Tweak some things for launch

Update
2026-02-18 21:57:44 +01:00 · 2025-02-18 21:28:03 -08:00 · 2025-02-15 12:04:35 -08:00 · 2025-02-15 07:29:50 -08:00 · 2025-02-15 07:12:12 -08:00 · 2025-02-15 05:22:39 -08:00
276 changed files with 14058 additions and 3047 deletions
--- a/README.md
+++ b/README.md
@@ -1,10 +1,26 @@
 # Yaak API Client

-Yaak is a desktop API client for organizing and executing REST, GraphQL, and gRPC
-requests. It's built using [Tauri](https://tauri.app), Rust, and ReactJS.
+Yaak is a desktop API client for interacting with REST, GraphQL, Server Sent Events (SSE), WebSocket, and gRPC
+APIs. It's built using [Tauri](https://tauri.app), Rust, and ReactJS.

 ![screenshot](https://github.com/user-attachments/assets/f18e963f-0b68-4ecb-b8b8-cb71aa9aec02)

+## Feature Overview
+
+🪂 Import data from Postman, Insomnia, OpenAPI, Swagger, or Curl.<br/>
+📤 Send requests via REST, GraphQL, Server Sent Events (SSE), WebSockets, or gRPC.<br/>
+🔐 Automatically authorize requests with OAuth 2.0, JWT tokens, Basic Auth, and more.<br/>
+🔎 Filter response bodies using JSONPath or XPath queries.<br/>
+⛓️ Chain together multiple requests to dynamically reference values.<br/>
+📂 Organize requests into workspaces and nested folders.<br/>
+🧮 Use environment variables to easily switch between Prod and Dev.<br/>
+🏷️ Send dynamic values like UUIDs or timestamps using template tags.<br/>
+🎨 Choose from many of the included themes, or make your own.<br/>
+💽 Mirror workspace data to a directory for integration with Git or Dropbox.<br/>
+📜 View response history for each request.<br/>
+🔌 Create your own plugins for authentication, template tags, and more!<br/>
+🛜 Configure a proxy to access firewall-blocked APIs
+
 ## Feedback and Bug Reports

 All feedback, bug reports, questions, and feature requests should be reported to
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@@ -11,11 +11,13 @@
    "packages/plugin-runtime-types",
    "packages/common-lib",
    "src-tauri/yaak-license",
+    "src-tauri/yaak-git",
    "src-tauri/yaak-models",
    "src-tauri/yaak-plugins",
    "src-tauri/yaak-sse",
    "src-tauri/yaak-sync",
    "src-tauri/yaak-templates",
+    "src-tauri/yaak-ws",
    "src-web"
  ],
  "scripts": {
@@ -34,7 +36,7 @@
    "tauri-before-dev": "npm run --workspaces --if-present dev"
  },
  "devDependencies": {
-    "@tauri-apps/cli": "^2.2.4",
+    "@tauri-apps/cli": "^2.2.7",
    "@typescript-eslint/eslint-plugin": "^8.18.1",
    "@typescript-eslint/parser": "^8.18.1",
    "eslint": "^8",
--- a/packages/common-lib/formatSize.ts
+++ b/packages/common-lib/formatSize.ts
@@ -0,0 +1,20 @@
+export function formatSize(bytes: number): string {
+    let num;
+    let unit;
+
+    if (bytes > 1000 * 1000 * 1000) {
+        num = bytes / 1000 / 1000 / 1000;
+        unit = 'GB';
+    } else if (bytes > 1000 * 1000) {
+        num = bytes / 1000 / 1000;
+        unit = 'MB';
+    } else if (bytes > 1000) {
+        num = bytes / 1000;
+        unit = 'KB';
+    } else {
+        num = bytes;
+        unit = 'B';
+    }
+
+    return `${Math.round(num * 10) / 10} ${unit}`;
+}
--- a/packages/plugin-runtime-types/package.json
+++ b/packages/plugin-runtime-types/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@yaakapp/api",
-  "version": "0.3.4",
+  "version": "0.4.1",
  "main": "lib/index.js",
  "typings": "./lib/index.d.ts",
  "files": [
--- a/packages/plugin-runtime-types/src/bindings/events.ts
+++ b/packages/plugin-runtime-types/src/bindings/events.ts
@@ -1,290 +0,0 @@
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { Environment } from "./models.js";
-import type { Folder } from "./models.js";
-import type { GrpcRequest } from "./models.js";
-import type { HttpRequest } from "./models.js";
-import type { HttpResponse } from "./models.js";
-import type { JsonValue } from "./serde_json/JsonValue.js";
-import type { Workspace } from "./models.js";
-
-export type BootRequest = { dir: string, watch: boolean, };
-
-export type BootResponse = { name: string, version: string, };
-
-export type CallHttpAuthenticationRequest = { config: { [key in string]?: JsonValue }, method: string, url: string, headers: Array<HttpHeader>, };
-
-export type CallHttpAuthenticationResponse = { 
-/**
- * HTTP headers to add to the request. Existing headers will be replaced, while
- * new headers will be added.
- */
-setHeaders: Array<HttpHeader>, };
-
-export type CallHttpRequestActionArgs = { httpRequest: HttpRequest, };
-
-export type CallHttpRequestActionRequest = { key: string, pluginRefId: string, args: CallHttpRequestActionArgs, };
-
-export type CallTemplateFunctionArgs = { purpose: RenderPurpose, values: { [key in string]?: string }, };
-
-export type CallTemplateFunctionRequest = { name: string, args: CallTemplateFunctionArgs, };
-
-export type CallTemplateFunctionResponse = { value: string | null, };
-
-export type Color = "custom" | "default" | "primary" | "secondary" | "info" | "success" | "notice" | "warning" | "danger";
-
-export type CopyTextRequest = { text: string, };
-
-export type EditorLanguage = "text" | "javascript" | "json" | "html" | "xml" | "graphql" | "markdown";
-
-export type EmptyPayload = {};
-
-export type ErrorResponse = { error: string, };
-
-export type ExportHttpRequestRequest = { httpRequest: HttpRequest, };
-
-export type ExportHttpRequestResponse = { content: string, };
-
-export type FileFilter = { name: string, 
-/**
- * File extensions to require
- */
-extensions: Array<string>, };
-
-export type FilterRequest = { content: string, filter: string, };
-
-export type FilterResponse = { content: string, };
-
-export type FindHttpResponsesRequest = { requestId: string, limit?: number, };
-
-export type FindHttpResponsesResponse = { httpResponses: Array<HttpResponse>, };
-
-export type FormInput = { "type": "text" } & FormInputText | { "type": "editor" } & FormInputEditor | { "type": "select" } & FormInputSelect | { "type": "checkbox" } & FormInputCheckbox | { "type": "file" } & FormInputFile | { "type": "http_request" } & FormInputHttpRequest;
-
-export type FormInputBase = { name: string, 
-/**
- * Whether the user must fill in the argument
- */
-optional?: boolean, 
-/**
- * The label of the input
- */
-label?: string, 
-/**
- * Visually hide the label of the input
- */
-hideLabel?: boolean, 
-/**
- * The default value
- */
-defaultValue?: string, };
-
-export type FormInputCheckbox = { name: string, 
-/**
- * Whether the user must fill in the argument
- */
-optional?: boolean, 
-/**
- * The label of the input
- */
-label?: string, 
-/**
- * Visually hide the label of the input
- */
-hideLabel?: boolean, 
-/**
- * The default value
- */
-defaultValue?: string, };
-
-export type FormInputEditor = { 
-/**
- * Placeholder for the text input
- */
-placeholder?: string | null, 
-/**
- * Don't show the editor gutter (line numbers, folds, etc.)
- */
-hideGutter?: boolean, 
-/**
- * Language for syntax highlighting
- */
-language?: EditorLanguage, name: string, 
-/**
- * Whether the user must fill in the argument
- */
-optional?: boolean, 
-/**
- * The label of the input
- */
-label?: string, 
-/**
- * Visually hide the label of the input
- */
-hideLabel?: boolean, 
-/**
- * The default value
- */
-defaultValue?: string, };
-
-export type FormInputFile = { 
-/**
- * The title of the file selection window
- */
-title: string, 
-/**
- * Allow selecting multiple files
- */
-multiple?: boolean, directory?: boolean, defaultPath?: string, filters?: Array<FileFilter>, name: string, 
-/**
- * Whether the user must fill in the argument
- */
-optional?: boolean, 
-/**
- * The label of the input
- */
-label?: string, 
-/**
- * Visually hide the label of the input
- */
-hideLabel?: boolean, 
-/**
- * The default value
- */
-defaultValue?: string, };
-
-export type FormInputHttpRequest = { name: string, 
-/**
- * Whether the user must fill in the argument
- */
-optional?: boolean, 
-/**
- * The label of the input
- */
-label?: string, 
-/**
- * Visually hide the label of the input
- */
-hideLabel?: boolean, 
-/**
- * The default value
- */
-defaultValue?: string, };
-
-export type FormInputSelect = { 
-/**
- * The options that will be available in the select input
- */
-options: Array<FormInputSelectOption>, name: string, 
-/**
- * Whether the user must fill in the argument
- */
-optional?: boolean, 
-/**
- * The label of the input
- */
-label?: string, 
-/**
- * Visually hide the label of the input
- */
-hideLabel?: boolean, 
-/**
- * The default value
- */
-defaultValue?: string, };
-
-export type FormInputSelectOption = { name: string, value: string, };
-
-export type FormInputText = { 
-/**
- * Placeholder for the text input
- */
-placeholder?: string | null, 
-/**
- * Placeholder for the text input
- */
-password?: boolean, name: string, 
-/**
- * Whether the user must fill in the argument
- */
-optional?: boolean, 
-/**
- * The label of the input
- */
-label?: string, 
-/**
- * Visually hide the label of the input
- */
-hideLabel?: boolean, 
-/**
- * The default value
- */
-defaultValue?: string, };
-
-export type GetHttpAuthenticationResponse = { name: string, label: string, shortLabel: string, config: Array<FormInput>, };
-
-export type GetHttpRequestActionsRequest = Record<string, never>;
-
-export type GetHttpRequestActionsResponse = { actions: Array<HttpRequestAction>, pluginRefId: string, };
-
-export type GetHttpRequestByIdRequest = { id: string, };
-
-export type GetHttpRequestByIdResponse = { httpRequest: HttpRequest | null, };
-
-export type GetTemplateFunctionsResponse = { functions: Array<TemplateFunction>, pluginRefId: string, };
-
-export type HttpHeader = { name: string, value: string, };
-
-export type HttpRequestAction = { key: string, label: string, icon?: Icon, };
-
-export type Icon = "copy" | "info" | "check_circle" | "alert_triangle" | "_unknown";
-
-export type ImportRequest = { content: string, };
-
-export type ImportResources = { workspaces: Array<Workspace>, environments: Array<Environment>, folders: Array<Folder>, httpRequests: Array<HttpRequest>, grpcRequests: Array<GrpcRequest>, };
-
-export type ImportResponse = { resources: ImportResources, };
-
-export type InternalEvent = { id: string, pluginRefId: string, pluginName: string, replyId: string | null, windowContext: WindowContext, payload: InternalEventPayload, };
-
-export type InternalEventPayload = { "type": "boot_request" } & BootRequest | { "type": "boot_response" } & BootResponse | { "type": "reload_request" } & EmptyPayload | { "type": "reload_response" } & EmptyPayload | { "type": "terminate_request" } | { "type": "terminate_response" } | { "type": "import_request" } & ImportRequest | { "type": "import_response" } & ImportResponse | { "type": "filter_request" } & FilterRequest | { "type": "filter_response" } & FilterResponse | { "type": "export_http_request_request" } & ExportHttpRequestRequest | { "type": "export_http_request_response" } & ExportHttpRequestResponse | { "type": "send_http_request_request" } & SendHttpRequestRequest | { "type": "send_http_request_response" } & SendHttpRequestResponse | { "type": "get_http_request_actions_request" } & EmptyPayload | { "type": "get_http_request_actions_response" } & GetHttpRequestActionsResponse | { "type": "call_http_request_action_request" } & CallHttpRequestActionRequest | { "type": "get_template_functions_request" } | { "type": "get_template_functions_response" } & GetTemplateFunctionsResponse | { "type": "call_template_function_request" } & CallTemplateFunctionRequest | { "type": "call_template_function_response" } & CallTemplateFunctionResponse | { "type": "get_http_authentication_request" } & EmptyPayload | { "type": "get_http_authentication_response" } & GetHttpAuthenticationResponse | { "type": "call_http_authentication_request" } & CallHttpAuthenticationRequest | { "type": "call_http_authentication_response" } & CallHttpAuthenticationResponse | { "type": "copy_text_request" } & CopyTextRequest | { "type": "render_http_request_request" } & RenderHttpRequestRequest | { "type": "render_http_request_response" } & RenderHttpRequestResponse | { "type": "template_render_request" } & TemplateRenderRequest | { "type": "template_render_response" } & TemplateRenderResponse | { "type": "show_toast_request" } & ShowToastRequest | { "type": "prompt_text_request" } & PromptTextRequest | { "type": "prompt_text_response" } & PromptTextResponse | { "type": "get_http_request_by_id_request" } & GetHttpRequestByIdRequest | { "type": "get_http_request_by_id_response" } & GetHttpRequestByIdResponse | { "type": "find_http_responses_request" } & FindHttpResponsesRequest | { "type": "find_http_responses_response" } & FindHttpResponsesResponse | { "type": "empty_response" } & EmptyPayload | { "type": "error_response" } & ErrorResponse;
-
-export type PromptTextRequest = { id: string, title: string, label: string, description?: string, defaultValue?: string, placeholder?: string, 
-/**
- * Text to add to the confirmation button
- */
-confirmText?: string, 
-/**
- * Text to add to the cancel button
- */
-cancelText?: string, 
-/**
- * Require the user to enter a non-empty value
- */
-required?: boolean, };
-
-export type PromptTextResponse = { value: string | null, };
-
-export type RenderHttpRequestRequest = { httpRequest: HttpRequest, purpose: RenderPurpose, };
-
-export type RenderHttpRequestResponse = { httpRequest: HttpRequest, };
-
-export type RenderPurpose = "send" | "preview";
-
-export type SendHttpRequestRequest = { httpRequest: HttpRequest, };
-
-export type SendHttpRequestResponse = { httpResponse: HttpResponse, };
-
-export type ShowToastRequest = { message: string, color?: Color, icon?: Icon, };
-
-export type TemplateFunction = { name: string, description?: string, 
-/**
- * Also support alternative names. This is useful for not breaking existing
- * tags when changing the `name` property
- */
-aliases?: Array<string>, args: Array<FormInput>, };
-
-export type TemplateRenderRequest = { data: JsonValue, purpose: RenderPurpose, };
-
-export type TemplateRenderResponse = { data: JsonValue, };
-
-export type WindowContext = { "type": "none" } | { "type": "label", label: string, };
--- a/packages/plugin-runtime-types/src/bindings/gen_events.ts
+++ b/packages/plugin-runtime-types/src/bindings/gen_events.ts
@@ -0,0 +1,406 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+import type { Environment } from "./gen_models.js";
+import type { Folder } from "./gen_models.js";
+import type { GrpcRequest } from "./gen_models.js";
+import type { HttpRequest } from "./gen_models.js";
+import type { HttpResponse } from "./gen_models.js";
+import type { JsonValue } from "./serde_json/JsonValue.js";
+import type { WebsocketRequest } from "./gen_models.js";
+import type { Workspace } from "./gen_models.js";
+
+export type BootRequest = { dir: string, watch: boolean, };
+
+export type BootResponse = { name: string, version: string, };
+
+export type CallHttpAuthenticationActionArgs = { contextId: string, values: { [key in string]?: JsonPrimitive }, };
+
+export type CallHttpAuthenticationActionRequest = { index: number, pluginRefId: string, args: CallHttpAuthenticationActionArgs, };
+
+export type CallHttpAuthenticationRequest = { contextId: string, values: { [key in string]?: JsonPrimitive }, method: string, url: string, headers: Array<HttpHeader>, };
+
+export type CallHttpAuthenticationResponse = { 
+/**
+ * HTTP headers to add to the request. Existing headers will be replaced, while
+ * new headers will be added.
+ */
+setHeaders: Array<HttpHeader>, };
+
+export type CallHttpRequestActionArgs = { httpRequest: HttpRequest, };
+
+export type CallHttpRequestActionRequest = { index: number, pluginRefId: string, args: CallHttpRequestActionArgs, };
+
+export type CallTemplateFunctionArgs = { purpose: RenderPurpose, values: { [key in string]?: string }, };
+
+export type CallTemplateFunctionRequest = { name: string, args: CallTemplateFunctionArgs, };
+
+export type CallTemplateFunctionResponse = { value: string | null, };
+
+export type CloseWindowRequest = { label: string, };
+
+export type Color = "primary" | "secondary" | "info" | "success" | "notice" | "warning" | "danger";
+
+export type CompletionOptionType = "constant" | "variable";
+
+export type Content = { "type": "text", content: string, } | { "type": "markdown", content: string, };
+
+export type CopyTextRequest = { text: string, };
+
+export type DeleteKeyValueRequest = { key: string, };
+
+export type DeleteKeyValueResponse = { deleted: boolean, };
+
+export type EditorLanguage = "text" | "javascript" | "json" | "html" | "xml" | "graphql" | "markdown";
+
+export type EmptyPayload = {};
+
+export type ErrorResponse = { error: string, };
+
+export type ExportHttpRequestRequest = { httpRequest: HttpRequest, };
+
+export type ExportHttpRequestResponse = { content: string, };
+
+export type FileFilter = { name: string, 
+/**
+ * File extensions to require
+ */
+extensions: Array<string>, };
+
+export type FilterRequest = { content: string, filter: string, };
+
+export type FilterResponse = { content: string, };
+
+export type FindHttpResponsesRequest = { requestId: string, limit?: number, };
+
+export type FindHttpResponsesResponse = { httpResponses: Array<HttpResponse>, };
+
+export type FormInput = { "type": "text" } & FormInputText | { "type": "editor" } & FormInputEditor | { "type": "select" } & FormInputSelect | { "type": "checkbox" } & FormInputCheckbox | { "type": "file" } & FormInputFile | { "type": "http_request" } & FormInputHttpRequest | { "type": "accordion" } & FormInputAccordion | { "type": "banner" } & FormInputBanner | { "type": "markdown" } & FormInputMarkdown;
+
+export type FormInputAccordion = { label: string, inputs?: Array<FormInput>, hidden?: boolean, };
+
+export type FormInputBanner = { inputs?: Array<FormInput>, hidden?: boolean, color?: Color, };
+
+export type FormInputBase = { 
+/**
+ * The name of the input. The value will be stored at this object attribute in the resulting data
+ */
+name: string, 
+/**
+ * Whether this input is visible for the given configuration. Use this to
+ * make branching forms.
+ */
+hidden?: boolean, 
+/**
+ * Whether the user must fill in the argument
+ */
+optional?: boolean, 
+/**
+ * The label of the input
+ */
+label?: string, 
+/**
+ * Visually hide the label of the input
+ */
+hideLabel?: boolean, 
+/**
+ * The default value
+ */
+defaultValue?: string, disabled?: boolean, };
+
+export type FormInputCheckbox = { 
+/**
+ * The name of the input. The value will be stored at this object attribute in the resulting data
+ */
+name: string, 
+/**
+ * Whether this input is visible for the given configuration. Use this to
+ * make branching forms.
+ */
+hidden?: boolean, 
+/**
+ * Whether the user must fill in the argument
+ */
+optional?: boolean, 
+/**
+ * The label of the input
+ */
+label?: string, 
+/**
+ * Visually hide the label of the input
+ */
+hideLabel?: boolean, 
+/**
+ * The default value
+ */
+defaultValue?: string, disabled?: boolean, };
+
+export type FormInputEditor = { 
+/**
+ * Placeholder for the text input
+ */
+placeholder?: string | null, 
+/**
+ * Don't show the editor gutter (line numbers, folds, etc.)
+ */
+hideGutter?: boolean, 
+/**
+ * Language for syntax highlighting
+ */
+language?: EditorLanguage, readOnly?: boolean, completionOptions?: Array<GenericCompletionOption>, 
+/**
+ * The name of the input. The value will be stored at this object attribute in the resulting data
+ */
+name: string, 
+/**
+ * Whether this input is visible for the given configuration. Use this to
+ * make branching forms.
+ */
+hidden?: boolean, 
+/**
+ * Whether the user must fill in the argument
+ */
+optional?: boolean, 
+/**
+ * The label of the input
+ */
+label?: string, 
+/**
+ * Visually hide the label of the input
+ */
+hideLabel?: boolean, 
+/**
+ * The default value
+ */
+defaultValue?: string, disabled?: boolean, };
+
+export type FormInputFile = { 
+/**
+ * The title of the file selection window
+ */
+title: string, 
+/**
+ * Allow selecting multiple files
+ */
+multiple?: boolean, directory?: boolean, defaultPath?: string, filters?: Array<FileFilter>, 
+/**
+ * The name of the input. The value will be stored at this object attribute in the resulting data
+ */
+name: string, 
+/**
+ * Whether this input is visible for the given configuration. Use this to
+ * make branching forms.
+ */
+hidden?: boolean, 
+/**
+ * Whether the user must fill in the argument
+ */
+optional?: boolean, 
+/**
+ * The label of the input
+ */
+label?: string, 
+/**
+ * Visually hide the label of the input
+ */
+hideLabel?: boolean, 
+/**
+ * The default value
+ */
+defaultValue?: string, disabled?: boolean, };
+
+export type FormInputHttpRequest = { 
+/**
+ * The name of the input. The value will be stored at this object attribute in the resulting data
+ */
+name: string, 
+/**
+ * Whether this input is visible for the given configuration. Use this to
+ * make branching forms.
+ */
+hidden?: boolean, 
+/**
+ * Whether the user must fill in the argument
+ */
+optional?: boolean, 
+/**
+ * The label of the input
+ */
+label?: string, 
+/**
+ * Visually hide the label of the input
+ */
+hideLabel?: boolean, 
+/**
+ * The default value
+ */
+defaultValue?: string, disabled?: boolean, };
+
+export type FormInputMarkdown = { content: string, hidden?: boolean, };
+
+export type FormInputSelect = { 
+/**
+ * The options that will be available in the select input
+ */
+options: Array<FormInputSelectOption>, 
+/**
+ * The name of the input. The value will be stored at this object attribute in the resulting data
+ */
+name: string, 
+/**
+ * Whether this input is visible for the given configuration. Use this to
+ * make branching forms.
+ */
+hidden?: boolean, 
+/**
+ * Whether the user must fill in the argument
+ */
+optional?: boolean, 
+/**
+ * The label of the input
+ */
+label?: string, 
+/**
+ * Visually hide the label of the input
+ */
+hideLabel?: boolean, 
+/**
+ * The default value
+ */
+defaultValue?: string, disabled?: boolean, };
+
+export type FormInputSelectOption = { label: string, value: string, };
+
+export type FormInputText = { 
+/**
+ * Placeholder for the text input
+ */
+placeholder?: string | null, 
+/**
+ * Placeholder for the text input
+ */
+password?: boolean, 
+/**
+ * Whether to allow newlines in the input, like a <textarea/>
+ */
+multiLine?: boolean, completionOptions?: Array<GenericCompletionOption>, 
+/**
+ * The name of the input. The value will be stored at this object attribute in the resulting data
+ */
+name: string, 
+/**
+ * Whether this input is visible for the given configuration. Use this to
+ * make branching forms.
+ */
+hidden?: boolean, 
+/**
+ * Whether the user must fill in the argument
+ */
+optional?: boolean, 
+/**
+ * The label of the input
+ */
+label?: string, 
+/**
+ * Visually hide the label of the input
+ */
+hideLabel?: boolean, 
+/**
+ * The default value
+ */
+defaultValue?: string, disabled?: boolean, };
+
+export type GenericCompletionOption = { label: string, detail?: string, info?: string, type?: CompletionOptionType, boost?: number, };
+
+export type GetHttpAuthenticationConfigRequest = { contextId: string, values: { [key in string]?: JsonPrimitive }, };
+
+export type GetHttpAuthenticationConfigResponse = { args: Array<FormInput>, pluginRefId: string, actions?: Array<HttpAuthenticationAction>, };
+
+export type GetHttpAuthenticationSummaryResponse = { name: string, label: string, shortLabel: string, };
+
+export type GetHttpRequestActionsRequest = Record<string, never>;
+
+export type GetHttpRequestActionsResponse = { actions: Array<HttpRequestAction>, pluginRefId: string, };
+
+export type GetHttpRequestByIdRequest = { id: string, };
+
+export type GetHttpRequestByIdResponse = { httpRequest: HttpRequest | null, };
+
+export type GetKeyValueRequest = { key: string, };
+
+export type GetKeyValueResponse = { value?: string, };
+
+export type GetTemplateFunctionsResponse = { functions: Array<TemplateFunction>, pluginRefId: string, };
+
+export type HttpAuthenticationAction = { label: string, icon?: Icon, };
+
+export type HttpHeader = { name: string, value: string, };
+
+export type HttpRequestAction = { label: string, icon?: Icon, };
+
+export type Icon = "alert_triangle" | "check" | "check_circle" | "chevron_down" | "copy" | "info" | "pin" | "search" | "trash" | "_unknown";
+
+export type ImportRequest = { content: string, };
+
+export type ImportResources = { workspaces: Array<Workspace>, environments: Array<Environment>, folders: Array<Folder>, httpRequests: Array<HttpRequest>, grpcRequests: Array<GrpcRequest>, websocketRequests: Array<WebsocketRequest>, };
+
+export type ImportResponse = { resources: ImportResources, };
+
+export type InternalEvent = { id: string, pluginRefId: string, pluginName: string, replyId: string | null, windowContext: WindowContext, payload: InternalEventPayload, };
+
+export type InternalEventPayload = { "type": "boot_request" } & BootRequest | { "type": "boot_response" } & BootResponse | { "type": "reload_request" } & EmptyPayload | { "type": "reload_response" } & EmptyPayload | { "type": "terminate_request" } | { "type": "terminate_response" } | { "type": "import_request" } & ImportRequest | { "type": "import_response" } & ImportResponse | { "type": "filter_request" } & FilterRequest | { "type": "filter_response" } & FilterResponse | { "type": "export_http_request_request" } & ExportHttpRequestRequest | { "type": "export_http_request_response" } & ExportHttpRequestResponse | { "type": "send_http_request_request" } & SendHttpRequestRequest | { "type": "send_http_request_response" } & SendHttpRequestResponse | { "type": "get_http_request_actions_request" } & EmptyPayload | { "type": "get_http_request_actions_response" } & GetHttpRequestActionsResponse | { "type": "call_http_request_action_request" } & CallHttpRequestActionRequest | { "type": "get_template_functions_request" } | { "type": "get_template_functions_response" } & GetTemplateFunctionsResponse | { "type": "call_template_function_request" } & CallTemplateFunctionRequest | { "type": "call_template_function_response" } & CallTemplateFunctionResponse | { "type": "get_http_authentication_summary_request" } & EmptyPayload | { "type": "get_http_authentication_summary_response" } & GetHttpAuthenticationSummaryResponse | { "type": "get_http_authentication_config_request" } & GetHttpAuthenticationConfigRequest | { "type": "get_http_authentication_config_response" } & GetHttpAuthenticationConfigResponse | { "type": "call_http_authentication_request" } & CallHttpAuthenticationRequest | { "type": "call_http_authentication_response" } & CallHttpAuthenticationResponse | { "type": "call_http_authentication_action_request" } & CallHttpAuthenticationActionRequest | { "type": "call_http_authentication_action_response" } & EmptyPayload | { "type": "copy_text_request" } & CopyTextRequest | { "type": "copy_text_response" } & EmptyPayload | { "type": "render_http_request_request" } & RenderHttpRequestRequest | { "type": "render_http_request_response" } & RenderHttpRequestResponse | { "type": "get_key_value_request" } & GetKeyValueRequest | { "type": "get_key_value_response" } & GetKeyValueResponse | { "type": "set_key_value_request" } & SetKeyValueRequest | { "type": "set_key_value_response" } & SetKeyValueResponse | { "type": "delete_key_value_request" } & DeleteKeyValueRequest | { "type": "delete_key_value_response" } & DeleteKeyValueResponse | { "type": "open_window_request" } & OpenWindowRequest | { "type": "window_navigate_event" } & WindowNavigateEvent | { "type": "close_window_request" } & CloseWindowRequest | { "type": "template_render_request" } & TemplateRenderRequest | { "type": "template_render_response" } & TemplateRenderResponse | { "type": "show_toast_request" } & ShowToastRequest | { "type": "show_toast_response" } & EmptyPayload | { "type": "prompt_text_request" } & PromptTextRequest | { "type": "prompt_text_response" } & PromptTextResponse | { "type": "get_http_request_by_id_request" } & GetHttpRequestByIdRequest | { "type": "get_http_request_by_id_response" } & GetHttpRequestByIdResponse | { "type": "find_http_responses_request" } & FindHttpResponsesRequest | { "type": "find_http_responses_response" } & FindHttpResponsesResponse | { "type": "empty_response" } & EmptyPayload | { "type": "error_response" } & ErrorResponse;
+
+export type JsonPrimitive = string | number | boolean | null;
+
+export type OpenWindowRequest = { url: string, 
+/**
+ * Label for the window. If not provided, a random one will be generated.
+ */
+label: string, title?: string, size?: WindowSize, };
+
+export type PromptTextRequest = { id: string, title: string, label: string, description?: string, defaultValue?: string, placeholder?: string, 
+/**
+ * Text to add to the confirmation button
+ */
+confirmText?: string, 
+/**
+ * Text to add to the cancel button
+ */
+cancelText?: string, 
+/**
+ * Require the user to enter a non-empty value
+ */
+required?: boolean, };
+
+export type PromptTextResponse = { value: string | null, };
+
+export type RenderHttpRequestRequest = { httpRequest: HttpRequest, purpose: RenderPurpose, };
+
+export type RenderHttpRequestResponse = { httpRequest: HttpRequest, };
+
+export type RenderPurpose = "send" | "preview";
+
+export type SendHttpRequestRequest = { httpRequest: Partial<HttpRequest>, };
+
+export type SendHttpRequestResponse = { httpResponse: HttpResponse, };
+
+export type SetKeyValueRequest = { key: string, value: string, };
+
+export type SetKeyValueResponse = {};
+
+export type ShowToastRequest = { message: string, color?: Color, icon?: Icon, };
+
+export type TemplateFunction = { name: string, description?: string, 
+/**
+ * Also support alternative names. This is useful for not breaking existing
+ * tags when changing the `name` property
+ */
+aliases?: Array<string>, args: Array<FormInput>, };
+
+export type TemplateRenderRequest = { data: JsonValue, purpose: RenderPurpose, };
+
+export type TemplateRenderResponse = { data: JsonValue, };
+
+export type WindowContext = { "type": "none" } | { "type": "label", label: string, };
+
+export type WindowNavigateEvent = { url: string, };
+
+export type WindowSize = { width: number, height: number, };
--- a/packages/plugin-runtime-types/src/bindings/gen_models.ts
+++ b/packages/plugin-runtime-types/src/bindings/gen_models.ts
@@ -22,4 +22,6 @@ export type HttpResponseState = "initialized" | "connected" | "closed";

 export type HttpUrlParameter = { enabled?: boolean, name: string, value: string, id?: string, };

