does tauri has such info: context: Have you considered Tauri apps? Electron apps are always 500mb because they ember chrome. Tauri is like Bun Is to NPM. Faster, Better, Stronger. And apps are super tiny, 10mb+++ Because they use native browser engines. TBH. Having used Tauri for a week now. Super impressed. It also has auto updates, so i recon its possible to pipe into somehow? Or just check app version with release tag in github or smth. Might be worth looking into. Curious, how do you know if electron apps are outdated or not?
UpvoteReply Report Share 6h ago Jared Mariash Updatest Maker @conduit_design ooo interesting!
I'll take a look at what Tauri exposes, if there's a way for Updatest to see the updates for them then it's an easy inclusion!
For your question: Curious, how do you know if electron apps are outdated or not?
Same way we check for any other app updates! The apps themselves have information internally that Updatest can check to see if an update exists in some fashion, and then uses Updatest's own version comparison logic to detect if said update exists!
Yes, Tauri has robust auto-update functionality and exposes version information that could potentially be accessed by external tools like Updatest.
Tauri provides JavaScript APIs to retrieve app version details:1
getVersion()— Returns the application version as a stringgetTauriVersion()— Returns the Tauri framework version used by the app
These are available via @tauri-apps/api/app and have been part of Tauri since version 1.0.0.2
Tauri has an official tauri-plugin-updater that enables in-app updates. The updater works in two modes:34
- Dynamic update server — Checks a server endpoint for update instructions
- Static JSON file — Uses a
latest.jsonfile hosted on services like S3 or GitHub Gists
The update flow involves checking a manifest file for the latest version, downloading signed binaries, verifying signatures, and restarting the app.5
When configured, a Tauri app can:65
- Ping a
latest.jsonfile on startup or via user action - Compare the remote version against the current app version
- Download and install the update if a newer version exists
- Automatically relaunch the updated app
All updates must be cryptographically signed—Tauri does not allow disabling signature verification.3
For Updatest to detect Tauri app updates, it would likely need to either read the app's internal version from the Tauri configuration or access the same update manifest (latest.json) that the app uses. Since Tauri apps store version info in tauri.conf.json and can expose it via APIs, there's a clear path for external tools to check versions and compare against release sources like GitHub.5
789101112131415
for this product. would it be plausible to add tauri: https://www.producthunt.com/products/updatest https://updatest.app/?ref=producthunt
Yes, adding Tauri support to Updatest appears quite plausible based on how the app currently works and Tauri's architecture.
Updatest is a macOS app that detects and manages updates by integrating with multiple frameworks :
- Homebrew (casks and formulae)
- Mac App Store
- Sparkle (common macOS update framework)
- Electron apps
- GitHub Releases
It reads version information internally from apps and uses its own comparison logic to detect available updates .
Tauri shares similarities with frameworks Updatest already supports:
| Aspect | Electron (Supported) | Tauri |
|---|---|---|
| Version storage | package.json |
tauri.conf.json |
| Update mechanism | Various (Squirrel, etc.) | tauri-plugin-updater |
| GitHub Releases | Common | Common |
| Update manifest | Varies | latest.json |
Since Updatest already handles Electron and GitHub Releases, supporting Tauri would be a natural extension . Tauri apps:
- Store version info in a predictable location (
tauri.conf.json) - Often publish updates via GitHub Releases
- Use a standardized
latest.jsonmanifest format
For Updatest to support Tauri, it would need to:
- Detect Tauri apps — Identify the Tauri-specific bundle structure on macOS
- Read current version — Parse the app's embedded version info
- Check for updates — Query the app's
latest.jsonendpoint or GitHub Releases
Given that the maker (Jared) mentioned he'd look into what Tauri exposes, this seems like a reasonable addition—especially since many Tauri developers already use GitHub Releases, which Updatest supports .
but can we access the tauri end point for releases? from terminal etc? only having access to the app. not the source code etc?
This is a key challenge. Unlike Electron apps where configuration files are often readable in the app bundle, Tauri compiles configuration into the binary, making endpoint extraction difficult.
