Capability System
VeloxKit gates access to native APIs behind capabilities — explicit permissions declared in veloxkit.config.ts.
Why capabilities exist
A VeloxKit app can read files, query databases, make network requests, and access the OS keychain. These are powerful APIs. Capabilities ensure:
- No surprise access — an app can't silently exfiltrate files
- Auditable permissions — the config is the source of truth
- Principle of least privilege — declare only what you need
Declaring capabilities
// veloxkit.config.ts
import { defineConfig } from 'veloxkit'
export default defineConfig({
name: 'my-app',
capabilities: [
'fs', // file system read/write
'db', // SQLite
'network', // fetch, WebSocket, mDNS
'clipboard',
],
})What happens without a capability
The error is thrown at the first call to a gated API, not at build time.
Available capabilities
| Capability | Grants access to |
|---|---|
fs | velox.fs — read, write, watch files |
db | velox.db — SQLite queries |
network | velox.network — fetch, WebSocket, mDNS |
ai | velox.ai — local model inference |
audio | velox.audio — playback and recording |
clipboard | velox.clipboard — read and write |
dialog | velox.dialog — open/save file dialogs |
notification | velox.notification — OS notifications |
credentials | velox.credentials — OS keychain |
system | velox.system — battery, storage, gamepad |
deeplink | velox.deeplink — URL scheme handler |
camera | velox.camera — camera device access |
Stable — The capability system API is stable and will not change in v0.x releases.
Capability scoping (coming in v0.4)
Future versions will support per-path and per-origin scoping:
capabilities: [
{ name: 'fs', paths: ['~/Documents/my-app/**'] },
{ name: 'network', origins: ['https://api.myservice.com'] },
]This is tracked in GitHub issue #142 (opens in a new tab).