+export type WebsocketRequest = { model: "websocket_request", id: string, createdAt: string, updatedAt: string, workspaceId: string, folderId: string | null, authentication: Record<string, any>, authenticationType: string | null, description: string, headers: Array<HttpRequestHeader>, message: string, name: string, sortPriority: number, url: string, urlParameters: Array<HttpUrlParameter>, };
+
 export type Workspace = { model: "workspace", id: string, createdAt: string, updatedAt: string, name: string, description: string, settingValidateCertificates: boolean, settingFollowRedirects: boolean, settingRequestTimeout: number, };
--- a/packages/plugin-runtime-types/src/helpers.ts
+++ b/packages/plugin-runtime-types/src/helpers.ts
@@ -1 +1,2 @@
 export type AtLeast<T, K extends keyof T> = Partial<T> & Pick<T, K>;
+export type MaybePromise<T> = Promise<T> | T;
--- a/packages/plugin-runtime-types/src/index.ts
+++ b/packages/plugin-runtime-types/src/index.ts
@@ -1,5 +1,5 @@
 export type * from './plugins';
 export type * from './themes';

-export * from './bindings/models';
-export * from './bindings/events';
+export * from './bindings/gen_models';
+export * from './bindings/gen_events';
--- a/packages/plugin-runtime-types/src/plugins/AuthenticationPlugin.ts
+++ b/packages/plugin-runtime-types/src/plugins/AuthenticationPlugin.ts
@@ -1,13 +1,29 @@
 import {
+  CallHttpAuthenticationActionArgs,
  CallHttpAuthenticationRequest,
  CallHttpAuthenticationResponse,
-  GetHttpAuthenticationResponse,
-} from '../bindings/events';
+  FormInput,
+  GetHttpAuthenticationConfigRequest,
+  GetHttpAuthenticationSummaryResponse,
+  HttpAuthenticationAction,
+} from '../bindings/gen_events';
+import { MaybePromise } from '../helpers';
 import { Context } from './Context';

-export type AuthenticationPlugin = Omit<GetHttpAuthenticationResponse, 'pluginName'> & {
+type DynamicFormInput = FormInput & {
+  dynamic(
+    ctx: Context,
+    args: GetHttpAuthenticationConfigRequest,
+  ): MaybePromise<Partial<FormInput> | undefined | null>;
+};
+
+export type AuthenticationPlugin = GetHttpAuthenticationSummaryResponse & {
+  args: (FormInput | DynamicFormInput)[];
  onApply(
    ctx: Context,
    args: CallHttpAuthenticationRequest,
-  ): Promise<CallHttpAuthenticationResponse> | CallHttpAuthenticationResponse;
+  ): MaybePromise<CallHttpAuthenticationResponse>;
+  actions?: (HttpAuthenticationAction & {
+    onSelect(ctx: Context, args: CallHttpAuthenticationActionArgs): Promise<void> | void;
+  })[];
 };
--- a/packages/plugin-runtime-types/src/plugins/Context.ts
+++ b/packages/plugin-runtime-types/src/plugins/Context.ts
@@ -3,6 +3,7 @@ import type {
  FindHttpResponsesResponse,
  GetHttpRequestByIdRequest,
  GetHttpRequestByIdResponse,
+  OpenWindowRequest,
  PromptTextRequest,
  PromptTextResponse,
  RenderHttpRequestRequest,
@@ -12,7 +13,7 @@ import type {
  ShowToastRequest,
  TemplateRenderRequest,
  TemplateRenderResponse,
-} from "../bindings/events.ts";
+} from '../bindings/gen_events.ts';

 export interface Context {
  clipboard: {
@@ -22,27 +23,27 @@ export interface Context {
    show(args: ShowToastRequest): Promise<void>;
  };
  prompt: {
-    text(args: PromptTextRequest): Promise<PromptTextResponse["value"]>;
+    text(args: PromptTextRequest): Promise<PromptTextResponse['value']>;
+  };
+  store: {
+    set<T>(key: string, value: T): Promise<void>;
+    get<T>(key: string): Promise<T | undefined>;
+    delete(key: string): Promise<boolean>;
+  };
+  window: {
+    openUrl(
+      args: OpenWindowRequest & { onNavigate?: (args: { url: string }) => void },
+    ): Promise<{ close: () => void }>;
  };
  httpRequest: {
-    send(
-      args: SendHttpRequestRequest,
-    ): Promise<SendHttpRequestResponse["httpResponse"]>;
-    getById(
-      args: GetHttpRequestByIdRequest,
-    ): Promise<GetHttpRequestByIdResponse["httpRequest"]>;
-    render(
-      args: RenderHttpRequestRequest,
-    ): Promise<RenderHttpRequestResponse["httpRequest"]>;
+    send(args: SendHttpRequestRequest): Promise<SendHttpRequestResponse['httpResponse']>;
+    getById(args: GetHttpRequestByIdRequest): Promise<GetHttpRequestByIdResponse['httpRequest']>;
+    render(args: RenderHttpRequestRequest): Promise<RenderHttpRequestResponse['httpRequest']>;
  };
  httpResponse: {
-    find(
-      args: FindHttpResponsesRequest,
-    ): Promise<FindHttpResponsesResponse["httpResponses"]>;
+    find(args: FindHttpResponsesRequest): Promise<FindHttpResponsesResponse['httpResponses']>;
  };
  templates: {
-    render(
-      args: TemplateRenderRequest,
-    ): Promise<TemplateRenderResponse["data"]>;
+    render(args: TemplateRenderRequest): Promise<TemplateRenderResponse['data']>;
  };
 }
--- a/packages/plugin-runtime-types/src/plugins/HttpRequestActionPlugin.ts
+++ b/packages/plugin-runtime-types/src/plugins/HttpRequestActionPlugin.ts
@@ -1,4 +1,4 @@
-import type { CallHttpRequestActionArgs, HttpRequestAction } from '../bindings/events';
+import type { CallHttpRequestActionArgs, HttpRequestAction } from '../bindings/gen_events';
 import type { Context } from './Context';

 export type HttpRequestActionPlugin = HttpRequestAction & {
--- a/packages/plugin-runtime-types/src/plugins/ImporterPlugin.ts
+++ b/packages/plugin-runtime-types/src/plugins/ImporterPlugin.ts
@@ -1,29 +1,14 @@
-import {
-  Environment,
-  Folder,
-  GrpcRequest,
-  HttpRequest,
-  Workspace,
-} from "../bindings/models";
-import type { AtLeast } from "../helpers";
-import type { Context } from "./Context";
+import { Environment, Folder, GrpcRequest, HttpRequest, Workspace } from '../bindings/gen_models';
+import type { AtLeast } from '../helpers';
+import type { Context } from './Context';

 type ImportPluginResponse = null | {
  resources: {
-    workspaces: AtLeast<Workspace, "name" | "id" | "model">[];
-    environments: AtLeast<
-      Environment,
-      "name" | "id" | "model" | "workspaceId"
-    >[];
-    folders: AtLeast<Folder, "name" | "id" | "model" | "workspaceId">[];
-    httpRequests: AtLeast<
-      HttpRequest,
-      "name" | "id" | "model" | "workspaceId"
-    >[];
-    grpcRequests: AtLeast<
-      GrpcRequest,
-      "name" | "id" | "model" | "workspaceId"
-    >[];
+    workspaces: AtLeast<Workspace, 'name' | 'id' | 'model'>[];
+    environments: AtLeast<Environment, 'name' | 'id' | 'model' | 'workspaceId'>[];
+    folders: AtLeast<Folder, 'name' | 'id' | 'model' | 'workspaceId'>[];
+    httpRequests: AtLeast<HttpRequest, 'name' | 'id' | 'model' | 'workspaceId'>[];
+    grpcRequests: AtLeast<GrpcRequest, 'name' | 'id' | 'model' | 'workspaceId'>[];
  };
 };

--- a/packages/plugin-runtime-types/src/plugins/TemplateFunctionPlugin.ts
+++ b/packages/plugin-runtime-types/src/plugins/TemplateFunctionPlugin.ts
@@ -1,7 +1,7 @@
 import {
  CallTemplateFunctionArgs,
  TemplateFunction,
-} from "../bindings/events";
+} from "../bindings/gen_events";
 import { Context } from "./Context";

 export type TemplateFunctionPlugin = TemplateFunction & {
--- a/packages/plugin-runtime/src/index.worker.ts
+++ b/packages/plugin-runtime/src/index.worker.ts
@@ -1,11 +1,18 @@
+// OAuth 2.0 spec -> https://datatracker.ietf.org/doc/html/rfc6749
+
 import type {
  BootRequest,
  Context,
+  DeleteKeyValueResponse,
  FindHttpResponsesResponse,
+  FormInput,
  GetHttpRequestByIdResponse,
+  GetKeyValueResponse,
+  HttpAuthenticationAction,
  HttpRequestAction,
  InternalEvent,
  InternalEventPayload,
+  JsonPrimitive,
  PluginDefinition,
  PromptTextResponse,
  RenderHttpRequestResponse,
@@ -19,8 +26,15 @@ import type { Stats } from 'node:fs';
 import { readFileSync, statSync, watch } from 'node:fs';
 import path from 'node:path';
 import * as util from 'node:util';
+import { parentPort as nullableParentPort, workerData } from 'node:worker_threads';
 import { interceptStdout } from './interceptStdout';
-import { parentPort, workerData } from 'node:worker_threads';
+import { migrateTemplateFunctionSelectOptions } from './migrations';
+
+if (nullableParentPort == null) {
+  throw new Error('Worker does not have access to parentPort');
+}
+
+const parentPort = nullableParentPort;

 export interface PluginWorkerData {
  bootRequest: BootRequest;
@@ -73,7 +87,7 @@ function initialize(workerData: PluginWorkerData) {
    if (event.payload.type !== 'empty_response') {
      console.log('Sending event to app', event.id, event.payload.type);
    }
-    parentPort!.postMessage(event);
+    parentPort.postMessage(event);
  }

  function sendAndWaitForReply<T extends Omit<InternalEventPayload, 'type'>>(
@@ -84,14 +98,15 @@ function initialize(workerData: PluginWorkerData) {
    const eventToSend = buildEventToSend(windowContext, payload, null);

    // 2. Spawn listener in background
-    const promise = new Promise<InternalEventPayload>((resolve) => {
+    const promise = new Promise<T>((resolve) => {
      const cb = (event: InternalEvent) => {
        if (event.replyId === eventToSend.id) {
-          parentPort!.off('message', cb); // Unlisten, now that we're done
-          resolve(event.payload); // Not type-safe but oh well
+          parentPort.off('message', cb); // Unlisten, now that we're done
+          const { type: _, ...payload } = event.payload;
+          resolve(payload as T);
        }
      };
-      parentPort!.on('message', cb);
+      parentPort.on('message', cb);
    });

    // 3. Send the event after we start listening (to prevent race)
@@ -101,10 +116,29 @@ function initialize(workerData: PluginWorkerData) {
    return promise as unknown as Promise<T>;
  }

+  function sendAndListenForEvents(
+    windowContext: WindowContext,
+    payload: InternalEventPayload,
+    onEvent: (event: InternalEventPayload) => void,
+  ): void {
+    // 1. Build event to send
+    const eventToSend = buildEventToSend(windowContext, payload, null);
+
+    // 2. Listen for replies in the background
+    parentPort.on('message', (event: InternalEvent) => {
+      if (event.replyId === eventToSend.id) {
+        onEvent(event.payload);
+      }
+    });
+
+    // 3. Send the event after we start listening (to prevent race)
+    sendEvent(eventToSend);
+  }
+
  // Reload plugin if the JS or package.json changes
  const windowContextNone: WindowContext = { type: 'none' };
  const fileChangeCallback = async () => {
-    await importModule();
+    importModule();
    return sendPayload(windowContextNone, { type: 'reload_response' }, null);
  };

@@ -130,6 +164,27 @@ function initialize(workerData: PluginWorkerData) {
        });
      },
    },
+    window: {
+      async openUrl({ onNavigate, ...args }) {
+        args.label = args.label || `${Math.random()}`;
+        const payload: InternalEventPayload = { type: 'open_window_request', ...args };
+        const onEvent = (event: InternalEventPayload) => {
+          if (event.type === 'window_navigate_event') {
+            onNavigate?.(event);
+          }
+        };
+        sendAndListenForEvents(event.windowContext, payload, onEvent);
+        return {
+          close: () => {
+            const closePayload: InternalEventPayload = {
+              type: 'close_window_request',
+              label: args.label,
+            };
+            sendPayload(event.windowContext, closePayload, null);
+          },
+        };
+      },
+    },
    prompt: {
      async text(args) {
        const reply: PromptTextResponse = await sendAndWaitForReply(event.windowContext, {
@@ -201,6 +256,30 @@ function initialize(workerData: PluginWorkerData) {
        return result.data;
      },
    },
+    store: {
+      async get<T>(key: string) {
+        const payload = { type: 'get_key_value_request', key } as const;
+        const result = await sendAndWaitForReply<GetKeyValueResponse>(event.windowContext, payload);
+        return result.value ? (JSON.parse(result.value) as T) : undefined;
+      },
+      async set<T>(key: string, value: T) {
+        const valueStr = JSON.stringify(value);
+        const payload: InternalEventPayload = {
+          type: 'set_key_value_request',
+          key,
+          value: valueStr,
+        };
+        await sendAndWaitForReply<GetKeyValueResponse>(event.windowContext, payload);
+      },
+      async delete(key: string) {
+        const payload = { type: 'delete_key_value_request', key } as const;
+        const result = await sendAndWaitForReply<DeleteKeyValueResponse>(
+          event.windowContext,
+          payload,
+        );
+        return result.deleted;
+      },
+    },
  });

  let plug: PluginDefinition | null = null;
@@ -210,19 +289,11 @@ function initialize(workerData: PluginWorkerData) {
    delete require.cache[id];
    plug = require(id).plugin;
  }
+
  importModule();

-  if (pkg.name?.includes('yaak-faker')) {
-    sendPayload(
-      { type: 'none' },
-      { type: 'error_response', error: 'Failed to initialize Faker plugin' },
-      null,
-    );
-    return;
-  }
-
  // Message comes into the plugin to be processed
-  parentPort!.on('message', async (event: InternalEvent) => {
+  parentPort.on('message', async (event: InternalEvent) => {
    const ctx = newCtx(event);
    const { windowContext, payload, id: replyId } = event;
    try {
@@ -298,11 +369,13 @@ function initialize(workerData: PluginWorkerData) {
        payload.type === 'get_template_functions_request' &&
        Array.isArray(plug?.templateFunctions)
      ) {
-        const reply: TemplateFunction[] = plug.templateFunctions.map((a) => ({
-          ...a,
-          // Add everything except render
-          onRender: undefined,
-        }));
+        const reply: TemplateFunction[] = plug.templateFunctions.map((templateFunction) => {
+          return {
+            ...migrateTemplateFunctionSelectOptions(templateFunction),
+            // Add everything except render
+            onRender: undefined,
+          };
+        });
        const replyPayload: InternalEventPayload = {
          type: 'get_template_functions_response',
          pluginRefId,
@@ -312,11 +385,42 @@ function initialize(workerData: PluginWorkerData) {
        return;
      }

-      if (payload.type === 'get_http_authentication_request' && plug?.authentication) {
-        const { onApply: _, ...auth } = plug.authentication;
+      if (payload.type === 'get_http_authentication_summary_request' && plug?.authentication) {
+        const { name, shortLabel, label } = plug.authentication;
        const replyPayload: InternalEventPayload = {
-          ...auth,
-          type: 'get_http_authentication_response',
+          type: 'get_http_authentication_summary_response',
+          name,
+          label,
+          shortLabel,
+        };
+
+        sendPayload(windowContext, replyPayload, replyId);
+        return;
+      }
+
+      if (payload.type === 'get_http_authentication_config_request' && plug?.authentication) {
+        const { args, actions } = plug.authentication;
+        const resolvedArgs: FormInput[] = [];
+        for (let i = 0; i < args.length; i++) {
+          let v = args[i];
+          if ('dynamic' in v) {
+            const dynamicAttrs = await v.dynamic(ctx, payload);
+            const { dynamic, ...other } = v;
+            resolvedArgs.push({ ...other, ...dynamicAttrs } as FormInput);
+          } else {
+            resolvedArgs.push(v);
+          }
+        }
+        const resolvedActions: HttpAuthenticationAction[] = [];
+        for (const { onSelect, ...action } of actions ?? []) {
+          resolvedActions.push(action);
+        }
+
+        const replyPayload: InternalEventPayload = {
+          type: 'get_http_authentication_config_response',
+          args: resolvedArgs,
+          actions: resolvedActions,
+          pluginRefId,
        };

        sendPayload(windowContext, replyPayload, replyId);
@@ -326,12 +430,13 @@ function initialize(workerData: PluginWorkerData) {
      if (payload.type === 'call_http_authentication_request' && plug?.authentication) {
        const auth = plug.authentication;
        if (typeof auth?.onApply === 'function') {
+          applyFormInputDefaults(auth.args, payload.values);
          const result = await auth.onApply(ctx, payload);
          sendPayload(
            windowContext,
            {
-              ...result,
              type: 'call_http_authentication_response',
+              setHeaders: result.setHeaders,
            },
            replyId,
          );
@@ -339,11 +444,23 @@ function initialize(workerData: PluginWorkerData) {
        }
      }

+      if (
+        payload.type === 'call_http_authentication_action_request' &&
+        plug?.authentication != null
+      ) {
+        const action = plug.authentication.actions?.[payload.index];
+        if (typeof action?.onSelect === 'function') {
+          await action.onSelect(ctx, payload.args);
+          sendEmpty(windowContext, replyId);
+          return;
+        }
+      }
+
      if (
        payload.type === 'call_http_request_action_request' &&
        Array.isArray(plug?.httpRequestActions)
      ) {
-        const action = plug.httpRequestActions.find((a) => a.key === payload.key);
+        const action = plug.httpRequestActions[payload.index];
        if (typeof action?.onSelect === 'function') {
          await action.onSelect(ctx, payload.args);
          sendEmpty(windowContext, replyId);
@@ -357,6 +474,7 @@ function initialize(workerData: PluginWorkerData) {
      ) {
        const action = plug.templateFunctions.find((a) => a.name === payload.name);
        if (typeof action?.onRender === 'function') {
+          applyFormInputDefaults(action.args, payload.args.values);
          const result = await action.onRender(ctx, payload.args);
          sendPayload(
            windowContext,
@@ -371,7 +489,7 @@ function initialize(workerData: PluginWorkerData) {
      }

      if (payload.type === 'reload_request') {
-        await importModule();
+        importModule();
      }
    } catch (err) {
      console.log('Plugin call threw exception', payload.type, err);
@@ -383,7 +501,7 @@ function initialize(workerData: PluginWorkerData) {
        },
        replyId,
      );
-      // TODO: Return errors to server
+      return;
    }

    // No matches, so send back an empty response so the caller doesn't block forever
@@ -434,3 +552,17 @@ function watchFile(filepath: string, cb: (filepath: string) => void) {
    watchedFiles[filepath] = stat;
  });
 }
+
+/** Recursively apply form input defaults to a set of values */
+function applyFormInputDefaults(
+  inputs: FormInput[],
+  values: { [p: string]: JsonPrimitive | undefined },
+) {
+  for (const input of inputs) {
+    if ('inputs' in input) {
+      applyFormInputDefaults(input.inputs ?? [], values);
+    } else if ('defaultValue' in input && values[input.name] === undefined) {
+      values[input.name] = input.defaultValue;
+    }
+  }
+}
--- a/packages/plugin-runtime/src/migrations.ts
+++ b/packages/plugin-runtime/src/migrations.ts
@@ -0,0 +1,18 @@
+import { TemplateFunction } from '@yaakapp/api';
+
+export function migrateTemplateFunctionSelectOptions(f: TemplateFunction): TemplateFunction {
+  const migratedArgs = f.args.map((a) => {
+    if (a.type === 'select') {
+      a.options = a.options.map((o) => ({
+        ...o,
+        label: o.label || (o as any).name,
+      }));
+    }
+    return a;
+  });
+
+  return {
+    ...f,
+    args: migratedArgs,
+  };
+}
--- a/src-tauri/Cargo.lock
+++ b/src-tauri/Cargo.lock
@@ -43,7 +43,7 @@ dependencies = [
 "cfg-if",
 "once_cell",
 "version_check 0.9.5",
- "zerocopy",
+ "zerocopy 0.7.35",
 ]

 [[package]]
@@ -712,7 +712,7 @@ dependencies = [
 "semver",
 "serde",
 "serde_json",
- "thiserror 2.0.7",
+ "thiserror 2.0.11",
 ]

 [[package]]
@@ -730,6 +730,10 @@ name = "cc"
 version = "1.1.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "504bdec147f2cc13c8b57ed9401fd8a147cc66b67ad5cb241394244f2c947549"
+dependencies = [
+ "jobserver",
+ "libc",
+]

 [[package]]
 name = "cesu8"
@@ -1236,7 +1240,16 @@ version = "5.0.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "44c45a9d03d6676652bcb5e724c7e988de1acad23a711b5217ab9cbecbec2225"
 dependencies = [
- "dirs-sys",
+ "dirs-sys 0.4.1",
+]
+
+[[package]]
+name = "dirs"
+version = "6.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c3e8aa94d75141228480295a7d0e7feb620b1a5ad9f12bc40be62411e38cce4e"
+dependencies = [
+ "dirs-sys 0.5.0",
 ]

 [[package]]
@@ -1247,10 +1260,22 @@ checksum = "520f05a5cbd335fae5a99ff7a6ab8627577660ee5cfd6a94a6a929b52ff0321c"
 dependencies = [
 "libc",
 "option-ext",
- "redox_users",
+ "redox_users 0.4.5",
 "windows-sys 0.48.0",
 ]

+[[package]]
+name = "dirs-sys"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e01a3366d27ee9890022452ee61b2b63a67e6f13f58900b651ff5665f0bb1fab"
+dependencies = [
+ "libc",
+ "option-ext",
+ "redox_users 0.5.0",
+ "windows-sys 0.59.0",
+]
+
 [[package]]
 name = "dispatch"
 version = "0.2.0"
@@ -1670,9 +1695,9 @@ dependencies = [

 [[package]]
 name = "futures-core"
-version = "0.3.30"
+version = "0.3.31"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "dfc6580bb841c5a68e9ef15c77ccc837b40a7504914d52e47b8b0e9bbda25a1d"
+checksum = "05f29059c0c2090612e8d742178b0580d2dc940c837851ad723096f87af6663e"

 [[package]]
 name = "futures-executor"
@@ -1698,9 +1723,9 @@ dependencies = [

 [[package]]
 name = "futures-io"
-version = "0.3.30"
+version = "0.3.31"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a44623e20b9681a318efdd71c299b6b222ed6f231972bfe2f224ebad6311f0c1"
+checksum = "9e5c1b78ca4aae1ac06c48a526a655760685149f0d465d21f37abfe57ce075c6"

 [[package]]
 name = "futures-lite"
@@ -1717,9 +1742,9 @@ dependencies = [

 [[package]]
 name = "futures-macro"
-version = "0.3.30"
+version = "0.3.31"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "87750cf4b7a4c0625b1529e4c543c2182106e4dedc60a2a6455e00d212c489ac"
+checksum = "162ee34ebcb7c64a8abebc059ce0fee27c2262618d7b60ed8faf72fef13c3650"
 dependencies = [
 "proc-macro2",
 "quote",
@@ -1728,21 +1753,21 @@ dependencies = [

 [[package]]
 name = "futures-sink"
-version = "0.3.30"
+version = "0.3.31"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9fb8e00e87438d937621c1c6269e53f536c14d3fbd6a042bb24879e57d474fb5"
+checksum = "e575fab7d1e0dcb8d0c7bcf9a63ee213816ab51902e6d244a95819acacf1d4f7"

 [[package]]
 name = "futures-task"
-version = "0.3.30"
+version = "0.3.31"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "38d84fa142264698cdce1a9f9172cf383a0c82de1bddcf3092901442c4097004"
+checksum = "f90f7dce0722e95104fcb095585910c0977252f286e354b5e3bd38902cd99988"

 [[package]]
 name = "futures-util"
-version = "0.3.30"
+version = "0.3.31"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3d6401deb83407ab3da39eba7e33987a73c3df0c82b4bb5813ee871c19c41d48"
+checksum = "9fa08315bb612088cc391249efdc3bc77536f16c91f6cf495e6fbe85b20a4a81"
 dependencies = [
 "futures-core",
 "futures-io",
@@ -1915,6 +1940,18 @@ dependencies = [
 "wasi 0.11.0+wasi-snapshot-preview1",
 ]

+[[package]]
+name = "getrandom"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "43a49c392881ce6d5c3b8cb70f98717b7c07aabbdff06687b9030dbfbe2725f8"
+dependencies = [
+ "cfg-if",
+ "libc",
+ "wasi 0.13.3+wasi-0.2.2",
+ "windows-targets 0.52.6",
+]
+
 [[package]]
 name = "gimli"
 version = "0.29.0"
@@ -1953,6 +1990,21 @@ dependencies = [
 "winapi",
 ]

+[[package]]
+name = "git2"
+version = "0.20.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3fda788993cc341f69012feba8bf45c0ba4f3291fcc08e214b4d5a7332d88aff"
+dependencies = [
+ "bitflags 2.6.0",
+ "libc",
+ "libgit2-sys",
+ "log",
+ "openssl-probe",
+ "openssl-sys",
+ "url",
+]
+
 [[package]]
 name = "glib"
 version = "0.18.5"
@@ -2281,7 +2333,6 @@ dependencies = [
 "hyper-util",
 "rustls",
 "rustls-pki-types",
- "rustls-platform-verifier",
 "tokio",
 "tokio-rustls",
 "tower-service",
@@ -2579,6 +2630,15 @@ version = "0.3.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8eaf4bc02d17cbdd7ff4c7438cafcdf7fb9a4613313ad11b4f8fefe7d3fa0130"

+[[package]]
+name = "jobserver"
+version = "0.1.32"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "48d1dbcbbeb6a7fec7e059840aa538bd62aaccf972c7346c4d9d2059312853d0"
+dependencies = [
+ "libc",
+]
+
 [[package]]
 name = "jpeg-decoder"
 version = "0.3.1"
@@ -2695,9 +2755,23 @@ dependencies = [

 [[package]]
 name = "libc"
-version = "0.2.155"
+version = "0.2.169"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "97b3888a4aecf77e811145cadf6eef5901f4782c53886191b2f693f24761847c"
+checksum = "b5aba8db14291edd000dfcc4d620c7ebfb122c613afb886ca8803fa4e128a20a"
+
+[[package]]
+name = "libgit2-sys"
+version = "0.18.0+1.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e1a117465e7e1597e8febea8bb0c410f1c7fb93b1e1cddf34363f8390367ffec"
+dependencies = [
+ "cc",
+ "libc",
+ "libssh2-sys",
+ "libz-sys",
+ "openssl-sys",
+ "pkg-config",
+]

 [[package]]
 name = "libloading"
@@ -2747,6 +2821,32 @@ dependencies = [
 "vcpkg",
 ]

+[[package]]
+name = "libssh2-sys"
+version = "0.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2dc8a030b787e2119a731f1951d6a773e2280c660f8ec4b0f5e1505a386e71ee"
+dependencies = [
+ "cc",
+ "libc",
+ "libz-sys",
+ "openssl-sys",
+ "pkg-config",
+ "vcpkg",
+]
+
+[[package]]
+name = "libz-sys"
+version = "1.1.21"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "df9b68e50e6e0b26f672573834882eb57759f6db9b3be2ea3c35c91188bb4eaa"
+dependencies = [
+ "cc",
+ "libc",
+ "pkg-config",
+ "vcpkg",
+]
+
 [[package]]
 name = "linux-raw-sys"
 version = "0.4.14"
@@ -3454,9 +3554,9 @@ dependencies = [

 [[package]]
 name = "openssl-sys"
-version = "0.9.103"
+version = "0.9.105"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7f9e8deee91df40a943c71b917e5874b951d32a802526c85721ce3b776c929d6"
+checksum = "8b22d5b84be05a8d6947c7cb71f7c849aa0f112acd4bf51c2a7c1c988ac0a9dc"
 dependencies = [
 "cc",
 "libc",
@@ -3864,7 +3964,7 @@ version = "0.2.20"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "77957b295656769bb8ad2b6a6b09d897d94f05c41b069aede1fcdaa675eaea04"
 dependencies = [
- "zerocopy",
+ "zerocopy 0.7.35",
 ]

 [[package]]
@@ -4162,6 +4262,17 @@ dependencies = [
 "rand_core 0.6.4",
 ]

+[[package]]
+name = "rand"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3779b94aeb87e8bd4e834cee3650289ee9e0d5677f976ecdb6d219e5f4f6cd94"
+dependencies = [
+ "rand_chacha 0.9.0",
+ "rand_core 0.9.0",
+ "zerocopy 0.8.14",
+]
+
 [[package]]
 name = "rand_chacha"
 version = "0.2.2"
@@ -4182,6 +4293,16 @@ dependencies = [
 "rand_core 0.6.4",
 ]

+[[package]]
+name = "rand_chacha"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d3022b5f1df60f26e1ffddd6c66e8aa15de382ae63b3a0c1bfc0e4d3e3f325cb"
+dependencies = [
+ "ppv-lite86",
+ "rand_core 0.9.0",
+]
+
 [[package]]
 name = "rand_core"
 version = "0.5.1"
@@ -4200,6 +4321,16 @@ dependencies = [
 "getrandom 0.2.15",
 ]

+[[package]]
+name = "rand_core"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b08f3c9802962f7e1b25113931d94f43ed9725bebc59db9d0c3e9a23b67e15ff"
+dependencies = [
+ "getrandom 0.3.1",
+ "zerocopy 0.8.14",
+]
+
 [[package]]
 name = "rand_hc"
 version = "0.2.0"
@@ -4259,6 +4390,17 @@ dependencies = [
 "thiserror 1.0.63",
 ]

+[[package]]
+name = "redox_users"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "dd6f9d3d47bdd2ad6945c5015a226ec6155d0bcdfd8f7cd29f86b71f8de99d2b"
+dependencies = [
+ "getrandom 0.2.15",
+ "libredox",
+ "thiserror 2.0.11",
+]
+
 [[package]]
 name = "regex"
 version = "1.11.0"
@@ -4518,9 +4660,9 @@ dependencies = [

