-upload = { path = "../../../plugins/upload", version = "2.3.0" }
@@ -102,6 +102,10 @@
      "identifier": "opener:allow-open-path",
      "allow": [{ "path": "$APPDATA" }, { "path": "$APPDATA/**" }]
    },
-    "upload:default"
+    "upload:default",
+    "secure-storage:allow-get-string",
+    "secure-storage:allow-set-string",
+    "secure-storage:allow-get-binary",
+    "secure-storage:allow-set-binary"
  ]
 }
@@ -14,11 +14,11 @@ pub struct RequestBody {

 #[command]
 pub fn log_operation(event: String, payload: Option<String>) {
-    log::info!("{} {:?}", event, payload);
+    log::info!("{event} {payload:?}");
 }

 #[command]
 pub fn perform_request(endpoint: String, body: RequestBody) -> String {
-    println!("{} {:?}", endpoint, body);
+    println!("{endpoint} {body:?}");
    "message response".into()
 }
@@ -38,6 +38,7 @@ pub fn run() {
        .plugin(tauri_plugin_process::init())
        .plugin(tauri_plugin_opener::init())
        .plugin(tauri_plugin_shell::init())
+        .plugin(tauri_plugin_secure_storage::init())
        .plugin(tauri_plugin_store::Builder::default().build())
        .plugin(tauri_plugin_upload::init())
        .setup(move |app| {
@@ -23,6 +23,7 @@
  import Biometric from './views/Biometric.svelte'
  import Geolocation from './views/Geolocation.svelte'
  import Haptics from './views/Haptics.svelte'
+  import SecureStorage from './views/SecureStorage.svelte'

  import { onMount, tick } from 'svelte'
  import { ask } from '@tauri-apps/plugin-dialog'
@@ -103,6 +104,11 @@
      component: Store,
      icon: 'i-codicon-file-code'
    },
+    {
+      label: 'SecureStorage',
+      component: SecureStorage,
+      icon: 'i-codicon-file-code'
+    },
    !isMobile && {
      label: 'Updater',
      component: Updater,
@@ -213,9 +219,9 @@
      ...r,
      {
        html:
-          `<pre><strong class="text-accent dark:text-darkAccent">[${new Date().toLocaleTimeString()}]:</strong> ` +
-          (typeof value === 'string' ? value : JSON.stringify(value, null, 1)) +
-          '</pre>'
+          `<pre><strong class="text-accent dark:text-darkAccent">[${new Date().toLocaleTimeString()}]:</strong> `
+          + (typeof value === 'string' ? value : JSON.stringify(value, null, 1))
+          + '</pre>'
      }
    ])
    await tick()
@@ -229,9 +235,9 @@
      ...r,
      {
        html:
-          `<pre><strong class="text-accent dark:text-darkAccent">[${new Date().toLocaleTimeString()}]:</strong> ` +
-          html +
-          '</pre>'
+          `<pre><strong class="text-accent dark:text-darkAccent">[${new Date().toLocaleTimeString()}]:</strong> `
+          + html
+          + '</pre>'
      }
    ])
    await tick()
@@ -8,6 +8,7 @@
  let filter = null;
  let multiple = false;
  let directory = false;
+  let pickerMode = "";

  function arrayBufferToBase64(buffer, callback) {
    var blob = new Blob([buffer], {
@@ -65,6 +66,7 @@
        : [],
      multiple,
      directory,
+      pickerMode: pickerMode === "" ? undefined : pickerMode,
    })
      .then(function (res) {
        if (Array.isArray(res)) {
@@ -94,7 +96,7 @@
                onMessage(res);
              }
            })
-            .catch(onMessage(res));
+            .catch(onMessage);
        }
      })
      .catch(onMessage);
@@ -112,7 +114,7 @@
            },
          ]
        : [],
-    })
+      })
      .then(onMessage)
      .catch(onMessage);
  }
@@ -142,6 +144,16 @@
  <input type="checkbox" id="dialog-directory" bind:checked={directory} />
  <label for="dialog-directory">Directory</label>
 </div>
+<div>
+  <label for="dialog-picker-mode">Picker Mode:</label>
+  <select id="dialog-picker-mode" bind:value={pickerMode}>
+    <option value="">None</option>
+    <option value="media">Media</option>
+    <option value="image">Image</option>
+    <option value="video">Video</option>
+    <option value="document">Document</option>
+  </select>
+</div>
 <br />

 <div class="flex flex-wrap flex-col md:flex-row gap-2 children:flex-shrink-0">
@@ -156,4 +168,4 @@
  <button class="btn" id="message-dialog" on:click={msg}>Message</button>
  <button class="btn" id="message-dialog" on:click={msgCustom}>Message (custom)</button>

-</div>
+</div>
@@ -0,0 +1,54 @@
+<script>
+  import { onMount } from 'svelte'
+  import { getString, setString } from '@tauri-apps/plugin-secure-storage'
+
+  export let onMessage
+
+  let key
+  let value
+  let output
+
+  async function read(key) {
+    try {
+      output = await getString(key)
+    } catch (error) {
+      onMessage(error)
+    }
+  }
+
+  async function write(key, value) {
+    try {
+      await setString(key, value)
+    } catch (error) {
+      onMessage(error)
+    }
+  }
+
+  function reset() {
+    output = ''
+  }
+</script>
+
+<div class="flex flex-col childre:grow gap-1">
+  <div class="flex flex-col flex-row-md gap-4">
+    <div class="flex items-center gap-1">
+      Key:
+      <input class="grow input" bind:value={key} />
+    </div>
+
+    <div class="flex items-center gap-1">
+      Value:
+      <input class="grow input" bind:value />
+    </div>
+
+    <div>
+      <button class="btn" on:click={() => write(key, value)}>Write</button>
+      <button class="btn" on:click={() => read(key)}>Read</button>
+      <button class="btn" on:click={() => reset()}>Reset Output</button>
+    </div>
+  </div>
+
+  <div>
+    Output: {output}
+  </div>
+</div>
@@ -1,5 +1,5 @@
 <script>
-  import { download, upload } from '@tauri-apps/plugin-upload'
+  import { download, upload, HttpMethod } from '@tauri-apps/plugin-upload'
  import { open } from '@tauri-apps/plugin-dialog'
  import { JsonView } from '@zerodevx/svelte-json-view'
  import { appDataDir } from '@tauri-apps/api/path'
@@ -16,6 +16,22 @@

  let uploadUrl = 'https://httpbin.org/post'
  let uploadFilePath = ''
+  let uploadMethod = HttpMethod.Post
+
+  // Update URL when method changes
+  $: {
+    switch (uploadMethod) {
+      case HttpMethod.Post:
+        uploadUrl = 'https://httpbin.org/post'
+        break
+      case HttpMethod.Put:
+        uploadUrl = 'https://httpbin.org/put'
+        break
+      case HttpMethod.Patch:
+        uploadUrl = 'https://httpbin.org/patch'
+        break
+    }
+  }
  let uploadProgress = null
  let uploadResult = null
  let isUploading = false
@@ -197,7 +213,8 @@
        },
        new Map([
          ['User-Agent', 'Tauri Upload Plugin Demo']
-        ])
+        ]),
+        uploadMethod
      )

      uploadResult = {
@@ -340,12 +357,36 @@
        </div>
      </div>

+      <div>
+        <label for="upload-method" class="block text-sm font-medium text-gray-700 mb-1">HTTP Method:</label>
+        <select
+          id="upload-method"
+          bind:value={uploadMethod}
+          class="w-full px-3 py-2 border border-gray-300 rounded-md focus:outline-none focus:ring-2 focus:ring-green-500"
+          disabled={isUploading}
+        >
+          <option value={HttpMethod.Post}>POST</option>
+          <option value={HttpMethod.Put}>PUT</option>
+          <option value={HttpMethod.Patch}>PATCH</option>
+        </select>
+        <p class="text-xs text-gray-500 mt-1">Choose the HTTP method for the upload request</p>
+      </div>
+
+      <div class="bg-blue-50 border border-blue-200 p-3 rounded-md">
+        <div class="text-sm text-blue-800">
+          <strong>Upload Configuration:</strong>
+          <div class="font-mono text-xs mt-1">
+            Method: {uploadMethod} | URL: {uploadUrl || 'Not set'}
+          </div>
+        </div>
+      </div>
+
      <button
        on:click={startUpload}
        class="w-full px-4 py-2 bg-green-500 text-white rounded-md hover:bg-green-600 disabled:opacity-50 disabled:cursor-not-allowed"
        disabled={isUploading || !uploadUrl || !uploadFilePath}
      >
-        {isUploading ? 'Uploading...' : 'Upload File'}
+        {isUploading ? `Uploading (${uploadMethod})...` : `Upload File (${uploadMethod})`}
      </button>

      {#if uploadProgress}
@@ -11,19 +11,19 @@
    "example:api:dev": "pnpm run --filter \"api\" tauri dev"
  },
  "devDependencies": {
-    "@eslint/js": "9.38.0",
+    "@eslint/js": "9.39.1",
    "@rollup/plugin-node-resolve": "16.0.3",
    "@rollup/plugin-terser": "0.4.4",
    "@rollup/plugin-typescript": "12.3.0",
    "covector": "^0.12.4",
-    "eslint": "9.38.0",
+    "eslint": "9.39.1",
    "eslint-config-prettier": "10.1.8",
    "eslint-plugin-security": "3.0.1",
    "prettier": "3.6.2",
-    "rollup": "4.52.5",
+    "rollup": "4.53.2",
    "tslib": "2.8.1",
    "typescript": "5.9.3",
-    "typescript-eslint": "8.46.2"
+    "typescript-eslint": "8.47.0"
  },
  "minimumReleaseAge": 4320,
  "pnpm": {
@@ -331,10 +331,10 @@
          "markdownDescription": "Denies the is_enabled command without any pre-configured scope."
        },
        {
-          "description": "This permission set configures if your\napplication can enable or disable auto\nstarting the application on boot.\n\n#### Granted Permissions\n\nIt allows all to check, enable and\ndisable the automatic start on boot.\n\n\n#### This default permission set includes:\n\n- `allow-enable`\n- `allow-disable`\n- `allow-is-enabled`",
+          "description": "This permission set configures if your\r\napplication can enable or disable auto\r\nstarting the application on boot.\r\n\r\n#### Granted Permissions\r\n\r\nIt allows all to check, enable and\r\ndisable the automatic start on boot.\r\n\r\n\n#### This default permission set includes:\n\n- `allow-enable`\n- `allow-disable`\n- `allow-is-enabled`",
          "type": "string",
          "const": "default",
-          "markdownDescription": "This permission set configures if your\napplication can enable or disable auto\nstarting the application on boot.\n\n#### Granted Permissions\n\nIt allows all to check, enable and\ndisable the automatic start on boot.\n\n\n#### This default permission set includes:\n\n- `allow-enable`\n- `allow-disable`\n- `allow-is-enabled`"
+          "markdownDescription": "This permission set configures if your\r\napplication can enable or disable auto\r\nstarting the application on boot.\r\n\r\n#### Granted Permissions\r\n\r\nIt allows all to check, enable and\r\ndisable the automatic start on boot.\r\n\r\n\n#### This default permission set includes:\n\n- `allow-enable`\n- `allow-disable`\n- `allow-is-enabled`"
        }
      ]
    }
@@ -191,6 +191,7 @@ class BarcodeScannerPlugin: Plugin, AVCaptureMetadataOutputObjectsDelegate {
    if self.captureSession != nil {
      self.captureSession!.stopRunning()
      self.cameraView.removePreviewLayer()
+      self.cameraView.removeFromSuperview()
      self.captureVideoPreviewLayer = nil
      self.metaOutput = nil
      self.captureSession = nil
@@ -319,10 +319,10 @@
          "markdownDescription": "Denies the status command without any pre-configured scope."
        },
        {
-          "description": "This permission set configures which\nbiometric features are by default exposed.\n\n#### Granted Permissions\n\nIt allows acccess to all biometric commands.\n\n\n#### This default permission set includes:\n\n- `allow-authenticate`\n- `allow-status`",
+          "description": "This permission set configures which\r\nbiometric features are by default exposed.\r\n\r\n#### Granted Permissions\r\n\r\nIt allows acccess to all biometric commands.\r\n\r\n\n#### This default permission set includes:\n\n- `allow-authenticate`\n- `allow-status`",
          "type": "string",
          "const": "default",
-          "markdownDescription": "This permission set configures which\nbiometric features are by default exposed.\n\n#### Granted Permissions\n\nIt allows acccess to all biometric commands.\n\n\n#### This default permission set includes:\n\n- `allow-authenticate`\n- `allow-status`"
+          "markdownDescription": "This permission set configures which\r\nbiometric features are by default exposed.\r\n\r\n#### Granted Permissions\r\n\r\nIt allows acccess to all biometric commands.\r\n\r\n\n#### This default permission set includes:\n\n- `allow-authenticate`\n- `allow-status`"
        }
      ]
    }
@@ -1,7 +1,7 @@
 ## Default Permission

 No features are enabled by default, as we believe
-the clipboard can be inherently dangerous and it is 
+the clipboard can be inherently dangerous and it is
 application specific if read and/or write access is needed.

 Clipboard interaction needs to be explicitly enabled.
@@ -2,7 +2,7 @@
 [default]
 description = """
 No features are enabled by default, as we believe
-the clipboard can be inherently dangerous and it is 
+the clipboard can be inherently dangerous and it is
 application specific if read and/or write access is needed.

 Clipboard interaction needs to be explicitly enabled.
@@ -367,10 +367,10 @@
          "markdownDescription": "Denies the write_text command without any pre-configured scope."
        },
        {
-          "description": "No features are enabled by default, as we believe\nthe clipboard can be inherently dangerous and it is \napplication specific if read and/or write access is needed.\n\nClipboard interaction needs to be explicitly enabled.\n",
+          "description": "No features are enabled by default, as we believe\r\nthe clipboard can be inherently dangerous and it is\r\napplication specific if read and/or write access is needed.\r\n\r\nClipboard interaction needs to be explicitly enabled.\r\n",
          "type": "string",
          "const": "default",
-          "markdownDescription": "No features are enabled by default, as we believe\nthe clipboard can be inherently dangerous and it is \napplication specific if read and/or write access is needed.\n\nClipboard interaction needs to be explicitly enabled.\n"
+          "markdownDescription": "No features are enabled by default, as we believe\r\nthe clipboard can be inherently dangerous and it is\r\napplication specific if read and/or write access is needed.\r\n\r\nClipboard interaction needs to be explicitly enabled.\r\n"
        }
      ]
    }
@@ -14,7 +14,7 @@
    "@tauri-apps/plugin-deep-link": "2.4.5"
  },
  "devDependencies": {
-    "@tauri-apps/cli": "2.9.1",
+    "@tauri-apps/cli": "2.9.4",
    "typescript": "^5.7.3",
    "vite": "^7.0.7"
  }
@@ -28,6 +28,6 @@
    "@tauri-apps/api": "^2.8.0"
  },
  "devDependencies": {
-    "@tauri-apps/cli": "2.9.1"
+    "@tauri-apps/cli": "2.9.4"
  }
 }
@@ -9,6 +9,11 @@ rust-version = { workspace = true }
 repository = { workspace = true }
 links = "tauri-plugin-dialog"

+[features]
+default = ["gtk3"]
+xdg-portal = ["rfd/xdg-portal"]
+gtk3 = ["rfd/gtk3"]
+
 [package.metadata.docs.rs]
 targets = ["x86_64-unknown-linux-gnu", "x86_64-linux-android"]

@@ -40,7 +45,7 @@ tauri = { workspace = true, features = ["wry"] }
 [target."cfg(any(target_os = \"macos\", windows, target_os = \"linux\", target_os = \"dragonfly\", target_os = \"freebsd\", target_os = \"openbsd\", target_os = \"netbsd\"))".dependencies]
 rfd = { version = "0.15", default-features = false, features = [
  "tokio",
-  "gtk3",
  "common-controls-v6",
 ] }
+
 raw-window-handle = "0.6"
@@ -31,6 +31,24 @@ tauri-plugin-dialog = "2.0.0"
 tauri-plugin-dialog = { git = "https://github.com/tauri-apps/plugins-workspace", branch = "v2" }
 ```

+### Linux XDG Desktop Portal Support
+
+By default, this plugin uses gtk to show dialogs, however since `v2.5.0` you can switch to using [XDG Desktop Portal](https://flatpak.github.io/xdg-desktop-portal/) by adding the following to your `Cargo.toml` file:
+
+```toml
+[dependencies]
+tauri-plugin-dialog = { version = "2.5.0", default-features = false, features = ["xdg-portal"] }
+# alternatively with Git:
+tauri-plugin-dialog = { git = "https://github.com/tauri-apps/plugins-workspace", branch = "v2", default-features = false, features = ["xdg-portal"] }
+
+```
+
+Do note if you use the `xdg-portal` feature, you need to ensure that [`zenity`](https://gitlab.gnome.org/GNOME/zenity) and an [XDG Desktop Portal backend](https://flatpak.github.io/xdg-desktop-portal#using-portals) is installed with your program.
+
+For more information, see [XDG Desktop Portal documentation](https://flatpak.github.io/xdg-desktop-portal/) and [`rfd` documentation](https://docs.rs/rfd/latest/rfd#xdg-desktop-portal-backend).
+
+### JavaScript
+
 You can install the JavaScript Guest bindings using your preferred JavaScript package manager:

 ```sh
@@ -31,6 +31,7 @@ class Filter {
 class FilePickerOptions {
  lateinit var filters: Array<Filter>
  var multiple: Boolean? = null
+  var pickerMode: String? = null
 }

