Migrate schemars to 1.x

Cargo.toml

@@ -65,10 +65,8 @@ lto = true
 incremental = false
 opt-level = "s"
 
-# Temporary patch to schemars to preserve newlines in docstrings for our reference docs schemas
-# See https://github.com/GREsau/schemars/issues/120 for reference
 [patch.crates-io]
-schemars_derive = { git = 'https://github.com/tauri-apps/schemars.git', branch = 'feat/preserve-description-newlines' }
+# These are for the plugins used in the examples to use the newer APIs that are in this repo
 tauri = { path = "./crates/tauri" }
 tauri-plugin = { path = "./crates/tauri-plugin" }
 tauri-utils = { path = "./crates/tauri-utils" }

crates/tauri-build/Cargo.toml

@@ -44,8 +44,7 @@ semver = "1"
 dirs = "6"
 glob = "0.3"
 toml = "0.9"
-# Our code requires at least 0.8.21 so don't simplify this to 0.8
-schemars = { version = "0.8.21", features = ["preserve_order"] }
+schemars = { version = "1", features = ["preserve_order"] }
 
 [features]
 default = ["config-json"]

crates/tauri-plugin/Cargo.toml

@@ -36,8 +36,7 @@ tauri-utils = { version = "2.7.0", default-features = false, features = [
 serde_json = { version = "1", optional = true }
 glob = { version = "0.3", optional = true }
 toml = { version = "0.9", optional = true }
-# Our code requires at least 0.8.21 so don't simplify this to 0.8
-schemars = { version = "0.8.21", features = ["preserve_order"] }
+schemars = { version = "1", features = ["preserve_order"] }
 walkdir = { version = "2", optional = true }
 
 [target."cfg(target_os = \"macos\")".dependencies]

crates/tauri-plugin/src/build/mod.rs

@@ -35,7 +35,7 @@ pub fn plugin_config<T: DeserializeOwned>(name: &str) -> Option<T> {
 
 pub struct Builder<'a> {
   commands: &'a [&'static str],
-  global_scope_schema: Option<schemars::schema::RootSchema>,
+  global_scope_schema: Option<schemars::Schema>,
   global_api_script_path: Option<PathBuf>,
   android_path: Option<PathBuf>,
   ios_path: Option<PathBuf>,
@@ -53,7 +53,7 @@ impl<'a> Builder<'a> {
   }
 
   /// Sets the global scope JSON schema.
-  pub fn global_scope_schema(mut self, schema: schemars::schema::RootSchema) -> Self {
+  pub fn global_scope_schema(mut self, schema: schemars::Schema) -> Self {
     self.global_scope_schema.replace(schema);
     self
   }

crates/tauri-schema-generator/Cargo.toml

@@ -6,7 +6,7 @@ publish = false
 
 [build-dependencies]
 tauri-utils = { features = ["schema"], path = "../tauri-utils" }
-schemars = { version = "0.8.21", features = ["url", "preserve_order"] }
+schemars = { version = "1", features = ["url2", "preserve_order"] }
 serde = { version = "1", features = ["derive"] }
 serde_json = "1"
 url = { version = "2", features = ["serde"] }

crates/tauri-schema-generator/build.rs

@@ -13,7 +13,11 @@ use tauri_utils::{
 
 macro_rules! schema {
   ($name:literal, $path:ty) => {
-    (concat!($name, ".schema.json"), schemars::schema_for!($path))
+    (
+      concat!($name, ".schema.json"),
+      schemars::SchemaGenerator::new(schemars::generate::SchemaSettings::draft07())
+        .into_root_schema_for::<$path>(),
+    )
   };
 }
 
@@ -46,8 +50,10 @@ pub fn main() -> Result<(), Box<dyn Error>> {
 
     // set id for generated schema
     let (filename, mut config_schema) = schema!("config", Config);
-    let schema_metadata = config_schema.schema.metadata.as_mut().unwrap();
-    schema_metadata.id = Some(format!("https://schema.tauri.app/config/{tauri_ver}"));
+    config_schema.insert(
+      "$id".to_owned(),
+      format!("https://schema.tauri.app/config/{tauri_ver}").into(),
+    );
 
     let config_schema = serde_json::to_string_pretty(&config_schema)?;
     write_if_changed(schemas_dir.join(filename), &config_schema)?;