 [[package]]
 name = "rustls"
-version = "0.23.21"
+version = "0.23.22"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8f287924602bf649d949c63dc8ac8b235fa5387d394020705b80c4eb597ce5b8"
+checksum = "9fb9263ab4eb695e42321db096e3b8fbd715a59b154d5c88d82db2175b681ba7"
 dependencies = [
 "once_cell",
 "ring",
@@ -4783,9 +4925,9 @@ dependencies = [

 [[package]]
 name = "serde"
-version = "1.0.215"
+version = "1.0.217"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6513c1ad0b11a9376da888e3e0baa0077f1aed55c17f50e7b2397136129fb88f"
+checksum = "02fc4265df13d6fa1d00ecff087228cc0a2b5f3c0e87e258d8b94a156e984c70"
 dependencies = [
 "serde_derive",
 ]
@@ -4813,9 +4955,9 @@ dependencies = [

 [[package]]
 name = "serde_derive"
-version = "1.0.215"
+version = "1.0.217"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ad1e866f866923f252f05c889987993144fb74e722403468a4ebd70c3cd756c0"
+checksum = "5a9bf7cf98d04a2b28aead066b7496853d4779c9cc183c440dbac457641e19a0"
 dependencies = [
 "proc-macro2",
 "quote",
@@ -5212,8 +5354,6 @@ dependencies = [
 "serde_json",
 "sha2",
 "sqlx-core",
- "sqlx-mysql",
- "sqlx-postgres",
 "sqlx-sqlite",
 "syn 2.0.87",
 "tempfile",
@@ -5252,7 +5392,6 @@ dependencies = [
 "percent-encoding",
 "rand 0.8.5",
 "rsa",
- "serde",
 "sha1",
 "sha2",
 "smallvec",
@@ -5556,13 +5695,13 @@ checksum = "61c41af27dd6d1e27b1b16b489db798443478cef1f06a660c96db617ba5de3b1"

 [[package]]
 name = "tauri"
-version = "2.2.0"
+version = "2.2.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2e2e3349fbb2be7af9fad1b43d61ac83ba55ab48d47fbe1b2732f0c8211610a9"
+checksum = "58a998b6be84104ca05c7e9a21f2180ddec020c8b84ea59a8fc8530a2a19588d"
 dependencies = [
 "anyhow",
 "bytes",
- "dirs",
+ "dirs 6.0.0",
 "dunce",
 "embed_plist",
 "futures-util",
@@ -5594,7 +5733,7 @@ dependencies = [
 "tauri-runtime",
 "tauri-runtime-wry",
 "tauri-utils",
- "thiserror 2.0.7",
+ "thiserror 2.0.11",
 "tokio",
 "tray-icon",
 "url",
@@ -5613,7 +5752,7 @@ checksum = "8e950124f6779c6cf98e3260c7a6c8488a74aa6350dd54c6950fdaa349bca2df"
 dependencies = [
 "anyhow",
 "cargo_toml",
- "dirs",
+ "dirs 5.0.1",
 "glob",
 "heck 0.5.0",
 "json-patch",
@@ -5647,7 +5786,7 @@ dependencies = [
 "sha2",
 "syn 2.0.87",
 "tauri-utils",
- "thiserror 2.0.7",
+ "thiserror 2.0.11",
 "time",
 "url",
 "uuid",
@@ -5670,9 +5809,9 @@ dependencies = [

 [[package]]
 name = "tauri-plugin"
-version = "2.0.3"
+version = "2.0.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e753f2a30933a9bbf0a202fa47d7cc4a3401f06e8d6dcc53b79aa62954828c79"
+checksum = "5841b9a0200e954ef7457f8d327091424328891e267a97b641dc246cc54d0dec"
 dependencies = [
 "anyhow",
 "glob",
@@ -5687,9 +5826,9 @@ dependencies = [

 [[package]]
 name = "tauri-plugin-clipboard-manager"
-version = "2.2.0"
+version = "2.2.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5be2c6f5d82396c1a86d5b16052cc97976a82e92244bf074dd6e2f6272d8619d"
+checksum = "54de1e3a2ea008687954d5d72952800e87b09f6fbea6d0960d99e58050537642"
 dependencies = [
 "arboard",
 "log",
@@ -5697,7 +5836,7 @@ dependencies = [
 "serde_json",
 "tauri",
 "tauri-plugin",
- "thiserror 2.0.7",
+ "thiserror 2.0.11",
 ]

 [[package]]
@@ -5714,7 +5853,7 @@ dependencies = [
 "tauri",
 "tauri-plugin",
 "tauri-plugin-fs",
- "thiserror 2.0.7",
+ "thiserror 2.0.11",
 "url",
 ]

@@ -5735,7 +5874,7 @@ dependencies = [
 "tauri",
 "tauri-plugin",
 "tauri-utils",
- "thiserror 2.0.7",
+ "thiserror 2.0.11",
 "toml 0.8.19",
 "url",
 "uuid",
@@ -5743,31 +5882,31 @@ dependencies = [

 [[package]]
 name = "tauri-plugin-log"
-version = "2.2.0"
+version = "2.2.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "eddd784c138c08a43954bc3e735402e6b2b2ee8d8c254a7391f4e77c01273dd5"
+checksum = "367a28a5e0ca39eac98005699466e8906edc4a2a8f8e13a5f1a71dc0bea6c677"
 dependencies = [
 "android_logger",
 "byte-unit",
- "cocoa 0.26.0",
 "fern",
 "log",
- "objc",
+ "objc2",
+ "objc2-foundation",
 "serde",
 "serde_json",
 "serde_repr",
 "swift-rs",
 "tauri",
 "tauri-plugin",
- "thiserror 2.0.7",
+ "thiserror 2.0.11",
 "time",
 ]

 [[package]]
 name = "tauri-plugin-opener"
-version = "2.2.4"
+version = "2.2.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1270bd2f3aabffc2becc05b6aafab3d24fe5679db91bec369fb44865afd7de13"
+checksum = "635ed7c580dc3cdc61c94097d38ef517d749ffc0141c806d904e68e4b0cf1c2a"
 dependencies = [
 "dunce",
 "glob",
@@ -5779,7 +5918,7 @@ dependencies = [
 "serde_json",
 "tauri",
 "tauri-plugin",
- "thiserror 2.0.7",
+ "thiserror 2.0.11",
 "url",
 "windows",
 "zbus 5.3.0",
@@ -5800,7 +5939,7 @@ dependencies = [
 "sys-locale",
 "tauri",
 "tauri-plugin",
- "thiserror 2.0.7",
+ "thiserror 2.0.11",
 ]

 [[package]]
@@ -5820,7 +5959,7 @@ dependencies = [
 "shared_child",
 "tauri",
 "tauri-plugin",
- "thiserror 2.0.7",
+ "thiserror 2.0.11",
 "tokio",
 ]

@@ -5833,7 +5972,7 @@ dependencies = [
 "serde",
 "serde_json",
 "tauri",
- "thiserror 2.0.7",
+ "thiserror 2.0.11",
 "tracing",
 "windows-sys 0.59.0",
 "zbus 5.3.0",
@@ -5841,12 +5980,12 @@ dependencies = [

 [[package]]
 name = "tauri-plugin-updater"
-version = "2.3.1"
+version = "2.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ce2d39224390c41ba544f02b4f1721f42256320b3fb8c371e9425cbddeb4a68c"
+checksum = "ad3de2b9203bb00b9765e637a9878aaace34df40ae484878b8cea7a5bd5f9188"
 dependencies = [
 "base64 0.22.1",
- "dirs",
+ "dirs 5.0.1",
 "flate2",
 "futures-util",
 "http",
@@ -5861,7 +6000,7 @@ dependencies = [
 "tauri",
 "tauri-plugin",
 "tempfile",
- "thiserror 2.0.7",
+ "thiserror 2.0.11",
 "time",
 "tokio",
 "url",
@@ -5871,9 +6010,9 @@ dependencies = [

 [[package]]
 name = "tauri-plugin-window-state"
-version = "2.2.0"
+version = "2.2.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "234dd891cc7960fa28f93ea911f3e0d9ce8375ebf9ff303831bdd7a3443d5714"
+checksum = "35e344b512b0d99d9d06225f235d87d6c66d89496a3bf323d9b578d940596e6c"
 dependencies = [
 "bitflags 2.6.0",
 "log",
@@ -5881,7 +6020,7 @@ dependencies = [
 "serde_json",
 "tauri",
 "tauri-plugin",
- "thiserror 2.0.7",
+ "thiserror 2.0.11",
 ]

 [[package]]
@@ -5898,7 +6037,7 @@ dependencies = [
 "serde",
 "serde_json",
 "tauri-utils",
- "thiserror 2.0.7",
+ "thiserror 2.0.11",
 "url",
 "windows",
 ]
@@ -5958,7 +6097,7 @@ dependencies = [
 "serde_json",
 "serde_with",
 "swift-rs",
- "thiserror 2.0.7",
+ "thiserror 2.0.11",
 "toml 0.8.19",
 "url",
 "urlpattern",
@@ -6026,11 +6165,11 @@ dependencies = [

 [[package]]
 name = "thiserror"
-version = "2.0.7"
+version = "2.0.11"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "93605438cbd668185516ab499d589afb7ee1859ea3d5fc8f6b0755e1c7443767"
+checksum = "d452f284b73e6d76dd36758a0c8684b1d5be31f92b89d07fd5822175732206fc"
 dependencies = [
- "thiserror-impl 2.0.7",
+ "thiserror-impl 2.0.11",
 ]

 [[package]]
@@ -6046,9 +6185,9 @@ dependencies = [

 [[package]]
 name = "thiserror-impl"
-version = "2.0.7"
+version = "2.0.11"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e1d8749b4531af2117677a5fcd12b1348a3fe2b81e36e61ffeac5c4aa3273e36"
+checksum = "26afc1baea8a989337eeb52b6e72a039780ce45c3edfcc9c5b9d112feeb173c2"
 dependencies = [
 "proc-macro2",
 "quote",
@@ -6116,9 +6255,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20"

 [[package]]
 name = "tokio"
-version = "1.42.0"
+version = "1.43.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5cec9b21b0450273377fc97bd4c33a8acffc8c996c987a7c5b319a0083707551"
+checksum = "3d61fa4ffa3de412bfea335c6ecff681de2b609ba3c77ef3e00e521813a9ed9e"
 dependencies = [
 "backtrace",
 "bytes",
@@ -6134,9 +6273,9 @@ dependencies = [

 [[package]]
 name = "tokio-macros"
-version = "2.4.0"
+version = "2.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "693d596312e88961bc67d7f1f97af8a70227d9f90c31bba5806eec004978d752"
+checksum = "6e06d43f1345a3bcd39f6a56dbb7dcab2ba47e68e8ac134855e7e2bdbaf8cab8"
 dependencies = [
 "proc-macro2",
 "quote",
@@ -6166,9 +6305,9 @@ dependencies = [

 [[package]]
 name = "tokio-stream"
-version = "0.1.16"
+version = "0.1.17"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4f4e6ce100d0eb49a2734f8c0812bcd324cf357d21810932c5df6b96ef2b86f1"
+checksum = "eca58d7bba4a75707817a2c44174253f9236b2d5fbd055602e9d5c07c139a047"
 dependencies = [
 "futures-core",
 "pin-project-lite",
@@ -6183,7 +6322,11 @@ checksum = "be4bf6fecd69fcdede0ec680aaf474cdab988f9de6bc73d3758f0160e3b7025a"
 dependencies = [
 "futures-util",
 "log",
+ "rustls",
+ "rustls-native-certs",
+ "rustls-pki-types",
 "tokio",
+ "tokio-rustls",
 "tungstenite",
 ]

@@ -6400,7 +6543,7 @@ checksum = "533fc2d4105e0e3d96ce1c71f2d308c9fbbe2ef9c587cab63dd627ab5bde218f"
 dependencies = [
 "core-graphics 0.24.0",
 "crossbeam-channel",
- "dirs",
+ "dirs 5.0.1",
 "libappindicator",
 "muda",
 "objc2",
@@ -6457,8 +6600,10 @@ dependencies = [
 "httparse",
 "log",
 "rand 0.8.5",
+ "rustls",
+ "rustls-pki-types",
 "sha1",
- "thiserror 2.0.7",
+ "thiserror 2.0.11",
 "utf-8",
 ]

@@ -6636,9 +6781,9 @@ checksum = "86bd8d4e895da8537e5315b8254664e6b769c4ff3db18321b297a1e7004392e3"

 [[package]]
 name = "uuid"
-version = "1.10.0"
+version = "1.12.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "81dfa00651efa65069b0b6b651f4aaa31ba9e3c3ce0137aaad053604ee7e0314"
+checksum = "b3758f5e68192bb96cc8f9b7e2c2cfdabb435499a28499a42f8f984092adad4b"
 dependencies = [
 "getrandom 0.2.15",
 "rand 0.8.5",
@@ -6726,6 +6871,15 @@ version = "0.11.0+wasi-snapshot-preview1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423"

+[[package]]
+name = "wasi"
+version = "0.13.3+wasi-0.2.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "26816d2e1a4a36a2940b96c5296ce403917633dff8f3440e9b236ed6f6bacad2"
+dependencies = [
+ "wit-bindgen-rt",
+]
+
 [[package]]
 name = "wasite"
 version = "0.1.0"
@@ -7374,6 +7528,15 @@ dependencies = [
 "windows-sys 0.48.0",
 ]

+[[package]]
+name = "wit-bindgen-rt"
+version = "0.33.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3268f3d866458b787f390cf61f4bbb563b922d091359f9608842999eaee3943c"
+dependencies = [
+ "bitflags 2.6.0",
+]
+
 [[package]]
 name = "wry"
 version = "0.48.0"
@@ -7406,7 +7569,7 @@ dependencies = [
 "sha2",
 "soup3",
 "tao-macros",
- "thiserror 2.0.7",
+ "thiserror 2.0.11",
 "url",
 "webkit2gtk",
 "webkit2gtk-sys",
@@ -7497,10 +7660,11 @@ dependencies = [
 "hex_color",
 "http",
 "log",
+ "md5",
 "mime_guess",
 "objc",
 "openssl-sys",
- "rand 0.8.5",
+ "rand 0.9.0",
 "regex",
 "reqwest",
 "reqwest_cookie_store",
@@ -7523,15 +7687,35 @@ dependencies = [
 "tokio",
 "tokio-stream",
 "ts-rs",
- "urlencoding",
 "uuid",
+ "yaak-git",
 "yaak-grpc",
+ "yaak-http",
 "yaak-license",
 "yaak-models",
 "yaak-plugins",
 "yaak-sse",
 "yaak-sync",
 "yaak-templates",
+ "yaak-ws",
+]
+
+[[package]]
+name = "yaak-git"
+version = "0.1.0"
+dependencies = [
+ "chrono",
+ "git2",
+ "log",
+ "serde",
+ "serde_json",
+ "serde_yaml",
+ "tauri",
+ "tauri-plugin",
+ "thiserror 2.0.11",
+ "ts-rs",
+ "yaak-models",
+ "yaak-sync",
 ]

 [[package]]
@@ -7549,6 +7733,8 @@ dependencies = [
 "prost",
 "prost-reflect",
 "prost-types",
+ "rustls",
+ "rustls-platform-verifier",
 "serde",
 "serde_json",
 "tauri",
@@ -7560,6 +7746,15 @@ dependencies = [
 "uuid",
 ]

+[[package]]
+name = "yaak-http"
+version = "0.1.0"
+dependencies = [
+ "regex",
+ "urlencoding",
+ "yaak-models",
+]
+
 [[package]]
 name = "yaak-license"
 version = "0.1.0"
@@ -7571,7 +7766,7 @@ dependencies = [
 "serde_json",
 "tauri",
 "tauri-plugin",
- "thiserror 2.0.7",
+ "thiserror 2.0.11",
 "ts-rs",
 "yaak-models",
 ]
@@ -7592,7 +7787,7 @@ dependencies = [
 "serde_json",
 "sqlx",
 "tauri",
- "thiserror 1.0.63",
+ "thiserror 2.0.11",
 "ts-rs",
 ]

@@ -7603,18 +7798,20 @@ dependencies = [
 "dunce",
 "futures-util",
 "log",
+ "md5",
 "path-slash",
- "rand 0.8.5",
+ "rand 0.9.0",
 "regex",
 "serde",
 "serde_json",
 "tauri",
 "tauri-plugin-shell",
- "thiserror 2.0.7",
+ "thiserror 2.0.11",
 "tokio",
 "tokio-tungstenite",
 "ts-rs",
 "yaak-models",
+ "yaak-templates",
 ]

 [[package]]
@@ -7639,7 +7836,7 @@ dependencies = [
 "sha1",
 "tauri",
 "tauri-plugin",
- "thiserror 2.0.7",
+ "thiserror 2.0.11",
 "tokio",
 "ts-rs",
 "yaak-models",
@@ -7651,10 +7848,34 @@ version = "0.1.0"
 dependencies = [
 "log",
 "serde",
+ "serde_json",
 "tokio",
 "ts-rs",
 ]

+[[package]]
+name = "yaak-ws"
+version = "0.1.0"
+dependencies = [
+ "chrono",
+ "futures-util",
+ "log",
+ "md5",
+ "rustls",
+ "rustls-platform-verifier",
+ "serde",
+ "serde_json",
+ "tauri",
+ "tauri-plugin",
+ "thiserror 2.0.11",
+ "tokio",
+ "tokio-tungstenite",
+ "yaak-http",
+ "yaak-models",
+ "yaak-plugins",
+ "yaak-templates",
+]
+
 [[package]]
 name = "zbus"
 version = "4.0.1"
@@ -7784,7 +8005,16 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1b9b4fd18abc82b8136838da5d50bae7bdea537c574d8dc1a34ed098d6c166f0"
 dependencies = [
 "byteorder",
- "zerocopy-derive",
+ "zerocopy-derive 0.7.35",
+]
+
+[[package]]
+name = "zerocopy"
+version = "0.8.14"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a367f292d93d4eab890745e75a778da40909cab4d6ff8173693812f79c4a2468"
+dependencies = [
+ "zerocopy-derive 0.8.14",
 ]

 [[package]]
@@ -7798,6 +8028,17 @@ dependencies = [
 "syn 2.0.87",
 ]

+[[package]]
+name = "zerocopy-derive"
+version = "0.8.14"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d3931cb58c62c13adec22e38686b559c86a30565e16ad6e8510a337cedc611e1"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.87",
+]
+
 [[package]]
 name = "zeroize"
 version = "1.8.1"
--- a/src-tauri/Cargo.toml
+++ b/src-tauri/Cargo.toml
@@ -1,12 +1,15 @@
 [workspace]
 members = [
+    "yaak-git",
    "yaak-grpc",
+    "yaak-http",
    "yaak-license",
    "yaak-models",
    "yaak-plugins",
    "yaak-sse",
    "yaak-sync",
    "yaak-templates",
+    "yaak-ws",
 ]

 [package]
@@ -35,57 +38,64 @@ objc = "0.2.7"
 cocoa = "0.26.0"

 [target.'cfg(target_os = "linux")'.dependencies]
-openssl-sys = { version = "0.9", features = ["vendored"] } # For Ubuntu installation to work
+openssl-sys = { version = "0.9.105", features = ["vendored"] } # For Ubuntu installation to work

 [dependencies]
 chrono = { version = "0.4.31", features = ["serde"] }
 datetime = "0.5.2"
+encoding_rs = "0.8.35"
 eventsource-client = { git = "https://github.com/yaakapp/rust-eventsource-client", version = "0.14.0" }
 hex_color = "3.0.0"
 http = { version = "1.2.0", default-features = false }
 log = "0.4.21"
-rand = "0.8.5"
+md5 = "0.7.0"
+mime_guess = "2.0.5"
+rand = "0.9.0"
 regex = "1.10.2"
 reqwest = { workspace = true, features = ["multipart", "cookies", "gzip", "brotli", "deflate", "json", "rustls-tls-manual-roots-no-provider"] }
 reqwest_cookie_store = "0.8.0"
-rustls = { version = "0.23.21", default-features = false }
+rustls = { version = "0.23.22", default-features = false, features = ["custom-provider", "ring"] }
 rustls-platform-verifier = "0.5.0"
 serde = { workspace = true, features = ["derive"] }
 serde_json = { workspace = true, features = ["raw_value"] }
 tauri = { workspace = true, features = ["devtools", "protocol-asset"] }
-tauri-plugin-clipboard-manager = "2.2.0"
+tauri-plugin-clipboard-manager = "2.2.1"
 tauri-plugin-dialog = "2.2.0"
 tauri-plugin-fs = "2.2.0"
-tauri-plugin-log = { version = "2.2.0", features = ["colored"] }
-tauri-plugin-opener = "2.2.4"
+tauri-plugin-log = { version = "2.2.1", features = ["colored"] }
+tauri-plugin-opener = "2.2.5"
 tauri-plugin-os = "2.2.0"
 tauri-plugin-shell = { workspace = true }
 tauri-plugin-single-instance = "2.2.1"
-tauri-plugin-updater = "2.3.1"
-tauri-plugin-window-state = "2.2.0"
-tokio = { version = "1.36.0", features = ["sync"] }
-tokio-stream = "0.1.15"
+tauri-plugin-updater = "2.4.0"
+tauri-plugin-window-state = "2.2.1"
+tokio = { version = "1.43.0", features = ["sync"] }
+tokio-stream = "0.1.17"
 ts-rs = { workspace = true }
-mime_guess = "2.0.5"
-urlencoding = "2.1.3"
-uuid = "1.7.0"
+uuid = "1.12.1"
+yaak-git = { path = "yaak-git" }
 yaak-grpc = { path = "yaak-grpc" }
+yaak-http = { workspace = true }
 yaak-license = { path = "yaak-license" }
 yaak-models = { workspace = true }
 yaak-plugins = { workspace = true }
 yaak-sse = { workspace = true }
-yaak-sync = { path = "yaak-sync" }
-yaak-templates = { path = "yaak-templates" }
-encoding_rs = "0.8.35"
+yaak-sync = { workspace = true }
+yaak-templates = { workspace = true }
+yaak-ws = { path = "yaak-ws" }

 [workspace.dependencies]
-yaak-models = { path = "yaak-models" }
-yaak-sse = { path = "yaak-sse" }
-yaak-plugins = { path = "yaak-plugins" }
+reqwest = "0.12.12"
 serde = "1.0.215"
 serde_json = "1.0.132"
+tauri = "2.2.5"
+tauri-plugin = "2.0.4"
 tauri-plugin-shell = "2.2.0"
-tauri = "2.2.0"
 thiserror = "2.0.3"
 ts-rs = "10.0.0"
-reqwest = "0.12.12"
+yaak-http = { path = "yaak-http" }
+yaak-models = { path = "yaak-models" }
+yaak-plugins = { path = "yaak-plugins" }
+yaak-sync = { path = "yaak-sync" }
+yaak-sse = { path = "yaak-sse" }
+yaak-templates = { path = "yaak-templates" }
--- a/src-tauri/bindings/analytics.ts
+++ b/src-tauri/bindings/analytics.ts
@@ -2,4 +2,4 @@

 export type AnalyticsAction = "cancel" | "click" | "commit" | "create" | "delete" | "delete_many" | "duplicate" | "error" | "export" | "hide" | "import" | "launch" | "launch_first" | "launch_update" | "send" | "show" | "toggle" | "update" | "upsert";