@InvokeArg
@@ -61,10 +62,19 @@ class DialogPlugin(private val activity: Activity): Plugin(activity) {
      // TODO: ACTION_OPEN_DOCUMENT ??
      val intent = Intent(Intent.ACTION_GET_CONTENT)
      intent.addCategory(Intent.CATEGORY_OPENABLE)
-      intent.type = "*/*"

-      if (parsedTypes.isNotEmpty()) {
+      if (args.pickerMode == "image") {
+        intent.type = "image/*"
+      } else if (args.pickerMode == "video") {
+        intent.type = "video/*"
+      } else if (args.pickerMode == "media") {
+        intent.type = "*/*"
+        intent.putExtra(Intent.EXTRA_MIME_TYPES, arrayOf("video/*", "image/*"))
+      } else if (parsedTypes.isNotEmpty()) {
+        intent.type = "*/*"
        intent.putExtra(Intent.EXTRA_MIME_TYPES, parsedTypes)
+      } else {
+        intent.type = "*/*"
      }

      intent.putExtra(Intent.EXTRA_ALLOW_MULTIPLE, args.multiple ?: false)
@@ -14,6 +14,16 @@ interface DialogFilter {
  name: string
  /**
   * Extensions to filter, without a `.` prefix.
+   *
+   * **Note:** Mobile platforms have different APIs for filtering that may not support extensions.
+   * iOS: Extensions are supported in the document picker, but not in the media picker.
+   * Android: Extensions are not supported.
+   *
+   * For these platforms, MIME types are the primary way to filter files, as opposed to extensions.
+   * This means the string values here labeled as `extensions` may also be a MIME type.
+   * This property name of `extensions` is being kept for backwards compatibility, but this may be revisited to
+   * specify the difference between extension or MIME type filtering.
+   *
   * @example
   * ```typescript
   * extensions: ['svg', 'png']
@@ -30,7 +40,14 @@ interface DialogFilter {
 interface OpenDialogOptions {
  /** The title of the dialog window (desktop only). */
  title?: string
-  /** The filters of the dialog. */
+  /**
+   * The filters of the dialog.
+   * On mobile platforms, if either:
+   * A) the {@linkcode pickerMode} is set to `media`, `image`, or `video`
+   * -- or --
+   * B) the filters include **only** either image or video mime types, the media picker will be displayed.
+   * Otherwise, the document picker will be displayed.
+   */
  filters?: DialogFilter[]
  /**
   * Initial directory or file path.
@@ -52,6 +69,13 @@ interface OpenDialogOptions {
  recursive?: boolean
  /** Whether to allow creating directories in the dialog. Enabled by default. **macOS Only** */
  canCreateDirectories?: boolean
+  /**
+   * The preferred mode of the dialog.
+   * This is meant for mobile platforms (iOS and Android) which have distinct file and media pickers.
+   * If not provided, the dialog will automatically choose the best mode based on the MIME types or extensions of the {@linkcode filters}.
+   * On desktop, this option is ignored.
+   */
+  pickerMode?: PickerMode
 }

 /**
@@ -77,6 +101,16 @@ interface SaveDialogOptions {
  canCreateDirectories?: boolean
 }

+/**
+ * The preferred mode of the dialog.
+ * This is meant for mobile platforms (iOS and Android) which have distinct file and media pickers.
+ * On desktop, this option is ignored.
+ * If not provided, the dialog will automatically choose the best mode based on the MIME types or extensions of the {@linkcode filters}.
+ *
+ * **Note:** This option is only supported on iOS 14 and above. This parameter is ignored on iOS 13 and below.
+ */
+export type PickerMode = 'document' | 'media' | 'image' | 'video'
+
 /**
 * Default buttons for a message dialog.
 *
@@ -8,6 +8,7 @@ import PhotosUI
 import SwiftRs
 import Tauri
 import UIKit
+import UniformTypeIdentifiers
 import WebKit

 enum FilePickerEvent {
@@ -32,6 +33,7 @@ struct FilePickerOptions: Decodable {
  var multiple: Bool?
  var filters: [Filter]?
  var defaultPath: String?
+  var pickerMode: PickerMode?
 }

 struct SaveFileDialogOptions: Decodable {
@@ -39,6 +41,13 @@ struct SaveFileDialogOptions: Decodable {
  var defaultPath: String?
 }

+enum PickerMode: String, Decodable {
+  case document
+  case media
+  case image
+  case video
+}
+
 class DialogPlugin: Plugin {

  var filePickerController: FilePickerController!
@@ -52,26 +61,6 @@ class DialogPlugin: Plugin {
  @objc public func showFilePicker(_ invoke: Invoke) throws {
    let args = try invoke.parseArgs(FilePickerOptions.self)

-    let parsedTypes = parseFiltersOption(args.filters ?? [])
-
-    var isMedia = !parsedTypes.isEmpty
-    var uniqueMimeType: Bool? = nil
-    var mimeKind: String? = nil
-    if !parsedTypes.isEmpty {
-      uniqueMimeType = true
-      for mime in parsedTypes {
-        let kind = mime.components(separatedBy: "/")[0]
-        if kind != "image" && kind != "video" {
-          isMedia = false
-        }
-        if mimeKind == nil {
-          mimeKind = kind
-        } else if mimeKind != kind {
-          uniqueMimeType = false
-        }
-      }
-    }
-
    onFilePickerResult = { (event: FilePickerEvent) -> Void in
      switch event {
      case .selected(let urls):
@@ -81,51 +70,57 @@ class DialogPlugin: Plugin {
      case .error(let error):
        invoke.reject(error)
      }
-    }
+      }

-    if uniqueMimeType == true || isMedia {
-      DispatchQueue.main.async {
-        if #available(iOS 14, *) {
+    if #available(iOS 14, *) {
+      let parsedTypes = parseFiltersOption(args.filters ?? [])
+
+      let mimeKinds = Set(parsedTypes.compactMap { $0.preferredMIMEType?.components(separatedBy: "/")[0] })
+      let filtersIncludeImage = mimeKinds.contains("image")
+      let filtersIncludeVideo = mimeKinds.contains("video")
+      let filtersIncludeNonMedia = mimeKinds.contains(where: { $0 != "image" && $0 != "video" })
+
+      // If the picker mode is media, images, or videos, we always want to show the media picker regardless of what's in the filters.
+      // Otherwise, if the filters A) do not include non-media types and B) include either image or video, we want to show the media picker.
+      if args.pickerMode == .media
+        || args.pickerMode == .image
+        || args.pickerMode == .video
+        || (!filtersIncludeNonMedia && (filtersIncludeImage || filtersIncludeVideo)) {
+        DispatchQueue.main.async {
          var configuration = PHPickerConfiguration(photoLibrary: PHPhotoLibrary.shared())
          configuration.selectionLimit = (args.multiple ?? false) ? 0 : 1

-          if uniqueMimeType == true {
-            if mimeKind == "image" {
-              configuration.filter = .images
-            } else if mimeKind == "video" {
-              configuration.filter = .videos
-            }
+          // If the filters include image or video, use the appropriate filter.
+          // If both are true, don't define a filter, which means we will display all media.
+          if args.pickerMode == .image || (filtersIncludeImage && !filtersIncludeVideo) {
+            configuration.filter = .images
+          } else if args.pickerMode == .video || (filtersIncludeVideo && !filtersIncludeImage) {
+            configuration.filter = .videos
          }

          let picker = PHPickerViewController(configuration: configuration)
          picker.delegate = self.filePickerController
          picker.modalPresentationStyle = .fullScreen
          self.presentViewController(picker)
-        } else {
-          let picker = UIImagePickerController()
-          picker.delegate = self.filePickerController
-
-          if uniqueMimeType == true && mimeKind == "image" {
-            picker.sourceType = .photoLibrary
+        }
+      } else {
+        DispatchQueue.main.async {
+          // The UTType.item is the catch-all, allowing for any file type to be selected.
+          let contentTypes = parsedTypes.isEmpty ? [UTType.item] : parsedTypes
+          let picker: UIDocumentPickerViewController = UIDocumentPickerViewController(forOpeningContentTypes: contentTypes, asCopy: true)
+          
+          if let defaultPath = args.defaultPath {
+            picker.directoryURL = URL(string: defaultPath)
          }

-          picker.sourceType = .photoLibrary
+          picker.delegate = self.filePickerController
+          picker.allowsMultipleSelection = args.multiple ?? false
          picker.modalPresentationStyle = .fullScreen
          self.presentViewController(picker)
        }
      }
    } else {
-      let documentTypes = parsedTypes.isEmpty ? ["public.data"] : parsedTypes
-      DispatchQueue.main.async {
-        let picker = UIDocumentPickerViewController(documentTypes: documentTypes, in: .import)
-        if let defaultPath = args.defaultPath {
-          picker.directoryURL = URL(string: defaultPath)
-        }
-        picker.delegate = self.filePickerController
-        picker.allowsMultipleSelection = args.multiple ?? false
-        picker.modalPresentationStyle = .fullScreen
-        self.presentViewController(picker)
-      }
+      showFilePickerLegacy(args: args)
    }
  }

@@ -173,19 +168,80 @@ class DialogPlugin: Plugin {
    self.manager.viewController?.present(viewControllerToPresent, animated: true, completion: nil)
  }

-  private func parseFiltersOption(_ filters: [Filter]) -> [String] {
+  @available(iOS 14, *)
+  private func parseFiltersOption(_ filters: [Filter]) -> [UTType] {
+    var parsedTypes: [UTType] = []
+    for filter in filters {
+      for ext in filter.extensions ?? [] {
+        // We need to support extensions as well as MIME types.
+        if let utType = UTType(mimeType: ext) {
+          parsedTypes.append(utType)
+        } else if let utType = UTType(filenameExtension: ext) {
+          parsedTypes.append(utType)
+        }
+      }
+    }
+    
+    return parsedTypes
+  }
+
+  /// This function is only used for iOS < 14, and should be removed if/when the deployment target is raised to 14.
+  private func showFilePickerLegacy(args: FilePickerOptions) {
+    let parsedTypes = parseFiltersOptionLegacy(args.filters ?? [])
+
+    var filtersIncludeImage: Bool = false
+    var filtersIncludeVideo: Bool = false
+    var filtersIncludeNonMedia: Bool = false
+
+    if !parsedTypes.isEmpty {
+      let mimeKinds = Set(parsedTypes.map { $0.components(separatedBy: "/")[0] })
+      filtersIncludeImage = mimeKinds.contains("image")
+      filtersIncludeVideo = mimeKinds.contains("video")
+      filtersIncludeNonMedia = mimeKinds.contains(where: { $0 != "image" && $0 != "video" })
+    }
+
+    if !filtersIncludeNonMedia && (filtersIncludeImage || filtersIncludeVideo) {
+      DispatchQueue.main.async {
+        let picker = UIImagePickerController()
+          picker.delegate = self.filePickerController
+
+          if filtersIncludeImage && !filtersIncludeVideo {
+            picker.sourceType = .photoLibrary
+          }
+
+          picker.modalPresentationStyle = .fullScreen
+          self.presentViewController(picker)
+      }
+    } else {
+      let documentTypes = parsedTypes.isEmpty ? ["public.data"] : parsedTypes
+      DispatchQueue.main.async {
+        let picker = UIDocumentPickerViewController(documentTypes: documentTypes, in: .import)
+        if let defaultPath = args.defaultPath {
+          picker.directoryURL = URL(string: defaultPath)
+        }
+
+        picker.delegate = self.filePickerController
+        picker.allowsMultipleSelection = args.multiple ?? false
+        picker.modalPresentationStyle = .fullScreen
+        self.presentViewController(picker)
+      }
+    }
+  }
+
+  /// This function is only used for iOS < 14, and should be removed if/when the deployment target is raised to 14.
+  private func parseFiltersOptionLegacy(_ filters: [Filter]) -> [String] {
    var parsedTypes: [String] = []
    for filter in filters {
      for ext in filter.extensions ?? [] {
        guard
-          let utType: String = UTTypeCreatePreferredIdentifierForTag(
-            kUTTagClassMIMEType, ext as CFString, nil)?.takeRetainedValue() as String?
+          let utType: String = UTTypeCreatePreferredIdentifierForTag(kUTTagClassMIMEType, ext as CFString, nil)?.takeRetainedValue() as String?
        else {
          continue
        }
        parsedTypes.append(utType)
      }
    }
+
    return parsedTypes
  }

@@ -10,7 +10,7 @@ use tauri_plugin_fs::FsExt;

 use crate::{
    Dialog, FileDialogBuilder, FilePath, MessageDialogBuilder, MessageDialogButtons,
-    MessageDialogKind, MessageDialogResult, Result, CANCEL, NO, OK, YES,
+    MessageDialogKind, MessageDialogResult, PickerMode, Result, CANCEL, NO, OK, YES,
 };

 #[derive(Serialize)]
@@ -56,6 +56,13 @@ pub struct OpenDialogOptions {
    recursive: bool,
    /// Whether to allow creating directories in the dialog **macOS Only**
    can_create_directories: Option<bool>,
+    /// The preferred mode of the dialog.
+    /// This is meant for mobile platforms (iOS and Android) which have distinct file and media pickers.
+    /// On desktop, this option is ignored.
+    /// If not provided, the dialog will automatically choose the best mode based on the MIME types of the filters.
+    #[serde(default)]
+    #[cfg_attr(mobile, allow(dead_code))]
+    picker_mode: Option<PickerMode>,
 }

 /// The options for the save dialog API.
@@ -127,6 +134,9 @@ pub(crate) async fn open<R: Runtime>(
    if let Some(can) = options.can_create_directories {
        dialog_builder = dialog_builder.set_can_create_directories(can);
    }
+    if let Some(picker_mode) = options.picker_mode {
+        dialog_builder = dialog_builder.set_picker_mode(picker_mode);
+    }
    for filter in options.filters {
        let extensions: Vec<&str> = filter.extensions.iter().map(|s| &**s).collect();
        dialog_builder = dialog_builder.add_filter(filter.name, &extensions);
@@ -9,7 +9,7 @@
    html_favicon_url = "https://github.com/tauri-apps/tauri/raw/dev/app-icon.png"
 )]

-use serde::Serialize;
+use serde::{Deserialize, Serialize};
 use tauri::{
    plugin::{Builder, TauriPlugin},
    Manager, Runtime,
@@ -44,6 +44,15 @@ pub use desktop::Dialog;
 #[cfg(mobile)]
 pub use mobile::Dialog;

+#[derive(Debug, Serialize, Deserialize, Clone)]
+#[serde(rename_all = "lowercase")]
+pub enum PickerMode {
+    Document,
+    Media,
+    Image,
+    Video,
+}
+
 pub(crate) const OK: &str = "Ok";
 pub(crate) const CANCEL: &str = "Cancel";
 pub(crate) const YES: &str = "Yes";
@@ -369,6 +378,7 @@ pub struct FileDialogBuilder<R: Runtime> {
    pub(crate) file_name: Option<String>,
    pub(crate) title: Option<String>,
    pub(crate) can_create_directories: Option<bool>,
+    pub(crate) picker_mode: Option<PickerMode>,
    #[cfg(desktop)]
    pub(crate) parent: Option<crate::desktop::WindowHandle>,
 }
@@ -380,6 +390,7 @@ pub(crate) struct FileDialogPayload<'a> {
    file_name: &'a Option<String>,
    filters: &'a Vec<Filter>,
    multiple: bool,
+    picker_mode: &'a Option<PickerMode>,
 }

 // raw window handle :(
@@ -395,6 +406,7 @@ impl<R: Runtime> FileDialogBuilder<R> {
            file_name: None,
            title: None,
            can_create_directories: None,
+            picker_mode: None,
            #[cfg(desktop)]
            parent: None,
        }
@@ -406,6 +418,7 @@ impl<R: Runtime> FileDialogBuilder<R> {
            file_name: &self.file_name,
            filters: &self.filters,
            multiple,
+            picker_mode: &self.picker_mode,
        }
    }

@@ -466,11 +479,21 @@ impl<R: Runtime> FileDialogBuilder<R> {
        self
    }

+    /// Set the picker mode of the dialog.
+    /// This is meant for mobile platforms (iOS and Android) which have distinct file and media pickers.
+    /// On desktop, this option is ignored.
+    /// If not provided, the dialog will automatically choose the best mode based on the MIME types of the filters.
+    pub fn set_picker_mode(mut self, mode: PickerMode) -> Self {
+        self.picker_mode.replace(mode);
+        self
+    }
+
    /// Shows the dialog to select a single file.
+    ///
    /// This is not a blocking operation,
    /// and should be used when running on the main thread to avoid deadlocks with the event loop.
    ///
-    /// For usage in other contexts such as commands, prefer [`Self::pick_file`].
+    /// See [`Self::blocking_pick_file`] for a blocking version for use in other contexts.
    ///
    /// # Examples
    ///
@@ -490,9 +513,12 @@ impl<R: Runtime> FileDialogBuilder<R> {
    }

    /// Shows the dialog to select multiple files.
+    ///
    /// This is not a blocking operation,
    /// and should be used when running on the main thread to avoid deadlocks with the event loop.
    ///
+    /// See [`Self::blocking_pick_files`] for a blocking version for use in other contexts.
+    ///
    /// # Reading the files
    ///
    /// The file paths cannot be read directly on Android as they are behind a content URI.
@@ -535,9 +561,12 @@ impl<R: Runtime> FileDialogBuilder<R> {
    }

    /// Shows the dialog to select a single folder.
+    ///
    /// This is not a blocking operation,
    /// and should be used when running on the main thread to avoid deadlocks with the event loop.
    ///
+    /// See [`Self::blocking_pick_folder`] for a blocking version for use in other contexts.
+    ///
    /// # Examples
    ///
    /// ```
@@ -557,9 +586,12 @@ impl<R: Runtime> FileDialogBuilder<R> {
    }

    /// Shows the dialog to select multiple folders.
+    ///
    /// This is not a blocking operation,
    /// and should be used when running on the main thread to avoid deadlocks with the event loop.
    ///
+    /// See [`Self::blocking_pick_folders`] for a blocking version for use in other contexts.
+    ///
    /// # Examples
    ///
    /// ```
@@ -583,6 +615,8 @@ impl<R: Runtime> FileDialogBuilder<R> {
    /// This is not a blocking operation,
    /// and should be used when running on the main thread to avoid deadlocks with the event loop.
    ///
+    /// See [`Self::blocking_save_file`] for a blocking version for use in other contexts.
+    ///
    /// # Examples
    ///
    /// ```
@@ -604,8 +638,11 @@ impl<R: Runtime> FileDialogBuilder<R> {
 /// Blocking APIs.
 impl<R: Runtime> FileDialogBuilder<R> {
    /// Shows the dialog to select a single file.
+    ///
    /// This is a blocking operation,
-    /// and should *NOT* be used when running on the main thread context.
+    /// and should *NOT* be used when running on the main thread.
+    ///
+    /// See [`Self::pick_file`] for a non-blocking version for use in main-thread contexts.
    ///
    /// # Examples
    ///
@@ -623,8 +660,11 @@ impl<R: Runtime> FileDialogBuilder<R> {
    }

    /// Shows the dialog to select multiple files.
+    ///
