Version: 6.2.0
Purpose: Desktop application wrapper (Tauri 2)
BotApp is the Tauri-based desktop wrapper for General Bots, providing native desktop and mobile capabilities on top of the pure web UI from botui. It extends the web interface with native file system access, system tray functionality, and desktop-specific features while maintaining a clean separation from the pure web UI.
For comprehensive documentation, see docs.pragmatismo.com.br or the BotBook for detailed guides, API references, and tutorials.
botui (pure web) botapp (Tauri wrapper)
βββββββββββββββββββ βββββββββββββββββββββββββββ
β suite/ ββββββββ Loads botui's UI β
β minimal/ β β + injects app-only β
β shared/ β β features via JS β
β β β β
β No Tauri deps β β Tauri + native APIs β
βββββββββββββββββββ βββββββββββββββββββββββββββ
- botui: Pure web UI with zero native dependencies. Works in any browser.
- botapp: Wraps botui with Tauri for desktop/mobile native features.
This separation allows:
- Same UI code for web, desktop, and mobile
- Clean dependency management (web users don't need Tauri)
- App-specific features only in the native app
Native UI (HTML/CSS/JS)
β Tauri IPC (invoke)
Rust #[tauri::command]
β HTTP (reqwest)
botserver API
β
Business Logic + Database
BotApp adds these native capabilities to botui:
- Local File Access: Browse and manage files on your device
- System Tray: Minimize to tray, background operation
- Native Dialogs: File open/save dialogs
- Desktop Notifications: Native OS notifications
- App Settings: Desktop-specific configuration
botapp/
βββ src/
β βββ main.rs # Rust backend, Tauri commands
β βββ lib.rs # Library exports
β βββ desktop/
β βββ mod.rs # Desktop module organization
β βββ drive.rs # File system commands
β βββ tray.rs # System tray functionality
βββ ui/
β βββ app-guides/ # App-specific HTML
βββ js/
β βββ app-extensions.js # JavaScript extensions
βββ icons/ # App icons (all sizes)
βββ tauri.conf.json # Tauri configuration
βββ Cargo.toml
- Rust 1.70+
- Node.js 18+ (for Tauri CLI)
- Tauri CLI:
cargo install tauri-cli
Linux:
sudo apt install libwebkit2gtk-4.1-dev libappindicator3-dev librsvg2-devmacOS:
xcode-select --installWindows:
- Visual Studio Build Tools with C++ workload
- Clone both repositories:
git clone https://github.com/GeneralBots/botui.git
git clone https://github.com/GeneralBots/botapp.git- Start botui's web server (required for dev):
cd botui
cargo run- Run botapp in development mode:
cd botapp
cargo tauri devcargo tauri build --debugcargo tauri buildBinaries will be in target/release/bundle/.
use tauri::command;
#[command]
pub async fn my_command(
window: tauri::Window,
param: String,
) -> Result<MyResponse, String> {
if param.is_empty() || param.len() > 1000 {
return Err("Invalid parameter".into());
}
Ok(MyResponse { /* ... */ })
}
fn main() {
tauri::Builder::default()
.invoke_handler(tauri::generate_handler![
my_command,
])
.run(tauri::generate_context!())
.map_err(|e| format!("error running app: {e}"))?;
}const result = await window.__TAURI__.invoke('my_command', {
param: 'value'
});| Command | Description |
|---|---|
list_files |
List directory contents |
upload_file |
Copy file with progress |
create_folder |
Create new directory |
delete_path |
Delete file or folder |
get_home_dir |
Get user's home directory |
// β WRONG - trusting user path
#[tauri::command]
async fn read_file(path: String) -> Result<String, String> {
std::fs::read_to_string(path).map_err(|e| e.to_string())
}
// β
CORRECT - validate and sandbox paths
#[tauri::command]
async fn read_file(app: tauri::AppHandle, filename: String) -> Result<String, String> {
let safe_name = filename
.chars()
.filter(|c| c.is_alphanumeric() || *c == '.' || *c == '-')
.collect::<String>();
if safe_name.contains("..") {
return Err("Invalid filename".into());
}
let base_dir = app.path().app_data_dir().map_err(|e| e.to_string())?;
let full_path = base_dir.join(&safe_name);
std::fs::read_to_string(full_path).map_err(|e| e.to_string())
}β NEVER trust user input from IPC commands
β NEVER expose filesystem paths to frontend without validation
β NEVER store secrets in plain text or localStorage
β NEVER disable CSP in tauri.conf.json for production
β NEVER use allowlist: all in Tauri configuration
NEVER generate icons with LLM. Use official SVG icons from botui/ui/suite/assets/icons/
Required icon sizes in icons/:
icon.ico # Windows (256x256)
icon.icns # macOS
icon.png # Linux (512x512)
32x32.png
128x128.png
128x128@2x.png
All icons use stroke="currentColor" for CSS theming.