-export type AnalyticsResource = "app" | "appearance" | "button" | "checkbox" | "cookie_jar" | "dialog" | "environment" | "folder" | "grpc_connection" | "grpc_event" | "grpc_request" | "http_request" | "http_response" | "key_value" | "link" | "mutation" | "plugin" | "select" | "setting" | "sidebar" | "tab" | "theme" | "workspace";
+export type AnalyticsResource = "app" | "appearance" | "button" | "checkbox" | "cookie_jar" | "dialog" | "environment" | "folder" | "grpc_connection" | "grpc_event" | "grpc_request" | "http_request" | "http_response" | "key_value" | "link" | "mutation" | "plugin" | "select" | "setting" | "sidebar" | "tab" | "theme" | "websocket_connection" | "websocket_event" | "websocket_request" | "workspace";
--- a/src-tauri/capabilities/capabilities.json
+++ b/src-tauri/capabilities/capabilities.json
@@ -30,10 +30,8 @@
        }
      ]
    },
-    "opener:allow-open-url",
-    "opener:allow-open-path",
-    "opener:allow-default-urls",
-    "opener:allow-reveal-item-in-dir",
+    "clipboard-manager:allow-read-text",
+    "clipboard-manager:allow-write-text",
    "core:webview:allow-set-webview-zoom",
    "core:window:allow-close",
    "core:window:allow-internal-toggle-maximize",
@@ -47,9 +45,14 @@
    "core:window:allow-start-dragging",
    "core:window:allow-theme",
    "core:window:allow-unmaximize",
-    "clipboard-manager:allow-read-text",
-    "clipboard-manager:allow-write-text",
+    "opener:allow-default-urls",
+    "opener:allow-open-path",
+    "opener:allow-open-url",
+    "opener:allow-reveal-item-in-dir",
+    "shell:allow-open",
    "yaak-license:default",
-    "yaak-sync:default"
+    "yaak-git:default",
+    "yaak-sync:default",
+    "yaak-ws:default"
  ]
 }
--- a/src-tauri/gen/schemas/acl-manifests.json
+++ b/src-tauri/gen/schemas/acl-manifests.json
--- a/src-tauri/gen/schemas/capabilities.json
+++ b/src-tauri/gen/schemas/capabilities.json
@@ -1 +1 @@
-{"main":{"identifier":"main","description":"Main permissions","local":true,"windows":["*"],"permissions":["core:event:allow-emit","core:event:allow-listen","core:event:allow-unlisten","os:allow-os-type","clipboard-manager:allow-clear","clipboard-manager:allow-write-text","clipboard-manager:allow-read-text","dialog:allow-open","dialog:allow-save","fs:allow-read-dir","fs:allow-read-file","fs:allow-read-text-file",{"identifier":"fs:scope","allow":[{"path":"$APPDATA"},{"path":"$APPDATA/**"}]},"opener:allow-open-url","opener:allow-open-path","opener:allow-default-urls","opener:allow-reveal-item-in-dir","core:webview:allow-set-webview-zoom","core:window:allow-close","core:window:allow-internal-toggle-maximize","core:window:allow-is-fullscreen","core:window:allow-is-maximized","core:window:allow-maximize","core:window:allow-minimize","core:window:allow-set-decorations","core:window:allow-set-title","core:window:allow-show","core:window:allow-start-dragging","core:window:allow-theme","core:window:allow-unmaximize","clipboard-manager:allow-read-text","clipboard-manager:allow-write-text","yaak-license:default","yaak-sync:default"]}}
+{"main":{"identifier":"main","description":"Main permissions","local":true,"windows":["*"],"permissions":["core:event:allow-emit","core:event:allow-listen","core:event:allow-unlisten","os:allow-os-type","clipboard-manager:allow-clear","clipboard-manager:allow-write-text","clipboard-manager:allow-read-text","dialog:allow-open","dialog:allow-save","fs:allow-read-dir","fs:allow-read-file","fs:allow-read-text-file",{"identifier":"fs:scope","allow":[{"path":"$APPDATA"},{"path":"$APPDATA/**"}]},"clipboard-manager:allow-read-text","clipboard-manager:allow-write-text","core:webview:allow-set-webview-zoom","core:window:allow-close","core:window:allow-internal-toggle-maximize","core:window:allow-is-fullscreen","core:window:allow-is-maximized","core:window:allow-maximize","core:window:allow-minimize","core:window:allow-set-decorations","core:window:allow-set-title","core:window:allow-show","core:window:allow-start-dragging","core:window:allow-theme","core:window:allow-unmaximize","opener:allow-default-urls","opener:allow-open-path","opener:allow-open-url","opener:allow-reveal-item-in-dir","shell:allow-open","yaak-license:default","yaak-git:default","yaak-sync:default","yaak-ws:default"]}}
--- a/src-tauri/gen/schemas/desktop-schema.json
+++ b/src-tauri/gen/schemas/desktop-schema.json
@@ -5412,6 +5412,151 @@
          "type": "string",
          "const": "window-state:deny-save-window-state"
        },
+        {
+          "description": "Default permissions for the plugin",
+          "type": "string",
+          "const": "yaak-git:default"
+        },
+        {
+          "description": "Enables the add command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-add"
+        },
+        {
+          "description": "Enables the branch command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-branch"
+        },
+        {
+          "description": "Enables the checkout command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-checkout"
+        },
+        {
+          "description": "Enables the checkout_remote command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-checkout-remote"
+        },
+        {
+          "description": "Enables the commit command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-commit"
+        },
+        {
+          "description": "Enables the delete_branch command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-delete-branch"
+        },
+        {
+          "description": "Enables the fetch_all command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-fetch-all"
+        },
+        {
+          "description": "Enables the initialize command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-initialize"
+        },
+        {
+          "description": "Enables the log command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-log"
+        },
+        {
+          "description": "Enables the merge_branch command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-merge-branch"
+        },
+        {
+          "description": "Enables the pull command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-pull"
+        },
+        {
+          "description": "Enables the push command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-push"
+        },
+        {
+          "description": "Enables the status command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-status"
+        },
+        {
+          "description": "Enables the unstage command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-unstage"
+        },
+        {
+          "description": "Denies the add command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-add"
+        },
+        {
+          "description": "Denies the branch command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-branch"
+        },
+        {
+          "description": "Denies the checkout command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-checkout"
+        },
+        {
+          "description": "Denies the checkout_remote command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-checkout-remote"
+        },
+        {
+          "description": "Denies the commit command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-commit"
+        },
+        {
+          "description": "Denies the delete_branch command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-delete-branch"
+        },
+        {
+          "description": "Denies the fetch_all command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-fetch-all"
+        },
+        {
+          "description": "Denies the initialize command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-initialize"
+        },
+        {
+          "description": "Denies the log command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-log"
+        },
+        {
+          "description": "Denies the merge_branch command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-merge-branch"
+        },
+        {
+          "description": "Denies the pull command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-pull"
+        },
+        {
+          "description": "Denies the push command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-push"
+        },
+        {
+          "description": "Denies the status command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-status"
+        },
+        {
+          "description": "Denies the unstage command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-unstage"
+        },
        {
          "description": "Default permissions for the plugin",
          "type": "string",
@@ -5481,6 +5626,161 @@
          "description": "Denies the watch command without any pre-configured scope.",
          "type": "string",
          "const": "yaak-sync:deny-watch"
+        },
+        {
+          "description": "Default permissions for the plugin",
+          "type": "string",
+          "const": "yaak-ws:default"
+        },
+        {
+          "description": "Enables the cancel command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-cancel"
+        },
+        {
+          "description": "Enables the close command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-close"
+        },
+        {
+          "description": "Enables the connect command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-connect"
+        },
+        {
+          "description": "Enables the delete_connection command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-delete-connection"
+        },
+        {
+          "description": "Enables the delete_connections command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-delete-connections"
+        },
+        {
+          "description": "Enables the delete_request command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-delete-request"
+        },
+        {
+          "description": "Enables the duplicate_request command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-duplicate-request"
+        },
+        {
+          "description": "Enables the list_connections command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-list-connections"
+        },
+        {
+          "description": "Enables the list_events command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-list-events"
+        },
+        {
+          "description": "Enables the list_requests command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-list-requests"
+        },
+        {
+          "description": "Enables the list_websocket_connections command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-list-websocket-connections"
+        },
+        {
+          "description": "Enables the list_websocket_requests command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-list-websocket-requests"
+        },
+        {
+          "description": "Enables the send command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-send"
+        },
+        {
+          "description": "Enables the upsert_request command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-upsert-request"
+        },
+        {
+          "description": "Enables the upsert_websocket_request command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-upsert-websocket-request"
+        },
+        {
+          "description": "Denies the cancel command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-cancel"
+        },
+        {
+          "description": "Denies the close command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-close"
+        },
+        {
+          "description": "Denies the connect command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-connect"
+        },
+        {
+          "description": "Denies the delete_connection command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-delete-connection"
+        },
+        {
+          "description": "Denies the delete_connections command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-delete-connections"
+        },
+        {
+          "description": "Denies the delete_request command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-delete-request"
+        },
+        {
+          "description": "Denies the duplicate_request command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-duplicate-request"
+        },
+        {
+          "description": "Denies the list_connections command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-list-connections"
+        },
+        {
+          "description": "Denies the list_events command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-list-events"
+        },
+        {
+          "description": "Denies the list_requests command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-list-requests"
+        },
+        {
+          "description": "Denies the list_websocket_connections command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-list-websocket-connections"
+        },
+        {
+          "description": "Denies the list_websocket_requests command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-list-websocket-requests"
+        },
+        {
+          "description": "Denies the send command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-send"
+        },
+        {
+          "description": "Denies the upsert_request command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-upsert-request"
+        },
+        {
+          "description": "Denies the upsert_websocket_request command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-upsert-websocket-request"
        }
      ]
    },
--- a/src-tauri/gen/schemas/macOS-schema.json
+++ b/src-tauri/gen/schemas/macOS-schema.json
@@ -5412,6 +5412,151 @@
          "type": "string",
          "const": "window-state:deny-save-window-state"
        },
+        {
+          "description": "Default permissions for the plugin",
+          "type": "string",
+          "const": "yaak-git:default"
+        },
+        {
+          "description": "Enables the add command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-add"
+        },
+        {
+          "description": "Enables the branch command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-branch"
+        },
+        {
+          "description": "Enables the checkout command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-checkout"
+        },
+        {
+          "description": "Enables the checkout_remote command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-checkout-remote"
+        },
+        {
+          "description": "Enables the commit command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-commit"
+        },
+        {
+          "description": "Enables the delete_branch command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-delete-branch"
+        },
+        {
+          "description": "Enables the fetch_all command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-fetch-all"
+        },
+        {
+          "description": "Enables the initialize command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-initialize"
+        },
+        {
+          "description": "Enables the log command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-log"
+        },
+        {
+          "description": "Enables the merge_branch command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-merge-branch"
+        },
+        {
+          "description": "Enables the pull command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-pull"
+        },
+        {
+          "description": "Enables the push command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-push"
+        },
+        {
+          "description": "Enables the status command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-status"
+        },
+        {
+          "description": "Enables the unstage command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:allow-unstage"
+        },
+        {
+          "description": "Denies the add command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-add"
+        },
+        {
+          "description": "Denies the branch command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-branch"
+        },
+        {
+          "description": "Denies the checkout command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-checkout"
+        },
+        {
+          "description": "Denies the checkout_remote command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-checkout-remote"
+        },
+        {
+          "description": "Denies the commit command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-commit"
+        },
+        {
+          "description": "Denies the delete_branch command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-delete-branch"
+        },
+        {
+          "description": "Denies the fetch_all command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-fetch-all"
+        },
+        {
+          "description": "Denies the initialize command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-initialize"
+        },
+        {
+          "description": "Denies the log command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-log"
+        },
+        {
+          "description": "Denies the merge_branch command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-merge-branch"
+        },
+        {
+          "description": "Denies the pull command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-pull"
+        },
+        {
+          "description": "Denies the push command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-push"
+        },
+        {
+          "description": "Denies the status command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-status"
+        },
+        {
+          "description": "Denies the unstage command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-git:deny-unstage"
+        },
        {
          "description": "Default permissions for the plugin",
          "type": "string",
@@ -5481,6 +5626,161 @@
          "description": "Denies the watch command without any pre-configured scope.",
          "type": "string",
          "const": "yaak-sync:deny-watch"
+        },
+        {
+          "description": "Default permissions for the plugin",
+          "type": "string",
+          "const": "yaak-ws:default"
+        },
+        {
+          "description": "Enables the cancel command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-cancel"
+        },
+        {
+          "description": "Enables the close command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-close"
+        },
+        {
+          "description": "Enables the connect command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-connect"
+        },
+        {
+          "description": "Enables the delete_connection command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-delete-connection"
+        },
+        {
+          "description": "Enables the delete_connections command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-delete-connections"
+        },
+        {
+          "description": "Enables the delete_request command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-delete-request"
+        },
+        {
+          "description": "Enables the duplicate_request command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-duplicate-request"
+        },
+        {
+          "description": "Enables the list_connections command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-list-connections"
+        },
+        {
+          "description": "Enables the list_events command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-list-events"
+        },
+        {
+          "description": "Enables the list_requests command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-list-requests"
+        },
+        {
+          "description": "Enables the list_websocket_connections command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-list-websocket-connections"
+        },
+        {
+          "description": "Enables the list_websocket_requests command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-list-websocket-requests"
+        },
+        {
+          "description": "Enables the send command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-send"
+        },
+        {
+          "description": "Enables the upsert_request command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-upsert-request"
+        },
+        {
+          "description": "Enables the upsert_websocket_request command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:allow-upsert-websocket-request"
+        },
+        {
+          "description": "Denies the cancel command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-cancel"
+        },
+        {
+          "description": "Denies the close command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-close"
+        },
+        {
+          "description": "Denies the connect command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-connect"
+        },
+        {
+          "description": "Denies the delete_connection command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-delete-connection"
+        },
+        {
+          "description": "Denies the delete_connections command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-delete-connections"
+        },
+        {
+          "description": "Denies the delete_request command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-delete-request"
+        },
+        {
+          "description": "Denies the duplicate_request command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-duplicate-request"
+        },
+        {
+          "description": "Denies the list_connections command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-list-connections"
+        },
+        {
+          "description": "Denies the list_events command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-list-events"
+        },
+        {
+          "description": "Denies the list_requests command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-list-requests"
+        },
+        {
+          "description": "Denies the list_websocket_connections command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-list-websocket-connections"
+        },
+        {
+          "description": "Denies the list_websocket_requests command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-list-websocket-requests"
+        },
+        {
+          "description": "Denies the send command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-send"
+        },
+        {
+          "description": "Denies the upsert_request command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-upsert-request"
+        },
+        {
+          "description": "Denies the upsert_websocket_request command without any pre-configured scope.",
+          "type": "string",
+          "const": "yaak-ws:deny-upsert-websocket-request"
        }
      ]
    },
--- a/src-tauri/migrations/20250114160022_remove-workspace-sync-setting.sql
+++ b/src-tauri/migrations/20250114160022_remove-workspace-sync-setting.sql
@@ -0,0 +1,2 @@
+-- This setting was moved to the new workspace_metas table
+ALTER TABLE workspaces DROP COLUMN setting_sync_dir;
--- a/src-tauri/migrations/20250123192023_plugin-kv.sql
+++ b/src-tauri/migrations/20250123192023_plugin-kv.sql
@@ -0,0 +1,11 @@
+CREATE TABLE plugin_key_values
+(
+    model       TEXT     DEFAULT 'plugin_key_value' NOT NULL,
+    created_at  DATETIME DEFAULT CURRENT_TIMESTAMP  NOT NULL,
+    updated_at  DATETIME DEFAULT CURRENT_TIMESTAMP  NOT NULL,
+    deleted_at  DATETIME,
+    plugin_name TEXT                                NOT NULL,
+    key         TEXT                                NOT NULL,
+    value       TEXT                                NOT NULL,
+    PRIMARY KEY (plugin_name, key)
+);
--- a/src-tauri/migrations/20250128155623_websockets.sql
+++ b/src-tauri/migrations/20250128155623_websockets.sql
@@ -0,0 +1,66 @@
+CREATE TABLE websocket_requests
+(
+    id                  TEXT                                 NOT NULL
+        PRIMARY KEY,
+    model               TEXT     DEFAULT 'websocket_request' NOT NULL,
+    workspace_id        TEXT                                 NOT NULL
+        REFERENCES workspaces
+            ON DELETE CASCADE,
+    folder_id           TEXT
+        REFERENCES folders
+            ON DELETE CASCADE,
+    created_at          DATETIME DEFAULT CURRENT_TIMESTAMP   NOT NULL,
+    updated_at          DATETIME DEFAULT CURRENT_TIMESTAMP   NOT NULL,
+    deleted_at          DATETIME,
+    authentication      TEXT     DEFAULT '{}'                NOT NULL,
+    authentication_type TEXT,
+    description         TEXT                                 NOT NULL,
+    name                TEXT                                 NOT NULL,
+    url                 TEXT                                 NOT NULL,
+    headers             TEXT                                 NOT NULL,
+    message             TEXT                                 NOT NULL,
+    sort_priority       REAL                                 NOT NULL,
+    url_parameters      TEXT     DEFAULT '[]'                NOT NULL
+);
+
+CREATE TABLE websocket_connections
+(
+    id           TEXT                                    NOT NULL
+        PRIMARY KEY,
+    model        TEXT     DEFAULT 'websocket_connection' NOT NULL,
+    workspace_id TEXT                                    NOT NULL
+        REFERENCES workspaces
+            ON DELETE CASCADE,
+    request_id   TEXT                                    NOT NULL
+        REFERENCES websocket_requests
+            ON DELETE CASCADE,
+    created_at   DATETIME DEFAULT CURRENT_TIMESTAMP      NOT NULL,
+    updated_at   DATETIME DEFAULT CURRENT_TIMESTAMP      NOT NULL,
+    url          TEXT                                    NOT NULL,
+    state        TEXT                                    NOT NULL,
+    status       INTEGER  DEFAULT -1                     NOT NULL,
+    error        TEXT                                    NULL,
+    elapsed      INTEGER  DEFAULT 0                      NOT NULL,
+    headers      TEXT     DEFAULT '{}'                   NOT NULL
+);
+
+CREATE TABLE websocket_events
+(
+    id            TEXT                                                    NOT NULL
+        PRIMARY KEY,
+    model         TEXT     DEFAULT 'websocket_event'                      NOT NULL,
+    workspace_id  TEXT                                                    NOT NULL
+        REFERENCES workspaces
+            ON DELETE CASCADE,
+    request_id    TEXT                                                    NOT NULL
+        REFERENCES websocket_requests
+            ON DELETE CASCADE,
+    connection_id TEXT                                                    NOT NULL
+        REFERENCES websocket_connections
+            ON DELETE CASCADE,
+    created_at    DATETIME DEFAULT (STRFTIME('%Y-%m-%d %H:%M:%f', 'NOW')) NOT NULL,
+    updated_at    DATETIME DEFAULT (STRFTIME('%Y-%m-%d %H:%M:%f', 'NOW')) NOT NULL,
+    is_server     BOOLEAN                                                 NOT NULL,
+    message_type  TEXT                                                    NOT NULL,
+    message       BLOB                                                    NOT NULL
+);
--- a/src-tauri/src/analytics.rs
+++ b/src-tauri/src/analytics.rs
@@ -4,6 +4,7 @@ use log::{debug, info};
 use serde::{Deserialize, Serialize};
 use serde_json::{json, Value};
 use tauri::{Manager, Runtime, WebviewWindow};
+
 use ts_rs::TS;
 use yaak_models::queries::{
    generate_id, get_key_value_int, get_key_value_string, get_or_create_settings,
@@ -42,6 +43,9 @@ pub enum AnalyticsResource {
    Sidebar,
    Tab,
    Theme,
+    WebsocketConnection,
+    WebsocketEvent,
+    WebsocketRequest,
    Workspace,
 }

@@ -200,7 +204,7 @@ pub async fn track_event<R: Runtime>(
    }
 }

-fn get_os() -> &'static str {
+pub fn get_os() -> &'static str {
    if cfg!(target_os = "windows") {
        "windows"
    } else if cfg!(target_os = "macos") {
--- a/src-tauri/src/http_request.rs
+++ b/src-tauri/src/http_request.rs
@@ -1,6 +1,5 @@
 use crate::render::render_http_request;
 use crate::response_err;
-use crate::template_callback::PluginTemplateCallback;
 use http::header::{ACCEPT, USER_AGENT};
 use http::{HeaderMap, HeaderName, HeaderValue, Uri};
 use log::{debug, error, warn};
@@ -8,8 +7,9 @@ use mime_guess::Mime;
 use reqwest::redirect::Policy;
 use reqwest::{multipart, Proxy, Url};
 use reqwest::{Method, Response};
+use rustls::crypto::ring;
 use rustls::ClientConfig;
-use rustls_platform_verifier::ConfigVerifierExt;
+use rustls_platform_verifier::BuilderVerifierExt;
 use serde_json::Value;
 use std::collections::BTreeMap;
 use std::path::PathBuf;
@@ -34,6 +34,7 @@ use yaak_plugins::events::{
    CallHttpAuthenticationRequest, HttpHeader, RenderPurpose, WindowContext,
 };
 use yaak_plugins::manager::PluginManager;
+use yaak_plugins::template_callback::PluginTemplateCallback;

 pub async fn send_http_request<R: Runtime>(
    window: &WebviewWindow<R>,
@@ -70,7 +71,7 @@ pub async fn send_http_request<R: Runtime>(
    if !url_string.starts_with("http://") && !url_string.starts_with("https://") {
        url_string = format!("http://{}", url_string);
    }
-    debug!("Sending request to {url_string}");
+    debug!("Sending request to {} {url_string}", request.method);

    let mut client_builder = reqwest::Client::builder()
        .redirect(match workspace.setting_follow_redirects {
@@ -86,11 +87,15 @@ pub async fn send_http_request<R: Runtime>(

    if workspace.setting_validate_certificates {
        // Use platform-native verifier to validate certificates
-        client_builder =
-            client_builder.use_preconfigured_tls(ClientConfig::with_platform_verifier())
+        let arc_crypto_provider = Arc::new(ring::default_provider());
+        let config = ClientConfig::builder_with_provider(arc_crypto_provider)
+            .with_safe_default_protocol_versions()
+            .unwrap()
+            .with_platform_verifier()
+            .with_no_client_auth();
+        client_builder = client_builder.use_preconfigured_tls(config)
    } else {
-        // Use rustls to skip validation because rustls_platform_verifier does not have this
-        // ability
+        // Use rustls to skip validation because rustls_platform_verifier does not have this ability
        client_builder = client_builder
            .use_rustls_tls()
            .danger_accept_invalid_hostnames(true)
@@ -220,14 +225,14 @@ pub async fn send_http_request<R: Runtime>(
            continue;
        }

-        let header_name = match HeaderName::from_bytes(h.name.as_bytes()) {
+        let header_name = match HeaderName::from_str(&h.name) {
            Ok(n) => n,
            Err(e) => {
                error!("Failed to create header name: {}", e);
                continue;
            }
        };
-        let header_value = match HeaderValue::from_str(h.value.as_str()) {
+        let header_value = match HeaderValue::from_str(&h.value) {
            Ok(n) => n,
            Err(e) => {
                error!("Failed to create header value: {}", e);
@@ -262,7 +267,7 @@ pub async fn send_http_request<R: Runtime>(
                    None => {}
                    Some(a) => {
                        for p in a {
-                            let enabled = get_bool(p, "enabled");
+                            let enabled = get_bool(p, "enabled", true);
                            let name = get_str(p, "name");
                            if !enabled || name.is_empty() {
                                continue;
@@ -296,7 +301,7 @@ pub async fn send_http_request<R: Runtime>(
                    None => {}
                    Some(fd) => {
                        for p in fd {
-                            let enabled = get_bool(p, "enabled");
+                            let enabled = get_bool(p, "enabled", true);
                            let name = get_str(p, "name").to_string();

                            if !enabled || name.is_empty() {
@@ -326,14 +331,33 @@ pub async fn send_http_request<R: Runtime>(

                            // Set or guess mimetype
                            if !content_type.is_empty() {
-                                part = part.mime_str(content_type).map_err(|e| e.to_string())?;
+                                part = match part.mime_str(content_type) {
+                                    Ok(p) => p,
+                                    Err(e) => {
+                                        return Ok(response_err(
+                                            &*response.lock().await,
+                                            format!("Invalid mime for multi-part entry {e:?}"),
+                                            window,
+                                        )
+                                        .await);
+                                    }
+                                };
                            } else if !file_path.is_empty() {
                                let default_mime =
                                    Mime::from_str("application/octet-stream").unwrap();
                                let mime =
                                    mime_guess::from_path(file_path.clone()).first_or(default_mime);
-                                part =
-                                    part.mime_str(mime.essence_str()).map_err(|e| e.to_string())?;
+                                part = match part.mime_str(mime.essence_str()) {
+                                    Ok(p) => p,
+                                    Err(e) => {
+                                        return Ok(response_err(
+                                            &*response.lock().await,
+                                            format!("Invalid mime for multi-part entry {e:?}"),
+                                            window,
+                                        )
+                                        .await);
+                                    }
+                                };
                            }

                            // Set file path if not empty
@@ -376,13 +400,11 @@ pub async fn send_http_request<R: Runtime>(

    if let Some(auth_name) = request.authentication_type.to_owned() {
        let req = CallHttpAuthenticationRequest {
-            config: serde_json::to_value(&request.authentication)
-                .unwrap()
-                .as_object()
-                .unwrap()
-                .to_owned(),
-            method: sendable_req.method().to_string(),
+            context_id: format!("{:x}", md5::compute(request.id)),
+            values: serde_json::from_value(serde_json::to_value(&request.authentication).unwrap())
+                .unwrap(),
            url: sendable_req.url().to_string(),
+            method: sendable_req.method().to_string(),
            headers: sendable_req
                .headers()
                .iter()
@@ -604,10 +626,10 @@ fn ensure_proto(url_str: &str) -> String {
    format!("http://{url_str}")
 }

-fn get_bool(v: &Value, key: &str) -> bool {
+fn get_bool(v: &Value, key: &str, fallback: bool) -> bool {
    match v.get(key) {
-        None => false,
-        Some(v) => v.as_bool().unwrap_or_default(),
+        None => fallback,
+        Some(v) => v.as_bool().unwrap_or(fallback),
    }
 }

--- a/src-tauri/src/lib.rs
+++ b/src-tauri/src/lib.rs
@@ -6,73 +6,40 @@ use crate::encoding::read_response_body;
 use crate::grpc::metadata_to_map;
 use crate::http_request::send_http_request;
 use crate::notifications::YaakNotifier;
-use crate::render::{render_grpc_request, render_http_request, render_json_value, render_template};
-use crate::template_callback::PluginTemplateCallback;
+use crate::render::{render_grpc_request, render_template};
 use crate::updates::{UpdateMode, YaakUpdater};
-use crate::window_menu::app_menu;
-use chrono::Utc;
 use eventsource_client::{EventParser, SSE};
-use log::{debug, error, info, warn};
+use log::{debug, error, warn};
 use rand::random;
 use regex::Regex;
-use serde::Serialize;
 use serde_json::{json, Value};
-use std::collections::BTreeMap;
+use std::collections::{BTreeMap, HashMap};
 use std::fs::{create_dir_all, File};
 use std::path::PathBuf;
-use std::process::exit;
 use std::str::FromStr;
 use std::time::Duration;
 use std::{fs, panic};
-#[cfg(target_os = "macos")]
-use tauri::TitleBarStyle;
-use tauri::{AppHandle, Emitter, LogicalSize, RunEvent, State, WebviewUrl, WebviewWindow};
+use tauri::{AppHandle, Emitter, RunEvent, State, WebviewWindow};
 use tauri::{Listener, Runtime};
 use tauri::{Manager, WindowEvent};
-use tauri_plugin_clipboard_manager::ClipboardExt;
 use tauri_plugin_log::fern::colors::ColoredLevelConfig;
 use tauri_plugin_log::{Builder, Target, TargetKind};
-use tauri_plugin_opener::OpenerExt;
 use tauri_plugin_window_state::{AppHandleExt, StateFlags};
 use tokio::fs::read_to_string;
 use tokio::sync::Mutex;
 use tokio::task::block_in_place;
 use yaak_grpc::manager::{DynamicMessage, GrpcHandle};
 use yaak_grpc::{deserialize_message, serialize_message, Code, ServiceDefinition};
-use yaak_models::models::{
-    CookieJar, Environment, EnvironmentVariable, Folder, GrpcConnection, GrpcConnectionState,
-    GrpcEvent, GrpcEventType, GrpcRequest, HttpRequest, HttpResponse, HttpResponseState, KeyValue,
-    ModelType, Plugin, Settings, Workspace, WorkspaceMeta,
-};
-use yaak_models::queries::{
-    batch_upsert, cancel_pending_grpc_connections, cancel_pending_responses,
-    create_default_http_response, delete_all_grpc_connections,
-    delete_all_grpc_connections_for_workspace, delete_all_http_responses_for_request,
-    delete_all_http_responses_for_workspace, delete_cookie_jar, delete_environment, delete_folder,
-    delete_grpc_connection, delete_grpc_request, delete_http_request, delete_http_response,
-    delete_plugin, delete_workspace, duplicate_folder, duplicate_grpc_request,
-    duplicate_http_request, ensure_base_environment, generate_id, generate_model_id,
-    get_base_environment, get_cookie_jar, get_environment, get_folder, get_grpc_connection,
-    get_grpc_request, get_http_request, get_http_response, get_key_value_raw,
-    get_or_create_settings, get_or_create_workspace_meta, get_plugin, get_workspace,
-    get_workspace_export_resources, list_cookie_jars, list_environments, list_folders,
-    list_grpc_connections_for_workspace, list_grpc_events, list_grpc_requests, list_http_requests,
-    list_http_responses_for_request, list_http_responses_for_workspace, list_key_values_raw,
-    list_plugins, list_workspaces, set_key_value_raw, update_response_if_id, update_settings,
-    upsert_cookie_jar, upsert_environment, upsert_folder, upsert_grpc_connection,
-    upsert_grpc_event, upsert_grpc_request, upsert_http_request, upsert_plugin, upsert_workspace,
-    upsert_workspace_meta, BatchUpsertResult, UpdateSource,
-};
+use yaak_models::models::{CookieJar, Environment, EnvironmentVariable, Folder, GrpcConnection, GrpcConnectionState, GrpcEvent, GrpcEventType, GrpcRequest, HttpRequest, HttpResponse, HttpResponseState, KeyValue, ModelType, Plugin, Settings, WebsocketRequest, Workspace, WorkspaceMeta};
+use yaak_models::queries::{batch_upsert, cancel_pending_grpc_connections, cancel_pending_responses, create_default_http_response, delete_all_grpc_connections, delete_all_grpc_connections_for_workspace, delete_all_http_responses_for_request, delete_all_http_responses_for_workspace, delete_all_websocket_connections_for_workspace, delete_cookie_jar, delete_environment, delete_folder, delete_grpc_connection, delete_grpc_request, delete_http_request, delete_http_response, delete_plugin, delete_workspace, duplicate_folder, duplicate_grpc_request, duplicate_http_request, ensure_base_environment, generate_model_id, get_base_environment, get_cookie_jar, get_environment, get_folder, get_grpc_connection, get_grpc_request, get_http_request, get_http_response, get_key_value_raw, get_or_create_settings, get_or_create_workspace_meta, get_plugin, get_workspace, get_workspace_export_resources, list_cookie_jars, list_environments, list_folders, list_grpc_connections_for_workspace, list_grpc_events, list_grpc_requests, list_http_requests, list_http_responses_for_workspace, list_key_values_raw, list_plugins, list_workspaces, set_key_value_raw, update_response_if_id, update_settings, upsert_cookie_jar, upsert_environment, upsert_folder, upsert_grpc_connection, upsert_grpc_event, upsert_grpc_request, upsert_http_request, upsert_plugin, upsert_workspace, upsert_workspace_meta, BatchUpsertResult, UpdateSource};
 use yaak_plugins::events::{
-    BootResponse, CallHttpAuthenticationRequest, CallHttpRequestActionRequest, Color,
-    FilterResponse, FindHttpResponsesResponse, GetHttpAuthenticationResponse,
-    GetHttpRequestActionsResponse, GetHttpRequestByIdResponse, GetTemplateFunctionsResponse,
-    HttpHeader, Icon, InternalEvent, InternalEventPayload, PromptTextResponse,
-    RenderHttpRequestResponse, RenderPurpose, SendHttpRequestResponse, ShowToastRequest,
-    TemplateRenderResponse, WindowContext,
+    BootResponse, CallHttpAuthenticationRequest, CallHttpRequestActionRequest, FilterResponse,
+    GetHttpAuthenticationConfigResponse, GetHttpAuthenticationSummaryResponse,
+    GetHttpRequestActionsResponse, GetTemplateFunctionsResponse, HttpHeader, InternalEvent,
+    InternalEventPayload, JsonPrimitive, RenderPurpose, WindowContext,
 };
 use yaak_plugins::manager::PluginManager;
-use yaak_plugins::plugin_handle::PluginHandle;
+use yaak_plugins::template_callback::PluginTemplateCallback;
 use yaak_sse::sse::ServerSentEvent;
 use yaak_templates::format::format_json;
 use yaak_templates::{Parser, Tokens};
@@ -82,11 +49,12 @@ mod encoding;
 mod grpc;
 mod http_request;
 mod notifications;
+mod plugin_events;
 mod render;
 #[cfg(target_os = "macos")]
 mod tauri_plugin_mac_window;
-mod template_callback;
 mod updates;
+mod window;
 mod window_menu;

 const DEFAULT_WINDOW_WIDTH: f64 = 1100.0;
@@ -242,7 +210,8 @@ async fn cmd_grpc_go<R: Runtime>(
    if let Some(auth_name) = request.authentication_type.clone() {
        let auth = request.authentication.clone();
        let plugin_req = CallHttpAuthenticationRequest {
-            config: serde_json::to_value(&auth).unwrap().as_object().unwrap().to_owned(),
+            context_id: format!("{:x}", md5::compute(request_id.to_string())),
+            values: serde_json::from_value(serde_json::to_value(&auth).unwrap()).unwrap(),
            method: "POST".to_string(),
            url: request.url.clone(),
            headers: metadata
@@ -929,6 +898,18 @@ async fn cmd_import_data<R: Runtime>(
        })
        .collect();

+    let websocket_requests: Vec<WebsocketRequest> = resources
+        .websocket_requests
+        .into_iter()
+        .map(|mut v| {
+            v.id = maybe_gen_id(v.id.as_str(), ModelType::TypeWebsocketRequest, &mut id_map);
+            v.workspace_id =
+                maybe_gen_id(v.workspace_id.as_str(), ModelType::TypeWorkspace, &mut id_map);
+            v.folder_id = maybe_gen_id_opt(v.folder_id, ModelType::TypeFolder, &mut id_map);
+            v
+        })
+        .collect();
+
    let upserted = batch_upsert(
        &window,
        workspaces,
@@ -936,6 +917,7 @@ async fn cmd_import_data<R: Runtime>(
        folders,
        http_requests,
        grpc_requests,
+        websocket_requests,
        &UpdateSource::Import,
    )
    .await
@@ -969,15 +951,31 @@ async fn cmd_template_functions<R: Runtime>(
 }

 #[tauri::command]
-async fn cmd_get_http_authentication<R: Runtime>(
+async fn cmd_get_http_authentication_summaries<R: Runtime>(
    window: WebviewWindow<R>,
    plugin_manager: State<'_, PluginManager>,
-) -> Result<Vec<GetHttpAuthenticationResponse>, String> {
-    let results =
-        plugin_manager.get_http_authentication(&window).await.map_err(|e| e.to_string())?;
+) -> Result<Vec<GetHttpAuthenticationSummaryResponse>, String> {
+    let results = plugin_manager
+        .get_http_authentication_summaries(&window)
+        .await
+        .map_err(|e| e.to_string())?;
    Ok(results.into_iter().map(|(_, a)| a).collect())
 }

+#[tauri::command]
+async fn cmd_get_http_authentication_config<R: Runtime>(
+    window: WebviewWindow<R>,
+    plugin_manager: State<'_, PluginManager>,
+    auth_name: &str,
+    values: HashMap<String, JsonPrimitive>,
+    request_id: &str,
+) -> Result<GetHttpAuthenticationConfigResponse, String> {
+    plugin_manager
+        .get_http_authentication_config(&window, auth_name, values, request_id)
+        .await
+        .map_err(|e| e.to_string())
+}
+
 #[tauri::command]
 async fn cmd_call_http_request_action<R: Runtime>(
    window: WebviewWindow<R>,
@@ -987,6 +985,21 @@ async fn cmd_call_http_request_action<R: Runtime>(
    plugin_manager.call_http_request_action(&window, req).await.map_err(|e| e.to_string())
 }

+#[tauri::command]
+async fn cmd_call_http_authentication_action<R: Runtime>(
+    window: WebviewWindow<R>,
+    plugin_manager: State<'_, PluginManager>,
+    auth_name: &str,
+    action_index: i32,
+    values: HashMap<String, JsonPrimitive>,
+    request_id: &str,
+) -> Result<(), String> {
+    plugin_manager
+        .call_http_authentication_action(&window, auth_name, action_index, values, request_id)
+        .await
+        .map_err(|e| e.to_string())
+}
+
 #[tauri::command]
 async fn cmd_curl_to_request<R: Runtime>(
    window: WebviewWindow<R>,
@@ -1175,7 +1188,7 @@ async fn cmd_install_plugin<R: Runtime>(
    window: WebviewWindow<R>,
 ) -> Result<Plugin, String> {
    plugin_manager
-        .add_plugin_by_dir(WindowContext::from_window(&window), &directory, true)
+        .add_plugin_by_dir(&WindowContext::from_window(&window), &directory, true)
        .await
        .map_err(|e| e.to_string())?;

@@ -1205,7 +1218,7 @@ async fn cmd_uninstall_plugin<R: Runtime>(
        .map_err(|e| e.to_string())?;

    plugin_manager
-        .uninstall(WindowContext::from_window(&window), plugin.directory.as_str())
+        .uninstall(&WindowContext::from_window(&window), plugin.directory.as_str())
        .await
        .map_err(|e| e.to_string())?;

