Sync Desktop

Sync is a Windows desktop AI coding workspace built with Tauri, Rust, React, TypeScript, Tailwind CSS, and SQLite.

The app is designed as a serious local-first AI development control center: project context, visible tasks, file safety, approvals, history, Git/GitHub workflows, MCP servers, connectors, and guarded tool execution.

Current Status

This repository contains the MVP desktop foundation:

• Tauri 2 Windows desktop shell
• Custom frameless dark UI inspired by modern AI coding tools
• Local SQLite schema and seeded MVP data
• Task workflow model with ignored/restored/completed states
• Rust security primitives for risk classification, path safety, and secret masking
• Project folder scanning with sensitive file detection
• Git read tooling
• On-demand GitHub Device Flow sign-in prompt for remote Git/GitHub actions
• GitHub API status/repository listing through GITHUB_TOKEN, GH_TOKEN, or GitHub CLI auth
• MCP command/endpoint connection probe
• Connectors management surface

Requirements

• Windows 10/11
• Node.js 20+
• npm
• Rust toolchain through rustup
• Visual Studio 2022 Build Tools with C++ workload
• Git
• Optional: GitHub CLI (gh) for account login and token discovery

Install

npm install

Run In Development

npm run tauri:dev

Build The Windows EXE

npm run tauri:build

The release executable is created at:

src-tauri/target/release/sync.exe

Test

Frontend:

npm test

Rust:

cd src-tauri
cargo test

Audit frontend dependencies:

npm audit --audit-level=moderate

GitHub Integration

Sync supports three MVP GitHub authentication paths:

1. Environment token:

$env:GITHUB_TOKEN="ghp_your_token_here"
npm run tauri:dev

2. GitHub Device Flow from the in-app prompt.

3. GitHub CLI login:

gh auth login --web --git-protocol https

Device Flow does not require storing an OAuth client secret inside the desktop app. After CLI login, Sync can also read the stored CLI token with gh auth token and use it for safe GitHub read actions.

Inside Sync, GitHub sign-in appears only when an AI request needs a GitHub account, such as:

• creating a repository
• pushing branches
• opening pull requests
• creating issues
• accessing private GitHub repositories

GitHub write actions should remain approval-gated. The MVP currently supports safe connection status and repository listing.

MCP

The MCP screen can test:

• executable commands, such as node or npx
• HTTP endpoints, such as https://example.com

MCP server outputs should be treated as untrusted context and every tool call should be logged before this becomes a full automation layer.

Project Structure

src/                    React + TypeScript UI
src/features/           Feature surfaces and workflow logic
src/lib/                Frontend backend adapters and helpers
src/types/              Shared TypeScript domain types
src-tauri/src/          Rust desktop, storage, security, Git, GitHub, MCP
src-tauri/migrations/   SQLite schema and seed data
config/defaults/        JSON/TOML/YAML defaults and presets
requirements/           Product, design, database, security, and tool specifications
tests/                  Frontend tests

Version Workflow

Use git for every meaningful step:

git status --short --branch
git add .
git commit -m "Describe the change"
git push

Recommended release tags:

git tag v0.1.0
git push origin v0.1.0

Security Defaults

Sync is designed around explicit user control:

• Read opened project files only
• Ask before writes
• Ask before commands
• Ask before GitHub writes
• Protect sensitive files
• Mask secrets in logs and exports
• Keep history and audit records

Releasing

Release everything (commit, tag, build, push, GitHub release) in one step:

powershell -ExecutionPolicy Bypass -File .\release.ps1

To bump to a different version:

.\release.ps1 -Version 0.2.1

The script verifies that `sr