Tauri - the Electron Alternative - do I have to write any Rust code to use Tauri?
It seems that most of the APIs provided by Tauri are in TS/JS.
Why can't one turn a website into a tauri app the same way one can turn a website into an Electron app with one click?
6 Replies
If you dont plan on a complex main process, its pretty trivial to setup with minimal rust.
however, If ur planning on more complexity and not confident in being able to ship rust, you should be aware of the alternatives:
• NW.js, electron (as mentioned) - has a relatively unrestricted backend (could ship malware). downloads a unique browser instance per app (heavy package, also no maintenance required to keep codebase up to date with latest standard). very insecure (people will dig through you’re code. you can also ship malware)
• PWA - similar in concept to tauri. it uses a shared browser instance and provides many native apis (light weight app). relatively restricted access via api’s (mostly safe), codebase not secure (unsafe). can also target mobile. will have to keep app up-to date to run on browsers
• Tauri, Wails, neutralino, ultralight, socket.sh etc. - utilizes OS default webview (light weight app), relatively unrestricted main process (could ship malware), exposes native api’s for ease of use, most of these compile your code (slightly more secure). some can target mobile with native runtime. will have to keep app up-to date to run on browsers
Tauri is the most developed and most secure of its class. but you should be sure its the right tool, not just picking it cuz its trendy.
in summary:
• code access, unrestricted runtime, heavy
• code access, restricted runtime, light
• compiled code, unrestricted runtime, light
(there are ways to “compile” js/html, but at least for electron, support is marked as deprecated. idk about pwa tho)
Those are all solution that usually assume you plan to codeshare with a live website and don’t plan on wasm.
otherwise, different solutions open up like QT, GTK, Druid, Game Engines etc.
ignoring flutter
It seems that most of the APIs provided by Tauri are in TS/JS.Anything that Tauri provides in JS you can also do in Rust, you just don't always need Tauri's bindings to do them since Rust lets you do anything.
Why can't one turn a website into a tauri app the same way one can turn a website into an Electron app with one click?Because no one has made a one-click website converter yet, but you definitely could do the conversion very easily! Taking a vite-based project for example, the only thing Tauri adds is a
src-tauri folder that does all the Rust stuff. If you don't need backend Rust stuff then you can completely ignore that folder and just keep building your web app.
Tbf tauri init pretty much is a one-click conversion, you just have to fill out some informationhey thanks a lot for the thorough answer!
In this case, what do you mean by "you can ship malware"? Like I can ship a software that hacks people or I can get attacked?
you can hack people. OS’s have permission systems, so its not necessarily trivial. but its not hard either.
eg: “this app uses global hot keys for your convenience”
user may find that reasonable.
what they don’t know is that you are logging everything.
it is harder for a user to validate that tauri is not malware compared to PWA or electron even.
there is an inherent tradeoff here in exposing you’re code vs “hiding” it
the other security issue is redistribution with injected malware. can happen either way. its both easier to do and catch with exposed code
ah i see!
Do you know if there are any downsides of using OS native webview(tauri) instead of chromium(electron)?
I would imagine that Chromium is large for at least some good reason right?
Does Chromium render more consistently?
depending on the platform, tauri may use a chromium based webview (ie windows).
but other OS’s may not (mac and linux).
its not that either one is more consistent than the other, rather that having to target multiple browsers can be inconsistent.
tho you’ll face that issue if you build a website anyway
its a non issue for electron of course as you ship the same version of electron to every target, and you wont have to update you’re app for changing specs.
it all just depends on what you want/need