@@ -1458,7 +1471,7 @@ async fn cmd_reload_plugins<R: Runtime>(
    plugin_manager: State<'_, PluginManager>,
 ) -> Result<(), String> {
    plugin_manager
-        .initialize_all_plugins(window.app_handle(), WindowContext::from_window(&window))
+        .initialize_all_plugins(window.app_handle(), &WindowContext::from_window(&window))
        .await
        .map_err(|e| e.to_string())?;
    Ok(())
@@ -1589,6 +1602,9 @@ async fn cmd_delete_send_history(workspace_id: &str, window: WebviewWindow) -> R
    delete_all_grpc_connections_for_workspace(&window, workspace_id, &UpdateSource::Window)
        .await
        .map_err(|e| e.to_string())?;
+    delete_all_websocket_connections_for_workspace(&window, workspace_id, &UpdateSource::Window)
+        .await
+        .map_err(|e| e.to_string())?;
    Ok(())
 }

@@ -1656,15 +1672,17 @@ async fn cmd_new_child_window(
        current_pos.y + current_size.height / 2.0 - inner_size.1 / 2.0,
    );

-    let config = CreateWindowConfig {
+    let config = window::CreateWindowConfig {
        label: label.as_str(),
        title,
        url,
-        inner_size,
-        position,
+        inner_size: Some(inner_size),
+        position: Some(position),
+        navigation_tx: None,
+        hide_titlebar: true,
    };

-    let child_window = create_window(&app_handle, config);
+    let child_window = window::create_window(&app_handle, config);

    // NOTE: These listeners will remain active even when the windows close. Unfortunately,
    //   there's no way to unlisten to events for now, so we just have to be defensive.
@@ -1801,6 +1819,8 @@ pub fn run() {
        .plugin(yaak_license::init())
        .plugin(yaak_models::plugin::Builder::default().build())
        .plugin(yaak_plugins::init())
+        .plugin(yaak_git::init())
+        .plugin(yaak_ws::init())
        .plugin(yaak_sync::init());

    #[cfg(target_os = "macos")]
@@ -1830,6 +1850,7 @@ pub fn run() {
            Ok(())
        })
        .invoke_handler(tauri::generate_handler![
+            cmd_call_http_authentication_action,
            cmd_call_http_request_action,
            cmd_check_for_updates,
            cmd_create_cookie_jar,
@@ -1859,7 +1880,8 @@ pub fn run() {
            cmd_get_environment,
            cmd_get_folder,
            cmd_get_grpc_request,
-            cmd_get_http_authentication,
+            cmd_get_http_authentication_summaries,
+            cmd_get_http_authentication_config,
            cmd_get_http_request,
            cmd_get_key_value,
            cmd_get_settings,
@@ -1998,113 +2020,21 @@ fn create_main_window(handle: &AppHandle, url: &str) -> WebviewWindow {
    }
    .expect("Failed to generate label for new window");

-    let config = CreateWindowConfig {
+    let config = window::CreateWindowConfig {
        url,
        label: label.as_str(),
        title: "Yaak",
-        inner_size: (DEFAULT_WINDOW_WIDTH, DEFAULT_WINDOW_HEIGHT),
-        position: (
+        inner_size: Some((DEFAULT_WINDOW_WIDTH, DEFAULT_WINDOW_HEIGHT)),
+        position: Some((
            // Offset by random amount so it's easier to differentiate
            100.0 + random::<f64>() * 20.0,
            100.0 + random::<f64>() * 20.0,
-        ),
+        )),
+        navigation_tx: None,
+        hide_titlebar: true,
    };

-    create_window(handle, config)
-}
-
-struct CreateWindowConfig<'s> {
-    url: &'s str,
-    label: &'s str,
-    title: &'s str,
-    inner_size: (f64, f64),
-    position: (f64, f64),
-}
-
-fn create_window(handle: &AppHandle, config: CreateWindowConfig) -> WebviewWindow {
-    #[allow(unused_variables)]
-    let menu = app_menu(handle).unwrap();
-
-    // This causes the window to not be clickable (in AppImage), so disable on Linux
-    #[cfg(not(target_os = "linux"))]
-    handle.set_menu(menu).expect("Failed to set app menu");
-
-    info!("Create new window label={}", config.label);
-
-    let mut win_builder =
-        tauri::WebviewWindowBuilder::new(handle, config.label, WebviewUrl::App(config.url.into()))
-            .title(config.title)
-            .resizable(true)
-            .visible(false) // To prevent theme flashing, the frontend code calls show() immediately after configuring the theme
-            .fullscreen(false)
-            .disable_drag_drop_handler() // Required for frontend Dnd on windows
-            .inner_size(config.inner_size.0, config.inner_size.1)
-            .position(config.position.0, config.position.1)
-            .min_inner_size(MIN_WINDOW_WIDTH, MIN_WINDOW_HEIGHT);
-
-    // Add macOS-only things
-    #[cfg(target_os = "macos")]
-    {
-        win_builder = win_builder.hidden_title(true).title_bar_style(TitleBarStyle::Overlay);
-    }
-
-    // Add non-MacOS things
-    #[cfg(not(target_os = "macos"))]
-    {
-        // Doesn't seem to work from Rust, here, so we do it in main.tsx
-        win_builder = win_builder.decorations(false);
-    }
-
-    if let Some(w) = handle.webview_windows().get(config.label) {
-        info!("Webview with label {} already exists. Focusing existing", config.label);
-        w.set_focus().unwrap();
-        return w.to_owned();
-    }
-
-    let win = win_builder.build().unwrap();
-
-    let webview_window = win.clone();
-    win.on_menu_event(move |w, event| {
-        if !w.is_focused().unwrap() {
-            return;
-        }
-
-        let event_id = event.id().0.as_str();
-        match event_id {
-            "quit" => exit(0),
-            "close" => w.close().unwrap(),
-            "zoom_reset" => w.emit("zoom_reset", true).unwrap(),
-            "zoom_in" => w.emit("zoom_in", true).unwrap(),
-            "zoom_out" => w.emit("zoom_out", true).unwrap(),
-            "settings" => w.emit("settings", true).unwrap(),
-            "open_feedback" => {
-                if let Err(e) =
-                    w.app_handle().opener().open_url("https://yaak.app/feedback", None::<&str>)
-                {
-                    warn!("Failed to open feedback {e:?}")
-                }
-            }
-
-            // Commands for development
-            "dev.reset_size" => webview_window
-                .set_size(LogicalSize::new(DEFAULT_WINDOW_WIDTH, DEFAULT_WINDOW_HEIGHT))
-                .unwrap(),
-            "dev.refresh" => webview_window.eval("location.reload()").unwrap(),
-            "dev.generate_theme_css" => {
-                w.emit("generate_theme_css", true).unwrap();
-            }
-            "dev.toggle_devtools" => {
-                if webview_window.is_devtools_open() {
-                    webview_window.close_devtools();
-                } else {
-                    webview_window.open_devtools();
-                }
-            }
-            _ => {}
-        }
-    });
-
-    win
+    window::create_window(handle, config)
 }

 async fn get_update_mode(h: &AppHandle) -> UpdateMode {
@@ -2140,36 +2070,24 @@ fn monitor_plugin_events<R: Runtime>(app_handle: &AppHandle<R>) {
            // We might have recursive back-and-forth calls between app and plugin, so we don't
            // want to block here
            tauri::async_runtime::spawn(async move {
-                handle_plugin_event(&app_handle, &event, &plugin).await;
+                crate::plugin_events::handle_plugin_event(&app_handle, &event, &plugin).await;
            });
        }
        plugin_manager.unsubscribe(rx_id.as_str()).await;
    });
 }

-#[derive(Debug, Clone, Serialize)]
-#[serde(rename_all = "camelCase")]
-struct FrontendCall<T: Serialize + Clone> {
-    args: T,
-    reply_id: String,
-}
-
-async fn call_frontend<T: Serialize + Clone, R: Runtime>(
+async fn call_frontend<R: Runtime>(
    window: WebviewWindow<R>,
-    event_name: &str,
-    args: T,
-) -> PromptTextResponse {
-    let reply_id = format!("{event_name}_reply_{}", generate_id());
-    let payload = FrontendCall {
-        args,
-        reply_id: reply_id.clone(),
-    };
-    window.emit_to(window.label(), event_name, payload).unwrap();
-    let (tx, mut rx) = tokio::sync::watch::channel(PromptTextResponse::default());
+    event: &InternalEvent,
+) -> Option<InternalEventPayload> {
+    window.emit_to(window.label(), "plugin_event", event.clone()).unwrap();
+    let (tx, mut rx) = tokio::sync::watch::channel(None);

+    let reply_id = event.id.clone();
    let event_id = window.clone().listen(reply_id, move |ev| {
-        let resp: PromptTextResponse = serde_json::from_str(ev.payload()).unwrap();
-        if let Err(e) = tx.send(resp) {
+        let resp: InternalEvent = serde_json::from_str(ev.payload()).unwrap();
+        if let Err(e) = tx.send(Some(resp.payload)) {
            warn!("Failed to prompt for text {e:?}");
        }
    });
@@ -2181,180 +2099,7 @@ async fn call_frontend<T: Serialize + Clone, R: Runtime>(
    window.unlisten(event_id);

    let v = rx.borrow();
-    v.clone()
-}
-
-async fn handle_plugin_event<R: Runtime>(
-    app_handle: &AppHandle<R>,
-    event: &InternalEvent,
-    plugin_handle: &PluginHandle,
-) {
-    // info!("Got event to app {}", event.id);
-    let window_context = event.window_context.to_owned();
-    let response_event: Option<InternalEventPayload> = match event.clone().payload {
-        InternalEventPayload::CopyTextRequest(req) => {
-            app_handle
-                .clipboard()
-                .write_text(req.text.as_str())
-                .expect("Failed to write text to clipboard");
-            None
-        }
-        InternalEventPayload::ShowToastRequest(req) => {
-            match window_context {
-                WindowContext::Label { label } => app_handle
-                    .emit_to(label, "show_toast", req)
-                    .expect("Failed to emit show_toast to window"),
-                _ => app_handle.emit("show_toast", req).expect("Failed to emit show_toast"),
-            };
-            None
-        }
-        InternalEventPayload::PromptTextRequest(req) => {
-            let window = get_window_from_window_context(app_handle, &window_context)
-                .expect("Failed to find window for render");
-            let resp = call_frontend(window, "show_prompt", req).await;
-            Some(InternalEventPayload::PromptTextResponse(resp))
-        }
-        InternalEventPayload::FindHttpResponsesRequest(req) => {
-            let http_responses = list_http_responses_for_request(
-                app_handle,
-                req.request_id.as_str(),
-                req.limit.map(|l| l as i64),
-            )
-            .await
-            .unwrap_or_default();
-            Some(InternalEventPayload::FindHttpResponsesResponse(FindHttpResponsesResponse {
-                http_responses,
-            }))
-        }
-        InternalEventPayload::GetHttpRequestByIdRequest(req) => {
-            let http_request = get_http_request(app_handle, req.id.as_str()).await.unwrap();
-            Some(InternalEventPayload::GetHttpRequestByIdResponse(GetHttpRequestByIdResponse {
-                http_request,
-            }))
-        }
-        InternalEventPayload::RenderHttpRequestRequest(req) => {
-            let window = get_window_from_window_context(app_handle, &window_context)
-                .expect("Failed to find window for render http request");
-
-            let workspace = workspace_from_window(&window)
-                .await
-                .expect("Failed to get workspace_id from window URL");
-            let environment = environment_from_window(&window).await;
-            let base_environment = get_base_environment(&window, workspace.id.as_str())
-                .await
-                .expect("Failed to get base environment");
-            let cb = PluginTemplateCallback::new(app_handle, &window_context, req.purpose);
-            let http_request = render_http_request(
-                &req.http_request,
-                &base_environment,
-                environment.as_ref(),
-                &cb,
-            )
-            .await;
-            Some(InternalEventPayload::RenderHttpRequestResponse(RenderHttpRequestResponse {
-                http_request,
-            }))
-        }
-        InternalEventPayload::TemplateRenderRequest(req) => {
-            let window = get_window_from_window_context(app_handle, &window_context)
-                .expect("Failed to find window for render");
-
-            let workspace = workspace_from_window(&window)
-                .await
-                .expect("Failed to get workspace_id from window URL");
-            let environment = environment_from_window(&window).await;
-            let base_environment = get_base_environment(&window, workspace.id.as_str())
-                .await
-                .expect("Failed to get base environment");
-            let cb = PluginTemplateCallback::new(app_handle, &window_context, req.purpose);
-            let data =
-                render_json_value(req.data, &base_environment, environment.as_ref(), &cb).await;
-            Some(InternalEventPayload::TemplateRenderResponse(TemplateRenderResponse { data }))
-        }
-        InternalEventPayload::ErrorResponse(resp) => {
-            let window = get_window_from_window_context(app_handle, &window_context)
-                .expect("Failed to find window for plugin reload");
-            let toast_event = plugin_handle.build_event_to_send(
-                WindowContext::from_window(&window),
-                &InternalEventPayload::ShowToastRequest(ShowToastRequest {
-                    message: resp.error,
-                    color: Some(Color::Danger),
-                    ..Default::default()
-                }),
-                None,
-            );
-            Box::pin(handle_plugin_event(app_handle, &toast_event, plugin_handle)).await;
-            None
-        }
-        InternalEventPayload::ReloadResponse(_) => {
-            let window = get_window_from_window_context(app_handle, &window_context)
-                .expect("Failed to find window for plugin reload");
-            let plugins = list_plugins(app_handle).await.unwrap();
-            for plugin in plugins {
-                if plugin.directory != plugin_handle.dir {
-                    continue;
-                }
-
-                let new_plugin = Plugin {
-                    updated_at: Utc::now().naive_utc(), // TODO: Add reloaded_at field to use instead
-                    ..plugin
-                };
-                upsert_plugin(&window, new_plugin, &UpdateSource::Plugin).await.unwrap();
-            }
-            let toast_event = plugin_handle.build_event_to_send(
-                WindowContext::from_window(&window),
-                &InternalEventPayload::ShowToastRequest(ShowToastRequest {
-                    message: format!("Reloaded plugin {}", plugin_handle.dir),
-                    icon: Some(Icon::Info),
-                    ..Default::default()
-                }),
-                None,
-            );
-            Box::pin(handle_plugin_event(app_handle, &toast_event, plugin_handle)).await;
-            None
-        }
-        InternalEventPayload::SendHttpRequestRequest(req) => {
-            let window = get_window_from_window_context(app_handle, &window_context)
-                .expect("Failed to find window for sending HTTP request");
-            let cookie_jar = cookie_jar_from_window(&window).await;
-            let environment = environment_from_window(&window).await;
-
-            let resp = create_default_http_response(
-                &window,
-                req.http_request.id.as_str(),
-                &UpdateSource::Plugin,
-            )
-            .await
-            .unwrap();
-
-            let result = send_http_request(
-                &window,
-                &req.http_request,
-                &resp,
-                environment,
-                cookie_jar,
-                &mut tokio::sync::watch::channel(false).1, // No-op cancel channel
-            )
-            .await;
-
-            let http_response = match result {
-                Ok(r) => r,
-                Err(_e) => return,
-            };
-
-            Some(InternalEventPayload::SendHttpRequestResponse(SendHttpRequestResponse {
-                http_response,
-            }))
-        }
-        _ => None,
-    };
-
-    if let Some(e) = response_event {
-        let plugin_manager: State<'_, PluginManager> = app_handle.state();
-        if let Err(e) = plugin_manager.reply(&event, &e).await {
-            warn!("Failed to reply to plugin manager: {:?}", e)
-        }
-    }
+    v.to_owned()
 }

 fn get_window_from_window_context<R: Runtime>(
--- a/src-tauri/src/notifications.rs
+++ b/src-tauri/src/notifications.rs
@@ -1,10 +1,11 @@
 use std::time::SystemTime;

-use crate::analytics::get_num_launches;
+use crate::analytics::{get_num_launches, get_os};
 use chrono::{DateTime, Duration, Utc};
 use log::debug;
 use reqwest::Method;
 use serde::{Deserialize, Serialize};
+use serde_json::Value;
 use tauri::{Emitter, Manager, Runtime, WebviewWindow};
 use yaak_models::queries::{get_key_value_raw, set_key_value_raw, UpdateSource};

@@ -65,8 +66,9 @@ impl YaakNotifier {
        let req = reqwest::Client::default()
            .request(Method::GET, "https://notify.yaak.app/notifications")
            .query(&[
-                ("version", info.version.to_string()),
-                ("launches", num_launches.to_string()),
+                ("version", info.version.to_string().as_str()),
+                ("launches", num_launches.to_string().as_str()),
+                ("platform", get_os())
            ]);
        let resp = req.send().await.map_err(|e| e.to_string())?;
        if resp.status() != 200 {
@@ -74,17 +76,29 @@ impl YaakNotifier {
            return Ok(());
        }

-        let notification = resp.json::<YaakNotification>().await.map_err(|e| e.to_string())?;
+        let result = resp.json::<Value>().await.map_err(|e| e.to_string())?;

-        let age = notification.timestamp.signed_duration_since(Utc::now());
-        let seen = get_kv(window).await?;
-        if seen.contains(&notification.id) || (age > Duration::days(2)) {
-            debug!("Already seen notification {}", notification.id);
-            return Ok(());
+        // Support both single and multiple notifications.
+        // TODO: Remove support for single after April 2025
+        let notifications = match result {
+            Value::Array(a) => a
+                .into_iter()
+                .map(|a| serde_json::from_value(a).unwrap())
+                .collect::<Vec<YaakNotification>>(),
+            a @ _ => vec![serde_json::from_value(a).unwrap()],
+        };
+
+        for notification in notifications {
+            let age = notification.timestamp.signed_duration_since(Utc::now());
+            let seen = get_kv(window).await?;
+            if seen.contains(&notification.id) || (age > Duration::days(2)) {
+                debug!("Already seen notification {}", notification.id);
+                return Ok(());
+            }
+            debug!("Got notification {:?}", notification);
+
+            let _ = window.emit_to(window.label(), "notification", notification.clone());
        }
-        debug!("Got notification {:?}", notification);
-
-        let _ = window.emit_to(window.label(), "notification", notification.clone());

        Ok(())
    }
--- a/src-tauri/src/plugin_events.rs
+++ b/src-tauri/src/plugin_events.rs
@@ -0,0 +1,265 @@
+use crate::http_request::send_http_request;
+use crate::render::{render_http_request, render_json_value};
+use crate::window::{create_window, CreateWindowConfig};
+use crate::{
+    call_frontend, cookie_jar_from_window, environment_from_window, get_window_from_window_context,
+    workspace_from_window,
+};
+use chrono::Utc;
+use log::warn;
+use tauri::{AppHandle, Emitter, Manager, Runtime, State};
+use tauri_plugin_clipboard_manager::ClipboardExt;
+use yaak_models::models::{HttpResponse, Plugin};
+use yaak_models::queries::{
+    create_default_http_response, delete_plugin_key_value, get_base_environment, get_http_request,
+    get_plugin_key_value, list_http_responses_for_request, list_plugins, set_plugin_key_value,
+    upsert_plugin, UpdateSource,
+};
+use yaak_plugins::events::{
+    Color, DeleteKeyValueResponse, EmptyPayload, FindHttpResponsesResponse,
+    GetHttpRequestByIdResponse, GetKeyValueResponse, Icon, InternalEvent, InternalEventPayload,
+    RenderHttpRequestResponse, SendHttpRequestResponse, SetKeyValueResponse, ShowToastRequest,
+    TemplateRenderResponse, WindowContext, WindowNavigateEvent,
+};
+use yaak_plugins::manager::PluginManager;
+use yaak_plugins::plugin_handle::PluginHandle;
+use yaak_plugins::template_callback::PluginTemplateCallback;
+
+pub(crate) async fn handle_plugin_event<R: Runtime>(
+    app_handle: &AppHandle<R>,
+    event: &InternalEvent,
+    plugin_handle: &PluginHandle,
+) {
+    // info!("Got event to app {}", event.id);
+    let window_context = event.window_context.to_owned();
+    let response_event: Option<InternalEventPayload> = match event.clone().payload {
+        InternalEventPayload::CopyTextRequest(req) => {
+            app_handle
+                .clipboard()
+                .write_text(req.text.as_str())
+                .expect("Failed to write text to clipboard");
+            Some(InternalEventPayload::CopyTextResponse(EmptyPayload {}))
+        }
+        InternalEventPayload::ShowToastRequest(req) => {
+            match window_context {
+                WindowContext::Label { label } => app_handle
+                    .emit_to(label, "show_toast", req)
+                    .expect("Failed to emit show_toast to window"),
+                _ => app_handle.emit("show_toast", req).expect("Failed to emit show_toast"),
+            };
+            Some(InternalEventPayload::ShowToastResponse(EmptyPayload {}))
+        }
+        InternalEventPayload::PromptTextRequest(_) => {
+            let window = get_window_from_window_context(app_handle, &window_context)
+                .expect("Failed to find window for render");
+            call_frontend(window, event).await
+        }
+        InternalEventPayload::FindHttpResponsesRequest(req) => {
+            let http_responses = list_http_responses_for_request(
+                app_handle,
+                req.request_id.as_str(),
+                req.limit.map(|l| l as i64),
+            )
+            .await
+            .unwrap_or_default();
+            Some(InternalEventPayload::FindHttpResponsesResponse(FindHttpResponsesResponse {
+                http_responses,
+            }))
+        }
+        InternalEventPayload::GetHttpRequestByIdRequest(req) => {
+            let http_request = get_http_request(app_handle, req.id.as_str()).await.unwrap();
+            Some(InternalEventPayload::GetHttpRequestByIdResponse(GetHttpRequestByIdResponse {
+                http_request,
+            }))
+        }
+        InternalEventPayload::RenderHttpRequestRequest(req) => {
+            let window = get_window_from_window_context(app_handle, &window_context)
+                .expect("Failed to find window for render http request");
+
+            let workspace = workspace_from_window(&window)
+                .await
+                .expect("Failed to get workspace_id from window URL");
+            let environment = environment_from_window(&window).await;
+            let base_environment = get_base_environment(&window, workspace.id.as_str())
+                .await
+                .expect("Failed to get base environment");
+            let cb = PluginTemplateCallback::new(app_handle, &window_context, req.purpose);
+            let http_request = render_http_request(
+                &req.http_request,
+                &base_environment,
+                environment.as_ref(),
+                &cb,
+            )
+            .await;
+            Some(InternalEventPayload::RenderHttpRequestResponse(RenderHttpRequestResponse {
+                http_request,
+            }))
+        }
+        InternalEventPayload::TemplateRenderRequest(req) => {
+            let window = get_window_from_window_context(app_handle, &window_context)
+                .expect("Failed to find window for render");
+
+            let workspace = workspace_from_window(&window)
+                .await
+                .expect("Failed to get workspace_id from window URL");
+            let environment = environment_from_window(&window).await;
+            let base_environment = get_base_environment(&window, workspace.id.as_str())
+                .await
+                .expect("Failed to get base environment");
+            let cb = PluginTemplateCallback::new(app_handle, &window_context, req.purpose);
+            let data =
+                render_json_value(req.data, &base_environment, environment.as_ref(), &cb).await;
+            Some(InternalEventPayload::TemplateRenderResponse(TemplateRenderResponse { data }))
+        }
+        InternalEventPayload::ErrorResponse(resp) => {
+            let window = get_window_from_window_context(app_handle, &window_context)
+                .expect("Failed to find window for plugin reload");
+            let toast_event = plugin_handle.build_event_to_send(
+                &WindowContext::from_window(&window),
+                &InternalEventPayload::ShowToastRequest(ShowToastRequest {
+                    message: format!(
+                        "Plugin error from {}: {}",
+                        plugin_handle.name().await,
+                        resp.error
+                    ),
+                    color: Some(Color::Danger),
+                    ..Default::default()
+                }),
+                None,
+            );
+            Box::pin(handle_plugin_event(app_handle, &toast_event, plugin_handle)).await;
+            None
+        }
+        InternalEventPayload::ReloadResponse(_) => {
+            let window = get_window_from_window_context(app_handle, &window_context)
+                .expect("Failed to find window for plugin reload");
+            let plugins = list_plugins(app_handle).await.unwrap();
+            for plugin in plugins {
+                if plugin.directory != plugin_handle.dir {
+                    continue;
+                }
+
+                let new_plugin = Plugin {
+                    updated_at: Utc::now().naive_utc(), // TODO: Add reloaded_at field to use instead
+                    ..plugin
+                };
+                upsert_plugin(&window, new_plugin, &UpdateSource::Plugin).await.unwrap();
+            }
+            let toast_event = plugin_handle.build_event_to_send(
+                &WindowContext::from_window(&window),
+                &InternalEventPayload::ShowToastRequest(ShowToastRequest {
+                    message: format!("Reloaded plugin {}", plugin_handle.dir),
+                    icon: Some(Icon::Info),
+                    ..Default::default()
+                }),
+                None,
+            );
+            Box::pin(handle_plugin_event(app_handle, &toast_event, plugin_handle)).await;
+            None
+        }
+        InternalEventPayload::SendHttpRequestRequest(req) => {
+            let window = get_window_from_window_context(app_handle, &window_context)
+                .expect("Failed to find window for sending HTTP request");
+            let mut http_request = req.http_request;
+            let workspace = workspace_from_window(&window)
+                .await
+                .expect("Failed to get workspace_id from window URL");
+            let cookie_jar = cookie_jar_from_window(&window).await;
+            let environment = environment_from_window(&window).await;
+
+            if http_request.workspace_id.is_empty() {
+                http_request.workspace_id = workspace.id;
+            }
+
+            let resp = if http_request.id.is_empty() {
+                HttpResponse::new()
+            } else {
+                create_default_http_response(
+                    &window,
+                    http_request.id.as_str(),
+                    &UpdateSource::Plugin,
+                )
+                .await
+                .unwrap()
+            };
+
+            let result = send_http_request(
+                &window,
+                &http_request,
+                &resp,
+                environment,
+                cookie_jar,
+                &mut tokio::sync::watch::channel(false).1, // No-op cancel channel
+            )
+            .await;
+
+            let http_response = match result {
+                Ok(r) => r,
+                Err(_e) => return,
+            };
+
+            Some(InternalEventPayload::SendHttpRequestResponse(SendHttpRequestResponse {
+                http_response,
+            }))
+        }
+        InternalEventPayload::OpenWindowRequest(req) => {
+            let label = req.label;
+            let (tx, mut rx) = tokio::sync::mpsc::channel(128);
+            let win_config = CreateWindowConfig {
+                url: &req.url,
+                label: &label.clone(),
+                title: &req.title.unwrap_or_default(),
+                navigation_tx: Some(tx),
+                inner_size: req.size.map(|s| (s.width, s.height)),
+                position: None,
+                hide_titlebar: false,
+            };
+            create_window(app_handle, win_config);
+
+            let event_id = event.id.clone();
+            let plugin_handle = plugin_handle.clone();
+            tauri::async_runtime::spawn(async move {
+                while let Some(url) = rx.recv().await {
+                    let label = label.clone();
+                    let url = url.to_string();
+                    let event_to_send = plugin_handle.build_event_to_send(
+                        &WindowContext::Label { label },
+                        &InternalEventPayload::WindowNavigateEvent(WindowNavigateEvent { url }),
+                        Some(event_id.clone()),
+                    );
+                    plugin_handle.send(&event_to_send).await.unwrap();
+                }
+            });
+            None
+        }
+        InternalEventPayload::CloseWindowRequest(req) => {
+            if let Some(window) = app_handle.webview_windows().get(&req.label) {
+                window.close().expect("Failed to close window");
+            }
+            None
+        }
+        InternalEventPayload::SetKeyValueRequest(req) => {
+            let name = plugin_handle.name().await;
+            set_plugin_key_value(app_handle, &name, &req.key, &req.value).await;
+            Some(InternalEventPayload::SetKeyValueResponse(SetKeyValueResponse {}))
+        }
+        InternalEventPayload::GetKeyValueRequest(req) => {
+            let name = plugin_handle.name().await;
+            let value = get_plugin_key_value(app_handle, &name, &req.key).await.map(|v| v.value);
+            Some(InternalEventPayload::GetKeyValueResponse(GetKeyValueResponse { value }))
+        }
+        InternalEventPayload::DeleteKeyValueRequest(req) => {
+            let name = plugin_handle.name().await;
+            let deleted = delete_plugin_key_value(app_handle, &name, &req.key).await;
+            Some(InternalEventPayload::DeleteKeyValueResponse(DeleteKeyValueResponse { deleted }))
+        }
+        _ => None,
+    };
+
+    if let Some(e) = response_event {
+        let plugin_manager: State<'_, PluginManager> = app_handle.state();
+        if let Err(e) = plugin_manager.reply(&event, &e).await {
+            warn!("Failed to reply to plugin manager: {:?}", e)
+        }
+    }
+}
--- a/src-tauri/src/render.rs
+++ b/src-tauri/src/render.rs
@@ -1,11 +1,11 @@
-use crate::template_callback::PluginTemplateCallback;
-use serde_json::{json, Map, Value};
+use serde_json::Value;
 use std::collections::{BTreeMap, HashMap};
+use yaak_http::apply_path_placeholders;
 use yaak_models::models::{
-    Environment, EnvironmentVariable, GrpcMetadataEntry, GrpcRequest, HttpRequest,
-    HttpRequestHeader, HttpUrlParameter,
+    Environment, GrpcMetadataEntry, GrpcRequest, HttpRequest, HttpRequestHeader, HttpUrlParameter,
 };
-use yaak_templates::{parse_and_render, TemplateCallback};
+use yaak_models::render::make_vars_hashmap;
+use yaak_templates::{parse_and_render, render_json_value_raw, TemplateCallback};

 pub async fn render_template<T: TemplateCallback>(
    template: &str,
@@ -60,11 +60,11 @@ pub async fn render_grpc_request<T: TemplateCallback>(
    }
 }

-pub async fn render_http_request(
+pub async fn render_http_request<T: TemplateCallback>(
    r: &HttpRequest,
    base_environment: &Environment,
    environment: Option<&Environment>,
-    cb: &PluginTemplateCallback,
+    cb: &T,
 ) -> HttpRequest {
    let vars = &make_vars_hashmap(base_environment, environment);

