Skip to content

build(deps): bump tauri-apps/tauri-action from 0 to 1#230

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/tauri-apps/tauri-action-1
Open

build(deps): bump tauri-apps/tauri-action from 0 to 1#230
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/tauri-apps/tauri-action-1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor

Bumps tauri-apps/tauri-action from 0 to 1.

Release notes

Sourced from tauri-apps/tauri-action's releases.

action v1.0.0

[1.0.0]

  • db4399e (#1194 by @​FabianLars) Breaking Change: .app.tar.gz & .app.tar.gz.sig files will now include the app version like all other bundles/installers.
  • 53c8863 (#1315 by @​FabianLars) The download urls in latest.json will now use the github url instead of the browser download url.
  • 9b64567 (#1167 by @​FabianLars) Breaking Change: Drop support for Tauri v1 and unstable v2 (alpha, beta, rc) versions.
  • 9491f9d (#1177 by @​FabianLars) Breaking Change: The action will now fail if draft: true is set but the relevant release is not a draft.
  • ab62863 (#1176 by @​FabianLars) The frontend lockfile detection will now move up the file tree to fix issues in workspaces.
  • adb8bd3 (#1170 by @​FabianLars) Breaking Change: Remove includeRelease and includeDebug. You can switch to debug builds via args: --debug. To upload release and debug builds, run tauri-action twice, preferably in a job matrix for concurrent builds.
  • eea1890 (#1175 by @​FabianLars) Improved runner detection to prevent silent fails if runner (npm, pnpm, yarn, bun) was not installed while a lockfile was present.
  • acc588b (#1203 by @​FabianLars) Added initial Android & iOS support. This only includes building (=== running tauri android|ios build), installing dependencies and uploading to stores must be done manually.
  • 2e37e06 (#1174 by @​FabianLars) Use npm exec instead of npm run if @tauri-apps/cli was detected with no tauri script in package.json.
  • 1898cf4 (#1186 by @​FabianLars) Fiixed an issue that caused outdated signatures for macos universal builds in latest.json when re-running the action on the same release multiple times.
  • 5c7403d (#1326 by @​FabianLars) Expose mainBinaryName in releaseAssetNamePattern and workflowArtifactNamePattern.
  • 5d35c8e (#1189 by @​FabianLars) The upload release assets will now have the original file as its label which will show as the filename on the GitHub Release page and will be used internally to update assets on reruns and to get the download urls for latest.json
  • c18827e (#1183 by @​FabianLars) Breaking Change: Renamed assetNamePattern to releaseAssetNamePattern.
  • 766720b (#1172 by @​FabianLars) Breaking Change: Removed the feature to automatically initialize a Tauri project.
  • 25f3730 (#1208 by @​FabianLars) Breaking Change: Renamed includeUpdaterJson to uploadUpdaterJson for consistency with other similar options.
  • 53c8863 (#1315 by @​FabianLars) Removed Gitea support.
  • 6d11c27 (#1185 by @​FabianLars) Breaking Change: Removed updaterJsonKeepUniversal. This is now always enabled.
  • 7485c95 (#1169 by @​FabianLars) Switch from unmaintained @iarna/toml to smol-toml. No user-facing changes.
  • 8236c82 (#1277 by @​FabianLars) Semi-Breaking Change: The action will now update the name and body of existing releases.
  • 05c1b09 (#1178 by @​FabianLars) Added built-in variant of actions/upload-artifact to easily upload each bundle as a seperate archive. This may be removed once actions/upload-artifact#331 lands.
  • 6434f9a (#1296 by @​Ludea) Added initial support for vite+.

action v0.6.2

[0.6.2]

  • 73e111f (#1288) The action can now detect the workspace root correctly if the tauri project is configured as the cargo workspace root.

action v0.6.1

[0.6.1]

action v0.6.0

[0.6.0]

  • e918a06 (#1133) Encode tagName option value in latest.json URL.
  • 45acc19 (#1164) Add generateReleaseNotes config to use GitHub's release notes API to auto generate the release name and/or body.
  • 59a1a70 (#1166) Fix default file name pattern to match tauri's file names again.
  • 08112f7 (#1106) Added experimental support for Gitea hosted instances.
  • 08112f7 (#1106) Added a config to set the GitHub API URL which should help users with self-hosted instances and those using GitHub Enterprise.
  • b067139 (#1130) The action now uses node v24 which raises the minimum GitHub runner version to v2.327.1.

action v0.5.25

[0.5.25]

... (truncated)

Changelog

Sourced from tauri-apps/tauri-action's changelog.