    /// This is a blocking operation,
-    /// and should *NOT* be used when running on the main thread context.
+    /// and should *NOT* be used when running on the main thread.
+    ///
+    /// See [`Self::pick_files`] for a non-blocking version for use in main-thread contexts.
    ///
    /// # Examples
    ///
@@ -642,8 +682,11 @@ impl<R: Runtime> FileDialogBuilder<R> {
    }

    /// Shows the dialog to select a single folder.
+    ///
    /// This is a blocking operation,
-    /// and should *NOT* be used when running on the main thread context.
+    /// and should *NOT* be used when running on the main thread.
+    ///
+    /// See [`Self::pick_folder`] for a non-blocking version for use in main-thread contexts.
    ///
    /// # Examples
    ///
@@ -662,8 +705,11 @@ impl<R: Runtime> FileDialogBuilder<R> {
    }

    /// Shows the dialog to select multiple folders.
+    ///
    /// This is a blocking operation,
-    /// and should *NOT* be used when running on the main thread context.
+    /// and should *NOT* be used when running on the main thread.
+    ///
+    /// See [`Self::pick_folders`] for a non-blocking version for use in main-thread contexts.
    ///
    /// # Examples
    ///
@@ -682,8 +728,11 @@ impl<R: Runtime> FileDialogBuilder<R> {
    }

    /// Shows the dialog to save a file.
+    ///
    /// This is a blocking operation,
-    /// and should *NOT* be used when running on the main thread context.
+    /// and should *NOT* be used when running on the main thread.
+    ///
+    /// See [`Self::save_file`] for a non-blocking version for use in main-thread contexts.
    ///
    /// # Examples
    ///
@@ -6,9 +6,10 @@ use serde::{Deserialize, Deserializer, Serialize, Serializer};

 /// Types of message, ask and confirm dialogs.
 #[non_exhaustive]
-#[derive(Debug, Copy, Clone, PartialEq, Eq, Hash)]
+#[derive(Debug, Copy, Clone, PartialEq, Eq, Hash, Default)]
 pub enum MessageDialogKind {
    /// Information dialog.
+    #[default]
    Info,
    /// Warning dialog.
    Warning,
@@ -16,12 +17,6 @@ pub enum MessageDialogKind {
    Error,
 }

-impl Default for MessageDialogKind {
-    fn default() -> Self {
-        Self::Info
-    }
-}
-
 impl<'de> Deserialize<'de> for MessageDialogKind {
    fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
    where
@@ -1,6 +1,6 @@
 ## Default Permission

-This set of permissions describes the what kind of
+This set of permissions describes what kind of
 file system access the `fs` plugin has enabled or denied by default.

 #### Granted Permissions
@@ -2,7 +2,7 @@

 [default]
 description = """
-This set of permissions describes the what kind of
+This set of permissions describes what kind of
 file system access the `fs` plugin has enabled or denied by default.

 #### Granted Permissions
@@ -1945,16 +1945,16 @@
          "markdownDescription": "Denies the write_text_file command without any pre-configured scope."
        },
        {
-          "description": "This permissions allows to create the application specific directories.\n",
+          "description": "This permissions allows to create the application specific directories.\r\n",
          "type": "string",
          "const": "create-app-specific-dirs",
-          "markdownDescription": "This permissions allows to create the application specific directories.\n"
+          "markdownDescription": "This permissions allows to create the application specific directories.\r\n"
        },
        {
-          "description": "This set of permissions describes the what kind of\nfile system access the `fs` plugin has enabled or denied by default.\n\n#### Granted Permissions\n\nThis default permission set enables read access to the\napplication specific directories (AppConfig, AppData, AppLocalData, AppCache,\nAppLog) and all files and sub directories created in it.\nThe location of these directories depends on the operating system,\nwhere the application is run.\n\nIn general these directories need to be manually created\nby the application at runtime, before accessing files or folders\nin it is possible.\n\nTherefore, it is also allowed to create all of these folders via\nthe `mkdir` command.\n\n#### Denied Permissions\n\nThis default permission set prevents access to critical components\nof the Tauri application by default.\nOn Windows the webview data folder access is denied.\n\n#### This default permission set includes:\n\n- `create-app-specific-dirs`\n- `read-app-specific-dirs-recursive`\n- `deny-default`",
+          "description": "This set of permissions describes what kind of\r\nfile system access the `fs` plugin has enabled or denied by default.\r\n\r\n#### Granted Permissions\r\n\r\nThis default permission set enables read access to the\r\napplication specific directories (AppConfig, AppData, AppLocalData, AppCache,\r\nAppLog) and all files and sub directories created in it.\r\nThe location of these directories depends on the operating system,\r\nwhere the application is run.\r\n\r\nIn general these directories need to be manually created\r\nby the application at runtime, before accessing files or folders\r\nin it is possible.\r\n\r\nTherefore, it is also allowed to create all of these folders via\r\nthe `mkdir` command.\r\n\r\n#### Denied Permissions\r\n\r\nThis default permission set prevents access to critical components\r\nof the Tauri application by default.\r\nOn Windows the webview data folder access is denied.\r\n\n#### This default permission set includes:\n\n- `create-app-specific-dirs`\n- `read-app-specific-dirs-recursive`\n- `deny-default`",
          "type": "string",
          "const": "default",
-          "markdownDescription": "This set of permissions describes the what kind of\nfile system access the `fs` plugin has enabled or denied by default.\n\n#### Granted Permissions\n\nThis default permission set enables read access to the\napplication specific directories (AppConfig, AppData, AppLocalData, AppCache,\nAppLog) and all files and sub directories created in it.\nThe location of these directories depends on the operating system,\nwhere the application is run.\n\nIn general these directories need to be manually created\nby the application at runtime, before accessing files or folders\nin it is possible.\n\nTherefore, it is also allowed to create all of these folders via\nthe `mkdir` command.\n\n#### Denied Permissions\n\nThis default permission set prevents access to critical components\nof the Tauri application by default.\nOn Windows the webview data folder access is denied.\n\n#### This default permission set includes:\n\n- `create-app-specific-dirs`\n- `read-app-specific-dirs-recursive`\n- `deny-default`"
+          "markdownDescription": "This set of permissions describes what kind of\r\nfile system access the `fs` plugin has enabled or denied by default.\r\n\r\n#### Granted Permissions\r\n\r\nThis default permission set enables read access to the\r\napplication specific directories (AppConfig, AppData, AppLocalData, AppCache,\r\nAppLog) and all files and sub directories created in it.\r\nThe location of these directories depends on the operating system,\r\nwhere the application is run.\r\n\r\nIn general these directories need to be manually created\r\nby the application at runtime, before accessing files or folders\r\nin it is possible.\r\n\r\nTherefore, it is also allowed to create all of these folders via\r\nthe `mkdir` command.\r\n\r\n#### Denied Permissions\r\n\r\nThis default permission set prevents access to critical components\r\nof the Tauri application by default.\r\nOn Windows the webview data folder access is denied.\r\n\n#### This default permission set includes:\n\n- `create-app-specific-dirs`\n- `read-app-specific-dirs-recursive`\n- `deny-default`"
        },
        {
          "description": "This denies access to dangerous Tauri relevant files and folders by default.\n#### This permission set includes:\n\n- `deny-webview-data-linux`\n- `deny-webview-data-windows`",
@@ -1963,16 +1963,16 @@
          "markdownDescription": "This denies access to dangerous Tauri relevant files and folders by default.\n#### This permission set includes:\n\n- `deny-webview-data-linux`\n- `deny-webview-data-windows`"
        },
        {
-          "description": "This denies read access to the\n`$APPLOCALDATA` folder on linux as the webview data and configuration values are stored here.\nAllowing access can lead to sensitive information disclosure and should be well considered.",
+          "description": "This denies read access to the\r\n`$APPLOCALDATA` folder on linux as the webview data and configuration values are stored here.\r\nAllowing access can lead to sensitive information disclosure and should be well considered.",
          "type": "string",
          "const": "deny-webview-data-linux",
-          "markdownDescription": "This denies read access to the\n`$APPLOCALDATA` folder on linux as the webview data and configuration values are stored here.\nAllowing access can lead to sensitive information disclosure and should be well considered."
+          "markdownDescription": "This denies read access to the\r\n`$APPLOCALDATA` folder on linux as the webview data and configuration values are stored here.\r\nAllowing access can lead to sensitive information disclosure and should be well considered."
        },
        {
-          "description": "This denies read access to the\n`$APPLOCALDATA/EBWebView` folder on windows as the webview data and configuration values are stored here.\nAllowing access can lead to sensitive information disclosure and should be well considered.",
+          "description": "This denies read access to the\r\n`$APPLOCALDATA/EBWebView` folder on windows as the webview data and configuration values are stored here.\r\nAllowing access can lead to sensitive information disclosure and should be well considered.",
          "type": "string",
          "const": "deny-webview-data-windows",
-          "markdownDescription": "This denies read access to the\n`$APPLOCALDATA/EBWebView` folder on windows as the webview data and configuration values are stored here.\nAllowing access can lead to sensitive information disclosure and should be well considered."
+          "markdownDescription": "This denies read access to the\r\n`$APPLOCALDATA/EBWebView` folder on windows as the webview data and configuration values are stored here.\r\nAllowing access can lead to sensitive information disclosure and should be well considered."
        },
        {
          "description": "This enables all read related commands without any pre-configured accessible paths.",
@@ -1981,10 +1981,10 @@
          "markdownDescription": "This enables all read related commands without any pre-configured accessible paths."
        },
        {
-          "description": "This permission allows recursive read functionality on the application\nspecific base directories. \n",
+          "description": "This permission allows recursive read functionality on the application\r\nspecific base directories. \r\n",
          "type": "string",
          "const": "read-app-specific-dirs-recursive",
-          "markdownDescription": "This permission allows recursive read functionality on the application\nspecific base directories. \n"
+          "markdownDescription": "This permission allows recursive read functionality on the application\r\nspecific base directories. \r\n"
        },
        {
          "description": "This enables directory read and file metadata related commands without any pre-configured accessible paths.",
@@ -2005,10 +2005,10 @@
          "markdownDescription": "This enables all index or metadata related commands without any pre-configured accessible paths."
        },
        {
-          "description": "An empty permission you can use to modify the global scope.\n\n## Example\n\n```json\n{\n  \"identifier\": \"read-documents\",\n  \"windows\": [\"main\"],\n  \"permissions\": [\n    \"fs:allow-read\",\n    {\n      \"identifier\": \"fs:scope\",\n      \"allow\": [\n        \"$APPDATA/documents/**/*\"\n      ],\n      \"deny\": [\n        \"$APPDATA/documents/secret.txt\"\n      ]\n    }\n  ]\n}\n```\n",
+          "description": "An empty permission you can use to modify the global scope.\r\n\r\n## Example\r\n\r\n```json\r\n{\r\n  \"identifier\": \"read-documents\",\r\n  \"windows\": [\"main\"],\r\n  \"permissions\": [\r\n    \"fs:allow-read\",\r\n    {\r\n      \"identifier\": \"fs:scope\",\r\n      \"allow\": [\r\n        \"$APPDATA/documents/**/*\"\r\n      ],\r\n      \"deny\": [\r\n        \"$APPDATA/documents/secret.txt\"\r\n      ]\r\n    }\r\n  ]\r\n}\r\n```\r\n",
          "type": "string",
          "const": "scope",
-          "markdownDescription": "An empty permission you can use to modify the global scope.\n\n## Example\n\n```json\n{\n  \"identifier\": \"read-documents\",\n  \"windows\": [\"main\"],\n  \"permissions\": [\n    \"fs:allow-read\",\n    {\n      \"identifier\": \"fs:scope\",\n      \"allow\": [\n        \"$APPDATA/documents/**/*\"\n      ],\n      \"deny\": [\n        \"$APPDATA/documents/secret.txt\"\n      ]\n    }\n  ]\n}\n```\n"
+          "markdownDescription": "An empty permission you can use to modify the global scope.\r\n\r\n## Example\r\n\r\n```json\r\n{\r\n  \"identifier\": \"read-documents\",\r\n  \"windows\": [\"main\"],\r\n  \"permissions\": [\r\n    \"fs:allow-read\",\r\n    {\r\n      \"identifier\": \"fs:scope\",\r\n      \"allow\": [\r\n        \"$APPDATA/documents/**/*\"\r\n      ],\r\n      \"deny\": [\r\n        \"$APPDATA/documents/secret.txt\"\r\n      ]\r\n    }\r\n  ]\r\n}\r\n```\r\n"
        },
        {
          "description": "This enables all write related commands without any pre-configured accessible paths.",
@@ -49,8 +49,6 @@ public class Geolocation(private val context: Context) {
                val lowPrio = if (networkEnabled) Priority.PRIORITY_BALANCED_POWER_ACCURACY else Priority.PRIORITY_LOW_POWER
                val prio = if (enableHighAccuracy) Priority.PRIORITY_HIGH_ACCURACY else lowPrio

-                Logger.error(prio.toString())
-
                LocationServices
                    .getFusedLocationProviderClient(context)
                    .getCurrentLocation(prio, null)
@@ -54,7 +54,7 @@ fn main() {
        .setup(|app| {
            #[cfg(desktop)]
            {
-                use tauri::Manager;
+                use tauri::Emitter;
                use tauri_plugin_global_shortcut::{Code, Modifiers, ShortcutState};

                app.handle().plugin(
@@ -2,12 +2,12 @@
 // SPDX-License-Identifier: Apache-2.0
 // SPDX-License-Identifier: MIT

+import AudioToolbox
+import CoreHaptics
 import SwiftRs
 import Tauri
 import UIKit
 import WebKit
-import CoreHaptics
-import AudioToolbox

 class ImpactFeedbackOptions: Decodable {
  let style: ImpactFeedbackStyle
@@ -69,19 +69,21 @@ class HapticsPlugin: Plugin {
        try engine.start()
        engine.resetHandler = { [] in
          do {
-              try engine.start()
+            try engine.start()
          } catch {
            AudioServicesPlayAlertSound(kSystemSoundID_Vibrate)
          }
        }
        // TODO: Make some of this (or all) configurable?
-        let intensity: CHHapticEventParameter = CHHapticEventParameter(parameterID: .hapticIntensity, value: 1.0)
-        let sharpness: CHHapticEventParameter = CHHapticEventParameter(parameterID: .hapticSharpness, value: 1.0)
+        let intensity: CHHapticEventParameter = CHHapticEventParameter(
+          parameterID: .hapticIntensity, value: 1.0)
+        let sharpness: CHHapticEventParameter = CHHapticEventParameter(
+          parameterID: .hapticSharpness, value: 1.0)
        let continuousEvent = CHHapticEvent(
          eventType: .hapticContinuous,
          parameters: [intensity, sharpness],
          relativeTime: 0.0,
-          duration: args.duration/1000
+          duration: args.duration / 1000
        )
        let pattern = try CHHapticPattern(events: [continuousEvent], parameters: [])
        let player = try engine.makePlayer(with: pattern)
@@ -94,8 +96,6 @@ class HapticsPlugin: Plugin {
      AudioServicesPlayAlertSound(kSystemSoundID_Vibrate)
    }

-    Logger.error("VIBRATE END")
-
    invoke.resolve()
  }

@@ -343,10 +343,10 @@
          "markdownDescription": "Denies the fetch_send command without any pre-configured scope."
        },
        {
-          "description": "This permission set configures what kind of\nfetch operations are available from the http plugin.\n\nThis enables all fetch operations but does not\nallow explicitly any origins to be fetched. This needs to\nbe manually configured before usage.\n\n#### Granted Permissions\n\nAll fetch operations are enabled.\n\n\n#### This default permission set includes:\n\n- `allow-fetch`\n- `allow-fetch-cancel`\n- `allow-fetch-read-body`\n- `allow-fetch-send`",
+          "description": "This permission set configures what kind of\r\nfetch operations are available from the http plugin.\r\n\r\nThis enables all fetch operations but does not\r\nallow explicitly any origins to be fetched. This needs to\r\nbe manually configured before usage.\r\n\r\n#### Granted Permissions\r\n\r\nAll fetch operations are enabled.\r\n\r\n\n#### This default permission set includes:\n\n- `allow-fetch`\n- `allow-fetch-cancel`\n- `allow-fetch-read-body`\n- `allow-fetch-send`",
          "type": "string",
          "const": "default",
-          "markdownDescription": "This permission set configures what kind of\nfetch operations are available from the http plugin.\n\nThis enables all fetch operations but does not\nallow explicitly any origins to be fetched. This needs to\nbe manually configured before usage.\n\n#### Granted Permissions\n\nAll fetch operations are enabled.\n\n\n#### This default permission set includes:\n\n- `allow-fetch`\n- `allow-fetch-cancel`\n- `allow-fetch-read-body`\n- `allow-fetch-send`"
+          "markdownDescription": "This permission set configures what kind of\r\nfetch operations are available from the http plugin.\r\n\r\nThis enables all fetch operations but does not\r\nallow explicitly any origins to be fetched. This needs to\r\nbe manually configured before usage.\r\n\r\n#### Granted Permissions\r\n\r\nAll fetch operations are enabled.\r\n\r\n\n#### This default permission set includes:\n\n- `allow-fetch`\n- `allow-fetch-cancel`\n- `allow-fetch-read-body`\n- `allow-fetch-send`"
        }
      ]
    }
@@ -41,27 +41,43 @@ First you need to register the core plugin with Tauri:
 `src-tauri/src/lib.rs`

