This guide provides reproducible local packaging steps for both desktop variants:
- full →
World Monitor - tech →
Tech Monitor
Variant identity is controlled by Tauri config:
- full:
src-tauri/tauri.conf.json - tech:
src-tauri/tauri.tech.conf.json
- Node.js + npm
- Rust toolchain
- OS-native Tauri build prerequisites:
- macOS: Xcode command-line tools
- Windows: Visual Studio Build Tools + NSIS + WiX
Install dependencies (this also installs the pinned Tauri CLI used by desktop scripts):
npm ciAll desktop scripts call the local tauri binary from node_modules/.bin; no runtime npx package download is required after npm ci.
If the local CLI is missing, scripts/desktop-package.mjs now fails fast with an explicit npm ci remediation message.
Before running desktop packaging in CI or managed networks, verify connectivity and proxy config:
npm ping
curl -I https://index.crates.io/
env | grep -E '^(HTTP_PROXY|HTTPS_PROXY|NO_PROXY)='If these fail, use one of the supported remediations:
- Internal npm mirror/proxy.
- Internal Cargo sparse index/registry mirror.
- Pre-vendored Rust crates (
src-tauri/vendor/) + Cargo offline mode. - CI artifact/caching strategy that restores required package inputs before build.
See docs/TAURI_VALIDATION_REPORT.md for failure classification labels and troubleshooting flow.
To view script usage/help:
npm run desktop:package -- --helpnpm run desktop:package:macos:full
npm run desktop:package:macos:tech
# or generic runner
npm run desktop:package -- --os macos --variant fullnpm run desktop:package:windows:full
npm run desktop:package:windows:tech
# or generic runner
npm run desktop:package -- --os windows --variant techBundler targets are pinned in both Tauri configs and enforced by packaging scripts:
- macOS:
app,dmg - Windows:
nsis,msi
From src-tauri/, the project supports two packaging paths:
Use normal Cargo behavior (crates.io):
cd src-tauri
cargo generate-lockfile
cargo tauri build --config tauri.conf.jsonAn optional vendored source is defined in src-tauri/.cargo/config.toml. To use it, first prepare vendored crates on a machine that has registry access:
# from repository root
cargo vendor --manifest-path src-tauri/Cargo.toml src-tauri/vendorThen enable offline mode using either method:
- One-off CLI override (no file changes):
cd src-tauri
cargo generate-lockfile --offline --config 'source.crates-io.replace-with="vendored-sources"'
cargo tauri build --offline --config 'source.crates-io.replace-with="vendored-sources"' --config tauri.conf.json- Local override file (recommended for CI/repeatable offline jobs):
cp src-tauri/.cargo/config.local.toml.example src-tauri/.cargo/config.local.toml
cd src-tauri
cargo generate-lockfile --offline
cargo tauri build --offline --config tauri.conf.jsonFor CI or internal mirrors, publish src-tauri/vendor/ as an artifact and restore it before the restricted-network build. If your organization uses an internal crates mirror instead of vendoring, point source.crates-io.replace-with to that mirror in CI-specific Cargo config and run the same build commands.
Unsigned packaging works by default.
If signing credentials are present in environment variables, Tauri will sign/notarize automatically during the same packaging commands.
Set before packaging (Developer ID signature):
export TAURI_BUNDLE_MACOS_SIGNING_IDENTITY="Developer ID Application: Your Company (TEAMID)"
export TAURI_BUNDLE_MACOS_PROVIDER_SHORT_NAME="TEAMID"
# optional alternate key accepted by Tauri tooling:
export APPLE_SIGNING_IDENTITY="Developer ID Application: Your Company (TEAMID)"For notarization, choose one auth method:
# Apple ID + app-specific password
export APPLE_ID="you@example.com"
export APPLE_PASSWORD="app-specific-password"
export APPLE_TEAM_ID="TEAMID"
# OR App Store Connect API key
export APPLE_API_KEY="ABC123DEFG"
export APPLE_API_ISSUER="00000000-0000-0000-0000-000000000000"
export APPLE_API_KEY_PATH="$HOME/.keys/AuthKey_ABC123DEFG.p8"Then run either standard or explicit sign script aliases:
npm run desktop:package:macos:full
# or
npm run desktop:package:macos:full:signSet before packaging (PowerShell):
$env:TAURI_BUNDLE_WINDOWS_CERTIFICATE_THUMBPRINT="<CERT_THUMBPRINT>"
$env:TAURI_BUNDLE_WINDOWS_TIMESTAMP_URL="https://timestamp.digicert.com"
# optional: if using cert file + password instead of cert store
$env:TAURI_BUNDLE_WINDOWS_CERTIFICATE="C:\path\to\codesign.pfx"
$env:TAURI_BUNDLE_WINDOWS_CERTIFICATE_PASSWORD="<PFX_PASSWORD>"Then run either standard or explicit sign script aliases:
npm run desktop:package:windows:full
# or
npm run desktop:package:windows:full:sign- Full variant:
World Monitor/world-monitor - Tech variant:
Tech Monitor/tech-monitor
Distinct names are configured in Tauri:
src-tauri/tauri.conf.json→World Monitor/world-monitorsrc-tauri/tauri.tech.conf.json→Tech Monitor/tech-monitor
If you want variant-specific icons, set bundle.icon separately in each config and point each variant to dedicated icon assets.
Artifacts are produced under:
src-tauri/target/release/bundle/
Common subfolders:
app/→ macOS.appdmg/→ macOS.dmgnsis/→ Windows.exeinstallermsi/→ Windows.msiinstaller
- Build required OS + variant package(s).
- Move artifacts to a clean machine (or fresh VM).
- Install/launch:
- macOS: mount
.dmg, drag app to Applications, launch. - Windows: run
.exeor.msi, launch from Start menu.
- macOS: mount
- Validate startup:
- App window opens without crash.
- Map view renders.
- Initial data loading path does not fatal-error.
- Validate variant identity:
- Window title and product name match expected variant.
- If signing was enabled:
- Verify code-signing metadata in OS dialogs/properties.
- Verify notarization/Gatekeeper acceptance on macOS.