crates/tauri-schema-generator/schemas/capability.schema.json

@@ -1,24 +1,20 @@
 {
   "$schema": "http://json-schema.org/draft-07/schema#",
   "title": "Capability",
-  "description": "A grouping and boundary mechanism developers can use to isolate access to the IPC layer.\n\n It controls application windows' and webviews' fine grained access\n to the Tauri core, application, or plugin commands.\n If a webview or its window is not matching any capability then it has no access to the IPC layer at all.\n\n This can be done to create groups of windows, based on their required system access, which can reduce\n impact of frontend vulnerabilities in less privileged windows.\n Windows can be added to a capability by exact name (e.g. `main-window`) or glob patterns like `*` or `admin-*`.\n A Window can have none, one, or multiple associated capabilities.\n\n ## Example\n\n ```json\n {\n   \"identifier\": \"main-user-files-write\",\n   \"description\": \"This capability allows the `main` window on macOS and Windows access to `filesystem` write related commands and `dialog` commands to enable programmatic access to files selected by the user.\",\n   \"windows\": [\n     \"main\"\n   ],\n   \"permissions\": [\n     \"core:default\",\n     \"dialog:open\",\n     {\n       \"identifier\": \"fs:allow-write-text-file\",\n       \"allow\": [{ \"path\": \"$HOME/test.txt\" }]\n     },\n   ],\n   \"platforms\": [\"macOS\",\"windows\"]\n }\n ```",
+  "description": "A grouping and boundary mechanism developers can use to isolate access to the IPC layer.\n\nIt controls application windows' and webviews' fine grained access\nto the Tauri core, application, or plugin commands.\nIf a webview or its window is not matching any capability then it has no access to the IPC layer at all.\n\nThis can be done to create groups of windows, based on their required system access, which can reduce\nimpact of frontend vulnerabilities in less privileged windows.\nWindows can be added to a capability by exact name (e.g. `main-window`) or glob patterns like `*` or `admin-*`.\nA Window can have none, one, or multiple associated capabilities.\n\n## Example\n\n```json\n{\n  \"identifier\": \"main-user-files-write\",\n  \"description\": \"This capability allows the `main` window on macOS and Windows access to `filesystem` write related commands and `dialog` commands to enable programmatic access to files selected by the user.\",\n  \"windows\": [\n    \"main\"\n  ],\n  \"permissions\": [\n    \"core:default\",\n    \"dialog:open\",\n    {\n      \"identifier\": \"fs:allow-write-text-file\",\n      \"allow\": [{ \"path\": \"$HOME/test.txt\" }]\n    },\n  ],\n  \"platforms\": [\"macOS\",\"windows\"]\n}\n```",
   "type": "object",
-  "required": [
-    "identifier",
-    "permissions"
-  ],
   "properties": {
-    "identifier": {
-      "description": "Identifier of the capability.\n\n ## Example\n\n `main-user-files-write`",
-      "type": "string"
-    },
     "description": {
-      "description": "Description of what the capability is intended to allow on associated windows.\n\n It should contain a description of what the grouped permissions should allow.\n\n ## Example\n\n This capability allows the `main` window access to `filesystem` write related\n commands and `dialog` commands to enable programmatic access to files selected by the user.",
-      "default": "",
+      "description": "Description of what the capability is intended to allow on associated windows.\n\nIt should contain a description of what the grouped permissions should allow.\n\n## Example\n\nThis capability allows the `main` window access to `filesystem` write related\ncommands and `dialog` commands to enable programmatic access to files selected by the user.",
+      "type": "string",
+      "default": ""
+    },
+    "identifier": {
+      "description": "Identifier of the capability.\n\n## Example\n\n`main-user-files-write`",
       "type": "string"
     },
     "remote": {
-      "description": "Configure remote URLs that can use the capability permissions.\n\n This setting is optional and defaults to not being set, as our\n default use case is that the content is served from our local application.\n\n :::caution\n Make sure you understand the security implications of providing remote\n sources with local system access.\n :::\n\n ## Example\n\n ```json\n {\n   \"urls\": [\"https://*.mydomain.dev\"]\n }\n ```",
+      "description": "Configure remote URLs that can use the capability permissions.\n\nThis setting is optional and defaults to not being set, as our\ndefault use case is that the content is served from our local application.\n\n:::caution\nMake sure you understand the security implications of providing remote\nsources with local system access.\n:::\n\n## Example\n\n```json\n{\n  \"urls\": [\"https://*.mydomain.dev\"]\n}\n```",
       "anyOf": [
         {
           "$ref": "#/definitions/CapabilityRemote"
@@ -30,33 +26,33 @@
     },
     "local": {
       "description": "Whether this capability is enabled for local app URLs or not. Defaults to `true`.",
-      "default": true,
-      "type": "boolean"
+      "type": "boolean",
+      "default": true
     },
     "windows": {
-      "description": "List of windows that are affected by this capability. Can be a glob pattern.\n\n If a window label matches any of the patterns in this list,\n the capability will be enabled on all the webviews of that window,\n regardless of the value of [`Self::webviews`].\n\n On multiwebview windows, prefer specifying [`Self::webviews`] and omitting [`Self::windows`]\n for a fine grained access control.\n\n ## Example\n\n `[\"main\"]`",