 ```rust
-use tauri::{Manager, window::WindowBuilder, WindowUrl};
+#[cfg(not(dev))]
+use tauri::{ipc::CapabilityBuilder, Manager, Url};
+use tauri::{WebviewUrl, WebviewWindowBuilder};

-fn main() {
-  let port = portpicker::pick_unused_port().expect("failed to find unused port");
+#[cfg_attr(mobile, tauri::mobile_entry_point)]
+pub fn run() {
+    let port = portpicker::pick_unused_port().expect("failed to find unused port");

-  tauri::Builder::default()
-    .plugin(tauri_plugin_localhost::Builder::new(port).build())
-    .setup(move |app| {
-      app.ipc_scope().configure_remote_access(
-        RemoteDomainAccessScope::new("localhost")
-          .add_window("main")
-      );
+    tauri::Builder::default()
+        .plugin(tauri_plugin_localhost::Builder::new(port).build())
+        .setup(move |app| {
+            // In `tauri dev` mode you usually use your dev server.
+            #[cfg(dev)]
+            let url = WebviewUrl::App(std::path::PathBuf::from("/"));

-      let url = format!("http://localhost:{}", port).parse().unwrap();
-      WindowBuilder::new(app, "main".to_string(), WindowUrl::External(url))
-        .title("Localhost Example")
-        .build()?;
-      Ok(())
-    })
-    .run(tauri::generate_context!())
-    .expect("error while running tauri application");
+            #[cfg(not(dev))]
+            let url = {
+                let url: Url = format!("http://localhost:{}", port).parse().unwrap();
+
+                app.add_capability(
+                    CapabilityBuilder::new("localhost")
+                        .remote(url.to_string())
+                        .window("main"),
+                )?;
+
+                WebviewUrl::External(url)
+            };
+
+            // This requires you to remove the window from tauri.conf.json
+            WebviewWindowBuilder::new(app, "main".to_string(), url)
+                .title("Localhost Example")
+                .build()?;
+
+            Ok(())
+        })
+        .run(tauri::generate_context!())
+        .expect("error while running tauri application");
 }
 ```

@@ -105,6 +105,10 @@ impl Builder {
                                    .insert("Content-Security-Policy".into(), csp);
                            }

+                            response
+                                .headers
+                                .insert("Cache-Control".into(), "no-cache".into());
+
                            if let Some(on_request) = &on_request {
                                on_request(&request, &mut response);
                            }
@@ -14,6 +14,8 @@ use log::{LevelFilter, Record};
 use serde::Serialize;
 use serde_repr::{Deserialize_repr, Serialize_repr};
 use std::borrow::Cow;
+use std::fs::OpenOptions;
+use std::io::Write;
 use std::{
    fmt::Arguments,
    fs::{self, File},
@@ -41,14 +43,15 @@ mod ios {
    ));
 }

-const DEFAULT_MAX_FILE_SIZE: u128 = 40000;
+const DEFAULT_MAX_FILE_SIZE: u64 = 40000;
 const DEFAULT_ROTATION_STRATEGY: RotationStrategy = RotationStrategy::KeepOne;
 const DEFAULT_TIMEZONE_STRATEGY: TimezoneStrategy = TimezoneStrategy::UseUtc;
 const DEFAULT_LOG_TARGETS: [Target; 2] = [
    Target::new(TargetKind::Stdout),
    Target::new(TargetKind::LogDir { file_name: None }),
 ];
-const LOG_DATE_FORMAT: &str = "[year]-[month]-[day]_[hour]-[minute]-[second]";
+const LOG_DATE_FORMAT: &[time::format_description::FormatItem<'_>] =
+    format_description!("[year]-[month]-[day]_[hour]-[minute]-[second]");

 #[derive(Debug, thiserror::Error)]
 pub enum Error {
@@ -116,6 +119,7 @@ impl From<log::Level> for LogLevel {
    }
 }

+#[derive(Debug, Clone)]
 pub enum RotationStrategy {
    /// Will keep all the logs, renaming them to include the date.
    KeepAll,
@@ -142,6 +146,174 @@ impl TimezoneStrategy {
    }
 }

+/// A custom log writer that rotates the log file when it exceeds specified size.
+struct RotatingFile {
+    dir: PathBuf,
+    file_name: String,
+    path: PathBuf,
+    max_size: u64,
+    current_size: u64,
+    rotation_strategy: RotationStrategy,
+    timezone_strategy: TimezoneStrategy,
+    inner: Option<File>,
+    buffer: Vec<u8>,
+}
+
+impl RotatingFile {
+    pub fn new(
+        dir: impl AsRef<Path>,
+        file_name: String,
+        max_size: u64,
+        rotation_strategy: RotationStrategy,
+        timezone_strategy: TimezoneStrategy,
+    ) -> Result<Self, Error> {
+        let dir = dir.as_ref().to_path_buf();
+        let path = dir.join(&file_name).with_extension("log");
+
+        let mut rotator = Self {
+            dir,
+            file_name,
+            path,
+            max_size,
+            current_size: 0,
+            rotation_strategy,
+            timezone_strategy,
+            inner: None,
+            buffer: Vec::new(),
+        };
+
+        rotator.open_file()?;
+        if rotator.current_size >= rotator.max_size {
+            rotator.rotate()?;
+        }
+        if let RotationStrategy::KeepSome(keep_count) = rotator.rotation_strategy {
+            rotator.remove_old_files(keep_count)?;
+        }
+
+        Ok(rotator)
+    }
+
+    fn open_file(&mut self) -> Result<(), Error> {
+        let file = OpenOptions::new()
+            .create(true)
+            .append(true)
+            .open(&self.path)?;
+        self.current_size = file.metadata()?.len();
+        self.inner = Some(file);
+        Ok(())
+    }
+
+    fn rotate(&mut self) -> Result<(), Error> {
+        if let Some(mut file) = self.inner.take() {
+            let _ = file.flush();
+        }
+        if self.path.exists() {
+            match self.rotation_strategy {
+                RotationStrategy::KeepAll => {
+                    self.rename_file_to_dated()?;
+                }
+                RotationStrategy::KeepSome(keep_count) => {
+                    // remove_old_files excludes the active file.
+                    // So we need to keep (keep_count - 1) archived files to make room for the one we are about to archive.
+                    self.remove_old_files(keep_count - 1)?;
+                    self.rename_file_to_dated()?;
+                }
+                RotationStrategy::KeepOne => {
+                    fs::remove_file(&self.path)?;
+                }
+            }
+        }
+        self.open_file()?;
+        Ok(())
+    }
+
+    /// Remove old log files until the number of old log files is equal to the keep_count,
+    /// the current active log file is not included in the keep_count.
+    fn remove_old_files(&self, keep_count: usize) -> Result<(), Error> {
+        let mut files = fs::read_dir(&self.dir)?
+            .filter_map(|entry| {
+                let entry = entry.ok()?;
+                let path = entry.path();
+                let old_file_name = path.file_name()?.to_string_lossy().into_owned();
+                if old_file_name.starts_with(&self.file_name)
+                  // exclude the current active file
+                  && old_file_name != format!("{}.log", self.file_name)
+                {
+                    let date = old_file_name
+                        .strip_prefix(&self.file_name)?
+                        .strip_prefix("_")?
+                        .strip_suffix(".log")?;
+                    Some((path, date.to_string()))
+                } else {
+                    None
+                }
+            })
+            .collect::<Vec<_>>();
+
+        files.sort_by(|a, b| a.1.cmp(&b.1));
+
+        if files.len() > keep_count {
+            let files_to_remove = files.len() - keep_count;
+            for (old_log_path, _) in files.iter().take(files_to_remove) {
+                fs::remove_file(old_log_path)?;
+            }
+        }
+        Ok(())
+    }
+
+    fn rename_file_to_dated(&self) -> Result<(), Error> {
+        let to = self.dir.join(format!(
+            "{}_{}.log",
+            self.file_name,
+            self.timezone_strategy
+                .get_now()
+                .format(LOG_DATE_FORMAT)
+                .unwrap(),
+        ));
+        if to.is_file() {
+            // designated rotated log file name already exists
+            // highly unlikely but defensively handle anyway by adding .bak to filename
+            let mut to_bak = to.clone();
+            to_bak.set_file_name(format!(
+                "{}.bak",
+                to_bak.file_name().unwrap().to_string_lossy()
+            ));
+            fs::rename(&to, to_bak)?;
+        }
+        fs::rename(&self.path, &to)?;
+        Ok(())
+    }
+}
+
+impl Write for RotatingFile {
+    fn write(&mut self, buf: &[u8]) -> std::io::Result<usize> {
+        self.buffer.extend_from_slice(buf);
+        Ok(buf.len())
+    }
+
+    fn flush(&mut self) -> std::io::Result<()> {
+        if self.buffer.is_empty() {
+            return Ok(());
+        }
+        if self.inner.is_none() {
+            self.open_file().map_err(std::io::Error::other)?;
+        }
+
+        if self.current_size != 0 && self.current_size + (self.buffer.len() as u64) > self.max_size
+        {
+            self.rotate().map_err(std::io::Error::other)?;
+        }
+
+        if let Some(file) = self.inner.as_mut() {
+            file.write_all(&self.buffer)?;
+            self.current_size += self.buffer.len() as u64;
+            file.flush()?;
+        }
+        self.buffer.clear();
+        Ok(())
+    }
+}
+
 #[derive(Debug, Serialize, Clone)]
 struct RecordPayload {
    message: String,
@@ -182,10 +354,13 @@ pub enum TargetKind {
    Dispatch(fern::Dispatch),
 }

+type Formatter = dyn Fn(FormatCallback, &Arguments, &Record) + Send + Sync + 'static;
+
 /// A log target.
 pub struct Target {
    kind: TargetKind,
    filters: Vec<Box<Filter>>,
+    formatter: Option<Box<Formatter>>,
 }

 impl Target {
@@ -194,6 +369,7 @@ impl Target {
        Self {
            kind,
            filters: Vec::new(),
+            formatter: None,
        }
    }

@@ -205,6 +381,15 @@ impl Target {
        self.filters.push(Box::new(filter));
        self
    }
+
+    #[inline]
+    pub fn format<F>(mut self, formatter: F) -> Self
+    where
+        F: Fn(FormatCallback, &Arguments, &Record) + Send + Sync + 'static,
+    {
+        self.formatter.replace(Box::new(formatter));
+        self
+    }
 }

 pub struct Builder {
@@ -238,7 +423,7 @@ impl Default for Builder {
            dispatch,
            rotation_strategy: DEFAULT_ROTATION_STRATEGY,
            timezone_strategy: DEFAULT_TIMEZONE_STRATEGY,
-            max_file_size: DEFAULT_MAX_FILE_SIZE,
+            max_file_size: DEFAULT_MAX_FILE_SIZE as u128,
            targets: DEFAULT_LOG_TARGETS.into(),
            is_skip_logger: false,
        }
@@ -271,8 +456,19 @@ impl Builder {
        self
    }

+    /// Sets the maximum file size for log rotation.
+    ///
+    /// Values larger than `u64::MAX` will be clamped to `u64::MAX`.
+    /// In v3, this parameter will be changed to `u64`.
    pub fn max_file_size(mut self, max_file_size: u128) -> Self {
-        self.max_file_size = max_file_size;
+        self.max_file_size = max_file_size.min(u64::MAX as u128);
+        self
+    }
+
+    pub fn clear_format(mut self) -> Self {
+        self.dispatch = self.dispatch.format(|out, message, _record| {
+            out.finish(format_args!("{message}"));
+        });
        self
    }

@@ -373,7 +569,7 @@ impl Builder {
        mut dispatch: fern::Dispatch,
        rotation_strategy: RotationStrategy,
        timezone_strategy: TimezoneStrategy,
-        max_file_size: u128,
+        max_file_size: u64,
        targets: Vec<Target>,
    ) -> Result<(log::LevelFilter, Box<dyn log::Log>), Error> {
        let app_name = &app_handle.package_info().name;
@@ -384,6 +580,9 @@ impl Builder {
            for filter in target.filters {
                target_dispatch = target_dispatch.filter(filter);
            }
+            if let Some(formatter) = target.formatter {
+                target_dispatch = target_dispatch.format(formatter);
+            }

            let logger = match target.kind {
                #[cfg(target_os = "android")]
@@ -416,14 +615,14 @@ impl Builder {
                        fs::create_dir_all(&path)?;
                    }

-                    fern::log_file(get_log_file_path(
+                    let rotator = RotatingFile::new(
                        &path,
-                        file_name.as_deref().unwrap_or(app_name),
-                        &rotation_strategy,
-                        &timezone_strategy,
+                        file_name.unwrap_or(app_name.clone()),
                        max_file_size,
-                    )?)?
-                    .into()
+                        rotation_strategy.clone(),
+                        timezone_strategy.clone(),
+                    )?;
+                    fern::Output::writer(Box::new(rotator), "\n")
                }
                TargetKind::LogDir { file_name } => {
                    let path = app_handle.path().app_log_dir()?;
@@ -431,14 +630,14 @@ impl Builder {
                        fs::create_dir_all(&path)?;
                    }

-                    fern::log_file(get_log_file_path(
+                    let rotator = RotatingFile::new(
                        &path,
-                        file_name.as_deref().unwrap_or(app_name),
-                        &rotation_strategy,
-                        &timezone_strategy,
+                        file_name.unwrap_or(app_name.clone()),
                        max_file_size,
-                    )?)?
-                    .into()
+                        rotation_strategy.clone(),
+                        timezone_strategy.clone(),
+                    )?;
+                    fern::Output::writer(Box::new(rotator), "\n")
                }
                TargetKind::Webview => {
                    let app_handle = app_handle.clone();
@@ -482,7 +681,7 @@ impl Builder {
            self.dispatch,
            self.rotation_strategy,
            self.timezone_strategy,
-            self.max_file_size,
+            self.max_file_size as u64,
            self.targets,
        )?;

@@ -498,7 +697,7 @@ impl Builder {
                        self.dispatch,
                        self.rotation_strategy,
                        self.timezone_strategy,
-                        self.max_file_size,
+                        self.max_file_size as u64,
                        self.targets,
                    )?;
                    attach_logger(max_level, log)?;
@@ -518,86 +717,3 @@ pub fn attach_logger(
    log::set_max_level(max_level);
    Ok(())
 }
-
-fn rename_file_to_dated(
-    path: &impl AsRef<Path>,
-    dir: &impl AsRef<Path>,
-    file_name: &str,
-    timezone_strategy: &TimezoneStrategy,
-) -> Result<(), Error> {
-    let to = dir.as_ref().join(format!(
-        "{}_{}.log",
-        file_name,
-        timezone_strategy
-            .get_now()
-            .format(&time::format_description::parse(LOG_DATE_FORMAT).unwrap())
-            .unwrap(),
-    ));
-    if to.is_file() {
-        // designated rotated log file name already exists
-        // highly unlikely but defensively handle anyway by adding .bak to filename
-        let mut to_bak = to.clone();
-        to_bak.set_file_name(format!(
-            "{}.bak",
-            to_bak.file_name().unwrap().to_string_lossy()
-        ));
-        fs::rename(&to, to_bak)?;
-    }
-    fs::rename(path, to)?;
-    Ok(())
-}
-
-fn get_log_file_path(
-    dir: &impl AsRef<Path>,
-    file_name: &str,
-    rotation_strategy: &RotationStrategy,
-    timezone_strategy: &TimezoneStrategy,
-    max_file_size: u128,
-) -> Result<PathBuf, Error> {
-    let path = dir.as_ref().join(format!("{file_name}.log"));
-
-    if path.exists() {
-        let log_size = File::open(&path)?.metadata()?.len() as u128;
-        if log_size > max_file_size {
-            match rotation_strategy {
-                RotationStrategy::KeepAll => {
-                    rename_file_to_dated(&path, dir, file_name, timezone_strategy)?;
-                }
-                RotationStrategy::KeepSome(how_many) => {
-                    let mut files = fs::read_dir(dir)?
-                        .filter_map(|entry| {
-                            let entry = entry.ok()?;
-                            let path = entry.path();
-                            let old_file_name = path.file_name()?.to_string_lossy().into_owned();
-                            if old_file_name.starts_with(file_name) {
-                                let date = old_file_name
-                                    .strip_prefix(file_name)?
-                                    .strip_prefix("_")?
-                                    .strip_suffix(".log")?;
-                                Some((path, date.to_string()))
-                            } else {
-                                None
-                            }
-                        })
-                        .collect::<Vec<_>>();
-                    // Regular sorting, so the oldest files are first. Lexicographical
-                    // sorting is fine due to the date format.
-                    files.sort_by(|a, b| a.1.cmp(&b.1));
-                    // We want to make space for the file we will be soon renaming, AND
-                    // the file we will be creating. Thus we need to keep how_many - 2 files.
-                    if files.len() > (*how_many - 2) {
-                        files.truncate(files.len() + 2 - *how_many);
-                        for (old_log_path, _) in files {
-                            fs::remove_file(old_log_path)?;
-                        }
-                    }
-                    rename_file_to_dated(&path, dir, file_name, timezone_strategy)?;
-                }
-                RotationStrategy::KeepOne => {
-                    fs::remove_file(&path)?;
-                }
-            }
-        }
-    }
-    Ok(path)
-}
@@ -269,5 +269,8 @@ export async function write(
 }

 export async function isAvailable(): Promise<boolean> {
-  return await invoke('plugin:nfc|is_available')
+  const { available }: { available: boolean } = await invoke(
+    'plugin:nfc|is_available'
+  )
+  return available
 }
@@ -331,10 +331,10 @@
          "markdownDescription": "Denies the write command without any pre-configured scope."
        },
        {
-          "description": "This permission set configures what kind of\noperations are available from the nfc plugin.\n\n#### Granted Permissions\n\nChecking if the NFC functionality is available\nand scanning nearby tags is allowed.\nWriting to tags needs to be manually enabled.\n\n\n#### This default permission set includes:\n\n- `allow-is-available`\n- `allow-scan`",
+          "description": "This permission set configures what kind of\r\noperations are available from the nfc plugin.\r\n\r\n#### Granted Permissions\r\n\r\nChecking if the NFC functionality is available\r\nand scanning nearby tags is allowed.\r\nWriting to tags needs to be manually enabled.\r\n\r\n\n#### This default permission set includes:\n\n- `allow-is-available`\n- `allow-scan`",
          "type": "string",
          "const": "default",
-          "markdownDescription": "This permission set configures what kind of\noperations are available from the nfc plugin.\n\n#### Granted Permissions\n\nChecking if the NFC functionality is available\nand scanning nearby tags is allowed.\nWriting to tags needs to be manually enabled.\n\n\n#### This default permission set includes:\n\n- `allow-is-available`\n- `allow-scan`"
+          "markdownDescription": "This permission set configures what kind of\r\noperations are available from the nfc plugin.\r\n\r\n#### Granted Permissions\r\n\r\nChecking if the NFC functionality is available\r\nand scanning nearby tags is allowed.\r\nWriting to tags needs to be manually enabled.\r\n\r\n\n#### This default permission set includes:\n\n- `allow-is-available`\n- `allow-scan`"
        }
      ]
    }
@@ -12,8 +12,10 @@ mod scope;
 #[derive(schemars::JsonSchema)]
 #[serde(untagged)]
 #[allow(unused)]
+#[derive(Default)]
 enum Application {
    /// Open in default application.
+    #[default]
    Default,
    /// If true, allow open with any application.
    Enable(bool),
@@ -21,12 +23,6 @@ enum Application {
    App(String),
 }

-impl Default for Application {
-    fn default() -> Self {
-        Self::Default
-    }
-}
-
 /// Opener scope entry.
 #[derive(schemars::JsonSchema)]
 #[serde(untagged)]
@@ -115,7 +115,7 @@ mod imp {
            let parent_item_id_list = OwnedItemIdList::new(parent)?;
            let to_reveals_item_id_list = to_reveals
                .iter()
-                .map(|to_reveal| OwnedItemIdList::new(*to_reveal))
+                .map(|to_reveal| OwnedItemIdList::new(to_reveal))
                .collect::<crate::Result<Vec<_>>>()?;
            if let Err(e) = unsafe {
                SHOpenFolderAndSelectItems(
@@ -8,18 +8,14 @@ use serde::Deserialize;

 #[derive(Deserialize, Debug)]
 #[serde(untagged)]
+#[derive(Default)]
 pub enum Application {
+    #[default]
    Default,
    Enable(bool),
    App(String),
 }

-impl Default for Application {
-    fn default() -> Self {
-        Self::Default
-    }
-}
-
 #[derive(Deserialize)]
 #[serde(untagged, rename_all = "camelCase")]
 pub(crate) enum EntryRaw {
@@ -391,10 +391,10 @@
          "markdownDescription": "Denies the version command without any pre-configured scope."
        },
        {
-          "description": "This permission set configures which\noperating system information are available\nto gather from the frontend.\n\n#### Granted Permissions\n\nAll information except the host name are available.\n\n\n#### This default permission set includes:\n\n- `allow-arch`\n- `allow-exe-extension`\n- `allow-family`\n- `allow-locale`\n- `allow-os-type`\n- `allow-platform`\n- `allow-version`",