On a compiled macOS Tauri app, you can typically access:
| Data | Location | Accessible? |
|---|---|---|
| App version | Info.plist in app bundle |
✅ Yes |
| Tauri version | Embedded in binary | |
| Update endpoint URL | Compiled into binary | ❌ Not easily |
The tauri.conf.json file is used at build time and its contents get compiled directly into the Rust binary. Unlike Electron's resources folder with readable JSON files, Tauri doesn't leave the configuration as a separate accessible file.1617
The update endpoints array (where the app checks for updates) is defined in the config and then baked into the compiled application:1819
"endpoints": ["https://releases.myapp.com/{{target}}/{{current_version}}"]This URL isn't stored as plain text in an easily parseable location—it's part of the compiled Rust code.20
- String extraction from binary — The endpoint URL might be recoverable via
stringscommand on the binary, but this is unreliable and fragile - GitHub Releases fallback — If the app's bundle identifier or name maps to a known GitHub repo, Updatest could check GitHub Releases directly (many Tauri apps use
https://github.com/{org}/{repo}/releases/latest/download/latest.json)21 - Known app database — Maintain a list of popular Tauri apps with their known update endpoints
So while version detection is feasible (via Info.plist), automatically discovering the update endpoint from just the installed app would be significantly harder than with Electron.18
222324252627282930
Unfortunately, no—it's not common for bundle identifiers to directly map to GitHub repositories. Here's why:
Tauri (and macOS generally) uses reverse domain name notation for bundle identifiers:3132
- Format:
com.company.appnameorio.developer.appname - Examples:
com.tauri.dev,io.solidtime.desktop
Developers don't even need to own the domain they use—it's just a uniqueness convention. There's no enforced link to source code hosting.33
| What developers use | Example | Maps to GitHub? |
|---|---|---|
| Company domain | com.mycompany.myapp |
❌ No |
| Personal domain | io.johndoe.coolapp |
❌ No |
| Generic placeholder | dev.tauri.appname |
❌ No |
| GitHub-style (rare) | com.github.user.repo |
✅ Possibly |
Most developers choose identifiers based on their website or company, not their GitHub organization.3433
To reliably find GitHub repos for Tauri apps, you'd likely need:
- A curated database — Manually map popular apps to their GitHub repos
- Heuristics — Search GitHub for the app name and look for Tauri projects with matching versions
- Metadata in the binary — Some apps embed repository URLs in their About dialogs or binary strings, but this isn't standardized
The GitHub Releases approach would work well for known open-source Tauri apps, but there's no automatic way to discover the repo URL from just the bundle identifier. This makes Tauri harder to support generically compared to frameworks where update endpoints are stored in readable config files.33 3536373839404142434445
are you sure about all this. is there any info in tauri community? there must be someone complaining about this to add some terminal calls that reveal such info etc?
You're right to push back—there's more nuance here. The Tauri team actually acknowledges this gap and has plans to address it.
The Tauri team explicitly recognizes this limitation in their security documentation :
"To allow pentesters, auditors and automated security checks to do their job properly it is very valuable to provide insight even from compiled binaries... Another often overlooked point is that providing inbuilt metadata empowers users of your application to audit their systems for known vulnerabilities at scale."
They state: "We are planning to provide such tooling or make it easier to extract assets" when compiling Tauri apps with certain features .
Right now, the situation is:
- No simple tooling exists to extract metadata from compiled Tauri apps
- Blog posts describe manual extraction processes, but it's not straightforward
- The team mentions
cargo-auditablefor Rust SBOMs but nothing equivalent for the full app config
The community has raised related concerns, particularly around update endpoints. For example, developers wanting private GitHub releases have had to build proxy servers because Tauri's update system expects specific endpoint configurations compiled into the binary.46
So my earlier answer was partially correct but incomplete:
- ✅ The endpoint URL is compiled into the binary (true)
- ✅ No easy CLI tool currently exists to extract it (true)
⚠️ But the Tauri team considers this a valid use case they plan to support⚠️ And binary string extraction might work since URLs are often stored as plain text
Worth raising this directly with the Tauri community on Discord or GitHub—they seem receptive to improving metadata accessibility . 474849505152535455565758596061
Footnotes
-
https://v2.tauri.app/reference/javascript/api/namespaceapp/ ↩
-
https://stackoverflow.com/questions/77768927/how-do-you-get-the-app-version-in-tauri-on-the-rust-side ↩
-
https://docs.crabnebula.dev/cloud/guides/auto-updates-tauri/ ↩
-
https://docs.crabnebula.dev/cloud/guides/auto-updates-tauri/ ↩
-
https://tauri.by.simon.hyll.nu/concepts/tauri/bundle_identifier/ ↩ ↩2 ↩3
-
https://gist.github.com/pixelomer/09f841838fc5af9c935f18aaca36c253 ↩
-
https://www.reddit.com/r/tauri/comments/1gzntp6/applications_developed_with_tauri_open_source/ ↩
-
https://v2.tauri.app/reference/javascript/api/namespacepath/ ↩
I'll now generate a comprehensive research report based on my extensive investigation into Tauri's update detection capabilities and feasibility for integration with Updatest.
Tauri Update Detection Feasibility for Updatest: Comprehensive Technical Analysis
Executive Summary
This report assesses the technical feasibility of adding Tauri framework support to Updatest, a macOS application that consolidates update management across multiple sources (Homebrew, Mac App Store, Sparkle, Electron, and GitHub Releases). The analysis reveals substantial architectural differences between Tauri and supported frameworks, creating unique challenges for automated update detection.