@@ -99,31 +99,18 @@ pub async fn render_http_request(
    }

    let url = render(r.url.clone().as_str(), vars, cb).await;
-    let req = HttpRequest {
+
+    // This doesn't fit perfectly with the concept of "rendering" but it kind of does
+    let (url, url_parameters) = apply_path_placeholders(&url, url_parameters);
+
+    HttpRequest {
        url,
        url_parameters,
        headers,
        body,
        authentication,
        ..r.to_owned()
-    };
-
-    // This doesn't fit perfectly with the concept of "rendering" but it kind of does
-    apply_path_placeholders(req)
-}
-
-pub fn make_vars_hashmap(
-    base_environment: &Environment,
-    environment: Option<&Environment>,
-) -> HashMap<String, String> {
-    let mut variables = HashMap::new();
-    variables = add_variable_to_map(variables, &base_environment.variables);
-
-    if let Some(e) = environment {
-        variables = add_variable_to_map(variables, &e.variables);
    }
-
-    variables
 }

 pub async fn render<T: TemplateCallback>(
@@ -133,300 +120,3 @@ pub async fn render<T: TemplateCallback>(
 ) -> String {
    parse_and_render(template, vars, cb).await
 }
-
-fn add_variable_to_map(
-    m: HashMap<String, String>,
-    variables: &Vec<EnvironmentVariable>,
-) -> HashMap<String, String> {
-    let mut map = m.clone();
-    for variable in variables {
-        if !variable.enabled || variable.value.is_empty() {
-            continue;
-        }
-        let name = variable.name.as_str();
-        let value = variable.value.as_str();
-        map.insert(name.into(), value.into());
-    }
-
-    map
-}
-
-async fn render_json_value_raw<T: TemplateCallback>(
-    v: Value,
-    vars: &HashMap<String, String>,
-    cb: &T,
-) -> Value {
-    match v {
-        Value::String(s) => json!(render(s.as_str(), vars, cb).await),
-        Value::Array(a) => {
-            let mut new_a = Vec::new();
-            for v in a {
-                new_a.push(Box::pin(render_json_value_raw(v, vars, cb)).await)
-            }
-            json!(new_a)
-        }
-        Value::Object(o) => {
-            let mut new_o = Map::new();
-            for (k, v) in o {
-                let key = Box::pin(render(k.as_str(), vars, cb)).await;
-                let value = Box::pin(render_json_value_raw(v, vars, cb)).await;
-                new_o.insert(key, value);
-            }
-            json!(new_o)
-        }
-        v => v,
-    }
-}
-
-#[cfg(test)]
-mod render_tests {
-    use serde_json::json;
-    use std::collections::HashMap;
-    use yaak_templates::TemplateCallback;
-
-    struct EmptyCB {}
-
-    impl TemplateCallback for EmptyCB {
-        async fn run(
-            &self,
-            _fn_name: &str,
-            _args: HashMap<String, String>,
-        ) -> Result<String, String> {
-            todo!()
-        }
-    }
-
-    #[tokio::test]
-    async fn render_json_value_string() {
-        let v = json!("${[a]}");
-        let mut vars = HashMap::new();
-        vars.insert("a".to_string(), "aaa".to_string());
-
-        let result = super::render_json_value_raw(v, &vars, &EmptyCB {}).await;
-        assert_eq!(result, json!("aaa"))
-    }
-
-    #[tokio::test]
-    async fn render_json_value_array() {
-        let v = json!(["${[a]}", "${[a]}"]);
-        let mut vars = HashMap::new();
-        vars.insert("a".to_string(), "aaa".to_string());
-
-        let result = super::render_json_value_raw(v, &vars, &EmptyCB {}).await;
-        assert_eq!(result, json!(["aaa", "aaa"]))
-    }
-
-    #[tokio::test]
-    async fn render_json_value_object() {
-        let v = json!({"${[a]}": "${[a]}"});
-        let mut vars = HashMap::new();
-        vars.insert("a".to_string(), "aaa".to_string());
-
-        let result = super::render_json_value_raw(v, &vars, &EmptyCB {}).await;
-        assert_eq!(result, json!({"aaa": "aaa"}))
-    }
-
-    #[tokio::test]
-    async fn render_json_value_nested() {
-        let v = json!([
-            123,
-            {"${[a]}": "${[a]}"},
-            null,
-            "${[a]}",
-            false,
-            {"x": ["${[a]}"]}
-        ]);
-        let mut vars = HashMap::new();
-        vars.insert("a".to_string(), "aaa".to_string());
-
-        let result = super::render_json_value_raw(v, &vars, &EmptyCB {}).await;
-        assert_eq!(
-            result,
-            json!([
-                123,
-                {"aaa": "aaa"},
-                null,
-                "aaa",
-                false,
-                {"x": ["aaa"]}
-            ])
-        )
-    }
-}
-
-fn replace_path_placeholder(p: &HttpUrlParameter, url: &str) -> String {
-    if !p.enabled {
-        return url.to_string();
-    }
-
-    if !p.name.starts_with(":") {
-        return url.to_string();
-    }
-
-    let re = regex::Regex::new(format!("(/){}([/?#]|$)", p.name).as_str()).unwrap();
-    let result = re
-        .replace_all(url, |cap: &regex::Captures| {
-            format!(
-                "{}{}{}",
-                cap[1].to_string(),
-                urlencoding::encode(p.value.as_str()),
-                cap[2].to_string()
-            )
-        })
-        .into_owned();
-    result
-}
-
-fn apply_path_placeholders(rendered_request: HttpRequest) -> HttpRequest {
-    let mut url = rendered_request.url.to_owned();
-    let mut url_parameters = Vec::new();
-    for p in rendered_request.url_parameters.clone() {
-        if !p.enabled || p.name.is_empty() {
-            continue;
-        }
-
-        // Replace path parameters with values from URL parameters
-        let old_url_string = url.clone();
-        url = replace_path_placeholder(&p, url.as_str());
-
-        // Remove as param if it modified the URL
-        if old_url_string == url {
-            url_parameters.push(p);
-        }
-    }
-
-    let mut request = rendered_request.clone();
-    request.url_parameters = url_parameters;
-    request.url = url;
-    request
-}
-
-#[cfg(test)]
-mod placeholder_tests {
-    use crate::render::{apply_path_placeholders, replace_path_placeholder};
-    use yaak_models::models::{HttpRequest, HttpUrlParameter};
-
-    #[test]
-    fn placeholder_middle() {
-        let p = HttpUrlParameter {
-            name: ":foo".into(),
-            value: "xxx".into(),
-            enabled: true,
-            id: None,
-        };
-        assert_eq!(
-            replace_path_placeholder(&p, "https://example.com/:foo/bar"),
-            "https://example.com/xxx/bar",
-        );
-    }
-
-    #[test]
-    fn placeholder_end() {
-        let p = HttpUrlParameter {
-            name: ":foo".into(),
-            value: "xxx".into(),
-            enabled: true,
-            id: None,
-        };
-        assert_eq!(
-            replace_path_placeholder(&p, "https://example.com/:foo"),
-            "https://example.com/xxx",
-        );
-    }
-
-    #[test]
-    fn placeholder_query() {
-        let p = HttpUrlParameter {
-            name: ":foo".into(),
-            value: "xxx".into(),
-            enabled: true,
-            id: None,
-        };
-        assert_eq!(
-            replace_path_placeholder(&p, "https://example.com/:foo?:foo"),
-            "https://example.com/xxx?:foo",
-        );
-    }
-
-    #[test]
-    fn placeholder_missing() {
-        let p = HttpUrlParameter {
-            enabled: true,
-            name: "".to_string(),
-            value: "".to_string(),
-            id: None,
-        };
-        assert_eq!(
-            replace_path_placeholder(&p, "https://example.com/:missing"),
-            "https://example.com/:missing",
-        );
-    }
-
-    #[test]
-    fn placeholder_disabled() {
-        let p = HttpUrlParameter {
-            enabled: false,
-            name: ":foo".to_string(),
-            value: "xxx".to_string(),
-            id: None,
-        };
-        assert_eq!(
-            replace_path_placeholder(&p, "https://example.com/:foo"),
-            "https://example.com/:foo",
-        );
-    }
-
-    #[test]
-    fn placeholder_prefix() {
-        let p = HttpUrlParameter {
-            name: ":foo".into(),
-            value: "xxx".into(),
-            enabled: true,
-            id: None,
-        };
-        assert_eq!(
-            replace_path_placeholder(&p, "https://example.com/:foooo"),
-            "https://example.com/:foooo",
-        );
-    }
-
-    #[test]
-    fn placeholder_encode() {
-        let p = HttpUrlParameter {
-            name: ":foo".into(),
-            value: "Hello World".into(),
-            enabled: true,
-            id: None,
-        };
-        assert_eq!(
-            replace_path_placeholder(&p, "https://example.com/:foo"),
-            "https://example.com/Hello%20World",
-        );
-    }
-
-    #[test]
-    fn apply_placeholder() {
-        let result = apply_path_placeholders(HttpRequest {
-            url: "example.com/:a/bar".to_string(),
-            url_parameters: vec![
-                HttpUrlParameter {
-                    name: "b".to_string(),
-                    value: "bbb".to_string(),
-                    enabled: true,
-                    id: None,
-                },
-                HttpUrlParameter {
-                    name: ":a".to_string(),
-                    value: "aaa".to_string(),
-                    enabled: true,
-                    id: None,
-                },
-            ],
-            ..Default::default()
-        });
-        assert_eq!(result.url, "example.com/aaa/bar");
-        assert_eq!(result.url_parameters.len(), 1);
-        assert_eq!(result.url_parameters[0].name, "b");
-        assert_eq!(result.url_parameters[0].value, "bbb");
-    }
-}
--- a/src-tauri/src/tauri_plugin_mac_window.rs
+++ b/src-tauri/src/tauri_plugin_mac_window.rs
@@ -2,7 +2,8 @@ use crate::MAIN_WINDOW_PREFIX;
 use hex_color::HexColor;
 use log::warn;
 use objc::{msg_send, sel, sel_impl};
-use rand::{distributions::Alphanumeric, Rng};
+use rand::distr::Alphanumeric;
+use rand::Rng;
 use tauri::{
    plugin::{Builder, TauriPlugin},
    Emitter, Listener, Manager, Runtime, Window, WindowEvent,
@@ -420,7 +421,7 @@ pub fn setup_traffic_light_positioner<R: Runtime>(window: &Window<R>) {
        };
        let app_box = Box::into_raw(Box::new(app_state)) as *mut c_void;
        let random_str: String =
-            rand::thread_rng().sample_iter(&Alphanumeric).take(20).map(char::from).collect();
+            rand::rng().sample_iter(&Alphanumeric).take(20).map(char::from).collect();

        // We need to ensure we have a unique delegate name, otherwise we will panic while trying to create a duplicate
        // delegate with the same name.
--- a/src-tauri/src/window.rs
+++ b/src-tauri/src/window.rs
@@ -0,0 +1,130 @@
+use crate::window_menu::app_menu;
+use crate::{DEFAULT_WINDOW_HEIGHT, DEFAULT_WINDOW_WIDTH, MIN_WINDOW_HEIGHT, MIN_WINDOW_WIDTH};
+use log::{info, warn};
+use std::process::exit;
+use tauri::{
+    AppHandle, Emitter, LogicalSize, Manager, Runtime, WebviewUrl, WebviewWindow,
+};
+use tauri_plugin_opener::OpenerExt;
+use tokio::sync::mpsc;
+
+#[derive(Default, Debug)]
+pub(crate) struct CreateWindowConfig<'s> {
+    pub url: &'s str,
+    pub label: &'s str,
+    pub title: &'s str,
+    pub inner_size: Option<(f64, f64)>,
+    pub position: Option<(f64, f64)>,
+    pub navigation_tx: Option<mpsc::Sender<String>>,
+    pub hide_titlebar: bool,
+}
+
+pub(crate) fn create_window<R: Runtime>(
+    handle: &AppHandle<R>,
+    config: CreateWindowConfig,
+) -> WebviewWindow<R> {
+    #[allow(unused_variables)]
+    let menu = app_menu(handle).unwrap();
+
+    // This causes the window to not be clickable (in AppImage), so disable on Linux
+    #[cfg(not(target_os = "linux"))]
+    handle.set_menu(menu).expect("Failed to set app menu");
+
+    info!("Create new window label={}", config.label);
+
+    let mut win_builder =
+        tauri::WebviewWindowBuilder::new(handle, config.label, WebviewUrl::App(config.url.into()))
+            .title(config.title)
+            .resizable(true)
+            .visible(false) // To prevent theme flashing, the frontend code calls show() immediately after configuring the theme
+            .fullscreen(false)
+            .disable_drag_drop_handler() // Required for frontend Dnd on windows
+            .min_inner_size(MIN_WINDOW_WIDTH, MIN_WINDOW_HEIGHT);
+
+    if let Some((w, h)) = config.inner_size {
+        win_builder = win_builder.inner_size(w, h);
+    } else {
+        win_builder = win_builder.inner_size(600.0, 600.0);
+    }
+
+    if let Some((x, y)) = config.position {
+        win_builder = win_builder.position(x, y);
+    } else {
+        win_builder = win_builder.center();
+    }
+
+    if let Some(tx) = config.navigation_tx {
+        win_builder = win_builder.on_navigation(move |url| {
+            let url = url.to_string();
+            let tx = tx.clone();
+            tauri::async_runtime::block_on(async move {
+                tx.send(url).await.unwrap();
+            });
+            true
+        });
+    }
+
+    if config.hide_titlebar {
+        #[cfg(target_os = "macos")]
+        {
+            use tauri::TitleBarStyle;
+            win_builder = win_builder.hidden_title(true).title_bar_style(TitleBarStyle::Overlay);
+        }
+        #[cfg(not(target_os = "macos"))]
+        {
+            // Doesn't seem to work from Rust, here, so we do it in main.tsx
+            win_builder = win_builder.decorations(false);
+        }
+    }
+
+    if let Some(w) = handle.webview_windows().get(config.label) {
+        info!("Webview with label {} already exists. Focusing existing", config.label);
+        w.set_focus().unwrap();
+        return w.to_owned();
+    }
+
+    let win = win_builder.build().unwrap();
+
+    let webview_window = win.clone();
+    win.on_menu_event(move |w, event| {
+        if !w.is_focused().unwrap() {
+            return;
+        }
+
+        let event_id = event.id().0.as_str();
+        match event_id {
+            "quit" => exit(0),
+            "close" => w.close().unwrap(),
+            "zoom_reset" => w.emit("zoom_reset", true).unwrap(),
+            "zoom_in" => w.emit("zoom_in", true).unwrap(),
+            "zoom_out" => w.emit("zoom_out", true).unwrap(),
+            "settings" => w.emit("settings", true).unwrap(),
+            "open_feedback" => {
+                if let Err(e) =
+                    w.app_handle().opener().open_url("https://yaak.app/feedback", None::<&str>)
+                {
+                    warn!("Failed to open feedback {e:?}")
+                }
+            }
+
+            // Commands for development
+            "dev.reset_size" => webview_window
+                .set_size(LogicalSize::new(DEFAULT_WINDOW_WIDTH, DEFAULT_WINDOW_HEIGHT))
+                .unwrap(),
+            "dev.refresh" => webview_window.eval("location.reload()").unwrap(),
+            "dev.generate_theme_css" => {
+                w.emit("generate_theme_css", true).unwrap();
+            }
+            "dev.toggle_devtools" => {
+                if webview_window.is_devtools_open() {
+                    webview_window.close_devtools();
+                } else {
+                    webview_window.open_devtools();
+                }
+            }
+            _ => {}
+        }
+    });
+
+    win
+}
--- a/src-tauri/src/window_menu.rs
+++ b/src-tauri/src/window_menu.rs
@@ -3,9 +3,9 @@ use tauri::menu::{
    WINDOW_SUBMENU_ID,
 };
 pub use tauri::AppHandle;
-use tauri::Wry;
+use tauri::Runtime;