[0.5.21]

Commits
  • 1deb371 Apply Version Updates From Current Changes (#1191)
  • 35033cf chore(deps): update dependency @​vercel/ncc to v0.44.0 (#1323)
  • 5ead4aa refactor: simplify createArtifact function (#1327)
  • 7899682 ci: update actions (#1328)
  • f201b79 chore(deps): update dependency @​types/node to v24.13.2 (#1320)
  • 5c7403d feat: default naming scheme for mobile assets, closes #1317 (#1326)
  • 71e781d chore(deps): update dependency @​biomejs/biome to v2.5.1 (#1318)
  • f51677a chore(deps): update dependency smol-toml to v1.7.0 (#1324)
  • 61337b4 chore(deps): update dependency @​types/node to v24.12.3 (#1316)
  • 53c8863 refactor: Use github api as download url in latest.json (#1315)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [tauri-apps/tauri-action](https://github.com/tauri-apps/tauri-action) from 0 to 1.
- [Release notes](https://github.com/tauri-apps/tauri-action/releases)
- [Changelog](https://github.com/tauri-apps/tauri-action/blob/dev/CHANGELOG.md)
- [Commits](tauri-apps/tauri-action@v0...v1)

---
updated-dependencies:
- dependency-name: tauri-apps/tauri-action
  dependency-version: '1'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 6, 2026
@greptile-apps

greptile-apps Bot commented Jul 6, 2026

Copy link
Copy Markdown

Greptile Summary

This PR bumps tauri-apps/tauri-action from v0 to v1 in both the build and release workflows. No deprecated or removed inputs (includeRelease, includeDebug, assetNamePattern, includeUpdaterJson, updaterJsonKeepUniversal) are present in either workflow, so the rename/removal breaking changes do not apply here.

  • build.yml: Only uses args — no impact from v1 breaking changes.
  • release.yml: Uses releaseDraft: true; v1 now hard-fails when this flag is set against an already-published (non-draft) release, which would affect workflow_dispatch re-runs post-publish. Also, macOS .app.tar.gz bundles now include the version in their filename and latest.json download URLs switch from browser-download to GitHub API URLs, both of which could affect updater consumers.

Confidence Score: 4/5

Safe to merge for normal tag-push workflows; a re-run via workflow_dispatch on a previously published release would now fail rather than update assets silently.

The bump is straightforward and no removed/renamed inputs are in use. The two behavioral changes to be aware of are the strict draft-enforcement (only affects re-runs after publishing) and the macOS bundle filename and latest.json URL format changes (only relevant if the Tauri updater is in use).

.github/workflows/release.yml — the releaseDraft: true input and macOS artifact consumers should be verified against v1 behaviour.

Important Files Changed

Filename Overview
.github/workflows/build.yml Bumps tauri-apps/tauri-action from v0 to v1; no removed or renamed inputs are used in this workflow.
.github/workflows/release.yml Bumps tauri-apps/tauri-action from v0 to v1; uses releaseDraft: true which now strictly fails if the targeted release is no longer a draft — a new v1 behavior that could break re-runs after publishing.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[Tag push or workflow_dispatch] --> B[release.yml job matrix]
    B --> C[tauri-action v1]
    C --> D{releaseDraft true?}
    D -->|Release is a draft| E[Build and upload assets]
    D -->|Release already published| F[Action FAILS - new v1 behavior]
    E --> G[latest.json uses GitHub API URLs]
    E --> H[macOS app.tar.gz now includes version]
Loading
%%{init: {'theme': 'base', 'themeVariables': {"darkMode": true, "background": "#0d1117", "primaryColor": "#21262d", "primaryTextColor": "#e6edf3", "primaryBorderColor": "#8b949e", "lineColor": "#8b949e", "textColor": "#e6edf3", "edgeLabelBackground": "#161b22", "actorBkg": "#21262d", "actorBorder": "#8b949e", "actorTextColor": "#e6edf3", "actorLineColor": "#8b949e", "signalColor": "#8b949e", "signalTextColor": "#e6edf3", "noteBkgColor": "#373320", "noteBorderColor": "#d4a72c", "noteTextColor": "#f0e6c0", "labelBoxBkgColor": "#21262d", "labelBoxBorderColor": "#8b949e", "labelTextColor": "#e6edf3", "loopTextColor": "#e6edf3", "activationBkgColor": "#30363d", "activationBorderColor": "#8b949e"}}}%%
flowchart TD
    A[Tag push or workflow_dispatch] --> B[release.yml job matrix]
    B --> C[tauri-action v1]
    C --> D{releaseDraft true?}
    D -->|Release is a draft| E[Build and upload assets]
    D -->|Release already published| F[Action FAILS - new v1 behavior]
    E --> G[latest.json uses GitHub API URLs]
    E --> H[macOS app.tar.gz now includes version]
Loading

Comments Outside Diff (1)

  1. .github/workflows/release.yml, line 92 (link)

    P2 releaseDraft: true now strictly enforced in v1

    tauri-action v1 introduced a breaking change: the action now fails if releaseDraft: true is set but the targeted GitHub Release is not a draft. Previously v0 silently ignored this mismatch. In practice this means any workflow_dispatch re-run after the draft release for a given tag has been published will error out — instead of updating the release assets as before.

Reviews (1): Last reviewed commit: "build(deps): bump tauri-apps/tauri-actio..." | Re-trigger Greptile

Comment on lines 83 to +84
- name: Build the app
uses: tauri-apps/tauri-action@v0
uses: tauri-apps/tauri-action@v1

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 macOS .app.tar.gz bundle filenames now include the version

In v1, .app.tar.gz and .app.tar.gz.sig bundles are renamed to include the app version (matching other installer formats). If any downstream tooling, update-server configuration, or latest.json parser references these files by their old version-less names, it will silently get a 404. Additionally, latest.json download URLs now use the GitHub API URL format instead of browser download URLs — if the Tauri updater is configured, verify that the new URL scheme is accessible in your users' environments.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants