Multi-platform Development (Tauri) - fluentReports

Doing a security freeze to finally release a "v1.0" at this point seems very, very pre-mature to me after my usage of it. For some very **limited** scope of apps, it is production ready but for the vast majority of apps that you would want to do in Tauri, you can't do them. I never managed to crash any apps that Tauri created! In that the apps actually built using features it supports appear to be production ready however I did have some issues with some simple Tauri JS API code that worked in development but didn't work on a release build... In the multiple days I have played with Tauri, I have easily ran into so many different issues that makes me think it is no where even close to production ready for any real world usage or, as you will see later, very many application types. Everything from virtually a non-existent JS API's (missing many simple things, like you can't even check if a file even exists...) to things like broken flavors (Pure JS & Svelte JS don't even work out of the box, despite them having official flavors for them). However, one of the biggest issue for Tauri is that two of its major claims to fame appears to be false for the majority of developers and instead create some way worse issues for the Tauri team and by extension you the developer. … Unfortunately, the currently distributed Webkit on most distributions has a very nasty bug that makes most Tauri app that needs access to any and all web sites that use CORS, impossible in virtually all situations. So to "fix" this you have to build your own version of Webkit using the latest sources. Which is fairly time consuming and basically means you are forced to distribute using an AppImage so that everything including the new fixed Webkit is bundled in your app. … In addition the current version of Tauri's Webkit on Mac and Linux has issues actually recognizing cookies marked as "Secure". So overall Tauri and Cookies are currently not very friendly with each other at this point. Now granted this only impacts any apps that need remote resources (assuming the CORS issue isn't already blocking you), but it does eliminate a number of apps that people might want to do... This brings up the next issue with Tauri. To try and make the apps really small they are binding to whatever the existing version of WebKit is on Linux & Mac. If you are running a older version of Linux or MacOS, the app won't run because it requires WebKit to be a certain version. This is similar to the Windows issue, you have to be running a certain version of the OS browser component or the app will not work. … You now also have to unfortunately deal with this exact same issue with Tauri too. This is not something Tauri can fix, without replacing the actual engine, meaning they have to ship a large file on one or more platforms. Either they replace the Windows engine with Webkit (probably their easiest solution), or switch to Chromium on Linux and Mac OS. Tauri, you are dealing with effectively TWO completely different targets that act similar until they don't. This alone makes developing on Tauri a much larger job than the other platforms... The final issue with this design is that they are seriously beholden to the Webkit team, the Edge team, Apple, Microsoft, and all the different Linux distributions. They have to hope and pray that first the Webkit team (or Edge team on Windows) fixes any browser issues they find. Then they have to wait patiently for these to actually hit the distribution channel. The supply chain for fixes for Tauri is very deep. A really good example is the CORS issue above, first they had to report it to WebKit team, the WebKit team had to **decide** it was something they **wanted** to fix (and even when to fix it). So now presuming the Webkit team has actually fixed it, then downstream Apple has to ship it for MacOS (which again is hit or miss on when Apple will decide to ship, another sore point for a lot of developers). … So until Ubuntu ships the new WebKit, ALL downstream OS's that are based on Ubuntu has the broken browser that doesn't support CORS properly. Tauri team can't do really anything thing about this. Since you have two different paths for bugs (WebView2 & WebKit) and features they really are fighting an uphill battle. … In my humble opinion, this is the significant Achilles heel of Tauri and I would consider it way more than just a heel -- the ability to get timely fixes out to the developers is completely outside of the Tauri's hands unless they start distributing pre-built webkit builds with the app (which then makes it the exact same footprint as Electron in all factors but using Rust as the back end) Now if you have been following along on how it Tauri binds, what is the other issue you face with this design? What happens when the Edge team or the Webkit team introduces new bugs into the WebView's?