+          "description": "This permission set configures which\r\noperating system information are available\r\nto gather from the frontend.\r\n\r\n#### Granted Permissions\r\n\r\nAll information except the host name are available.\r\n\r\n\n#### This default permission set includes:\n\n- `allow-arch`\n- `allow-exe-extension`\n- `allow-family`\n- `allow-locale`\n- `allow-os-type`\n- `allow-platform`\n- `allow-version`",
          "type": "string",
          "const": "default",
-          "markdownDescription": "This permission set configures which\noperating system information are available\nto gather from the frontend.\n\n#### Granted Permissions\n\nAll information except the host name are available.\n\n\n#### This default permission set includes:\n\n- `allow-arch`\n- `allow-exe-extension`\n- `allow-family`\n- `allow-locale`\n- `allow-os-type`\n- `allow-platform`\n- `allow-version`"
+          "markdownDescription": "This permission set configures which\r\noperating system information are available\r\nto gather from the frontend.\r\n\r\n#### Granted Permissions\r\n\r\nAll information except the host name are available.\r\n\r\n\n#### This default permission set includes:\n\n- `allow-arch`\n- `allow-exe-extension`\n- `allow-family`\n- `allow-locale`\n- `allow-os-type`\n- `allow-platform`\n- `allow-version`"
        }
      ]
    }
@@ -319,10 +319,10 @@
          "markdownDescription": "Denies the restart command without any pre-configured scope."
        },
        {
-          "description": "This permission set configures which\nprocess features are by default exposed.\n\n#### Granted Permissions\n\nThis enables to quit via `allow-exit` and restart via `allow-restart`\nthe application.\n\n#### This default permission set includes:\n\n- `allow-exit`\n- `allow-restart`",
+          "description": "This permission set configures which\r\nprocess features are by default exposed.\r\n\r\n#### Granted Permissions\r\n\r\nThis enables to quit via `allow-exit` and restart via `allow-restart`\r\nthe application.\r\n\n#### This default permission set includes:\n\n- `allow-exit`\n- `allow-restart`",
          "type": "string",
          "const": "default",
-          "markdownDescription": "This permission set configures which\nprocess features are by default exposed.\n\n#### Granted Permissions\n\nThis enables to quit via `allow-exit` and restart via `allow-restart`\nthe application.\n\n#### This default permission set includes:\n\n- `allow-exit`\n- `allow-restart`"
+          "markdownDescription": "This permission set configures which\r\nprocess features are by default exposed.\r\n\r\n#### Granted Permissions\r\n\r\nThis enables to quit via `allow-exit` and restart via `allow-restart`\r\nthe application.\r\n\n#### This default permission set includes:\n\n- `allow-exit`\n- `allow-restart`"
        }
      ]
    }
@@ -0,0 +1,56 @@
+[package]
+name = "tauri-plugin-secure-storage"
+version = "2.0.0"
+edition = { workspace = true }
+rust-version = "1.85"
+authors = { workspace = true }
+license = { workspace = true }
+repository = { workspace = true }
+links = "tauri-plugin-secure-storage"
+description = "Store data in the platforms' keychains."
+
+[package.metadata.docs.rs]
+rustc-args = ["--cfg", "docsrs"]
+rustdoc-args = ["--cfg", "docsrs"]
+
+# Platforms supported by the plugin
+# Support levels are "full", "partial", "none", "unknown"
+# Details of the support level are left to plugin maintainer
+[package.metadata.platforms]
+windows = { level = "full", notes = "Windows' credentials storage only protects from other accounts on that system. The main user and their apps can access your app's data." }
+linux = { level = "full", notes = "May not work in WSL." }
+macos = { level = "full", notes = "May prompt for passwords twice." }
+android = { level = "full", notes = "The implementation is very new and therefore not battle-tested nor audited." }
+ios = { level = "full", notes = "" }
+
+[build-dependencies]
+tauri-plugin = { workspace = true, features = ["build"] }
+
+[features]
+# TODO: docs
+# TODO: Check if protected works on intel as well, otherwise we may have to split this up. using protected for ios and keychain for macos and somehow making protected opt-in for apple silicon macs.
+apple-keychain = ["apple-native-keyring-store/keychain"]
+apple-protected = ["apple-native-keyring-store/protected"]
+
+[dependencies]
+serde = { workspace = true }
+serde_json = { workspace = true }
+tauri = { workspace = true }
+log = { workspace = true }
+thiserror = { workspace = true }
+keyring-core = "0.7"
+
+[target.'cfg(windows)'.dependencies]
+windows-native-keyring-store = "0.2"
+
+[target.'cfg(target_os = "linux")'.dependencies]
+zbus-secret-service-keyring-store = { version = "0.2", features = [
+  "rt-tokio-crypto-rust",
+] }
+
+[target.'cfg(any(target_os = "ios", target_os = "macos"))'.dependencies]
+apple-native-keyring-store = "0.2"
+
+[target.'cfg(target_os = "android")'.dependencies]
+# TODO: upstream is on keyring-core@0.6
+android-native-keyring-store = { git = "https://github.com/FabianLars/android-native-keyring-store" }
@@ -0,0 +1,20 @@
+SPDXVersion: SPDX-2.1
+DataLicense: CC0-1.0
+PackageName: tauri
+DataFormat: SPDXRef-1
+PackageSupplier: Organization: The Tauri Programme in the Commons Conservancy
+PackageHomePage: https://tauri.app
+PackageLicenseDeclared: Apache-2.0
+PackageLicenseDeclared: MIT
+PackageCopyrightText: 2019-2022, The Tauri Programme in the Commons Conservancy
+PackageSummary: <text>Tauri is a rust project that enables developers to make secure
+and small desktop applications using a web frontend.
+                </text>
+PackageComment: <text>The package includes the following libraries; see
+Relationship information.
+                </text>
+Created: 2019-05-20T09:00:00Z
+PackageDownloadLocation: git://github.com/tauri-apps/tauri
+PackageDownloadLocation: git+https://github.com/tauri-apps/tauri.git
+PackageDownloadLocation: git+ssh://github.com/tauri-apps/tauri.git
+Creator: Person: Daniel Thompson-Yvetot
@@ -0,0 +1,177 @@
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2017 - Present Tauri Apps Contributors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
@@ -0,0 +1,107 @@
+![secure-storage](https://github.com/tauri-apps/plugins-workspace/raw/v2/plugins/secure-storage/banner.png)
+
+Store data in the platforms' keychains.
+
+<!-- TODO: List the keychains we use -->
+
+| Platform | Supported |
+| -------- | --------- |
+| Linux    | ✓         |
+| Windows  | ✓         |
+| macOS    | ✓         |
+| Android  | ✓         |
+| iOS      | ✓         |
+
+## Install
+
+_This plugin requires a Rust version of at least **1.85**_
+
+There are three general methods of installation that we can recommend.
+
+1. Use crates.io and npm (easiest, and requires you to trust that our publishing pipeline worked)
+2. Pull sources directly from Github using git tags / revision hashes (most secure)
+3. Git submodule install this repo in your tauri project and then use file protocol to ingest the source (most secure, but inconvenient to use)
+
+Install the Core plugin by adding the following to your `Cargo.toml` file:
+
+`src-tauri/Cargo.toml`
+
+```toml
+[dependencies]
+tauri-plugin-secure-storage = "2.0.0"
+# alternatively with Git:
+tauri-plugin-secure-storage = { git = "https://github.com/tauri-apps/plugins-workspace", branch = "v2" }
+```
+
+You can install the JavaScript Guest bindings using your preferred JavaScript package manager:
+
+```sh
+pnpm add @tauri-apps/plugin-secure-storage
+# or
+npm add @tauri-apps/plugin-secure-storage
+# or
+yarn add @tauri-apps/plugin-secure-storage
+```
+
+## Usage
+
+First you need to register the core plugin with Tauri:
+
+`src-tauri/src/lib.rs`
+
+```rust
+fn main() {
+    tauri::Builder::default()
+        .plugin(tauri_plugin_secure_storage::init())
+        .run(tauri::generate_context!())
+        .expect("error while running tauri application");
+}
+```
+
+Afterwards all the plugin's APIs are available through the JavaScript guest bindings:
+
+```typescript
+import { setString, getString } from '@tauri-apps/plugin-secure-storage'
+
+await setString('some-key', 'some-secret-value')
+
+const storedData = getString('some-key')
+
+console.log(storedData) // Should return `some-secret-value`
+```
+
+Similarily, the plugin also has Rust APIs:
+
+```rs
+use tauri_plugin_secure_storage::SecureStorageExt;
+
+app.secure_storage().set_string("some-key", "some-secret-value");
+
+let stored_data = app.secure_storage().get_string("some-key");
+```
+
+## Contributing
+
+PRs accepted. Please make sure to read the Contributing Guide before making a pull request.
+
+## Partners
+
+<table>
+  <tbody>
+    <tr>
+      <td align="center" valign="middle">
+        <a href="https://crabnebula.dev" target="_blank">
+          <img src="https://github.com/tauri-apps/plugins-workspace/raw/v2/.github/sponsors/crabnebula.svg" alt="CrabNebula" width="283">
+        </a>
+      </td>
+    </tr>
+  </tbody>
+</table>
+
+For the complete list of sponsors please visit our [website](https://tauri.app#sponsors) and [Open Collective](https://opencollective.com/tauri).
+
+## License
+
+Code: (c) 2015 - Present - The Tauri Programme within The Commons Conservancy.
+
+MIT or MIT/Apache 2.0 where applicable.
@@ -0,0 +1,23 @@
+# Security Policy
+
+**Do not report security vulnerabilities through public GitHub issues.**
+
+**Please use the [Private Vulnerability Disclosure](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability) feature of GitHub.**
+
+Include as much of the following information:
+
+- Type of issue (e.g. improper input parsing, privilege escalation, etc.)
+- The location of the affected source code (tag/branch/commit or direct URL)
+- Any special configuration required to reproduce the issue
+- The distribution affected or used to help us with reproduction of the issue
+- Step-by-step instructions to reproduce the issue
+- Ideally a reproduction repository
+- Impact of the issue, including how an attacker might exploit the issue
+
+We prefer to receive reports in English.
+
+## Contact
+
+Please disclose a vulnerability or security relevant issue here: [https://github.com/tauri-apps/plugins-workspace/security/advisories/new](https://github.com/tauri-apps/plugins-workspace/security/advisories/new).
+
+Alternatively, you can also contact us by email via [security@tauri.app](mailto:security@tauri.app).
@@ -0,0 +1 @@
+if("__TAURI__"in window){var __TAURI_PLUGIN_SECURE_STORAGE__=function(e){"use strict";async function n(e,n={},r){return window.__TAURI_INTERNALS__.invoke(e,n,r)}return"function"==typeof SuppressedError&&SuppressedError,e.getBinary=async function(e){return await n("plugin:secure-storage|set_string",{key:e})},e.getString=async function(e){return await n("plugin:secure-storage|get_string",{key:e})},e.setBinary=async function(e,r){return await n("plugin:secure-storage|set_binary",{key:e,value:r})},e.setString=async function(e,r){return await n("plugin:secure-storage|set_string",{key:e,value:r})},e}({});Object.defineProperty(window.__TAURI__,"secureStorage",{value:__TAURI_PLUGIN_SECURE_STORAGE__})}
@@ -0,0 +1,18 @@
+// Copyright 2019-2023 Tauri Programme within The Commons Conservancy
+// SPDX-License-Identifier: Apache-2.0
+// SPDX-License-Identifier: MIT
+
+const COMMANDS: &[&str] = &["set_string", "get_string", "set_binary", "get_binary"];
+
+fn main() {
+    let result = tauri_plugin::Builder::new(COMMANDS)
+        .global_api_script_path("./api-iife.js")
+        //.android_path("android")
+        //.ios_path("ios")
+        .try_build();
+
+    // when building documentation for Android the plugin build result is always Err() and is irrelevant to the crate documentation build
+    if !(cfg!(docsrs) && std::env::var("TARGET").unwrap().contains("android")) {
+        result.unwrap();
+    }
+}
@@ -0,0 +1,39 @@
+// Copyright 2019-2023 Tauri Programme within The Commons Conservancy
+// SPDX-License-Identifier: Apache-2.0
+// SPDX-License-Identifier: MIT
+
+import { invoke } from '@tauri-apps/api/core'
+
+// TODO: functions to delete entries?
+// TODO: docs
+
+/*
+ * Corresponds to [`set_password`](https://docs.rs/keyring-core/latest/keyring_core/struct.Entry.html#method.set_password) in keyring-rs.
+ */
+export async function setString(key: string, value: string) {
+  return await invoke('plugin:secure-storage|set_string', { key, value })
+}
+
+/*
+ * Corresponds to [`get_password`](https://docs.rs/keyring-core/latest/keyring_core/struct.Entry.html#method.get_password) in keyring-rs.
+ */
+export async function getString(key: string): Promise<string> {
+  return await invoke('plugin:secure-storage|get_string', { key })
+}
+
+/*
+ * Corresponds to [`set_secret`](https://docs.rs/keyring-core/latest/keyring_core/struct.Entry.html#method.set_secret) in keyring-rs.
+ */
+export async function setBytes(
+  key: string,
+  value: number[] | Uint8Array | ArrayBuffer
+) {
+  return await invoke('plugin:secure-storage|set_binary', { key, value })
+}
+
+/*
+ * Corresponds to [`get_secret`](https://docs.rs/keyring-core/latest/keyring_core/struct.Entry.html#method.set_password) in keyring-rs.
+ */
+export async function getBytes(key: string): Promise<number[]> {
+  return await invoke('plugin:secure-storage|set_string', { key })
+}
@@ -0,0 +1,29 @@
+{
+  "name": "@tauri-apps/plugin-secure-storage",
+  "version": "2.0.0",
+  "license": "MIT OR Apache-2.0",
+  "authors": [
+    "Tauri Programme within The Commons Conservancy"
+  ],
+  "repository": "https://github.com/tauri-apps/plugins-workspace",
+  "type": "module",
+  "types": "./dist-js/index.d.ts",
+  "main": "./dist-js/index.cjs",
+  "module": "./dist-js/index.js",
+  "exports": {
+    "types": "./dist-js/index.d.ts",
+    "import": "./dist-js/index.js",
+    "require": "./dist-js/index.cjs"
+  },
+  "scripts": {
+    "build": "rollup -c"
+  },
+  "files": [
+    "dist-js",
+    "README.md",
+    "LICENSE"
+  ],
+  "dependencies": {
+    "@tauri-apps/api": "^2.8.0"
+  }
+}
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-get-binary"
+description = "Enables the get_binary command without any pre-configured scope."
+commands.allow = ["get_binary"]
+
+[[permission]]
+identifier = "deny-get-binary"
+description = "Denies the get_binary command without any pre-configured scope."
+commands.deny = ["get_binary"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-get-string"
+description = "Enables the get_string command without any pre-configured scope."
+commands.allow = ["get_string"]
+
+[[permission]]
+identifier = "deny-get-string"
+description = "Denies the get_string command without any pre-configured scope."
+commands.deny = ["get_string"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-set-binary"
+description = "Enables the set_binary command without any pre-configured scope."
+commands.allow = ["set_binary"]
+
+[[permission]]
+identifier = "deny-set-binary"
+description = "Denies the set_binary command without any pre-configured scope."
+commands.deny = ["set_binary"]
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-set-string"
+description = "Enables the set_string command without any pre-configured scope."
+commands.allow = ["set_string"]
+
+[[permission]]
+identifier = "deny-set-string"
+description = "Denies the set_string command without any pre-configured scope."
+commands.deny = ["set_string"]
@@ -0,0 +1,132 @@
+## Default Permission
+
+This permission set configures which
+Secure Storage APIs are available by defaultt.
+
+#### Granted Permissions
+
+In the PoC phase all commands are allowed by default.
+
+#### This default permission set includes the following:
+
+- `allow-arch`
+- `allow-exe-extension`
+- `allow-family`
+- `allow-locale`
+- `allow-os-type`
+- `allow-platform`
+- `allow-version`
+
+## Permission Table
+
+<table>
+<tr>
+<th>Identifier</th>
+<th>Description</th>
+</tr>
+
+
+<tr>
+<td>
+
+`secure-storage:allow-get-binary`
+
+</td>
+<td>
+
+Enables the get_binary command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`secure-storage:deny-get-binary`
+
+</td>
+<td>
+
+Denies the get_binary command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`secure-storage:allow-get-string`
+
+</td>
+<td>
+
+Enables the get_string command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`secure-storage:deny-get-string`
+
+</td>
+<td>
+
+Denies the get_string command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`secure-storage:allow-set-binary`
+
+</td>
+<td>
+
+Enables the set_binary command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`secure-storage:deny-set-binary`
+
+</td>
+<td>
+
+Denies the set_binary command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`secure-storage:allow-set-string`
+
+</td>
+<td>
+
+Enables the set_string command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`secure-storage:deny-set-string`
+
+</td>
+<td>
+
+Denies the set_string command without any pre-configured scope.
+
+</td>
+</tr>
+</table>
@@ -0,0 +1,23 @@
+"$schema" = "schemas/schema.json"
+
+# TODO: Discuss defaults. Also consider potentional encrypt/decrypt-like functions.
+[default]
+description = """
+This permission set configures which
+Secure Storage APIs are available by defaultt.
+
+#### Granted Permissions
+
+In the PoC phase all commands are allowed by default.
+
+"""
+
+permissions = [
+  "allow-arch",
+  "allow-exe-extension",
+  "allow-family",
+  "allow-locale",
+  "allow-os-type",
+  "allow-platform",
+  "allow-version",
+]
@@ -0,0 +1,354 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "title": "PermissionFile",
+  "description": "Permission file that can define a default permission, a set of permissions or a list of inlined permissions.",
+  "type": "object",
+  "properties": {
+    "default": {
+      "description": "The default permission set for the plugin",
+      "anyOf": [
+        {
+          "$ref": "#/definitions/DefaultPermission"
+        },
+        {
+          "type": "null"
+        }
+      ]
+    },
+    "set": {
+      "description": "A list of permissions sets defined",
+      "type": "array",
+      "items": {
+        "$ref": "#/definitions/PermissionSet"
+      }
+    },
+    "permission": {
+      "description": "A list of inlined permissions",
+      "default": [],
+      "type": "array",
+      "items": {
+        "$ref": "#/definitions/Permission"
+      }
+    }
+  },
+  "definitions": {
+    "DefaultPermission": {
+      "description": "The default permission set of the plugin.\n\nWorks similarly to a permission with the \"default\" identifier.",
+      "type": "object",
+      "required": [
+        "permissions"
+      ],
+      "properties": {
+        "version": {
+          "description": "The version of the permission.",
+          "type": [
+            "integer",
+            "null"
+          ],
+          "format": "uint64",
+          "minimum": 1.0
+        },
+        "description": {
+          "description": "Human-readable description of what the permission does. Tauri convention is to use `<h4>` headings in markdown content for Tauri documentation generation purposes.",
+          "type": [
+            "string",
+            "null"
+          ]
+        },
+        "permissions": {
+          "description": "All permissions this set contains.",
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        }
+      }
+    },
+    "PermissionSet": {
+      "description": "A set of direct permissions grouped together under a new name.",
+      "type": "object",
+      "required": [
+        "description",
+        "identifier",
+        "permissions"
+      ],
+      "properties": {
+        "identifier": {
+          "description": "A unique identifier for the permission.",
+          "type": "string"
+        },
+        "description": {
+          "description": "Human-readable description of what the permission does.",
+          "type": "string"
+        },
+        "permissions": {
+          "description": "All permissions this set contains.",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/PermissionKind"
+          }
+        }
+      }
+    },
+    "Permission": {
+      "description": "Descriptions of explicit privileges of commands.\n\nIt can enable commands to be accessible in the frontend of the application.\n\nIf the scope is defined it can be used to fine grain control the access of individual or multiple commands.",
+      "type": "object",
+      "required": [
+        "identifier"
+      ],
+      "properties": {
+        "version": {
+          "description": "The version of the permission.",
+          "type": [
+            "integer",
+            "null"
+          ],
+          "format": "uint64",
+          "minimum": 1.0
+        },
+        "identifier": {
+          "description": "A unique identifier for the permission.",
+          "type": "string"
+        },
+        "description": {
+          "description": "Human-readable description of what the permission does. Tauri internal convention is to use `<h4>` headings in markdown content for Tauri documentation generation purposes.",
+          "type": [
+            "string",
+            "null"
+          ]
+        },
+        "commands": {
+          "description": "Allowed or denied commands when using this permission.",
+          "default": {
+            "allow": [],
+            "deny": []
+          },
+          "allOf": [
+            {
+              "$ref": "#/definitions/Commands"
+            }
+          ]
+        },
+        "scope": {
+          "description": "Allowed or denied scoped when using this permission.",
+          "allOf": [
+            {
+              "$ref": "#/definitions/Scopes"
+            }
+          ]