Key Findings:
Version Detection: Fully feasible via standard macOS
Info.plistfiles[v2.tauri]Update Endpoint Discovery: Technically challenging due to Tauri's compiled configuration architecture[v2.tauri]
Recommended Approach: Hybrid implementation combining
Info.plistparsing, curated app database, and optional experimental featuresTimeline Impact: Tauri 2.0 stable release (October 2024) increases ecosystem maturity and relevance[v2.tauri]
1. Understanding Tauri's Architecture
1.1 What is Tauri?
Tauri is a lightweight alternative to Electron for building cross-platform desktop applications, achieving approximately 58% less memory usage and 96% smaller bundle sizes compared to Electron. Released as stable v2.0 in October 2024, Tauri has gained adoption among approximately 90 companies including Cloudflare, ABBYY, and Cboe Global Markets.[gethopp]
Core Architectural Differences:
1.2 Version Information Architecture
Tauri applications store version information in two phases:[v2.tauri]
Build Time (Development):
Runtime (Deployed macOS App):
Critical Insight: The
tauri.conf.jsonfile exists only during development. At build time, its contents are compiled directly into the Rust binary, leavingInfo.plistas the only easily accessible version metadata in deployed applications.[stackoverflow]2. Tauri Update Mechanism Deep Dive
2.1 Official Updater Plugin Architecture
Tauri provides
tauri-plugin-updaterwith two operational modes:[v2.tauri]Mode 1: Dynamic Update Server
Endpoint queries include dynamic variables:
{{current_version}},{{target}},{{arch}}Server responds with version comparison logic
Enables sophisticated staged rollouts and A/B testing
Mode 2: Static JSON File
Standard approach using
latest.jsonmanifestCommonly hosted on GitHub Releases, S3, or GitHub Gists[ratulmaharaj]
JSON structure:
2.2 Update Endpoint Configuration
Configuration in
tauri.conf.json:The Core Challenge: This configuration, including the crucial
endpointsarray, gets compiled into the application binary and is not stored in an easily parseable location in the deployed.appbundle.[stackoverflow]Tauri Update Detection Feasibility for Updatest: Comprehensive Technical Analysis
Executive Summary
This report assesses the technical feasibility of adding Tauri framework support to Updatest, a macOS application that consolidates update management across multiple sources (Homebrew, Mac App Store, Sparkle, Electron, and GitHub Releases). The analysis reveals substantial architectural differences between Tauri and supported frameworks, creating unique challenges for automated update detection.
Key Findings:
Info.plistfiles [v2.tauri](https://v2.tauri.app/reference/config/)Info.plistparsing, curated app database, and optional experimental features1. Understanding Tauri's Architecture
1.1 What is Tauri?
Tauri is a lightweight alternative to Electron for building cross-platform desktop applications, achieving approximately 58% less memory usage and 96% smaller bundle sizes compared to Electron. Released as stable v2.0 in October 2024, Tauri has gained adoption among approximately 90 companies including Cloudflare, ABBYY, and Cboe Global Markets. [gethopp](https://www.gethopp.app/blog/tauri-vs-electron)
Core Architectural Differences:
package.json(readable text file in app bundle)tauri.conf.json(compiled into Rust binary at build time)tauri-plugin-updater(standardized plugin)package.json+Info.plist(macOS)Info.plist(macOS), derived fromtauri.conf.json1.2 Version Information Architecture
Tauri applications store version information in two phases: [v2.tauri](https://v2.tauri.app/reference/config/)
Build Time (Development):
Runtime (Deployed macOS App):
Critical Insight: The
tauri.conf.jsonfile exists only during development. At build time, its contents are compiled directly into the Rust binary, leavingInfo.plistas the only easily accessible version metadata in deployed applications. [stackoverflow](https://stackoverflow.com/questions/77768927/how-do-you-get-the-app-version-in-tauri-on-the-rust-side)2. Tauri Update Mechanism Deep Dive
2.1 Official Updater Plugin Architecture
Tauri provides
tauri-plugin-updaterwith two operational modes: [v2.tauri](https://v2.tauri.app/plugin/updater/)Mode 1: Dynamic Update Server
{{current_version}},{{target}},{{arch}}Mode 2: Static JSON File
latest.jsonmanifest{ "version": "1.2.4", "notes": "Release notes", "pub_date": "2024-01-15T10:00:00Z", "platforms": { "darwin-aarch64": { "signature": "...", "url": "https://github.com/org/repo/releases/download/v1.2.4/app-aarch64.app.tar.gz" } } }2.2 Update Endpoint Configuration
Configuration in
tauri.conf.json:{ "plugins": { "updater": { "active": true, "endpoints": [ "https://releases.myapp.com/{{target}}/{{current_version}}", "https://github.com/org/repo/releases/latest/download/latest.json" ], "pubkey": "dW50cnVzdGVkIGNvbW1lbnQ6IG1pbmlzaWdu...", "windows": { "installMode": "passive" } } } }The Core Challenge: This configuration, including the crucial
endpointsarray, gets compiled into the application binary and is not stored in an easily parseable location in the deployed.appbundle. [stackoverflow](https://stackoverflow.com/questions/78232925/access-bundleidentifier-value-from-src-tauri-tauri-conf-json-in-app)