{
"$schema": "https://schema.tauri.app/config/2",
"productName": "General Bots",
"version": "6.2.0",
"identifier": "br.com.pragmatismo.botapp",
"build": {
"devUrl": "http://localhost:3000",
"frontendDist": "../botui/ui/suite"
},
"app": {
"security": {
"csp": "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'"
}
}
}BotApp injects js/app-extensions.js into botui's suite at runtime. This script:
- Detects Tauri environment (
window.__TAURI__) - Injects app-only navigation items into the suite's
.app-grid - Exposes
window.BotAppAPI for native features
Example usage in suite:
if (window.BotApp?.isApp) {
// Running in desktop app
const files = await BotApp.fs.listFiles('/home/user');
await BotApp.notify('Title', 'Native notification!');
}EVERY SINGLE WARNING MUST BE FIXED. NO EXCEPTIONS.
β NEVER use #![allow()] or #[allow()] in source code
β NEVER use _ prefix for unused variables - DELETE or USE them
β NEVER use .unwrap() - use ? or proper error handling
β NEVER use .expect() - use ? or proper error handling
β NEVER use panic!() or unreachable!()
β NEVER use todo!() or unimplemented!()
β NEVER leave unused imports or dead code
β NEVER add comments - code must be self-documenting
// β WRONG
let value = something.unwrap();
// β
CORRECT
let value = something?;
let value = something.ok_or_else(|| Error::NotFound)?;
// Use Self in Impl Blocks
impl MyStruct {
fn new() -> Self { Self { } } // β
Not MyStruct
}
// Derive Eq with PartialEq
#[derive(PartialEq, Eq)] // β
Always both
struct MyStruct { }| Library | Version | Purpose |
|---|---|---|
| tauri | 2 | Desktop framework |
| tauri-plugin-dialog | 2 | File dialogs |
| tauri-plugin-opener | 2 | URL/file opener |
| botlib | workspace | Shared types |
| reqwest | 0.12 | HTTP client |
| tokio | 1.41 | Async runtime |
BotApp follows General Bots' commitment to code quality and safety.
cargo testMiri detects undefined behavior in unsafe code. Useful for testing data structures and parsing logic.
cargo +nightly miri testLimitations: Cannot test I/O, FFI, or full integration tests.
Detects memory errors at runtime:
RUSTFLAGS="-Z sanitizer=address" cargo +nightly testFor mathematically proving critical code properties:
cargo kani --function critical_functionFerrocene is a qualified Rust compiler for safety-critical systems (ISO 26262, IEC 61508).
Should BotApp use Ferrocene?
- For typical desktop deployment: No - standard Rust + testing is sufficient
- Consider Ferrocene if: Deploying in regulated industries (medical, automotive, aerospace)
For most use cases, comprehensive testing with the tools above provides adequate confidence.
For complete documentation, guides, and API references:
- docs.pragmatismo.com.br - Full online documentation
- BotBook - Local comprehensive guide with tutorials and examples
- Testing & Safety Tooling - Complete testing documentation
- ZERO WARNINGS - Every clippy warning must be fixed
- NO ALLOW IN CODE - Never use #[allow()] in source files
- NO DEAD CODE - Delete unused code
- NO UNWRAP/EXPECT - Use ? operator
- Security - Minimal allowlist, validate ALL inputs
- Desktop-only features - Shared logic in botserver
- Tauri APIs - No direct fs access from JS
- Official icons - Use icons from botui/ui/suite/assets/icons/
- Version 6.2.0 - Do not change without approval
AGPL-3.0 - See LICENSE for details.