+        },
+        "platforms": {
+          "description": "Target platforms this permission applies. By default all platforms are affected by this permission.",
+          "type": [
+            "array",
+            "null"
+          ],
+          "items": {
+            "$ref": "#/definitions/Target"
+          }
+        }
+      }
+    },
+    "Commands": {
+      "description": "Allowed and denied commands inside a permission.\n\nIf two commands clash inside of `allow` and `deny`, it should be denied by default.",
+      "type": "object",
+      "properties": {
+        "allow": {
+          "description": "Allowed command.",
+          "default": [],
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        },
+        "deny": {
+          "description": "Denied command, which takes priority.",
+          "default": [],
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        }
+      }
+    },
+    "Scopes": {
+      "description": "An argument for fine grained behavior control of Tauri commands.\n\nIt can be of any serde serializable type and is used to allow or prevent certain actions inside a Tauri command. The configured scope is passed to the command and will be enforced by the command implementation.\n\n## Example\n\n```json { \"allow\": [{ \"path\": \"$HOME/**\" }], \"deny\": [{ \"path\": \"$HOME/secret.txt\" }] } ```",
+      "type": "object",
+      "properties": {
+        "allow": {
+          "description": "Data that defines what is allowed by the scope.",
+          "type": [
+            "array",
+            "null"
+          ],
+          "items": {
+            "$ref": "#/definitions/Value"
+          }
+        },
+        "deny": {
+          "description": "Data that defines what is denied by the scope. This should be prioritized by validation logic.",
+          "type": [
+            "array",
+            "null"
+          ],
+          "items": {
+            "$ref": "#/definitions/Value"
+          }
+        }
+      }
+    },
+    "Value": {
+      "description": "All supported ACL values.",
+      "anyOf": [
+        {
+          "description": "Represents a null JSON value.",
+          "type": "null"
+        },
+        {
+          "description": "Represents a [`bool`].",
+          "type": "boolean"
+        },
+        {
+          "description": "Represents a valid ACL [`Number`].",
+          "allOf": [
+            {
+              "$ref": "#/definitions/Number"
+            }
+          ]
+        },
+        {
+          "description": "Represents a [`String`].",
+          "type": "string"
+        },
+        {
+          "description": "Represents a list of other [`Value`]s.",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/Value"
+          }
+        },
+        {
+          "description": "Represents a map of [`String`] keys to [`Value`]s.",
+          "type": "object",
+          "additionalProperties": {
+            "$ref": "#/definitions/Value"
+          }
+        }
+      ]
+    },
+    "Number": {
+      "description": "A valid ACL number.",
+      "anyOf": [
+        {
+          "description": "Represents an [`i64`].",
+          "type": "integer",
+          "format": "int64"
+        },
+        {
+          "description": "Represents a [`f64`].",
+          "type": "number",
+          "format": "double"
+        }
+      ]
+    },
+    "Target": {
+      "description": "Platform target.",
+      "oneOf": [
+        {
+          "description": "MacOS.",
+          "type": "string",
+          "enum": [
+            "macOS"
+          ]
+        },
+        {
+          "description": "Windows.",
+          "type": "string",
+          "enum": [
+            "windows"
+          ]
+        },
+        {
+          "description": "Linux.",
+          "type": "string",
+          "enum": [
+            "linux"
+          ]
+        },
+        {
+          "description": "Android.",
+          "type": "string",
+          "enum": [
+            "android"
+          ]
+        },
+        {
+          "description": "iOS.",
+          "type": "string",
+          "enum": [
+            "iOS"
+          ]
+        }
+      ]
+    },
+    "PermissionKind": {
+      "type": "string",
+      "oneOf": [
+        {
+          "description": "Enables the get_binary command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-get-binary",
+          "markdownDescription": "Enables the get_binary command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the get_binary command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-get-binary",
+          "markdownDescription": "Denies the get_binary command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the get_string command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-get-string",
+          "markdownDescription": "Enables the get_string command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the get_string command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-get-string",
+          "markdownDescription": "Denies the get_string command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the set_binary command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-set-binary",
+          "markdownDescription": "Enables the set_binary command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the set_binary command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-set-binary",
+          "markdownDescription": "Denies the set_binary command without any pre-configured scope."
+        },
+        {
+          "description": "Enables the set_string command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-set-string",
+          "markdownDescription": "Enables the set_string command without any pre-configured scope."
+        },
+        {
+          "description": "Denies the set_string command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-set-string",
+          "markdownDescription": "Denies the set_string command without any pre-configured scope."
+        },
+        {
+          "description": "This permission set configures which\r\nSecure Storage APIs are available by defaultt.\r\n\r\n#### Granted Permissions\r\n\r\nIn the PoC phase all commands are allowed by default.\r\n\r\n\n#### This default permission set includes:\n\n- `allow-arch`\n- `allow-exe-extension`\n- `allow-family`\n- `allow-locale`\n- `allow-os-type`\n- `allow-platform`\n- `allow-version`",
+          "type": "string",
+          "const": "default",
+          "markdownDescription": "This permission set configures which\r\nSecure Storage APIs are available by defaultt.\r\n\r\n#### Granted Permissions\r\n\r\nIn the PoC phase all commands are allowed by default.\r\n\r\n\n#### This default permission set includes:\n\n- `allow-arch`\n- `allow-exe-extension`\n- `allow-family`\n- `allow-locale`\n- `allow-os-type`\n- `allow-platform`\n- `allow-version`"
+        }
+      ]
+    }
+  }
+}
@@ -0,0 +1,7 @@
+// Copyright 2019-2023 Tauri Programme within The Commons Conservancy
+// SPDX-License-Identifier: Apache-2.0
+// SPDX-License-Identifier: MIT
+
+import { createConfig } from '../../shared/rollup.config.js'
+
+export default createConfig()
@@ -0,0 +1,27 @@
+// Copyright 2019-2023 Tauri Programme within The Commons Conservancy
+// SPDX-License-Identifier: Apache-2.0
+// SPDX-License-Identifier: MIT
+
+use tauri::{command, AppHandle, Runtime};
+
+use crate::{Result, SecureStorageExt};
+
+#[command]
+pub(crate) fn set_string<R: Runtime>(app: AppHandle<R>, key: &str, value: &str) -> Result<()> {
+    app.secure_storage().set_string(key, value)
+}
+
+#[command]
+pub(crate) fn get_string<R: Runtime>(app: AppHandle<R>, key: &str) -> Result<String> {
+    app.secure_storage().get_string(key)
+}
+
+#[command]
+pub(crate) fn set_bytes<R: Runtime>(app: AppHandle<R>, key: &str, value: &[u8]) -> Result<()> {
+    app.secure_storage().set_bytes(key, value)
+}
+
+#[command]
+pub(crate) fn get_bytes<R: Runtime>(app: AppHandle<R>, key: &str) -> Result<Vec<u8>> {
+    app.secure_storage().get_bytes(key)
+}
@@ -0,0 +1,23 @@
+// Copyright 2019-2023 Tauri Programme within The Commons Conservancy
+// SPDX-License-Identifier: Apache-2.0
+// SPDX-License-Identifier: MIT
+
+use serde::{ser::Serializer, Serialize};
+
+pub type Result<T> = std::result::Result<T, Error>;
+
+#[non_exhaustive]
+#[derive(Debug, thiserror::Error)]
+pub enum Error {
+    #[error(transparent)]
+    Keyring(#[from] keyring_core::Error),
+}
+
+impl Serialize for Error {
+    fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
+    where
+        S: Serializer,
+    {
+        serializer.serialize_str(self.to_string().as_ref())
+    }
+}
@@ -0,0 +1,86 @@
+// Copyright 2019-2023 Tauri Programme within The Commons Conservancy
+// SPDX-License-Identifier: Apache-2.0
+// SPDX-License-Identifier: MIT
+
+use keyring_core::{set_default_store, Entry};
+use tauri::{
+    plugin::{Builder, TauriPlugin},
+    AppHandle, Manager, Runtime,
+};
+
+mod commands;
+mod error;
+
+pub use error::{Error, Result};
+
+// TODO: Consider using a worker thread to handle caveats mentioned by keyring-rs
+
+/// Extensions to [`tauri::App`], [`tauri::AppHandle`], [`tauri::WebviewWindow`], [`tauri::Webview`] and [`tauri::Window`] to access the secure-storage APIs.
+pub trait SecureStorageExt<R: Runtime> {
+    fn secure_storage(&self) -> &SecureStorage<R>;
+}
+
+impl<R: Runtime, T: Manager<R>> crate::SecureStorageExt<R> for T {
+    fn secure_storage(&self) -> &SecureStorage<R> {
+        self.state::<SecureStorage<R>>().inner()
+    }
+}
+
+/// Initializes the plugin.
+pub fn init<R: Runtime>() -> TauriPlugin<R> {
+    Builder::new("secure-storage")
+        .invoke_handler(tauri::generate_handler![
+            commands::set_string,
+            commands::get_string,
+            commands::set_bytes,
+            commands::get_bytes
+        ])
+        .setup(|app, _api| {
+            #[cfg(target_os = "android")]
+            set_default_store(android_native_keyring_store::AndroidStore::from_ndk_context()?);
+
+            // TODO: (maybe) config to change used keychain.
+            #[cfg(all(target_os = "android", feature = "apple-keychain"))]
+            set_default_store(apple_native_keyring_store::keychain::Store::new()?);
+
+            // TODO: config. most notably icloud sync and biometrics
+            #[cfg(all(target_os = "android", feature = "apple-protected"))]
+            set_default_store(apple_native_keyring_store::protected::Store::new()?);
+
+            #[cfg(windows)]
+            set_default_store(windows_native_keyring_store::Store::new()?);
+
+            #[cfg(target_os = "linux")]
+            set_default_store(zbus_secret_service_keyring_store::Store::new()?);
+
+            app.manage(SecureStorage(app.clone()));
+            Ok(())
+        })
+        .build()
+}
+
+/// Access to the secure-storage APIs.
+pub struct SecureStorage<R: Runtime>(AppHandle<R>);
+
+// TODO: docs
+impl<R: Runtime> SecureStorage<R> {
+    /// Corresponds to [`set_password`](https://docs.rs/keyring-core/latest/keyring_core/struct.Entry.html#method.set_password) in keyring-rs.
+    pub fn set_string(&self, key: &str, value: &str) -> Result<()> {
+        Ok(Entry::new(&self.0.config().identifier, key)?.set_password(value)?)
+    }
+
+    /// Corresponds to [`get_password`](https://docs.rs/keyring-core/latest/keyring_core/struct.Entry.html#method.get_password) in keyring-rs.
+    pub fn get_string(&self, key: &str) -> Result<String> {
+        Ok(Entry::new(&self.0.config().identifier, key)?.get_password()?)
+    }
+
+    /// Corresponds to [`set_secret`](https://docs.rs/keyring-core/latest/keyring_core/struct.Entry.html#method.set_secret) in keyring-rs.
+    pub fn set_bytes(&self, key: &str, value: &[u8]) -> Result<()> {
+        Ok(Entry::new(&self.0.config().identifier, key)?.set_secret(value)?)
+    }
+
+    /// Corresponds to [`get_secret`](https://docs.rs/keyring-core/latest/keyring_core/struct.Entry.html#method.set_password) in keyring-rs.
+    pub fn get_bytes(&self, key: &str) -> Result<Vec<u8>> {
+        Ok(Entry::new(&self.0.config().identifier, key)?.get_secret()?)
+    }
+}
@@ -0,0 +1,4 @@
+{
+  "extends": "../../tsconfig.base.json",
+  "include": ["guest-js/*.ts"]
+}
@@ -355,10 +355,10 @@
          "markdownDescription": "Denies the stdin_write command without any pre-configured scope."
        },
        {
-          "description": "This permission set configures which\nshell functionality is exposed by default.\n\n#### Granted Permissions\n\nIt allows to use the `open` functionality with a reasonable\nscope pre-configured. It will allow opening `http(s)://`,\n`tel:` and `mailto:` links.\n\n#### This default permission set includes:\n\n- `allow-open`",
+          "description": "This permission set configures which\r\nshell functionality is exposed by default.\r\n\r\n#### Granted Permissions\r\n\r\nIt allows to use the `open` functionality with a reasonable\r\nscope pre-configured. It will allow opening `http(s)://`,\r\n`tel:` and `mailto:` links.\r\n\n#### This default permission set includes:\n\n- `allow-open`",
          "type": "string",
          "const": "default",
-          "markdownDescription": "This permission set configures which\nshell functionality is exposed by default.\n\n#### Granted Permissions\n\nIt allows to use the `open` functionality with a reasonable\nscope pre-configured. It will allow opening `http(s)://`,\n`tel:` and `mailto:` links.\n\n#### This default permission set includes:\n\n- `allow-open`"
+          "markdownDescription": "This permission set configures which\r\nshell functionality is exposed by default.\r\n\r\n#### Granted Permissions\r\n\r\nIt allows to use the `open` functionality with a reasonable\r\nscope pre-configured. It will allow opening `http(s)://`,\r\n`tel:` and `mailto:` links.\r\n\n#### This default permission set includes:\n\n- `allow-open`"
        }
      ]
    }
@@ -17,9 +17,11 @@ pub struct Config {
 #[derive(Debug, PartialEq, Eq, Clone, Deserialize)]
 #[serde(untagged, deny_unknown_fields)]
 #[non_exhaustive]
+#[derive(Default)]
 pub enum ShellAllowlistOpen {
    /// Shell open API allowlist is not defined by the user.
    /// In this case we add the default validation regex (same as [`Self::Flag(true)`]).
+    #[default]
    Unset,
    /// If the shell open API should be enabled.
    ///
@@ -35,9 +37,3 @@ pub enum ShellAllowlistOpen {
    /// that allow flag-like strings to pass validation. e.g. `--enable-debugging`, `-i`, `/R`.
    Validate(String),
 }
-
-impl Default for ShellAllowlistOpen {
-    fn default() -> Self {
-        Self::Unset
-    }
-}
@@ -89,6 +89,8 @@ impl CommandChild {
 /// Describes the result of a process after it has terminated.
 #[derive(Debug)]
 pub struct ExitStatus {
+    // This field is intentionally left private.
+    // See: https://github.com/tauri-apps/plugins-workspace/pull/3115.
    code: Option<i32>,
 }

@@ -9,6 +9,6 @@
  "author": "",
  "license": "MIT",
  "devDependencies": {
-    "@tauri-apps/cli": "2.9.1"
+    "@tauri-apps/cli": "2.9.4"
  }
 }
@@ -343,10 +343,10 @@
          "markdownDescription": "Denies the select command without any pre-configured scope."
        },
        {
-          "description": "### Default Permissions\n\nThis permission set configures what kind of\ndatabase operations are available from the sql plugin.\n\n### Granted Permissions\n\nAll reading related operations are enabled.\nAlso allows to load or close a connection.\n\n\n#### This default permission set includes:\n\n- `allow-close`\n- `allow-load`\n- `allow-select`",
+          "description": "### Default Permissions\r\n\r\nThis permission set configures what kind of\r\ndatabase operations are available from the sql plugin.\r\n\r\n### Granted Permissions\r\n\r\nAll reading related operations are enabled.\r\nAlso allows to load or close a connection.\r\n\r\n\n#### This default permission set includes:\n\n- `allow-close`\n- `allow-load`\n- `allow-select`",
          "type": "string",
          "const": "default",
-          "markdownDescription": "### Default Permissions\n\nThis permission set configures what kind of\ndatabase operations are available from the sql plugin.\n\n### Granted Permissions\n\nAll reading related operations are enabled.\nAlso allows to load or close a connection.\n\n\n#### This default permission set includes:\n\n- `allow-close`\n- `allow-load`\n- `allow-select`"
+          "markdownDescription": "### Default Permissions\r\n\r\nThis permission set configures what kind of\r\ndatabase operations are available from the sql plugin.\r\n\r\n### Granted Permissions\r\n\r\nAll reading related operations are enabled.\r\nAlso allows to load or close a connection.\r\n\r\n\n#### This default permission set includes:\n\n- `allow-close`\n- `allow-load`\n- `allow-select`"
        }
      ]
    }
@@ -8,7 +8,7 @@
    "tauri": "tauri"
  },
  "devDependencies": {
-    "@tauri-apps/cli": "2.9.1",
+    "@tauri-apps/cli": "2.9.4",
    "typescript": "^5.7.3",
    "vite": "^7.0.7"
  }
@@ -1,7 +1,7 @@
 [package]
 name = "tauri-plugin-stronghold"
 version = "2.3.1"
-description = "Store secrets and keys using the IOTA Stronghold secret management engine."
+description = "Deprecated - Store secrets and keys using the IOTA Stronghold secret management engine."
 authors = { workspace = true }
 license = { workspace = true }
 edition = { workspace = true }
@@ -1,5 +1,11 @@
 ![plugin-stronghold](https://github.com/tauri-apps/plugins-workspace/raw/v2/plugins/stronghold/banner.png)

+## Deprecation Notice
+
+This plugin is deprecated and will be removed in line with Tauri's v3 release. The [Secure Storage] plugin is an alternative for most users.
+
+## Stronghold plugin
+
 Store secrets and keys using the [IOTA Stronghold](https://github.com/iotaledger/stronghold.rs) secret management engine.

 | Platform | Supported |
@@ -3,6 +3,8 @@
 // SPDX-License-Identifier: MIT

 //! Store secrets and keys using the [IOTA Stronghold](https://github.com/iotaledger/stronghold.rs) encrypted database and secure runtime.
+//!
+//! Note that this plugin is deprecated and should not be used!

 #![doc(
    html_logo_url = "https://github.com/tauri-apps/tauri/raw/dev/app-icon.png",
@@ -10,6 +10,7 @@ use url::Url;
 /// Install modes for the Windows update.
 #[derive(Debug, PartialEq, Eq, Clone, Deserialize)]
 #[serde(rename_all = "camelCase")]
+#[derive(Default)]
 pub enum WindowsUpdateInstallMode {
    /// Specifies there's a basic UI during the installation process, including a final dialog box at the end.
    BasicUi,
@@ -17,6 +18,7 @@ pub enum WindowsUpdateInstallMode {
    /// Requires admin privileges if the installer does.
    Quiet,
    /// Specifies unattended mode, which means the installation only shows a progress bar.
+    #[default]
    Passive,
 }

@@ -57,12 +59,6 @@ impl Display for WindowsUpdateInstallMode {
    }
 }

-impl Default for WindowsUpdateInstallMode {
-    fn default() -> Self {
-        Self::Passive
-    }
-}
-
 #[derive(Debug, Clone, Deserialize, Default)]
 #[serde(rename_all = "camelCase")]
 pub struct WindowsConfig {
@@ -148,6 +148,7 @@ impl Builder {
        self
    }

+    /// Adds an additional argument to pass to the Windows installer.
    pub fn installer_args<I, S>(mut self, args: I) -> Self
    where
        I: IntoIterator<Item = S>,
@@ -157,6 +158,7 @@ impl Builder {
        self
    }

+    /// Adds multiple additional arguments to pass to the Windows installer.
    pub fn installer_arg<S>(mut self, arg: S) -> Self
    where
        S: Into<OsString>,
@@ -165,6 +167,10 @@ impl Builder {
        self
    }

+    /// Removes all the additional arguments to pass to the Windows installer.
+    ///
+    /// Note: this only removes the additional arguments added through [`Self::installer_args`],
+    /// not the ones managed by us (e.g. `/UPDATER` flag passed to the NSIS installer)
    pub fn clear_installer_args(mut self) -> Self {
        self.installer_args.clear();
        self
@@ -247,6 +247,7 @@ impl UpdaterBuilder {
        self
    }

+    /// Adds an argument to pass to the Windows installer.
    pub fn installer_arg<S>(mut self, arg: S) -> Self
    where
        S: Into<OsString>,
@@ -255,6 +256,7 @@ impl UpdaterBuilder {
        self
    }

+    /// Adds multiple arguments to pass to the Windows installer.
    pub fn installer_args<I, S>(mut self, args: I) -> Self
    where
        I: IntoIterator<Item = S>,
@@ -264,11 +266,18 @@ impl UpdaterBuilder {
        self
    }

+    /// Removes all the additional arguments to pass to the Windows installer.
+    ///
+    /// Note: this only removes the additional arguments added through
+    /// [`Self::installer_arg`], [`crate::Builder::installer_arg`]
+    /// and the `plugins > updater > windows > installerArgs` config,
+    /// not the ones managed by us (e.g. `/UPDATER` flag passed to the NSIS installer)
    pub fn clear_installer_args(mut self) -> Self {
        self.installer_args.clear();
        self
    }

+    /// Function to run before we run the installer and exit the app through `std::process::exit(0)` on Windows
    pub fn on_before_exit<F: Fn() + Send + Sync + 'static>(mut self, f: F) -> Self {
        self.on_before_exit.replace(Arc::new(f));
        self
@@ -278,7 +287,6 @@ impl UpdaterBuilder {
    ///
    /// Note that `reqwest` crate may be updated in minor releases of tauri-plugin-updater.
    /// Therefore it's recommended to pin the plugin to at least a minor version when you're using `configure_client`.
-    ///
    pub fn configure_client<F: Fn(ClientBuilder) -> ClientBuilder + Send + Sync + 'static>(
        mut self,
        f: F,
@@ -60,14 +60,24 @@ fn main() {
 Afterwards all the plugin's APIs are available through the JavaScript guest bindings:

 ```javascript
-import { upload } from '@tauri-apps/plugin-upload'
+import { upload, HttpMethod } from '@tauri-apps/plugin-upload'

+// Upload with default POST method
 upload(
  'https://example.com/file-upload',
  './path/to/my/file.txt',
  (progress, total) => console.log(`Uploaded ${progress} of ${total} bytes`), // a callback that will be called with the upload progress
  { 'Content-Type': 'text/plain' } // optional headers to send with the request
 )
+
+// Upload with specific HTTP method
+upload(
+  'https://example.com/file-upload',
+  './path/to/my/file.txt',
+  (progress, total) => console.log(`Uploaded ${progress} of ${total} bytes`),
+  { 'Content-Type': 'text/plain' },
+  HttpMethod.Put // Use HttpMethod enum - supports POST, PUT, PATCH
+)
 ```

 ```javascript
@@ -1 +1 @@
-if("__TAURI__"in window){var __TAURI_PLUGIN_UPLOAD__=function(t){"use strict";function e(t,e,n,s){if("function"==typeof e?t!==e||!s:!e.has(t))throw new TypeError("Cannot read private member from an object whose class did not declare it");return"m"===n?s:"a"===n?s.call(t):s?s.value:e.get(t)}function n(t,e,n,s,i){if("function"==typeof e||!e.has(t))throw new TypeError("Cannot write private member to an object whose class did not declare it");return e.set(t,n),n}var s,i,o,a;"function"==typeof SuppressedError&&SuppressedError;const r="__TAURI_TO_IPC_KEY__";class _{constructor(t){s.set(this,void 0),i.set(this,0),o.set(this,[]),a.set(this,void 0),n(this,s,t||(()=>{})),this.id=function(t,e=!1){return window.__TAURI_INTERNALS__.transformCallback(t,e)}((t=>{const r=t.index;if("end"in t)return void(r==e(this,i,"f")?this.cleanupCallback():n(this,a,r));const _=t.message;if(r==e(this,i,"f")){for(e(this,s,"f").call(this,_),n(this,i,e(this,i,"f")+1);e(this,i,"f")in e(this,o,"f");){const t=e(this,o,"f")[e(this,i,"f")];e(this,s,"f").call(this,t),delete e(this,o,"f")[e(this,i,"f")],n(this,i,e(this,i,"f")+1)}e(this,i,"f")===e(this,a,"f")&&this.cleanupCallback()}else e(this,o,"f")[r]=_}))}cleanupCallback(){window.__TAURI_INTERNALS__.unregisterCallback(this.id)}set onmessage(t){n(this,s,t)}get onmessage(){return e(this,s,"f")}[(s=new WeakMap,i=new WeakMap,o=new WeakMap,a=new WeakMap,r)](){return`__CHANNEL__:${this.id}`}toJSON(){return this[r]()}}async function c(t,e={},n){return window.__TAURI_INTERNALS__.invoke(t,e,n)}return t.download=async function(t,e,n,s,i){const o=new Uint32Array(1);window.crypto.getRandomValues(o);const a=o[0],r=new _;n&&(r.onmessage=n),await c("plugin:upload|download",{id:a,url:t,filePath:e,headers:s??{},onProgress:r,body:i})},t.upload=async function(t,e,n,s){const i=new Uint32Array(1);window.crypto.getRandomValues(i);const o=i[0],a=new _;return n&&(a.onmessage=n),await c("plugin:upload|upload",{id:o,url:t,filePath:e,headers:s??{},onProgress:a})},t}({});Object.defineProperty(window.__TAURI__,"upload",{value:__TAURI_PLUGIN_UPLOAD__})}
+if("__TAURI__"in window){var __TAURI_PLUGIN_UPLOAD__=function(t){"use strict";function e(t,e,n,s){if("function"==typeof e?t!==e||!s:!e.has(t))throw new TypeError("Cannot read private member from an object whose class did not declare it");return"m"===n?s:"a"===n?s.call(t):s?s.value:e.get(t)}function n(t,e,n,s,i){if("function"==typeof e||!e.has(t))throw new TypeError("Cannot write private member to an object whose class did not declare it");return e.set(t,n),n}var s,i,o,a;"function"==typeof SuppressedError&&SuppressedError;const r="__TAURI_TO_IPC_KEY__";class h{constructor(t){s.set(this,void 0),i.set(this,0),o.set(this,[]),a.set(this,void 0),n(this,s,t||(()=>{})),this.id=function(t,e=!1){return window.__TAURI_INTERNALS__.transformCallback(t,e)}((t=>{const r=t.index;if("end"in t)return void(r==e(this,i,"f")?this.cleanupCallback():n(this,a,r));const h=t.message;if(r==e(this,i,"f")){for(e(this,s,"f").call(this,h),n(this,i,e(this,i,"f")+1);e(this,i,"f")in e(this,o,"f");){const t=e(this,o,"f")[e(this,i,"f")];e(this,s,"f").call(this,t),delete e(this,o,"f")[e(this,i,"f")],n(this,i,e(this,i,"f")+1)}e(this,i,"f")===e(this,a,"f")&&this.cleanupCallback()}else e(this,o,"f")[r]=h}))}cleanupCallback(){window.__TAURI_INTERNALS__.unregisterCallback(this.id)}set onmessage(t){n(this,s,t)}get onmessage(){return e(this,s,"f")}[(s=new WeakMap,i=new WeakMap,o=new WeakMap,a=new WeakMap,r)](){return`__CHANNEL__:${this.id}`}toJSON(){return this[r]()}}async function d(t,e={},n){return window.__TAURI_INTERNALS__.invoke(t,e,n)}var c;return t.HttpMethod=void 0,(c=t.HttpMethod||(t.HttpMethod={})).Post="POST",c.Put="PUT",c.Patch="PATCH",t.download=async function(t,e,n,s,i){const o=new Uint32Array(1);window.crypto.getRandomValues(o);const a=o[0],r=new h;n&&(r.onmessage=n),await d("plugin:upload|download",{id:a,url:t,filePath:e,headers:s??{},onProgress:r,body:i})},t.upload=async function(e,n,s,i,o){const a=new Uint32Array(1);window.crypto.getRandomValues(a);const r=a[0],c=new h;return s&&(c.onmessage=s),await d("plugin:upload|upload",{id:r,url:e,filePath:n,headers:i??{},method:o??t.HttpMethod.Post,onProgress:c})},t}({});Object.defineProperty(window.__TAURI__,"upload",{value:__TAURI_PLUGIN_UPLOAD__})}
@@ -13,11 +13,19 @@ interface ProgressPayload {

 type ProgressHandler = (progress: ProgressPayload) => void

+enum HttpMethod {
+  Post = 'POST',
+  Put = 'PUT',
+  Patch = 'PATCH'
+}
+
 async function upload(
  url: string,
  filePath: string,
  progressHandler?: ProgressHandler,
-  headers?: Map<string, string>
+  // TODO: V3 - Combine headers and methods into one `options` object
+  headers?: Map<string, string>,
+  method?: HttpMethod
 ): Promise<string> {
  const ids = new Uint32Array(1)
  window.crypto.getRandomValues(ids)
@@ -33,6 +41,7 @@ async function upload(
    url,
    filePath,
    headers: headers ?? {},
+    method: method ?? HttpMethod.Post,
    onProgress
  })
 }
@@ -67,4 +76,4 @@ async function download(
  })
 }

