tauri-plugin-hdiff-update
Tauri 2 plugin for signed and transactional installed-file updates.
The default permission exposes only:
prepare_file_updatelaunch_file_updateprepare_full_updatelaunch_full_update
Preparation verifies the installed source tree, downloads and verifies a directory patch, applies it to staging, and verifies every target file. Launch starts a non-elevated supervisor; after the application exits it invokes the same signed application binary as a constrained elevated worker. The worker commits managed paths with a journal and rollback backup.
Both directory patches and the official Tauri full installer are prepared in an application-owned disk cache. A verified prepared update is reused instead of downloaded again. When the application starts with a pending update, the bootstrap applies it before the normal UI starts. Full installers are verified with the official updater resource and compiled Minisign public key before they become launchable.
The consuming application must call maybe_run_file_update_helper before Tauri
startup, pass the same compile-time configuration to init(config), and call
confirm_file_update_startup after setup succeeds. The trusted public-key ring,
application id, current version, updater public key, main executable, managed
paths, and bundled hpatchz path never come from frontend arguments.
See the repository README and commercial directory update specification for the complete integration contract.