-pub fn app_menu(app_handle: &AppHandle) -> tauri::Result<Menu<Wry>> {
+pub fn app_menu<R: Runtime>(app_handle: &AppHandle<R>) -> tauri::Result<Menu<R>> {
    let pkg_info = app_handle.package_info();
    let config = app_handle.config();
    let about_metadata = AboutMetadata {
@@ -37,7 +37,7 @@ pub fn app_menu(app_handle: &AppHandle) -> tauri::Result<Menu<Wry>> {
        true,
        &[
            #[cfg(not(target_os = "macos"))]
-            &PredefinedMenuItem::about(app_handle, None, Some(about_metadata))?,
+            &PredefinedMenuItem::about(app_handle, None, Some(about_metadata.clone()))?,
            #[cfg(target_os = "macos")]
            &MenuItemBuilder::with_id("open_feedback".to_string(), "Give Feedback")
                .build(app_handle)?,
--- a/src-tauri/vendored/plugins/auth-basic/build/index.js
+++ b/src-tauri/vendored/plugins/auth-basic/build/index.js
@@ -28,7 +28,7 @@ var plugin = {
    name: "basic",
    label: "Basic Auth",
    shortLabel: "Basic",
-    config: [{
+    args: [{
      type: "text",
      name: "username",
      label: "Username",
@@ -40,8 +40,8 @@ var plugin = {
      optional: true,
      password: true
    }],
-    async onApply(_ctx, args) {
-      const { username, password } = args.config;
+    async onApply(_ctx, { values }) {
+      const { username, password } = values;
      const value = "Basic " + Buffer.from(`${username}:${password}`).toString("base64");
      return { setHeaders: [{ name: "Authorization", value }] };
    }
--- a/src-tauri/vendored/plugins/auth-bearer/build/index.js
+++ b/src-tauri/vendored/plugins/auth-bearer/build/index.js
@@ -28,15 +28,15 @@ var plugin = {
    name: "bearer",
    label: "Bearer Token",
    shortLabel: "Bearer",
-    config: [{
+    args: [{
      type: "text",
      name: "token",
      label: "Token",
      optional: true,
      password: true
    }],
-    async onApply(_ctx, args) {
-      const { token } = args.config;
+    async onApply(_ctx, { values }) {
+      const { token } = values;
      const value = `Bearer ${token}`.trim();
      return { setHeaders: [{ name: "Authorization", value }] };
    }
--- a/src-tauri/vendored/plugins/auth-jwt/build/index.js
+++ b/src-tauri/vendored/plugins/auth-jwt/build/index.js
@@ -3814,21 +3814,22 @@ var plugin = {
    name: "jwt",
    label: "JWT Bearer",
    shortLabel: "JWT",
-    config: [
+    args: [
      {
        type: "select",
        name: "algorithm",
        label: "Algorithm",
        hideLabel: true,
        defaultValue: defaultAlgorithm,
-        options: algorithms.map((value) => ({ name: value === "none" ? "None" : value, value }))
+        options: algorithms.map((value) => ({ label: value === "none" ? "None" : value, value }))
      },
      {
-        type: "editor",
+        type: "text",
        name: "secret",
        label: "Secret or Private Key",
+        password: true,
        optional: true,
-        hideGutter: true
+        multiLine: true
      },
      {
        type: "checkbox",
@@ -3844,8 +3845,8 @@ var plugin = {
        placeholder: "{ }"
      }
    ],
-    async onApply(_ctx, args) {
-      const { algorithm, secret: _secret, secretBase64, payload } = args.config;
+    async onApply(_ctx, { values }) {
+      const { algorithm, secret: _secret, secretBase64, payload } = values;
      const secret = secretBase64 ? Buffer.from(`${_secret}`, "base64") : `${_secret}`;
      const token = import_jsonwebtoken.default.sign(`${payload}`, secret, { algorithm });
      const value = `Bearer ${token}`;
--- a/src-tauri/vendored/plugins/auth-oauth2/build/index.js
+++ b/src-tauri/vendored/plugins/auth-oauth2/build/index.js
@@ -0,0 +1,670 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/index.ts
+var src_exports = {};
+__export(src_exports, {
+  plugin: () => plugin
+});
+module.exports = __toCommonJS(src_exports);
+
+// src/grants/authorizationCode.ts
+var import_node_crypto = require("node:crypto");
+
+// src/getAccessToken.ts
+var import_node_fs = require("node:fs");
+async function getAccessToken(ctx, {
+  accessTokenUrl,
+  scope,
+  params,
+  grantType,
+  credentialsInBody,
+  clientId,
+  clientSecret
+}) {
+  console.log("Getting access token", accessTokenUrl);
+  const httpRequest = {
+    method: "POST",
+    url: accessTokenUrl,
+    bodyType: "application/x-www-form-urlencoded",
+    body: {
+      form: [
+        { name: "grant_type", value: grantType },
+        ...params
+      ]
+    },
+    headers: [
+      { name: "User-Agent", value: "yaak" },
+      { name: "Accept", value: "application/x-www-form-urlencoded, application/json" },
+      { name: "Content-Type", value: "application/x-www-form-urlencoded" }
+    ]
+  };
+  if (scope) httpRequest.body.form.push({ name: "scope", value: scope });
+  if (credentialsInBody) {
+    httpRequest.body.form.push({ name: "client_id", value: clientId });
+    httpRequest.body.form.push({ name: "client_secret", value: clientSecret });
+  } else {
+    const value = "Basic " + Buffer.from(`${clientId}:${clientSecret}`).toString("base64");
+    httpRequest.headers.push({ name: "Authorization", value });
+  }
+  const resp = await ctx.httpRequest.send({ httpRequest });
+  if (resp.status < 200 || resp.status >= 300) {
+    throw new Error("Failed to fetch access token with status=" + resp.status);
+  }
+  const body = (0, import_node_fs.readFileSync)(resp.bodyPath ?? "", "utf8");
+  let response;
+  try {
+    response = JSON.parse(body);
+  } catch {
+    response = Object.fromEntries(new URLSearchParams(body));
+  }
+  if (response.error) {
+    throw new Error("Failed to fetch access token with " + response.error);
+  }
+  return response;
+}
+
+// src/getOrRefreshAccessToken.ts
+var import_node_fs2 = require("node:fs");
+
+// src/store.ts
+async function storeToken(ctx, contextId, response) {
+  if (!response.access_token) {
+    throw new Error(`Token not found in response`);
+  }
+  const expiresAt = response.expires_in ? Date.now() + response.expires_in * 1e3 : null;
+  const token = {
+    response,
+    expiresAt
+  };
+  await ctx.store.set(tokenStoreKey(contextId), token);
+  return token;
+}
+async function getToken(ctx, contextId) {
+  return ctx.store.get(tokenStoreKey(contextId));
+}
+async function deleteToken(ctx, contextId) {
+  return ctx.store.delete(tokenStoreKey(contextId));
+}
+function tokenStoreKey(context_id) {
+  return ["token", context_id].join("::");
+}
+
+// src/getOrRefreshAccessToken.ts
+async function getOrRefreshAccessToken(ctx, contextId, {
+  scope,
+  accessTokenUrl,
+  credentialsInBody,
+  clientId,
+  clientSecret,
+  forceRefresh
+}) {
+  const token = await getToken(ctx, contextId);
+  if (token == null) {
+    return null;
+  }
+  const now = Date.now() / 1e3;
+  const isExpired = token.expiresAt && now > token.expiresAt;
+  if (!isExpired && !forceRefresh) {
+    return token;
+  }
+  if (!token.response.refresh_token) {
+    return null;
+  }
+  const httpRequest = {
+    method: "POST",
+    url: accessTokenUrl,
+    bodyType: "application/x-www-form-urlencoded",
+    body: {
+      form: [
+        { name: "grant_type", value: "refresh_token" },
+        { name: "refresh_token", value: token.response.refresh_token }
+      ]
+    },
+    headers: [
+      { name: "User-Agent", value: "yaak" },
+      { name: "Accept", value: "application/x-www-form-urlencoded, application/json" },
+      { name: "Content-Type", value: "application/x-www-form-urlencoded" }
+    ]
+  };
+  if (scope) httpRequest.body.form.push({ name: "scope", value: scope });
+  if (credentialsInBody) {
+    httpRequest.body.form.push({ name: "client_id", value: clientId });
+    httpRequest.body.form.push({ name: "client_secret", value: clientSecret });
+  } else {
+    const value = "Basic " + Buffer.from(`${clientId}:${clientSecret}`).toString("base64");
+    httpRequest.headers.push({ name: "Authorization", value });
+  }
+  const resp = await ctx.httpRequest.send({ httpRequest });
+  if (resp.status === 401) {
+    console.log("Unauthorized refresh_token request");
+    await deleteToken(ctx, contextId);
+    return null;
+  }
+  if (resp.status < 200 || resp.status >= 300) {
+    throw new Error("Failed to fetch access token with status=" + resp.status);
+  }
+  const body = (0, import_node_fs2.readFileSync)(resp.bodyPath ?? "", "utf8");
+  let response;
+  try {
+    response = JSON.parse(body);
+  } catch {
+    response = Object.fromEntries(new URLSearchParams(body));
+  }
+  if (response.error) {
+    throw new Error(`Failed to fetch access token with ${response.error} -> ${response.error_description}`);
+  }
+  const newResponse = {
+    ...response,
+    // Assign a new one or keep the old one,
+    refresh_token: response.refresh_token ?? token.response.refresh_token
+  };
+  return storeToken(ctx, contextId, newResponse);
+}
+
+// src/grants/authorizationCode.ts
+var PKCE_SHA256 = "S256";
+var PKCE_PLAIN = "plain";
+var DEFAULT_PKCE_METHOD = PKCE_SHA256;
+async function getAuthorizationCode(ctx, contextId, {
+  authorizationUrl: authorizationUrlRaw,
+  accessTokenUrl,
+  clientId,
+  clientSecret,
+  redirectUri,
+  scope,
+  state,
+  credentialsInBody,
+  pkce
+}) {
+  const token = await getOrRefreshAccessToken(ctx, contextId, {
+    accessTokenUrl,
+    scope,
+    clientId,
+    clientSecret,
+    credentialsInBody
+  });
+  if (token != null) {
+    return token;
+  }
+  const authorizationUrl = new URL(`${authorizationUrlRaw ?? ""}`);
+  authorizationUrl.searchParams.set("response_type", "code");
+  authorizationUrl.searchParams.set("client_id", clientId);
+  if (redirectUri) authorizationUrl.searchParams.set("redirect_uri", redirectUri);
+  if (scope) authorizationUrl.searchParams.set("scope", scope);
+  if (state) authorizationUrl.searchParams.set("state", state);
+  if (pkce) {
+    const verifier = pkce.codeVerifier || createPkceCodeVerifier();
+    const challengeMethod = pkce.challengeMethod || DEFAULT_PKCE_METHOD;
+    authorizationUrl.searchParams.set("code_challenge", createPkceCodeChallenge(verifier, challengeMethod));
+    authorizationUrl.searchParams.set("code_challenge_method", challengeMethod);
+  }
+  return new Promise(async (resolve, reject) => {
+    const authorizationUrlStr = authorizationUrl.toString();
+    console.log("Authorizing", authorizationUrlStr);
+    let { close } = await ctx.window.openUrl({
+      url: authorizationUrlStr,
+      label: "oauth-authorization-url",
+      async onNavigate({ url: urlStr }) {
+        const url = new URL(urlStr);
+        if (url.searchParams.has("error")) {
+          return reject(new Error(`Failed to authorize: ${url.searchParams.get("error")}`));
+        }
+        const code = url.searchParams.get("code");
+        if (!code) {
+          return;
+        }
+        close();
+        const response = await getAccessToken(ctx, {
+          grantType: "authorization_code",
+          accessTokenUrl,
+          clientId,
+          clientSecret,
+          scope,
+          credentialsInBody,
+          params: [
+            { name: "code", value: code },
+            ...redirectUri ? [{ name: "redirect_uri", value: redirectUri }] : []
+          ]
+        });
+        try {
+          resolve(await storeToken(ctx, contextId, response));
+        } catch (err) {
+          reject(err);
+        }
+      }
+    });
+  });
+}
+function createPkceCodeVerifier() {
+  return encodeForPkce((0, import_node_crypto.randomBytes)(32));
+}
+function createPkceCodeChallenge(verifier, method) {
+  if (method === "plain") {
+    return verifier;
+  }
+  const hash = encodeForPkce((0, import_node_crypto.createHash)("sha256").update(verifier).digest());
+  return hash.replace(/=/g, "").replace(/\+/g, "-").replace(/\//g, "_");
+}
+function encodeForPkce(bytes) {
+  return bytes.toString("base64").replace(/=/g, "").replace(/\+/g, "-").replace(/\//g, "_");
+}
+
+// src/grants/clientCredentials.ts
+async function getClientCredentials(ctx, contextId, {
+  accessTokenUrl,
+  clientId,
+  clientSecret,
+  scope,
+  credentialsInBody
+}) {
+  const token = await getToken(ctx, contextId);
+  if (token) {
+  }
+  const response = await getAccessToken(ctx, {
+    grantType: "client_credentials",
+    accessTokenUrl,
+    clientId,
+    clientSecret,
+    scope,
+    credentialsInBody,
+    params: []
+  });
+  return storeToken(ctx, contextId, response);
+}
+
+// src/grants/implicit.ts
+function getImplicit(ctx, contextId, {
+  authorizationUrl: authorizationUrlRaw,
+  responseType,
+  clientId,
+  redirectUri,
+  scope,
+  state
+}) {
+  return new Promise(async (resolve, reject) => {
+    const token = await getToken(ctx, contextId);
+    if (token) {
+    }
+    const authorizationUrl = new URL(`${authorizationUrlRaw ?? ""}`);
+    authorizationUrl.searchParams.set("response_type", "code");
+    authorizationUrl.searchParams.set("client_id", clientId);
+    if (redirectUri) authorizationUrl.searchParams.set("redirect_uri", redirectUri);
+    if (scope) authorizationUrl.searchParams.set("scope", scope);
+    if (state) authorizationUrl.searchParams.set("state", state);
+    if (responseType.includes("id_token")) {
+      authorizationUrl.searchParams.set("nonce", String(Math.floor(Math.random() * 9999999999999) + 1));
+    }
+    const authorizationUrlStr = authorizationUrl.toString();
+    let { close } = await ctx.window.openUrl({
+      url: authorizationUrlStr,
+      label: "oauth-authorization-url",
+      async onNavigate({ url: urlStr }) {
+        const url = new URL(urlStr);
+        if (url.searchParams.has("error")) {
+          return reject(Error(`Failed to authorize: ${url.searchParams.get("error")}`));
+        }
+        close();
+        const hash = url.hash.slice(1);
+        const params = new URLSearchParams(hash);
+        const idToken = params.get("id_token");
+        if (idToken) {
+          params.set("access_token", idToken);
+          params.delete("id_token");
+        }
+        const response = Object.fromEntries(params);
+        try {
+          resolve(await storeToken(ctx, contextId, response));
+        } catch (err) {
+          reject(err);
+        }
+      }
+    });
+  });
+}
+
+// src/grants/password.ts
+async function getPassword(ctx, contextId, {
+  accessTokenUrl,
+  clientId,
+  clientSecret,
+  username,
+  password,
+  credentialsInBody,
+  scope
+}) {
+  const token = await getOrRefreshAccessToken(ctx, contextId, {
+    accessTokenUrl,
+    scope,
+    clientId,
+    clientSecret,
+    credentialsInBody
+  });
+  if (token != null) {
+    return token;
+  }
+  const response = await getAccessToken(ctx, {
+    accessTokenUrl,
+    clientId,
+    clientSecret,
+    scope,
+    grantType: "password",
+    credentialsInBody,
+    params: [
+      { name: "username", value: username },
+      { name: "password", value: password }
+    ]
+  });
+  return storeToken(ctx, contextId, response);
+}
+
+// src/index.ts
+var grantTypes = [
+  { label: "Authorization Code", value: "authorization_code" },
+  { label: "Implicit", value: "implicit" },
+  { label: "Resource Owner Password Credential", value: "password" },
+  { label: "Client Credentials", value: "client_credentials" }
+];
+var defaultGrantType = grantTypes[0].value;
+function hiddenIfNot(grantTypes2, ...other) {
+  return (_ctx, { values }) => {
+    const hasGrantType = grantTypes2.find((t) => t === String(values.grantType ?? defaultGrantType));
+    const hasOtherBools = other.every((t) => t(values));
+    const show = hasGrantType && hasOtherBools;
+    return { hidden: !show };
+  };
+}
+var authorizationUrls = [
+  "https://github.com/login/oauth/authorize",
+  "https://account.box.com/api/oauth2/authorize",
+  "https://accounts.google.com/o/oauth2/v2/auth",
+  "https://api.imgur.com/oauth2/authorize",
+  "https://bitly.com/oauth/authorize",
+  "https://gitlab.example.com/oauth/authorize",
+  "https://medium.com/m/oauth/authorize",
+  "https://public-api.wordpress.com/oauth2/authorize",
+  "https://slack.com/oauth/authorize",
+  "https://todoist.com/oauth/authorize",
+  "https://www.dropbox.com/oauth2/authorize",
+  "https://www.linkedin.com/oauth/v2/authorization",
+  "https://MY_SHOP.myshopify.com/admin/oauth/access_token"
+];
+var accessTokenUrls = [
+  "https://github.com/login/oauth/access_token",
+  "https://api-ssl.bitly.com/oauth/access_token",
+  "https://api.box.com/oauth2/token",
+  "https://api.dropboxapi.com/oauth2/token",
+  "https://api.imgur.com/oauth2/token",
+  "https://api.medium.com/v1/tokens",
+  "https://gitlab.example.com/oauth/token",
+  "https://public-api.wordpress.com/oauth2/token",
+  "https://slack.com/api/oauth.access",
+  "https://todoist.com/oauth/access_token",
+  "https://www.googleapis.com/oauth2/v4/token",
+  "https://www.linkedin.com/oauth/v2/accessToken",
+  "https://MY_SHOP.myshopify.com/admin/oauth/authorize"
+];
+var plugin = {
+  authentication: {
+    name: "oauth2",
+    label: "OAuth 2.0",
+    shortLabel: "OAuth 2",
+    actions: [
+      {
+        label: "Copy Current Token",
+        icon: "copy",
+        async onSelect(ctx, { contextId }) {
+          const token = await getToken(ctx, contextId);
+          if (token == null) {
+            await ctx.toast.show({ message: "No token to copy", color: "warning" });
+          } else {
+            await ctx.clipboard.copyText(token.response.access_token);
+            await ctx.toast.show({ message: "Token copied to clipboard", icon: "copy", color: "success" });
+          }
+        }
+      },
+      {
+        label: "Delete Token",
+        icon: "trash",
+        async onSelect(ctx, { contextId }) {
+          if (await deleteToken(ctx, contextId)) {
+            await ctx.toast.show({ message: "Token deleted", color: "success" });
+          } else {
+            await ctx.toast.show({ message: "No token to delete", color: "warning" });
+          }
+        }
+      }
+    ],
+    args: [
+      {
+        type: "select",
+        name: "grantType",
+        label: "Grant Type",
+        hideLabel: true,
+        defaultValue: defaultGrantType,
+        options: grantTypes
+      },
+      // Always-present fields
+      { type: "text", name: "clientId", label: "Client ID" },
+      {
+        type: "text",
+        name: "clientSecret",
+        label: "Client Secret",
+        password: true,
+        dynamic: hiddenIfNot(["authorization_code", "password", "client_credentials"])
+      },
+      {
+        type: "text",
+        name: "authorizationUrl",
+        label: "Authorization URL",
+        dynamic: hiddenIfNot(["authorization_code", "implicit"]),
+        placeholder: authorizationUrls[0],
+        completionOptions: authorizationUrls.map((url) => ({ label: url, value: url }))
+      },
+      {
+        type: "text",
+        name: "accessTokenUrl",
+        label: "Access Token URL",
+        placeholder: accessTokenUrls[0],
+        dynamic: hiddenIfNot(["authorization_code", "password", "client_credentials"]),
+        completionOptions: accessTokenUrls.map((url) => ({ label: url, value: url }))
+      },
+      {
+        type: "text",
+        name: "redirectUri",
+        label: "Redirect URI",
+        optional: true,
+        dynamic: hiddenIfNot(["authorization_code", "implicit"])
+      },
+      {
+        type: "text",
+        name: "state",
+        label: "State",
+        optional: true,
+        dynamic: hiddenIfNot(["authorization_code", "implicit"])
+      },
+      {
+        type: "checkbox",
+        name: "usePkce",
+        label: "Use PKCE",
+        dynamic: hiddenIfNot(["authorization_code"])
+      },
+      {
+        type: "select",
+        name: "pkceChallengeMethod",
+        label: "Code Challenge Method",
+        options: [{ label: "SHA-256", value: PKCE_SHA256 }, { label: "Plain", value: PKCE_PLAIN }],
+        defaultValue: DEFAULT_PKCE_METHOD,
+        dynamic: hiddenIfNot(["authorization_code"], ({ usePkce }) => !!usePkce)
+      },
+      {
+        type: "text",
+        name: "pkceCodeVerifier",
+        label: "Code Verifier",
+        placeholder: "Automatically generated if not provided",
+        optional: true,
+        dynamic: hiddenIfNot(["authorization_code"], ({ usePkce }) => !!usePkce)
+      },
+      {
+        type: "text",
+        name: "username",
+        label: "Username",
+        optional: true,
+        dynamic: hiddenIfNot(["password"])
+      },
+      {
+        type: "text",
+        name: "password",
+        label: "Password",
+        password: true,
+        optional: true,
+        dynamic: hiddenIfNot(["password"])
+      },
+      {
+        type: "select",
+        name: "responseType",
+        label: "Response Type",
+        defaultValue: "token",
+        options: [
+          { label: "Access Token", value: "token" },
+          { label: "ID Token", value: "id_token" },
+          { label: "ID and Access Token", value: "id_token token" }
+        ],
+        dynamic: hiddenIfNot(["implicit"])
+      },
+      {
+        type: "accordion",
+        label: "Advanced",
+        inputs: [
+          { type: "text", name: "scope", label: "Scope", optional: true },
+          { type: "text", name: "headerPrefix", label: "Header Prefix", optional: true, defaultValue: "Bearer" },
+          {
+            type: "select",
+            name: "credentials",
+            label: "Send Credentials",
+            defaultValue: "body",
+            options: [
+              { label: "In Request Body", value: "body" },
+              { label: "As Basic Authentication", value: "basic" }
+            ]
+          }
+        ]
+      },
+      {
+        type: "accordion",
+        label: "Access Token Response",
+        async dynamic(ctx, { contextId }) {
+          const token = await getToken(ctx, contextId);
+          if (token == null) {
+            return { hidden: true };
+          }
+          return {
+            label: "Access Token Response",
+            inputs: [
+              {
+                type: "editor",
+                defaultValue: JSON.stringify(token.response, null, 2),
+                hideLabel: true,
+                readOnly: true,
+                language: "json"
+              }
+            ]
+          };
+        }
+      }
+    ],
+    async onApply(ctx, { values, contextId }) {
+      const headerPrefix = optionalString(values, "headerPrefix") ?? "";
+      const grantType = requiredString(values, "grantType");
+      const credentialsInBody = values.credentials === "body";
+      let token;
+      if (grantType === "authorization_code") {
+        const authorizationUrl = requiredString(values, "authorizationUrl");
+        const accessTokenUrl = requiredString(values, "accessTokenUrl");
+        token = await getAuthorizationCode(ctx, contextId, {
+          accessTokenUrl: accessTokenUrl.match(/^https?:\/\//) ? accessTokenUrl : `https://${accessTokenUrl}`,
+          authorizationUrl: authorizationUrl.match(/^https?:\/\//) ? authorizationUrl : `https://${authorizationUrl}`,
+          clientId: requiredString(values, "clientId"),
+          clientSecret: requiredString(values, "clientSecret"),
+          redirectUri: optionalString(values, "redirectUri"),
+          scope: optionalString(values, "scope"),
+          state: optionalString(values, "state"),
+          credentialsInBody,
+          pkce: values.usePkce ? {
+            challengeMethod: requiredString(values, "pkceChallengeMethod"),
+            codeVerifier: optionalString(values, "pkceCodeVerifier")
+          } : null
+        });
+      } else if (grantType === "implicit") {
+        const authorizationUrl = requiredString(values, "authorizationUrl");
+        token = await getImplicit(ctx, contextId, {
+          authorizationUrl: authorizationUrl.match(/^https?:\/\//) ? authorizationUrl : `https://${authorizationUrl}`,
+          clientId: requiredString(values, "clientId"),
+          redirectUri: optionalString(values, "redirectUri"),
+          responseType: requiredString(values, "responseType"),
+          scope: optionalString(values, "scope"),
+          state: optionalString(values, "state")
+        });
+      } else if (grantType === "client_credentials") {
+        const accessTokenUrl = requiredString(values, "accessTokenUrl");
+        token = await getClientCredentials(ctx, contextId, {
+          accessTokenUrl: accessTokenUrl.match(/^https?:\/\//) ? accessTokenUrl : `https://${accessTokenUrl}`,
+          clientId: requiredString(values, "clientId"),
+          clientSecret: requiredString(values, "clientSecret"),
+          scope: optionalString(values, "scope"),
+          credentialsInBody
+        });
+      } else if (grantType === "password") {
+        const accessTokenUrl = requiredString(values, "accessTokenUrl");
+        token = await getPassword(ctx, contextId, {
+          accessTokenUrl: accessTokenUrl.match(/^https?:\/\//) ? accessTokenUrl : `https://${accessTokenUrl}`,
+          clientId: requiredString(values, "clientId"),
+          clientSecret: requiredString(values, "clientSecret"),
+          username: requiredString(values, "username"),
+          password: requiredString(values, "password"),
+          scope: optionalString(values, "scope"),
+          credentialsInBody
+        });
+      } else {
+        throw new Error("Invalid grant type " + grantType);
+      }
+      const headerValue = `${headerPrefix} ${token.response.access_token}`.trim();
+      return {
+        setHeaders: [{
+          name: "Authorization",
+          value: headerValue
+        }]
+      };
+    }
+  }
+};
+function optionalString(values, name) {
+  const arg = values[name];
+  if (arg == null || arg == "") return null;
+  return `${arg}`;
+}
+function requiredString(values, name) {
+  const arg = optionalString(values, name);
+  if (!arg) throw new Error(`Missing required argument ${name}`);
+  return arg;
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  plugin
+});
--- a/src-tauri/vendored/plugins/auth-oauth2/package.json
+++ b/src-tauri/vendored/plugins/auth-oauth2/package.json
@@ -0,0 +1,9 @@
+{
+  "name": "@yaakapp/auth-oauth2",
+  "private": true,
+  "version": "0.0.1",
+  "scripts": {
+    "build": "yaakcli build ./src/index.ts",
+    "dev": "yaakcli dev ./src/index.js"
+  }
+}
--- a/src-tauri/vendored/plugins/exporter-curl/build/index.js
+++ b/src-tauri/vendored/plugins/exporter-curl/build/index.js
@@ -27,14 +27,13 @@ module.exports = __toCommonJS(src_exports);
 var NEWLINE = "\\\n ";
 var plugin = {
  httpRequestActions: [{
-    key: "export-curl",
    label: "Copy as Curl",
    icon: "copy",
    async onSelect(ctx, args) {
      const rendered_request = await ctx.httpRequest.render({ httpRequest: args.httpRequest, purpose: "preview" });
      const data = await convertToCurl(rendered_request);
-      ctx.clipboard.copyText(data);
-      ctx.toast.show({ message: "Curl copied to clipboard", icon: "copy" });
+      await ctx.clipboard.copyText(data);
+      await ctx.toast.show({ message: "Curl copied to clipboard", icon: "copy", color: "success" });
    }
  }]
 };
--- a/src-tauri/vendored/plugins/template-function-response/build/index.js
+++ b/src-tauri/vendored/plugins/template-function-response/build/index.js
@@ -8824,8 +8824,8 @@ var behaviorArg = {
  label: "Sending Behavior",
  defaultValue: "smart",
  options: [
-    { name: "When no responses", value: "smart" },
-    { name: "Always", value: "always" }
+    { label: "When no responses", value: "smart" },
+    { label: "Always", value: "always" }
  ]
 };
 var requestArg = {
--- a/src-tauri/yaak-git/Cargo.toml
+++ b/src-tauri/yaak-git/Cargo.toml
@@ -0,0 +1,22 @@
+[package]
+name = "yaak-git"
+links = "yaak-git"
+version = "0.1.0"
+edition = "2021"
+publish = false
+
+[dependencies]
+chrono = { version = "0.4.38", features = ["serde"] }
+git2 = { version = "0.20.0" , features = ["vendored-libgit2", "vendored-openssl"]}
+log = "0.4.22"
+serde = { version = "1.0.215", features = ["derive"] }
+serde_json = "1.0.132"
+serde_yaml = "0.9.34"
+tauri = { workspace = true }
+thiserror = { workspace = true }
+ts-rs = { workspace = true, features = ["chrono-impl", "serde-json-impl"] }
+yaak-models = { workspace = true }
+yaak-sync = { workspace = true }
+
+[build-dependencies]
+tauri-plugin = { version = "2.0.3", features = ["build"] }
--- a/src-tauri/yaak-git/bindings/gen_git.ts
+++ b/src-tauri/yaak-git/bindings/gen_git.ts
@@ -0,0 +1,18 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+import type { SyncModel } from "./gen_models";
+
+export type GitAuthor = { name: string | null, email: string | null, };
+
+export type GitCommit = { author: GitAuthor, when: string, message: string | null, };
+
+export type GitStatus = "untracked" | "conflict" | "current" | "modified" | "removed" | "renamed" | "type_change";
+
+export type GitStatusEntry = { relaPath: string, status: GitStatus, staged: boolean, prev: SyncModel | null, next: SyncModel | null, };
+
+export type GitStatusSummary = { path: string, headRef: string | null, headRefShorthand: string | null, entries: Array<GitStatusEntry>, origins: Array<string>, localBranches: Array<string>, remoteBranches: Array<string>, };
+
+export type PullResult = { receivedBytes: number, receivedObjects: number, };
+
+export type PushResult = "success" | "nothing_to_push";
+
+export type PushType = "branch" | "tag";
--- a/src-tauri/yaak-git/bindings/gen_models.ts
+++ b/src-tauri/yaak-git/bindings/gen_models.ts
@@ -0,0 +1,23 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+
+export type Environment = { model: "environment", id: string, workspaceId: string, environmentId: string | null, createdAt: string, updatedAt: string, name: string, variables: Array<EnvironmentVariable>, };
+
+export type EnvironmentVariable = { enabled?: boolean, name: string, value: string, id?: string, };
+
+export type Folder = { model: "folder", id: string, createdAt: string, updatedAt: string, workspaceId: string, folderId: string | null, name: string, description: string, sortPriority: number, };
+
+export type GrpcMetadataEntry = { enabled?: boolean, name: string, value: string, id?: string, };
+
+export type GrpcRequest = { model: "grpc_request", id: string, createdAt: string, updatedAt: string, workspaceId: string, folderId: string | null, authenticationType: string | null, authentication: Record<string, any>, description: string, message: string, metadata: Array<GrpcMetadataEntry>, method: string | null, name: string, service: string | null, sortPriority: number, url: string, };
+
+export type HttpRequest = { model: "http_request", id: string, createdAt: string, updatedAt: string, workspaceId: string, folderId: string | null, authentication: Record<string, any>, authenticationType: string | null, body: Record<string, any>, bodyType: string | null, description: string, headers: Array<HttpRequestHeader>, method: string, name: string, sortPriority: number, url: string, urlParameters: Array<HttpUrlParameter>, };
+
+export type HttpRequestHeader = { enabled?: boolean, name: string, value: string, id?: string, };
+
+export type HttpUrlParameter = { enabled?: boolean, name: string, value: string, id?: string, };
+
+export type SyncModel = { "type": "workspace" } & Workspace | { "type": "environment" } & Environment | { "type": "folder" } & Folder | { "type": "http_request" } & HttpRequest | { "type": "grpc_request" } & GrpcRequest | { "type": "websocket_request" } & WebsocketRequest;
+
+export type WebsocketRequest = { model: "websocket_request", id: string, createdAt: string, updatedAt: string, workspaceId: string, folderId: string | null, authentication: Record<string, any>, authenticationType: string | null, description: string, headers: Array<HttpRequestHeader>, message: string, name: string, sortPriority: number, url: string, urlParameters: Array<HttpUrlParameter>, };
+
+export type Workspace = { model: "workspace", id: string, createdAt: string, updatedAt: string, name: string, description: string, settingValidateCertificates: boolean, settingFollowRedirects: boolean, settingRequestTimeout: number, };
--- a/src-tauri/yaak-git/build.rs
+++ b/src-tauri/yaak-git/build.rs
@@ -0,0 +1,19 @@
+const COMMANDS: &[&str] = &[
+    "add",
+    "branch",
+    "checkout",
+    "commit",
+    "delete_branch",
+    "fetch_all",
+    "initialize",
+    "log",
+    "merge_branch",
+    "pull",
+    "push",
+    "status",
+    "unstage",
+];
+
+fn main() {
+    tauri_plugin::Builder::new(COMMANDS).build();
+}
--- a/src-tauri/yaak-git/index.ts
+++ b/src-tauri/yaak-git/index.ts
@@ -0,0 +1,80 @@
+import { useMutation, useQuery, useQueryClient } from '@tanstack/react-query';
+import { invoke } from '@tauri-apps/api/core';
+import { GitCommit, GitStatusSummary, PullResult, PushResult } from './bindings/gen_git';
+
+export * from './bindings/gen_git';
+
+export function useGit(dir: string) {
+  const queryClient = useQueryClient();
+  const onSuccess = () => queryClient.invalidateQueries({ queryKey: ['git'] });
+
+  return [
+    {
+      log: useQuery<void, string, GitCommit[]>({
+        queryKey: ['git', 'log', dir],
+        queryFn: () => invoke('plugin:yaak-git|log', { dir }),
+      }),
+      status: useQuery<void, string, GitStatusSummary>({
+        refetchOnMount: true,
+        queryKey: ['git', 'status', dir],
+        queryFn: () => invoke('plugin:yaak-git|status', { dir }),
+      }),
+    },
+    {
+      add: useMutation<void, string, { relaPaths: string[] }>({
+        mutationKey: ['git', 'add', dir],
+        mutationFn: (args) => invoke('plugin:yaak-git|add', { dir, ...args }),
+        onSuccess,
+      }),
+      branch: useMutation<void, string, { branch: string }>({
+        mutationKey: ['git', 'branch', dir],
+        mutationFn: (args) => invoke('plugin:yaak-git|branch', { dir, ...args }),
+        onSuccess,
+      }),
+      mergeBranch: useMutation<void, string, { branch: string; force: boolean }>({
+        mutationKey: ['git', 'merge', dir],
+        mutationFn: (args) => invoke('plugin:yaak-git|merge_branch', { dir, ...args }),
+        onSuccess,
+      }),
+      deleteBranch: useMutation<void, string, { branch: string }>({
+        mutationKey: ['git', 'delete-branch', dir],
+        mutationFn: (args) => invoke('plugin:yaak-git|delete_branch', { dir, ...args }),
+        onSuccess,
+      }),
+      checkout: useMutation<string, string, { branch: string; force: boolean }>({
+        mutationKey: ['git', 'checkout', dir],
+        mutationFn: (args) => invoke('plugin:yaak-git|checkout', { dir, ...args }),
+        onSuccess,
+      }),
+      commit: useMutation<void, string, { message: string }>({
+        mutationKey: ['git', 'commit', dir],
+        mutationFn: (args) => invoke('plugin:yaak-git|commit', { dir, ...args }),
+        onSuccess,
+      }),
+      fetchAll: useMutation<string, string, void>({
+        mutationKey: ['git', 'checkout', dir],
+        mutationFn: () => invoke('plugin:yaak-git|fetch_all', { dir }),
+        onSuccess,
+      }),
+      push: useMutation<PushResult, string, void>({
+        mutationKey: ['git', 'push', dir],
+        mutationFn: () => invoke('plugin:yaak-git|push', { dir }),
+        onSuccess,
+      }),
+      pull: useMutation<PullResult, string, void>({
+        mutationKey: ['git', 'pull', dir],
+        mutationFn: () => invoke('plugin:yaak-git|pull', { dir }),
+        onSuccess,
+      }),
+      unstage: useMutation<void, string, { relaPaths: string[] }>({
+        mutationKey: ['git', 'unstage', dir],
+        mutationFn: (args) => invoke('plugin:yaak-git|unstage', { dir, ...args }),
+        onSuccess,
+      }),
+    },
+  ] as const;
+}
+
+export async function gitInit(dir: string) {
+  await invoke('plugin:yaak-git|initialize', { dir });
+}
--- a/src-tauri/yaak-git/package.json
+++ b/src-tauri/yaak-git/package.json
@@ -0,0 +1,6 @@
+{
+  "name": "@yaakapp-internal/git",
+  "private": true,
+  "version": "1.0.0",
+  "main": "index.ts"
+}
--- a/src-tauri/yaak-git/permissions/autogenerated/commands/add.toml
+++ b/src-tauri/yaak-git/permissions/autogenerated/commands/add.toml
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-add"
+description = "Enables the add command without any pre-configured scope."
+commands.allow = ["add"]
+
+[[permission]]
+identifier = "deny-add"
+description = "Denies the add command without any pre-configured scope."
+commands.deny = ["add"]
--- a/src-tauri/yaak-git/permissions/autogenerated/commands/branch.toml
+++ b/src-tauri/yaak-git/permissions/autogenerated/commands/branch.toml
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-branch"
+description = "Enables the branch command without any pre-configured scope."
+commands.allow = ["branch"]
+
+[[permission]]
+identifier = "deny-branch"
+description = "Denies the branch command without any pre-configured scope."
+commands.deny = ["branch"]
--- a/src-tauri/yaak-git/permissions/autogenerated/commands/checkout.toml
+++ b/src-tauri/yaak-git/permissions/autogenerated/commands/checkout.toml
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-checkout"
+description = "Enables the checkout command without any pre-configured scope."
+commands.allow = ["checkout"]
+
+[[permission]]
+identifier = "deny-checkout"
+description = "Denies the checkout command without any pre-configured scope."
+commands.deny = ["checkout"]
--- a/src-tauri/yaak-git/permissions/autogenerated/commands/checkout_remote.toml
+++ b/src-tauri/yaak-git/permissions/autogenerated/commands/checkout_remote.toml
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-checkout-remote"
+description = "Enables the checkout_remote command without any pre-configured scope."
+commands.allow = ["checkout_remote"]
+
+[[permission]]
+identifier = "deny-checkout-remote"
+description = "Denies the checkout_remote command without any pre-configured scope."
+commands.deny = ["checkout_remote"]
--- a/src-tauri/yaak-git/permissions/autogenerated/commands/commit.toml
+++ b/src-tauri/yaak-git/permissions/autogenerated/commands/commit.toml
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-commit"
+description = "Enables the commit command without any pre-configured scope."
+commands.allow = ["commit"]
+
+[[permission]]
+identifier = "deny-commit"
+description = "Denies the commit command without any pre-configured scope."
+commands.deny = ["commit"]
--- a/src-tauri/yaak-git/permissions/autogenerated/commands/delete_branch.toml
+++ b/src-tauri/yaak-git/permissions/autogenerated/commands/delete_branch.toml
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-delete-branch"
+description = "Enables the delete_branch command without any pre-configured scope."
+commands.allow = ["delete_branch"]
+
+[[permission]]
+identifier = "deny-delete-branch"
+description = "Denies the delete_branch command without any pre-configured scope."
+commands.deny = ["delete_branch"]
--- a/src-tauri/yaak-git/permissions/autogenerated/commands/fetch_all.toml
+++ b/src-tauri/yaak-git/permissions/autogenerated/commands/fetch_all.toml
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-fetch-all"
+description = "Enables the fetch_all command without any pre-configured scope."
+commands.allow = ["fetch_all"]
+
+[[permission]]
+identifier = "deny-fetch-all"
+description = "Denies the fetch_all command without any pre-configured scope."
+commands.deny = ["fetch_all"]
--- a/src-tauri/yaak-git/permissions/autogenerated/commands/initialize.toml