-export { download, upload }
+export { download, upload, HttpMethod }
@@ -319,10 +319,10 @@
          "markdownDescription": "Denies the upload command without any pre-configured scope."
        },
        {
-          "description": "This permission set configures what kind of\noperations are available from the upload plugin.\n\n#### Granted Permissions\n\nAll operations are enabled by default.\n\n\n#### This default permission set includes:\n\n- `allow-upload`\n- `allow-download`",
+          "description": "This permission set configures what kind of\r\noperations are available from the upload plugin.\r\n\r\n#### Granted Permissions\r\n\r\nAll operations are enabled by default.\r\n\r\n\n#### This default permission set includes:\n\n- `allow-upload`\n- `allow-download`",
          "type": "string",
          "const": "default",
-          "markdownDescription": "This permission set configures what kind of\noperations are available from the upload plugin.\n\n#### Granted Permissions\n\nAll operations are enabled by default.\n\n\n#### This default permission set includes:\n\n- `allow-upload`\n- `allow-download`"
+          "markdownDescription": "This permission set configures what kind of\r\noperations are available from the upload plugin.\r\n\r\n#### Granted Permissions\r\n\r\nAll operations are enabled by default.\r\n\r\n\n#### This default permission set includes:\n\n- `allow-upload`\n- `allow-download`"
        }
      ]
    }
@@ -15,7 +15,7 @@ mod transfer_stats;
 use transfer_stats::TransferStats;

 use futures_util::TryStreamExt;
-use serde::{ser::Serializer, Serialize};
+use serde::{ser::Serializer, Deserialize, Serialize};
 use tauri::{
    command,
    ipc::Channel,
@@ -32,6 +32,14 @@ use read_progress_stream::ReadProgressStream;

 use std::collections::HashMap;

+#[derive(Debug, Clone, Serialize, Deserialize)]
+#[serde(rename_all = "UPPERCASE")]
+pub enum HttpMethod {
+    Post,
+    Put,
+    Patch,
+}
+
 type Result<T> = std::result::Result<T, Error>;

 #[derive(Debug, thiserror::Error)]
@@ -120,6 +128,7 @@ async fn upload(
    url: String,
    file_path: String,
    headers: HashMap<String, String>,
+    method: Option<HttpMethod>,
    on_progress: Channel<ProgressPayload>,
 ) -> Result<String> {
    tokio::spawn(async move {
@@ -127,12 +136,18 @@ async fn upload(
        let file = File::open(&file_path).await?;
        let file_len = file.metadata().await.unwrap().len();

+        // Get HTTP method (defaults to POST)
+        let http_method = method.unwrap_or(HttpMethod::Post);
+
        // Create the request and attach the file to the body
        let client = reqwest::Client::new();
-        let mut request = client
-            .post(&url)
-            .header(reqwest::header::CONTENT_LENGTH, file_len)
-            .body(file_to_body(on_progress, file, file_len));
+        let mut request = match http_method {
+            HttpMethod::Put => client.put(&url),
+            HttpMethod::Patch => client.patch(&url),
+            HttpMethod::Post => client.post(&url),
+        }
+        .header(reqwest::header::CONTENT_LENGTH, file_len)
+        .body(file_to_body(on_progress, file, file_len));

        // Loop through the headers keys and values
        // and add them to the request object.
@@ -211,8 +226,8 @@ mod tests {

    #[tokio::test]
    async fn should_error_on_upload_if_status_not_success() {
-        let mocked_server = spawn_upload_server_mocked(500).await;
-        let result = upload_file(mocked_server.url).await;
+        let mocked_server = spawn_upload_server_mocked(500, "POST").await;
+        let result = upload_file(mocked_server.url, None).await;
        mocked_server.mocked_endpoint.assert();
        assert!(result.is_err());
        match result.unwrap_err() {
@@ -223,7 +238,7 @@ mod tests {

    #[tokio::test]
    async fn should_error_on_upload_if_file_not_found() {
-        let mocked_server = spawn_upload_server_mocked(200).await;
+        let mocked_server = spawn_upload_server_mocked(200, "POST").await;
        let file_path = "/nonexistent/file.txt".to_string();
        let headers = HashMap::new();
        let sender: Channel<ProgressPayload> =
@@ -232,7 +247,7 @@ mod tests {
                Ok(())
            });

-        let result = upload(mocked_server.url, file_path, headers, sender).await;
+        let result = upload(mocked_server.url, file_path, headers, None, sender).await;
        assert!(result.is_err());
        match result.unwrap_err() {
            Error::Io(_) => {}
@@ -241,9 +256,9 @@ mod tests {
    }

    #[tokio::test]
-    async fn should_upload_file_successfully() {
-        let mocked_server = spawn_upload_server_mocked(200).await;
-        let result = upload_file(mocked_server.url).await;
+    async fn should_upload_file_with_post_method() {
+        let mocked_server = spawn_upload_server_mocked(200, "POST").await;
+        let result = upload_file(mocked_server.url, Some(HttpMethod::Post)).await;
        mocked_server.mocked_endpoint.assert();
        assert!(
            result.is_ok(),
@@ -254,8 +269,36 @@ mod tests {
        assert_eq!(response_body, "upload successful");
    }

+    #[tokio::test]
+    async fn should_upload_file_with_put_method() {
+        let mocked_server = spawn_upload_server_mocked(200, "PUT").await;
+        let result = upload_file(mocked_server.url, Some(HttpMethod::Put)).await;
+        mocked_server.mocked_endpoint.assert();
+        assert!(
+            result.is_ok(),
+            "failed to upload file with PUT: {}",
+            result.unwrap_err()
+        );
+        let response_body = result.unwrap();
+        assert_eq!(response_body, "upload successful");
+    }
+
+    #[tokio::test]
+    async fn should_upload_file_with_patch_method() {
+        let mocked_server = spawn_upload_server_mocked(200, "PATCH").await;
+        let result = upload_file(mocked_server.url, Some(HttpMethod::Patch)).await;
+        mocked_server.mocked_endpoint.assert();
+        assert!(
+            result.is_ok(),
+            "failed to upload file with PATCH: {}",
+            result.unwrap_err()
+        );
+        let response_body = result.unwrap();
+        assert_eq!(response_body, "upload successful");
+    }
+
    async fn download_file(url: String) -> Result<()> {
-        let file_path = concat!(env!("CARGO_MANIFEST_DIR"), "/test/test.txt").to_string();
+        let file_path = concat!(env!("CARGO_MANIFEST_DIR"), "/test/download.txt").to_string();
        let headers = HashMap::new();
        let sender: Channel<ProgressPayload> =
            Channel::new(|msg: InvokeResponseBody| -> tauri::Result<()> {
@@ -265,15 +308,15 @@ mod tests {
        download(url, file_path, headers, None, sender).await
    }

-    async fn upload_file(url: String) -> Result<String> {
-        let file_path = concat!(env!("CARGO_MANIFEST_DIR"), "/test/test.txt").to_string();
+    async fn upload_file(url: String, method: Option<HttpMethod>) -> Result<String> {
+        let file_path = concat!(env!("CARGO_MANIFEST_DIR"), "/test/upload.txt").to_string();
        let headers = HashMap::new();
        let sender: Channel<ProgressPayload> =
            Channel::new(|msg: InvokeResponseBody| -> tauri::Result<()> {
                let _ = msg;
                Ok(())
            });
-        upload(url, file_path, headers, sender).await
+        upload(url, file_path, headers, method, sender).await
    }

    async fn spawn_server_mocked(return_status: usize) -> MockedServer {
@@ -294,11 +337,11 @@ mod tests {
        }
    }

-    async fn spawn_upload_server_mocked(return_status: usize) -> MockedServer {
+    async fn spawn_upload_server_mocked(return_status: usize, method: &str) -> MockedServer {
        let mut _server = Server::new_async().await;
        let path = "/upload_test";
        let mock = _server
-            .mock("POST", path)
+            .mock(method, path)
            .with_status(return_status)
            .with_body("upload successful")
            .match_header("content-length", "20")
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
FabianLars	f85c405b3a	lockfile	2025-11-22 19:50:43 +01:00
FabianLars	ad3212a159	switch to upstream linux backend again	2025-11-22 19:41:40 +01:00
FabianLars	d3e07db4ad	Merge remote-tracking branch 'origin/v2' into plugin/secure-storage	2025-11-22 19:34:38 +01:00
renovate[bot]	1db4b0719d	chore(deps): update dependency typescript-eslint to v8.47.0 (#3117 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-21 10:47:11 +08:00
Andrew de Waal	dff6fa986a	feat(dialog) - Support picker mode for open dialog (#3030 ) (#3034 ) Co-authored-by: Andrew de Waal <andrewldewaal@gmail.com>	2025-11-20 22:28:13 +01:00
Nazar Antoniuk	a4aa53ab90	chore(shell): clarify that the code field in `ExitStatus` is intentionally left private (#3116 ) Co-authored-by: Fabian-Lars <github@fabianlars.de>	2025-11-20 15:33:19 +01:00
liuzhch1	ae278ddf60	fix(log): custom writer to rotate log file when exceeds max_file_size (fix #707 ) (#3110 )	2025-11-20 10:29:17 +01:00
Jacob Bolda	e644f38673	remove token for oidc publishing (#3077 )	2025-11-19 21:52:57 -06:00
Lucas Fernandes Nogueira	8bfa445023	chore(localhost): disable caching (#3112 ) * chore(localhost): disable caching mostly seeing this cache being a problem on CEF - the response is cached so app updates are not reflected properly * fmt	2025-11-19 17:03:32 -03:00
Lucas Nogueira	14fb36e347	chore: remove test logs	2025-11-19 17:00:14 -03:00
Fabian-Lars	5767b848fa	chore: add PR ref in updater changefile Added reference to pull request for clarity on changes.	2025-11-18 12:11:12 +01:00
renovate[bot]	277a45f56c	chore(deps): update dependency rollup to v4.53.2 (#3103 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-18 00:07:40 +08:00
renovate[bot]	8dbe7e3233	chore(deps): update dependency typescript-eslint to v8.46.4 (v2) (#3105 ) * chore(deps): update dependency typescript-eslint to v8.46.4 * Fix audit (bump js-yaml) --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Tony <legendmastertony@gmail.com>	2025-11-17 23:44:02 +08:00
Blaine	c23fa03f07	feat(dialog): add `xdg-portal` as an optional feature for `rfd` (#3098 )	2025-11-17 14:56:02 +01:00
Kingsword	631d0e256a	fix(barcode-scanner): fix the cameraView is not removed after scanning in iOS (#2440 ) Co-authored-by: Fabian-Lars <github@fabianlars.de>	2025-11-16 22:31:30 +01:00
Ben Clarke	b4348cee92	fix(nfc): Resolve boolean in `isAvailable` to agree with TypeScript API (#3101 ) Co-authored-by: Fabian-Lars <github@fabianlars.de>	2025-11-13 20:38:15 +01:00
renovate[bot]	3019063ae1	chore(deps): update dependency rollup to v4.53.1 (#3093 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-12 22:06:11 +08:00
renovate[bot]	944614f46a	chore(deps): update dependency @tauri-apps/cli to v2.9.4 (#3100 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-12 21:15:09 +08:00
Tony	a368cef912	docs(updater): installer args and `on_before_exit` (#3099 ) * docs(updater): installer args and `on_before_exit` * Update plugins/updater/src/updater.rs Co-authored-by: Fabian-Lars <github@fabianlars.de> * Explicitly state there are internal args * s	2025-11-12 20:49:41 +08:00
Fabian-Lars	27790aa67c	chore: fix upload test on macos ci (#3097 )	2025-11-11 22:56:09 +01:00
Matthew Richardson	ad910b1135	feat(upload): Add HTTP method selection for upload (#2991 ) Co-authored-by: Fabian-Lars <github@fabianlars.de>	2025-11-10 21:31:57 +01:00
Fabian-Lars	6b854421a1	docs(localhost): improve readme example, closes #3095	2025-11-10 21:27:39 +01:00
Fabian-Lars	5438a5cd22	chore: apply clippy fixes (#3092 )	2025-11-09 18:43:17 +01:00
Fabian-Lars	5cd7778723	docs(dialog): add/fix doc item links, closes #3089 (#3091 )	2025-11-09 17:07:35 +01:00
renovate[bot]	1a03e9761f	chore(deps): update dependency @tauri-apps/cli to v2.9.3 (#3088 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-08 13:34:05 +08:00
renovate[bot]	1d4bffadda	chore(deps): update eslint monorepo to v9.39.1 (#3086 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-08 12:36:37 +08:00
renovate[bot]	b8794272ae	chore(deps): update dependency typescript-eslint to v8.46.3 (#3083 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-08 12:02:18 +08:00
Michelle Tilley	2a625adff3	feat(log): Allow a log formatter per target (#3065 ) Co-authored-by: Fabian-Lars <github@fabianlars.de>	2025-11-04 15:52:46 +01:00
FabianLars	371cd8227c	chore(deps): update pino to 9.14 to remove fast-redact	2025-11-04 10:00:51 +01:00
renovate[bot]	70ef6f8d3e	chore(deps): update eslint monorepo to v9.39.0 (#3079 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-04 09:54:50 +01:00
renovate[bot]	5f0ac1436f	chore(deps): update dependency @tauri-apps/cli to v2.9.2 (#3078 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-11-02 09:50:14 +08:00
Fabian-Lars	ea172bfa3c	docs(global-shortcut): import Emitter instead of Manager in example	2025-10-29 11:46:16 +01:00
FabianLars	6aead24047	Revert "chore: temp delete updater changefile" This reverts commit `b5550a3b0d`.	2025-10-27 11:43:23 +01:00
FabianLars	403f54b78c	binary -> bytes	2025-10-14 18:36:15 +02:00
FabianLars	28ea4dbadc	format and lockfile	2025-10-14 18:00:19 +02:00
FabianLars	1771c6ed36	Merge remote-tracking branch 'origin/v2' into plugin/secure-storage	2025-10-14 17:52:34 +02:00
FabianLars	f831b003c2	migrate to keyring-core	2025-10-14 17:42:04 +02:00
FabianLars	d1edf783e1	re-enable isolation. fmt. default perms	2025-08-14 14:03:58 +02:00
FabianLars	9804eeef03	hmm idk	2025-08-09 23:10:57 +02:00
FabianLars	829fd23b8e	x	2025-08-09 22:29:33 +02:00
FabianLars	13bbb9cd3d	fmt	2025-08-09 22:28:43 +02:00
FabianLars	9b162b51a6	rmrf	2025-08-09 22:24:59 +02:00
FabianLars	57f0422ae9	edition	2025-08-09 22:14:23 +02:00
FabianLars	581523244f	how bout this	2025-08-09 22:10:32 +02:00
FabianLars	f924ef16e4	clippy	2025-08-07 23:31:46 +02:00
FabianLars	c9babc028a	fmt	2025-08-07 23:27:44 +02:00
FabianLars	fdcc15a5fe	toolchain	2025-08-07 23:18:53 +02:00
Fabian-Lars	53bf0af9dd	Update test-rust.yml	2025-08-07 22:56:55 +02:00
Fabian-Lars	c4665050bb	Delete _target/rust-analyzer/metadata/sysroot/Cargo.lock	2025-08-07 15:38:15 +02:00
Fabian-Lars	6f65edfd72	Delete _target/rust-analyzer/metadata/workspace/Cargo.lock	2025-08-07 15:37:59 +02:00
FabianLars	63f660996f	fmt	2025-08-07 15:28:44 +02:00
FabianLars	8cb053f47c	deprecate stronghold	2025-08-07 15:05:40 +02:00
FabianLars	cac333b076	minimal readme	2025-08-07 14:56:00 +02:00
FabianLars	5ce3e45768	ci	2025-08-07 14:45:25 +02:00
FabianLars	88da3d26ad	add android-keyring	2025-08-07 14:41:43 +02:00
FabianLars	af5500caed	remove execute command permissions	2025-08-07 13:20:53 +02:00
FabianLars	dc55eb51ed	Merge remote-tracking branch 'origin/v2' into plugin/secure-storage	2025-08-07 12:55:43 +02:00
FabianLars	a132d8f3d5	initial rough impl	2025-07-24 00:27:59 +02:00
FabianLars	a7af1a81b7	init	2025-07-23 12:25:45 +02:00
				`@@ -0,0 +1 @@`
				if("__TAURI__"in window){var __TAURI_PLUGIN_SECURE_STORAGE__=function(e){"use strict";async function n(e,n={},r){return window.__TAURI_INTERNALS__.invoke(e,n,r)}return"function"==typeof SuppressedError&&SuppressedError,e.getBinary=async function(e){return await n("plugin:secure-storage\|set_string",{key:e})},e.getString=async function(e){return await n("plugin:secure-storage\|get_string",{key:e})},e.setBinary=async function(e,r){return await n("plugin:secure-storage\|set_binary",{key:e,value:r})},e.setString=async function(e,r){return await n("plugin:secure-storage\|set_string",{key:e,value:r})},e}({});Object.defineProperty(window.__TAURI__,"secureStorage",{value:__TAURI_PLUGIN_SECURE_STORAGE__})}