gitremains a user-installed prerequisite on every platform.git-ftpis bundled as a script undersrc-tauri/resources/third-party/tools/git-ftp/git-ftp.lftpis bundled as a platform-specific executable undersrc-tauri/binaries/.
- macOS
aarch64-apple-darwinx86_64-apple-darwin
- Windows
x86_64-pc-windows-msvcaarch64-pc-windows-msvc
- Ubuntu
x86_64-unknown-linux-gnuaarch64-unknown-linux-gnu
- Debian
x86_64-unknown-linux-gnuaarch64-unknown-linux-gnu
- Fedora
x86_64-unknown-linux-gnuaarch64-unknown-linux-gnu
- Workflow file:
.github/workflows/release.yml - Trigger modes:
- manual
workflow_dispatch - Git tag push matching
v*
- manual
- Expected artifact types:
- macOS:
.dmg - Windows:
.msi, NSIS.exe - Ubuntu / Debian:
.deb - Fedora:
.rpm
- macOS:
Run or reuse these scripts before building public artifacts:
scripts/prepare-git-ftp.shscripts/prepare-lftp-unix.shscripts/prepare-lftp-windows.sh
They are responsible for:
- populating the bundled
git-ftpscript - populating the bundled
lftpbinary for the target platform - copying Linux-specific
liblftpruntime libraries next to the sidecar binary and rewriting the sidecar rpath so Tauri can resolve them during packaging - copying only the Windows runtime DLLs reported by
lddforlftp.exe, not every DLL from the MSYS2 bin directory - copying upstream license texts into the packaged resources tree
Before publishing release artifacts, the release workflow must populate:
src-tauri/resources/third-party/licenses/git-ftp/LICENSEsrc-tauri/resources/third-party/licenses/lftp/COPYINGsrc-tauri/resources/third-party/licenses/lftp/windows-dependencies/when Windows DLL dependencies are bundled
The packaged app also includes src-tauri/resources/third-party/THIRD_PARTY_NOTICES.md.
Current documented bundled third-party components:
git-ftplftp- MSYS2 packages that own copied Windows
lftpruntime DLLs
Set these GitHub secrets to remove Gatekeeper warnings:
APPLE_CERTIFICATEAPPLE_CERTIFICATE_PASSWORDAPPLE_SIGNING_IDENTITYAPPLE_IDAPPLE_PASSWORDAPPLE_TEAM_IDKEYCHAIN_PASSWORD
These secrets are used for:
- codesigning
- notarization
- reducing Gatekeeper warnings on distributed builds
If those secrets are missing, the workflow falls back to ad-hoc signing for the macOS app bundle so
the release still contains a signed binary inside the .dmg, but Gatekeeper may still require manual
approval because the app is not notarized.
Set these GitHub secrets to reduce SmartScreen and sign installers:
WINDOWS_CERTIFICATE_PFXWINDOWS_CERTIFICATE_PASSWORD
These are used to sign .exe and .msi artifacts in the workflow.
- Release builds are intended to ship
git-ftpandlftp gitmust still be installed on the target machine- Desktop
PATHrepair and executable fallback resolution are implemented in the Rust backend to support GUI launches outside interactive shells
The repository intentionally contains placeholder bundled files so local development builds remain valid before release-time assets are injected:
src-tauri/resources/third-party/tools/git-ftp/git-ftpsrc-tauri/binaries/lftp-aarch64-apple-darwinsrc-tauri/binaries/placeholder.dll
The workflow is prepared to build a Windows ARM64 app target. Until a native ARM64 lftp package is
supplied, the packaging flow assumes an x64 lftp.exe can run under Windows-on-Arm x64 emulation.
- The workflow scaffolding is in place, but the full matrix has not been executed and verified from this local session
- Linux ARM64 packaging relies on emulation in GitHub Actions
- Windows ARM64 packaging needs a native ARM64
lftpsource for the cleanest final release story