+      "description": "List of windows that are affected by this capability. Can be a glob pattern.\n\nIf a window label matches any of the patterns in this list,\nthe capability will be enabled on all the webviews of that window,\nregardless of the value of [`Self::webviews`].\n\nOn multiwebview windows, prefer specifying [`Self::webviews`] and omitting [`Self::windows`]\nfor a fine grained access control.\n\n## Example\n\n`[\"main\"]`",
       "type": "array",
       "items": {
         "type": "string"
       }
     },
     "webviews": {
-      "description": "List of webviews that are affected by this capability. Can be a glob pattern.\n\n The capability will be enabled on all the webviews\n whose label matches any of the patterns in this list,\n regardless of whether the webview's window label matches a pattern in [`Self::windows`].\n\n ## Example\n\n `[\"sub-webview-one\", \"sub-webview-two\"]`",
+      "description": "List of webviews that are affected by this capability. Can be a glob pattern.\n\nThe capability will be enabled on all the webviews\nwhose label matches any of the patterns in this list,\nregardless of whether the webview's window label matches a pattern in [`Self::windows`].\n\n## Example\n\n`[\"sub-webview-one\", \"sub-webview-two\"]`",
       "type": "array",
       "items": {
         "type": "string"
       }
     },
     "permissions": {
-      "description": "List of permissions attached to this capability.\n\n Must include the plugin name as prefix in the form of `${plugin-name}:${permission-name}`.\n For commands directly implemented in the application itself only `${permission-name}`\n is required.\n\n ## Example\n\n ```json\n [\n   \"core:default\",\n   \"shell:allow-open\",\n   \"dialog:open\",\n   {\n     \"identifier\": \"fs:allow-write-text-file\",\n     \"allow\": [{ \"path\": \"$HOME/test.txt\" }]\n   }\n ]\n ```",
+      "description": "List of permissions attached to this capability.\n\nMust include the plugin name as prefix in the form of `${plugin-name}:${permission-name}`.\nFor commands directly implemented in the application itself only `${permission-name}`\nis required.\n\n## Example\n\n```json\n[\n  \"core:default\",\n  \"shell:allow-open\",\n  \"dialog:open\",\n  {\n    \"identifier\": \"fs:allow-write-text-file\",\n    \"allow\": [{ \"path\": \"$HOME/test.txt\" }]\n  }\n]\n```",
       "type": "array",
+      "uniqueItems": true,
       "items": {
         "$ref": "#/definitions/PermissionEntry"
-      },
-      "uniqueItems": true
+      }
     },
     "platforms": {
-      "description": "Limit which target platforms this capability applies to.\n\n By default all platforms are targeted.\n\n ## Example\n\n `[\"macOS\",\"windows\"]`",
+      "description": "Limit which target platforms this capability applies to.\n\nBy default all platforms are targeted.\n\n## Example\n\n`[\"macOS\",\"windows\"]`",
       "type": [
         "array",
         "null"
@@ -66,25 +62,29 @@
       }
     }
   },
+  "required": [
+    "identifier",
+    "permissions"
+  ],
   "definitions": {
     "CapabilityRemote": {
       "description": "Configuration for remote URLs that are associated with the capability.",
       "type": "object",
-      "required": [
-        "urls"
-      ],
       "properties": {
         "urls": {
-          "description": "Remote domains this capability refers to using the [URLPattern standard](https://urlpattern.spec.whatwg.org/).\n\n ## Examples\n\n - \"https://*.mydomain.dev\": allows subdomains of mydomain.dev\n - \"https://mydomain.dev/api/*\": allows any subpath of mydomain.dev/api",
+          "description": "Remote domains this capability refers to using the [URLPattern standard](https://urlpattern.spec.whatwg.org/).\n\n## Examples\n\n- \"https://*.mydomain.dev\": allows subdomains of mydomain.dev\n- \"https://mydomain.dev/api/*\": allows any subpath of mydomain.dev/api",
           "type": "array",
           "items": {
             "type": "string"
           }
         }
-      }
+      },
+      "required": [
+        "urls"
+      ]
     },
     "PermissionEntry": {
-      "description": "An entry for a permission value in a [`Capability`] can be either a raw permission [`Identifier`]\n or an object that references a permission and extends its scope.",
+      "description": "An entry for a permission value in a [`Capability`] can be either a raw permission [`Identifier`]\nor an object that references a permission and extends its scope.",
       "anyOf": [
         {
           "description": "Reference a permission or permission set by identifier.",
@@ -97,9 +97,6 @@
         {
           "description": "Reference a permission or permission set by identifier and extends its scope.",
           "type": "object",
-          "required": [
-            "identifier"
-          ],
           "properties": {
             "identifier": {
               "description": "Identifier of the permission or permission set.",
@@ -129,7 +126,10 @@
                 "$ref": "#/definitions/Value"
               }
             }
-          }
+          },
+          "required": [
+            "identifier"
+          ]
         }
       ]
     },
@@ -196,37 +196,27 @@
         {
           "description": "MacOS.",
           "type": "string",
-          "enum": [
-            "macOS"
-          ]
+          "const": "macOS"
         },
         {
           "description": "Windows.",
           "type": "string",
-          "enum": [
-            "windows"
-          ]
+          "const": "windows"
         },
         {
           "description": "Linux.",
           "type": "string",
-          "enum": [
-            "linux"
-          ]
+          "const": "linux"
         },
         {
           "description": "Android.",
           "type": "string",
-          "enum": [
-            "android"
-          ]
+          "const": "android"
         },
         {
           "description": "iOS.",
           "type": "string",
-          "enum": [
-            "iOS"
-          ]
+          "const": "iOS"
         }
       ]
     }