Appearance
Architecture Overview
Overview
Bubbledesk combines a web frontend, a Rust-based Tauri backend, and a web/desktop bridge API that allows deep OS‑level integrations directly from your web app.
It follows a layered design that separates user interface, system capabilities, and build automation.
Core Components
| Layer | Description |
|---|---|
| Frontend Runtime (Webview) | The user’s web app runs inside a OS native WebView (WebView2 on Windows, WebKit on macOS, WebKitGTK on Linux). Bubbledesk injects window.Bubbledesk, exposing APIs to interact with native OS features. |
| Bridge Layer (Rust/JS) | The native Rust code handles secure execution of system tasks such as file system, events, files, window management, WASM plugin sandboxing etc. And exposes commands that can be called with JS with the invoke() method or through Bubbledesk internal API via window.Bubbledesk. |
| Builder Engine (Tauri) | Wraps the web app, compiles per‑platform executables, and handles signing, icons, and distribution tasks. |
| Cloud Infrastructure | Bubbledesk builds your application on the cloud and stores your latest app builds. |
Execution Flow
- User Setup → User selects their web app URL and configuration inside the Bubbledesk desktop app.
- Runtime Injection → At launch, Bubbledesk injects the bridge (
window.Bubbledesk) inside the webview. - Interaction → The web app can call native features (notifications, clipboard, files, etc.) through this bridge.
- Build Phase → After testing, you can build you application that will be compiled into platform‑specific binaries.
Bridge Model
Each bridge module corresponds to a Rust subsystem exposed as asynchronous commands in the webview.
Modules include files, fs, window, shortcuts, network, autostart, badge, worker (plugins), and more. Check the bridge documentation.
Each call invokes a corresponding Rust command managed by Tauri under the hood.
Plugin and Worker System
The Worker module allows loading and executing WASM based plugins inside a secure, sandboxed Web Worker.
Plugins can implement custom computation logic while maintaining full isolation from the host system.
Security & Isolation
- Plugins execute in isolated sandboxed environments, without network access and with configurable timeouts and memory caps.
- Access through the File System module is strictly limited to the Bubbledesk isolated environment. It does not provide access to the global file system of the host machine, ensuring security and sandboxing.
- No system call is directly exposed to the webview; all actions pass through Rust‑level validation.