Struct VictauriBuilder

Source

pub struct VictauriBuilder { /* private fields */ }

Expand description

Builder for configuring the Victauri plugin before adding it to a Tauri app.

Supports port selection, authentication, privacy controls, output redaction, and capacity tuning. All settings have sensible defaults and can be overridden via environment variables.

Authentication is disabled by default for zero-friction local development. The server binds to 127.0.0.1 only and the entire plugin is #[cfg(debug_assertions)]. Call auth_token() to set an explicit token, auth_enabled() to auto-generate one, or set the VICTAURI_AUTH_TOKEN environment variable.

Implementations§

Source §

impl VictauriBuilder

Source

pub fn new() -> Self

Create a new builder with default settings.

Source

pub fn port(self, port: u16) -> Self

Set the TCP port for the MCP server (default: 7373, env: VICTAURI_PORT).

Source

pub fn event_capacity(self, capacity: usize) -> Self

Set the maximum number of events in the ring-buffer log (default: 10,000).

Source

pub fn recorder_capacity(self, capacity: usize) -> Self

Set the maximum events kept during session recording (default: 50,000).

Source

pub fn eval_timeout(self, timeout: Duration) -> Self

Set the timeout for JavaScript eval operations (default: 30s, env: VICTAURI_EVAL_TIMEOUT).

Source

pub fn auth_token(self, token: impl Into<String>) -> Self

Set an explicit auth token for the MCP server (env: VICTAURI_AUTH_TOKEN).

Setting a token implicitly enables authentication.

Source

pub fn auth_enabled(self) -> Self

Enable authentication with an auto-generated UUID v4 token.

The token is printed to the log on startup and written to the discovery directory (<temp>/victauri/<pid>/token) for client auto-discovery.

Authentication is disabled by default because the MCP server binds to 127.0.0.1 only and the plugin is #[cfg(debug_assertions)]-gated. Enable auth for shared machines or CI environments where multiple users may access the same host.

Source

pub fn generate_auth_token(self) -> Self

Generate a random UUID v4 auth token (alias for auth_enabled).

Source

pub fn auth_disabled(self) -> Self

No-op — authentication is already disabled by default since v0.4.0.

Kept for backwards compatibility. Previously, auth was enabled by default and this method was needed to opt out. Now auth is off by default and auth_enabled() or auth_token() turn it on.

Source

pub fn disable_tools(self, tools: &[&str]) -> Self

Disable specific MCP tools by name (e.g., ["eval_js", "screenshot"]).

Source

pub fn command_allowlist(self, commands: &[&str]) -> Self

Only allow these Tauri commands to be invoked via MCP (positive allowlist).

Source

pub fn command_blocklist(self, commands: &[&str]) -> Self

Block specific Tauri commands from being invoked via MCP.

Source

pub fn add_redaction_pattern(self, pattern: impl Into<String>) -> Self

Add a regex pattern for output redaction (e.g., r"SECRET_\w+").

Source

pub fn enable_redaction(self) -> Self

Enable output redaction with built-in patterns (API keys, emails, tokens).

Source

pub fn strict_privacy_mode(self) -> Self

Enable strict privacy mode (equivalent to PrivacyProfile::Observe).

Disables all mutation tools (eval_js, screenshot, interactions, input, storage writes, navigation, CSS injection) and enables output redaction.

Prefer privacy_profile() for finer control.

Source

pub fn privacy_profile(self, profile: PrivacyProfile) -> Self

Set the privacy profile tier.

Observe — read-only (snapshots, logs, registry)
Test — observe + interactions + input + storage writes + recording
FullControl — everything (default)

Profiles automatically enable redaction for Observe and Test. Use disable_tools() to apply overrides on top of a profile.

Source

pub fn console_log_capacity(self, capacity: usize) -> Self

Set the maximum console log entries kept in the JS bridge (default: 1000).

Source

pub fn network_log_capacity(self, capacity: usize) -> Self

Set the maximum network log entries kept in the JS bridge (default: 1000).

Source

pub fn navigation_log_capacity(self, capacity: usize) -> Self

Set the maximum navigation log entries kept in the JS bridge (default: 200).

Source

pub fn commands(self, schemas: &[CommandInfo]) -> Self

Pre-register command schemas so get_registry, resolve_command, and detect_ghost_commands return real results from the moment the server starts.

Pass the __schema() functions generated by #[inspectable].

VictauriBuilder::new()
    .commands(&[
        greet__schema(),
        increment__schema(),
        add_todo__schema(),
    ])
    .build()

Source

pub fn register_command_names(self, names: &[&str]) -> Self

Register command names without full schemas.

Use this when your commands are decorated with #[tauri::command] but not #[inspectable]. Ghost detection will recognize these commands as registered, eliminating false positives.

VictauriBuilder::new()
    .register_command_names(&[
        "get_settings",
        "save_settings",
        "run_analysis",
    ])
    .build()

Source

pub fn auto_discover(self) -> Self

Auto-discover all #[inspectable] commands in the binary.

Uses inventory to collect every command marked with #[inspectable] at link time — no manual listing required. This replaces both .commands(&[...]) and register_commands!().

tauri::Builder::default()
    .plugin(
        VictauriBuilder::new()
            .auto_discover()
            .build()
            .unwrap(),
    )

Source

pub fn allow_file_navigation(self) -> Self

Allow file: URLs in the navigate tool’s go_to action.

By default, only http and https schemes are permitted. Calling this method opts in to file: navigation, which grants the MCP client access to local filesystem paths via the webview.

Warning: Enabling this in untrusted environments exposes local files to any process that can reach the MCP server.

Source