+++ b/src-tauri/yaak-git/permissions/autogenerated/commands/initialize.toml
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-initialize"
+description = "Enables the initialize command without any pre-configured scope."
+commands.allow = ["initialize"]
+
+[[permission]]
+identifier = "deny-initialize"
+description = "Denies the initialize command without any pre-configured scope."
+commands.deny = ["initialize"]
--- a/src-tauri/yaak-git/permissions/autogenerated/commands/log.toml
+++ b/src-tauri/yaak-git/permissions/autogenerated/commands/log.toml
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-log"
+description = "Enables the log command without any pre-configured scope."
+commands.allow = ["log"]
+
+[[permission]]
+identifier = "deny-log"
+description = "Denies the log command without any pre-configured scope."
+commands.deny = ["log"]
--- a/src-tauri/yaak-git/permissions/autogenerated/commands/merge_branch.toml
+++ b/src-tauri/yaak-git/permissions/autogenerated/commands/merge_branch.toml
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-merge-branch"
+description = "Enables the merge_branch command without any pre-configured scope."
+commands.allow = ["merge_branch"]
+
+[[permission]]
+identifier = "deny-merge-branch"
+description = "Denies the merge_branch command without any pre-configured scope."
+commands.deny = ["merge_branch"]
--- a/src-tauri/yaak-git/permissions/autogenerated/commands/pull.toml
+++ b/src-tauri/yaak-git/permissions/autogenerated/commands/pull.toml
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-pull"
+description = "Enables the pull command without any pre-configured scope."
+commands.allow = ["pull"]
+
+[[permission]]
+identifier = "deny-pull"
+description = "Denies the pull command without any pre-configured scope."
+commands.deny = ["pull"]
--- a/src-tauri/yaak-git/permissions/autogenerated/commands/push.toml
+++ b/src-tauri/yaak-git/permissions/autogenerated/commands/push.toml
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-push"
+description = "Enables the push command without any pre-configured scope."
+commands.allow = ["push"]
+
+[[permission]]
+identifier = "deny-push"
+description = "Denies the push command without any pre-configured scope."
+commands.deny = ["push"]
--- a/src-tauri/yaak-git/permissions/autogenerated/commands/status.toml
+++ b/src-tauri/yaak-git/permissions/autogenerated/commands/status.toml
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-status"
+description = "Enables the status command without any pre-configured scope."
+commands.allow = ["status"]
+
+[[permission]]
+identifier = "deny-status"
+description = "Denies the status command without any pre-configured scope."
+commands.deny = ["status"]
--- a/src-tauri/yaak-git/permissions/autogenerated/commands/unstage.toml
+++ b/src-tauri/yaak-git/permissions/autogenerated/commands/unstage.toml
@@ -0,0 +1,13 @@
+# Automatically generated - DO NOT EDIT!
+
+"$schema" = "../../schemas/schema.json"
+
+[[permission]]
+identifier = "allow-unstage"
+description = "Enables the unstage command without any pre-configured scope."
+commands.allow = ["unstage"]
+
+[[permission]]
+identifier = "deny-unstage"
+description = "Denies the unstage command without any pre-configured scope."
+commands.deny = ["unstage"]
--- a/src-tauri/yaak-git/permissions/autogenerated/reference.md
+++ b/src-tauri/yaak-git/permissions/autogenerated/reference.md
@@ -0,0 +1,391 @@
+## Default Permission
+
+Default permissions for the plugin
+
+- `allow-add`
+- `allow-branch`
+- `allow-checkout`
+- `allow-commit`
+- `allow-delete-branch`
+- `allow-fetch-all`
+- `allow-initialize`
+- `allow-log`
+- `allow-merge-branch`
+- `allow-pull`
+- `allow-push`
+- `allow-status`
+- `allow-unstage`
+
+## Permission Table
+
+<table>
+<tr>
+<th>Identifier</th>
+<th>Description</th>
+</tr>
+
+
+<tr>
+<td>
+
+`yaak-git:allow-add`
+
+</td>
+<td>
+
+Enables the add command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:deny-add`
+
+</td>
+<td>
+
+Denies the add command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:allow-branch`
+
+</td>
+<td>
+
+Enables the branch command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:deny-branch`
+
+</td>
+<td>
+
+Denies the branch command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:allow-checkout`
+
+</td>
+<td>
+
+Enables the checkout command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:deny-checkout`
+
+</td>
+<td>
+
+Denies the checkout command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:allow-checkout-remote`
+
+</td>
+<td>
+
+Enables the checkout_remote command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:deny-checkout-remote`
+
+</td>
+<td>
+
+Denies the checkout_remote command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:allow-commit`
+
+</td>
+<td>
+
+Enables the commit command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:deny-commit`
+
+</td>
+<td>
+
+Denies the commit command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:allow-delete-branch`
+
+</td>
+<td>
+
+Enables the delete_branch command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:deny-delete-branch`
+
+</td>
+<td>
+
+Denies the delete_branch command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:allow-fetch-all`
+
+</td>
+<td>
+
+Enables the fetch_all command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:deny-fetch-all`
+
+</td>
+<td>
+
+Denies the fetch_all command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:allow-initialize`
+
+</td>
+<td>
+
+Enables the initialize command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:deny-initialize`
+
+</td>
+<td>
+
+Denies the initialize command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:allow-log`
+
+</td>
+<td>
+
+Enables the log command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:deny-log`
+
+</td>
+<td>
+
+Denies the log command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:allow-merge-branch`
+
+</td>
+<td>
+
+Enables the merge_branch command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:deny-merge-branch`
+
+</td>
+<td>
+
+Denies the merge_branch command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:allow-pull`
+
+</td>
+<td>
+
+Enables the pull command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:deny-pull`
+
+</td>
+<td>
+
+Denies the pull command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:allow-push`
+
+</td>
+<td>
+
+Enables the push command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:deny-push`
+
+</td>
+<td>
+
+Denies the push command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:allow-status`
+
+</td>
+<td>
+
+Enables the status command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:deny-status`
+
+</td>
+<td>
+
+Denies the status command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:allow-unstage`
+
+</td>
+<td>
+
+Enables the unstage command without any pre-configured scope.
+
+</td>
+</tr>
+
+<tr>
+<td>
+
+`yaak-git:deny-unstage`
+
+</td>
+<td>
+
+Denies the unstage command without any pre-configured scope.
+
+</td>
+</tr>
+</table>
--- a/src-tauri/yaak-git/permissions/default.toml
+++ b/src-tauri/yaak-git/permissions/default.toml
@@ -0,0 +1,17 @@
+[default]
+description = "Default permissions for the plugin"
+permissions = [
+    "allow-add",
+    "allow-branch",
+    "allow-checkout",
+    "allow-commit",
+    "allow-delete-branch",
+    "allow-fetch-all",
+    "allow-initialize",
+    "allow-log",
+    "allow-merge-branch",
+    "allow-pull",
+    "allow-push",
+    "allow-status",
+    "allow-unstage",
+]
--- a/src-tauri/yaak-git/permissions/schemas/schema.json
+++ b/src-tauri/yaak-git/permissions/schemas/schema.json
@@ -0,0 +1,445 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "title": "PermissionFile",
+  "description": "Permission file that can define a default permission, a set of permissions or a list of inlined permissions.",
+  "type": "object",
+  "properties": {
+    "default": {
+      "description": "The default permission set for the plugin",
+      "anyOf": [
+        {
+          "$ref": "#/definitions/DefaultPermission"
+        },
+        {
+          "type": "null"
+        }
+      ]
+    },
+    "set": {
+      "description": "A list of permissions sets defined",
+      "type": "array",
+      "items": {
+        "$ref": "#/definitions/PermissionSet"
+      }
+    },
+    "permission": {
+      "description": "A list of inlined permissions",
+      "default": [],
+      "type": "array",
+      "items": {
+        "$ref": "#/definitions/Permission"
+      }
+    }
+  },
+  "definitions": {
+    "DefaultPermission": {
+      "description": "The default permission set of the plugin.\n\nWorks similarly to a permission with the \"default\" identifier.",
+      "type": "object",
+      "required": [
+        "permissions"
+      ],
+      "properties": {
+        "version": {
+          "description": "The version of the permission.",
+          "type": [
+            "integer",
+            "null"
+          ],
+          "format": "uint64",
+          "minimum": 1.0
+        },
+        "description": {
+          "description": "Human-readable description of what the permission does. Tauri convention is to use <h4> headings in markdown content for Tauri documentation generation purposes.",
+          "type": [
+            "string",
+            "null"
+          ]
+        },
+        "permissions": {
+          "description": "All permissions this set contains.",
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        }
+      }
+    },
+    "PermissionSet": {
+      "description": "A set of direct permissions grouped together under a new name.",
+      "type": "object",
+      "required": [
+        "description",
+        "identifier",
+        "permissions"
+      ],
+      "properties": {
+        "identifier": {
+          "description": "A unique identifier for the permission.",
+          "type": "string"
+        },
+        "description": {
+          "description": "Human-readable description of what the permission does.",
+          "type": "string"
+        },
+        "permissions": {
+          "description": "All permissions this set contains.",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/PermissionKind"
+          }
+        }
+      }
+    },
+    "Permission": {
+      "description": "Descriptions of explicit privileges of commands.\n\nIt can enable commands to be accessible in the frontend of the application.\n\nIf the scope is defined it can be used to fine grain control the access of individual or multiple commands.",
+      "type": "object",
+      "required": [
+        "identifier"
+      ],
+      "properties": {
+        "version": {
+          "description": "The version of the permission.",
+          "type": [
+            "integer",
+            "null"
+          ],
+          "format": "uint64",
+          "minimum": 1.0
+        },
+        "identifier": {
+          "description": "A unique identifier for the permission.",
+          "type": "string"
+        },
+        "description": {
+          "description": "Human-readable description of what the permission does. Tauri internal convention is to use <h4> headings in markdown content for Tauri documentation generation purposes.",
+          "type": [
+            "string",
+            "null"
+          ]
+        },
+        "commands": {
+          "description": "Allowed or denied commands when using this permission.",
+          "default": {
+            "allow": [],
+            "deny": []
+          },
+          "allOf": [
+            {
+              "$ref": "#/definitions/Commands"
+            }
+          ]
+        },
+        "scope": {
+          "description": "Allowed or denied scoped when using this permission.",
+          "allOf": [
+            {
+              "$ref": "#/definitions/Scopes"
+            }
+          ]
+        },
+        "platforms": {
+          "description": "Target platforms this permission applies. By default all platforms are affected by this permission.",
+          "type": [
+            "array",
+            "null"
+          ],
+          "items": {
+            "$ref": "#/definitions/Target"
+          }
+        }
+      }
+    },
+    "Commands": {
+      "description": "Allowed and denied commands inside a permission.\n\nIf two commands clash inside of `allow` and `deny`, it should be denied by default.",
+      "type": "object",
+      "properties": {
+        "allow": {
+          "description": "Allowed command.",
+          "default": [],
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        },
+        "deny": {
+          "description": "Denied command, which takes priority.",
+          "default": [],
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        }
+      }
+    },
+    "Scopes": {
+      "description": "An argument for fine grained behavior control of Tauri commands.\n\nIt can be of any serde serializable type and is used to allow or prevent certain actions inside a Tauri command. The configured scope is passed to the command and will be enforced by the command implementation.\n\n## Example\n\n```json { \"allow\": [{ \"path\": \"$HOME/**\" }], \"deny\": [{ \"path\": \"$HOME/secret.txt\" }] } ```",
+      "type": "object",
+      "properties": {
+        "allow": {
+          "description": "Data that defines what is allowed by the scope.",
+          "type": [
+            "array",
+            "null"
+          ],
+          "items": {
+            "$ref": "#/definitions/Value"
+          }
+        },
+        "deny": {
+          "description": "Data that defines what is denied by the scope. This should be prioritized by validation logic.",
+          "type": [
+            "array",
+            "null"
+          ],
+          "items": {
+            "$ref": "#/definitions/Value"
+          }
+        }
+      }
+    },
+    "Value": {
+      "description": "All supported ACL values.",
+      "anyOf": [
+        {
+          "description": "Represents a null JSON value.",
+          "type": "null"
+        },
+        {
+          "description": "Represents a [`bool`].",
+          "type": "boolean"
+        },
+        {
+          "description": "Represents a valid ACL [`Number`].",
+          "allOf": [
+            {
+              "$ref": "#/definitions/Number"
+            }
+          ]
+        },
+        {
+          "description": "Represents a [`String`].",
+          "type": "string"
+        },
+        {
+          "description": "Represents a list of other [`Value`]s.",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/Value"
+          }
+        },
+        {
+          "description": "Represents a map of [`String`] keys to [`Value`]s.",
+          "type": "object",
+          "additionalProperties": {
+            "$ref": "#/definitions/Value"
+          }
+        }
+      ]
+    },
+    "Number": {
+      "description": "A valid ACL number.",
+      "anyOf": [
+        {
+          "description": "Represents an [`i64`].",
+          "type": "integer",
+          "format": "int64"
+        },
+        {
+          "description": "Represents a [`f64`].",
+          "type": "number",
+          "format": "double"
+        }
+      ]
+    },
+    "Target": {
+      "description": "Platform target.",
+      "oneOf": [
+        {
+          "description": "MacOS.",
+          "type": "string",
+          "enum": [
+            "macOS"
+          ]
+        },
+        {
+          "description": "Windows.",
+          "type": "string",
+          "enum": [
+            "windows"
+          ]
+        },
+        {
+          "description": "Linux.",
+          "type": "string",
+          "enum": [
+            "linux"
+          ]
+        },
+        {
+          "description": "Android.",
+          "type": "string",
+          "enum": [
+            "android"
+          ]
+        },
+        {
+          "description": "iOS.",
+          "type": "string",
+          "enum": [
+            "iOS"
+          ]
+        }
+      ]
+    },
+    "PermissionKind": {
+      "type": "string",
+      "oneOf": [
+        {
+          "description": "Enables the add command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-add"
+        },
+        {
+          "description": "Denies the add command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-add"
+        },
+        {
+          "description": "Enables the branch command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-branch"
+        },
+        {
+          "description": "Denies the branch command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-branch"
+        },
+        {
+          "description": "Enables the checkout command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-checkout"
+        },
+        {
+          "description": "Denies the checkout command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-checkout"
+        },
+        {
+          "description": "Enables the checkout_remote command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-checkout-remote"
+        },
+        {
+          "description": "Denies the checkout_remote command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-checkout-remote"
+        },
+        {
+          "description": "Enables the commit command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-commit"
+        },
+        {
+          "description": "Denies the commit command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-commit"
+        },
+        {
+          "description": "Enables the delete_branch command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-delete-branch"
+        },
+        {
+          "description": "Denies the delete_branch command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-delete-branch"
+        },
+        {
+          "description": "Enables the fetch_all command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-fetch-all"
+        },
+        {
+          "description": "Denies the fetch_all command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-fetch-all"
+        },
+        {
+          "description": "Enables the initialize command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-initialize"
+        },
+        {
+          "description": "Denies the initialize command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-initialize"
+        },
+        {
+          "description": "Enables the log command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-log"
+        },
+        {
+          "description": "Denies the log command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-log"
+        },
+        {
+          "description": "Enables the merge_branch command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-merge-branch"
+        },
+        {
+          "description": "Denies the merge_branch command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-merge-branch"
+        },
+        {
+          "description": "Enables the pull command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-pull"
+        },
+        {
+          "description": "Denies the pull command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-pull"
+        },
+        {
+          "description": "Enables the push command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-push"
+        },
+        {
+          "description": "Denies the push command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-push"
+        },
+        {
+          "description": "Enables the status command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-status"
+        },
+        {
+          "description": "Denies the status command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-status"
+        },
+        {
+          "description": "Enables the unstage command without any pre-configured scope.",
+          "type": "string",
+          "const": "allow-unstage"
+        },
+        {
+          "description": "Denies the unstage command without any pre-configured scope.",
+          "type": "string",
+          "const": "deny-unstage"
+        },
+        {
+          "description": "Default permissions for the plugin",
+          "type": "string",
+          "const": "default"
+        }
+      ]
+    }
+  }
+}
--- a/src-tauri/yaak-git/src/branch.rs
+++ b/src-tauri/yaak-git/src/branch.rs
@@ -0,0 +1,109 @@
+use crate::error::Error::GenericError;
+use crate::error::Result;
+use crate::merge::do_merge;
+use crate::repository::open_repo;
+use crate::util::{
+    bytes_to_string, get_branch_by_name, get_current_branch, get_default_remote_for_push_in_repo,
+};
+use git2::build::CheckoutBuilder;
+use git2::{BranchType, Repository};
+use log::info;
+use std::path::Path;
+
+pub(crate) fn branch_set_upstream_after_push(repo: &Repository, branch_name: &str) -> Result<()> {
+    let mut branch = repo.find_branch(branch_name, BranchType::Local)?;
+
+    if branch.upstream().is_err() {
+        let remote = get_default_remote_for_push_in_repo(repo)?;
+        let upstream_name = format!("{remote}/{branch_name}");
+        branch.set_upstream(Some(upstream_name.as_str()))?;
+    }
+
+    Ok(())
+}
+
+pub(crate) fn git_checkout_branch(dir: &Path, branch_name: &str, force: bool) -> Result<String> {
+    if branch_name.starts_with("origin/") {
+        return git_checkout_remote_branch(dir, branch_name, force);
+    }
+
+    let repo = open_repo(dir)?;
+    let branch = get_branch_by_name(&repo, branch_name)?;
+    let branch_ref = branch.into_reference();
+    let branch_tree = branch_ref.peel_to_tree()?;
+
+    let mut options = CheckoutBuilder::default();
+    if force {
+        options.force();
+    }
+
+    repo.checkout_tree(branch_tree.as_object(), Some(&mut options))?;
+    repo.set_head(branch_ref.name().unwrap())?;
+
+    Ok(branch_name.to_string())
+}
+
+pub(crate) fn git_checkout_remote_branch(dir: &Path, branch_name: &str, force: bool) -> Result<String> {
+    let branch_name = branch_name.trim_start_matches("origin/");
+    let repo = open_repo(dir)?;
+
+    let refname = format!("refs/remotes/origin/{}", branch_name);
+    let remote_ref = repo.find_reference(&refname)?;
+    let commit = remote_ref.peel_to_commit()?;
+
+    let mut new_branch = repo.branch(branch_name, &commit, false)?;
+    let upstream_name = format!("origin/{}", branch_name);
+    new_branch.set_upstream(Some(&upstream_name))?;
+
+    return git_checkout_branch(dir, branch_name, force)
+}
+
+pub(crate) fn git_create_branch(dir: &Path, name: &str) -> Result<()> {
+    let repo = open_repo(dir)?;
+    let head = match repo.head() {
+        Ok(h) => h,
+        Err(e) if e.code() == git2::ErrorCode::UnbornBranch => {
+            let msg = "Cannot create branch when there are no commits";
+            return Err(GenericError(msg.into()));
+        }
+        Err(e) => return Err(e.into()),
+    };
+    let head = head.peel_to_commit()?;
+
+    repo.branch(name, &head, false)?;
+
+    Ok(())
+}
+
+pub(crate) fn git_delete_branch(dir: &Path, name: &str) -> Result<()> {
+    let repo = open_repo(dir)?;
+    let mut branch = get_branch_by_name(&repo, name)?;
+
+    if branch.is_head() {
+        info!("Deleting head branch");
+        let branches = repo.branches(Some(BranchType::Local))?;
+        let other_branch = branches.into_iter().filter_map(|b| b.ok()).find(|b| !b.0.is_head());
+        let other_branch = match other_branch {
+            None => return Err(GenericError("Cannot delete only branch".into())),
+            Some(b) => bytes_to_string(b.0.name_bytes()?)?,
+        };
+
+        git_checkout_branch(dir, &other_branch, true)?;
+    }
+
+    branch.delete()?;
+
+    Ok(())
+}
+
+pub(crate) fn git_merge_branch(dir: &Path, name: &str, _force: bool) -> Result<()> {
+    let repo = open_repo(dir)?;
+    let local_branch = get_current_branch(&repo)?.unwrap();
+
+    let commit_to_merge = get_branch_by_name(&repo, name)?.into_reference();
+    let commit_to_merge = repo.reference_to_annotated_commit(&commit_to_merge)?;
+
+    do_merge(&repo, &local_branch, &commit_to_merge)?;
+
+    Ok(())
+}
--- a/src-tauri/yaak-git/src/callbacks.rs
+++ b/src-tauri/yaak-git/src/callbacks.rs
@@ -0,0 +1,76 @@
+use git2::{Cred, RemoteCallbacks};
+use log::{debug, info};
+use crate::util::find_ssh_key;
+
+pub(crate) fn default_callbacks<'s>() -> RemoteCallbacks<'s> {
+    let mut callbacks = RemoteCallbacks::new();
+
+    let mut fail_next_call = false;
+    let mut tried_agent = false;
+
+    callbacks.credentials(move |url, username_from_url, allowed_types| {
+        if fail_next_call {
+            info!("Failed to get credentials for push");
+            return Err(git2::Error::from_str("Bad credentials."));
+        }
+
+        debug!("getting credentials {url} {username_from_url:?} {allowed_types:?}");
+        match (allowed_types.is_ssh_key(), username_from_url) {
+            (true, Some(username)) => {
+                if !tried_agent {
+                    tried_agent = true;
+                    return Cred::ssh_key_from_agent(username);
+                }
+
+                fail_next_call = true; // This is our last try
+
+                // If the agent failed, try using the default SSH key
+                if let Some(key) = find_ssh_key() {
+                    Cred::ssh_key(username, None, key.as_path(), None)
+                } else {
+                    Err(git2::Error::from_str(
+                        "Bad credentials. Ensure your key was added using ssh-add",
+                    ))
+                }
+            }
+            (true, None) => Err(git2::Error::from_str("Couldn't get username from url")),
+            _ => {
+                return Err(git2::Error::from_str("https remotes are not (yet) supported"));
+            }
+        }
+    });
+
+    callbacks.push_transfer_progress(|current, total, bytes| {
+        debug!("progress: {}/{} ({} B)", current, total, bytes,);
+    });
+
+    callbacks.transfer_progress(|p| {
+        debug!("transfer: {}/{}", p.received_objects(), p.total_objects());
+        true
+    });
+
+    callbacks.pack_progress(|stage, current, total| {
+        debug!("packing: {:?} - {}/{}", stage, current, total);
+    });
+
+    callbacks.push_update_reference(|reference, msg| {
+        debug!("push_update_reference: '{}' {:?}", reference, msg);
+        Ok(())
+    });
+
+    callbacks.update_tips(|name, a, b| {
+        debug!("update tips: '{}' {} -> {}", name, a, b);
+        if a != b {
+            // let mut push_result = push_result.lock().unwrap();
+            // *push_result = PushResult::Success
+        }
+        true
+    });
+
+    callbacks.sideband_progress(|data| {
+        debug!("sideband transfer: '{}'", String::from_utf8_lossy(data).trim());
+        true
+    });
+
+    callbacks
+}
--- a/src-tauri/yaak-git/src/commands.rs
+++ b/src-tauri/yaak-git/src/commands.rs
@@ -0,0 +1,82 @@
+use crate::branch::{git_checkout_branch, git_create_branch, git_delete_branch, git_merge_branch};
+use crate::error::Result;
+use crate::fetch::git_fetch_all;
+use crate::git::{
+    git_add, git_commit, git_init, git_log, git_status, git_unstage, GitCommit, GitStatusSummary,
+};
+use crate::pull::{git_pull, PullResult};
+use crate::push::{git_push, PushResult};
+use std::path::{Path, PathBuf};
+use tauri::command;
+// NOTE: All of these commands are async to prevent blocking work from locking up the UI
+
+#[command]
+pub async fn checkout(dir: &Path, branch: &str, force: bool) -> Result<String> {
+    git_checkout_branch(dir, branch, force)
+}
+
+#[command]
+pub async fn branch(dir: &Path, branch: &str) -> Result<()> {
+    git_create_branch(dir, branch)
+}
+
+#[command]
+pub async fn delete_branch(dir: &Path, branch: &str) -> Result<()> {
+    git_delete_branch(dir, branch)
+}
+
+#[command]
+pub async fn merge_branch(dir: &Path, branch: &str, force: bool) -> Result<()> {
+    git_merge_branch(dir, branch, force)
+}
+
+#[command]
+pub async fn status(dir: &Path) -> Result<GitStatusSummary> {
+    git_status(dir)
+}
+
+#[command]
+pub async fn log(dir: &Path) -> Result<Vec<GitCommit>> {
+    git_log(dir)
+}
+
+#[command]
+pub async fn initialize(dir: &Path) -> Result<()> {
+    git_init(dir)
+}
+
+#[command]
+pub async fn commit(dir: &Path, message: &str) -> Result<()> {
+    git_commit(dir, message)
+}
+
+#[command]
+pub async fn fetch_all(dir: &Path) -> Result<()> {
+    git_fetch_all(dir)
+}
+
+#[command]
+pub async fn push(dir: &Path) -> Result<PushResult> {
+    git_push(dir)
+}
+
+#[command]
+pub async fn pull(dir: &Path) -> Result<PullResult> {
+    git_pull(dir)
+}
+
+#[command]
+pub async fn add(dir: &Path, rela_paths: Vec<PathBuf>) -> Result<()> {
+    for path in rela_paths {
+        git_add(dir, &path)?;
+    }
+    Ok(())
+}
+
+#[command]
+pub async fn unstage(dir: &Path, rela_paths: Vec<PathBuf>) -> Result<()> {
+    for path in rela_paths {
+        git_unstage(dir, &path)?;
+    }
+    Ok(())
+}
--- a/src-tauri/yaak-git/src/error.rs
+++ b/src-tauri/yaak-git/src/error.rs
@@ -0,0 +1,55 @@
+use serde::{Serialize, Serializer};
+use std::io;
+use std::path::PathBuf;
+use std::string::FromUtf8Error;
+use thiserror::Error;
+
+#[derive(Error, Debug)]
+pub enum Error {
+    #[error("Git repo not found {0}")]
+    GitRepoNotFound(PathBuf),
+
+    #[error("Git error: {0}")]
+    GitUnknown(#[from] git2::Error),
+
+    #[error("Yaml error: {0}")]
+    YamlParseError(#[from] serde_yaml::Error),
+
+    #[error("Yaml error: {0}")]
+    ModelError(#[from] yaak_models::error::Error),
+
+    #[error("Sync error: {0}")]
+    SyncError(#[from] yaak_sync::error::Error),
+
+    #[error("I/o error: {0}")]
+    IoError(#[from] io::Error),
+
+    #[error("Yaml error: {0}")]
+    JsonParseError(#[from] serde_json::Error),
+
+    #[error("Yaml error: {0}")]
+    Utf8ConversionError(#[from] FromUtf8Error),
+
+    #[error("Git error: {0}")]
+    GenericError(String),
+
+    #[error("No default remote found")]
+    NoDefaultRemoteFound,
+
+    #[error("Merge failed due to conflicts")]
+    MergeConflicts,
+
+    #[error("No active branch")]
+    NoActiveBranch,
+}
+
+impl Serialize for Error {
+    fn serialize<S>(&self, serializer: S) -> std::result::Result<S::Ok, S::Error>
+    where
+        S: Serializer,
+    {
+        serializer.serialize_str(self.to_string().as_ref())
+    }
+}
+
+pub type Result<T> = std::result::Result<T, Error>;
--- a/src-tauri/yaak-git/src/fetch.rs
+++ b/src-tauri/yaak-git/src/fetch.rs
@@ -0,0 +1,37 @@
+use crate::callbacks::default_callbacks;
+use crate::error::Result;
+use crate::repository::open_repo;
+use git2::{FetchOptions, ProxyOptions, Repository};
+use std::path::Path;
+
+pub(crate) fn git_fetch_all(dir: &Path) -> Result<()> {
+    let repo = open_repo(dir)?;
+    let remotes = repo.remotes()?.iter().flatten().map(String::from).collect::<Vec<_>>();
+
+    for (_idx, remote) in remotes.into_iter().enumerate() {
+        fetch_from_remote(&repo, &remote)?;
+    }
+
+    Ok(())
+}
+
+fn fetch_from_remote(repo: &Repository, remote: &str) -> Result<()> {
+    let mut remote = repo.find_remote(remote)?;
+
+    let mut options = FetchOptions::new();
+    let callbacks = default_callbacks();
+
+    options.prune(git2::FetchPrune::On);
+    let mut proxy = ProxyOptions::new();
+    proxy.auto();
+
+    options.proxy_options(proxy);
+    options.download_tags(git2::AutotagOption::All);
+    options.remote_callbacks(callbacks);
+
+    remote.fetch(&[] as &[&str], Some(&mut options), None)?;
+    // fetch tags (also removing remotely deleted ones)
+    remote.fetch(&["refs/tags/*:refs/tags/*"], Some(&mut options), None)?;
+
+    Ok(())
+}
--- a/src-tauri/yaak-git/src/git.rs
+++ b/src-tauri/yaak-git/src/git.rs
@@ -0,0 +1,673 @@
+use crate::error::Result;
+use crate::repository::open_repo;
+use crate::util::{local_branch_names, remote_branch_names};
+use chrono::{DateTime, Utc};
+use git2::IndexAddOption;
+use log::{info, warn};
+use serde::{Deserialize, Serialize};
+use std::fs;
+use std::path::Path;
+use ts_rs::TS;
+use yaak_sync::models::SyncModel;
+
+#[derive(Debug, Clone, Serialize, Deserialize, TS, PartialEq)]
+#[serde(rename_all = "camelCase")]
+#[ts(export, export_to = "gen_git.ts")]
+pub struct GitStatusSummary {
+    pub path: String,
+    pub head_ref: Option<String>,
+    pub head_ref_shorthand: Option<String>,
+    pub entries: Vec<GitStatusEntry>,
+    pub origins: Vec<String>,
+    pub local_branches: Vec<String>,
+    pub remote_branches: Vec<String>,
+}
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export, export_to = "gen_git.ts")]
+pub struct GitStatusEntry {
+    pub rela_path: String,
+    pub status: GitStatus,
+    pub staged: bool,
+    pub prev: Option<SyncModel>,
+    pub next: Option<SyncModel>,
+}
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize, TS)]
+#[serde(rename_all = "snake_case")]
+#[ts(export, export_to = "gen_git.ts")]
+pub enum GitStatus {
+    Untracked,
+    Conflict,
+    Current,
+    Modified,
+    Removed,
+    Renamed,
+    TypeChange,
+}
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export, export_to = "gen_git.ts")]
+pub struct GitCommit {
+    author: GitAuthor,
+    when: DateTime<Utc>,
+    message: Option<String>,
+}
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export, export_to = "gen_git.ts")]
+pub struct GitAuthor {
+    name: Option<String>,
+    email: Option<String>,
+}
+
+pub fn git_init(dir: &Path) -> Result<()> {
+    git2::Repository::init(dir)?;
+    let repo = open_repo(dir)?;
+    // Default to main instead of master, to align with
+    // the official Git and GitHub behavior
+    repo.set_head("refs/heads/main")?;
+    info!("Initialized {dir:?}");
+    Ok(())
+}
+
+pub fn git_add(dir: &Path, rela_path: &Path) -> Result<()> {
+    let repo = open_repo(dir)?;
+    let mut index = repo.index()?;
+
+    info!("Staging file {rela_path:?} to {dir:?}");
+    index.add_all(&[rela_path], IndexAddOption::DEFAULT, None)?;
+    index.write()?;
+
+    Ok(())
+}
+
+pub fn git_unstage(dir: &Path, rela_path: &Path) -> Result<()> {
+    let repo = open_repo(dir)?;
+
+    let head = match repo.head() {
+        Ok(h) => h,
+        Err(e) if e.code() == git2::ErrorCode::UnbornBranch => {
+            info!("Unstaging file in empty branch {rela_path:?} to {dir:?}");
+            // Repo has no commits, so "unstage" means remove from index
+            let mut index = repo.index()?;
+            index.remove_path(rela_path)?;
+            index.write()?;
+            return Ok(());
+        }
+        Err(e) => return Err(e.into()),
+    };
+
+    // If repo has commits, update the index entry back to HEAD
+    info!("Unstaging file {rela_path:?} to {dir:?}");
+    let commit = head.peel_to_commit()?;
+    repo.reset_default(Some(commit.as_object()), &[rela_path])?;
+
+    Ok(())
+}
+
+pub fn git_commit(dir: &Path, message: &str) -> Result<()> {
+    let repo = open_repo(dir)?;
+
+    // Clear the in-memory index, add the paths, and write the tree for committing
+    let tree_oid = repo.index()?.write_tree()?;
+    let tree = repo.find_tree(tree_oid)?;
+
+    // Make the signature
+    let config = git2::Config::open_default()?.snapshot()?;
+    let name = config.get_str("user.name").unwrap_or("Change Me");
+    let email = config.get_str("user.email").unwrap_or("change_me@example.com");
+    let sig = git2::Signature::now(name, email)?;
+
+    // Get the current HEAD commit (if it exists)
+    let parent_commit = match repo.head() {
+        Ok(head) => Some(head.peel_to_commit()?),
+        Err(_) => None, // No parent if no HEAD exists (initial commit)
+    };
+
+    let parents = parent_commit.as_ref().map(|p| vec![p]).unwrap_or_default();
+    repo.commit(Some("HEAD"), &sig, &sig, message, &tree, parents.as_slice())?;
+
+    info!("Committed to {dir:?}");
+
+    Ok(())
+}
+
+pub fn git_log(dir: &Path) -> Result<Vec<GitCommit>> {
+    let repo = open_repo(dir)?;
+
+    // Return empty if empty repo or no head (new repo)
+    if repo.is_empty()? || repo.head().is_err() {
+        return Ok(vec![]);
+    }
+
+    let mut revwalk = repo.revwalk()?;
+    revwalk.push_head()?;
+    revwalk.set_sorting(git2::Sort::TIME)?;
+
+    // Run git log
+    macro_rules! filter_try {
+        ($e:expr) => {
+            match $e {
+                Ok(t) => t,
+                Err(_) => return None,
+            }
+        };
+    }
+    let log: Vec<GitCommit> = revwalk
+        .filter_map(|oid| {
+            let oid = filter_try!(oid);
+            let commit = filter_try!(repo.find_commit(oid));
+            let author = commit.author();
+            Some(GitCommit {
+                author: GitAuthor {
+                    name: author.name().map(|s| s.to_string()),
+                    email: author.email().map(|s| s.to_string()),
+                },
+                when: convert_git_time_to_date(author.when()),
+                message: commit.message().map(|m| m.to_string()),
+            })
+        })
+        .collect();
+
+    Ok(log)
+}
+
+pub fn git_status(dir: &Path) -> Result<GitStatusSummary> {
+    let repo = open_repo(dir)?;
+    let (head_tree, head_ref, head_ref_shorthand) = match repo.head() {
+        Ok(head) => {
+            let tree = head.peel_to_tree().ok();
+            let head_ref_shorthand = head.shorthand().map(|s| s.to_string());
+            let head_ref = head.name().map(|s| s.to_string());
+
+            (tree, head_ref, head_ref_shorthand)
+        }
+        Err(_) => {
+            // For "unborn" repos, reading from HEAD is the only way to get the branch name
+            // See https://github.com/starship/starship/pull/1336
+            let head_path = repo.path().join("HEAD");
+            let head_ref = fs::read_to_string(&head_path)
+                .ok()
+                .unwrap_or_default()
+                .lines()
+                .next()
+                .map(|s| s.trim_start_matches("ref:").trim().to_string());
+            let head_ref_shorthand =
+                head_ref.clone().map(|r| r.split('/').last().unwrap_or("unknown").to_string());
+            (None, head_ref, head_ref_shorthand)
+        }
+    };
+
+    let mut opts = git2::StatusOptions::new();
+    opts.include_ignored(false)
+        .include_untracked(true) // Include untracked
+        .recurse_untracked_dirs(true) // Show all untracked
+        .include_unmodified(true); // Include unchanged
+
+    // TODO: Support renames
+
+    let mut entries: Vec<GitStatusEntry> = Vec::new();
+    for entry in repo.statuses(Some(&mut opts))?.into_iter() {
+        let rela_path = entry.path().unwrap().to_string();
+        let status = entry.status();
+        let index_status = match status {
+            // Note: order matters here, since we're checking a bitmap!
+            s if s.contains(git2::Status::CONFLICTED) => GitStatus::Conflict,
+            s if s.contains(git2::Status::INDEX_NEW) => GitStatus::Untracked,
+            s if s.contains(git2::Status::INDEX_MODIFIED) => GitStatus::Modified,
+            s if s.contains(git2::Status::INDEX_DELETED) => GitStatus::Removed,
+            s if s.contains(git2::Status::INDEX_RENAMED) => GitStatus::Renamed,
+            s if s.contains(git2::Status::INDEX_TYPECHANGE) => GitStatus::TypeChange,
+            s if s.contains(git2::Status::CURRENT) => GitStatus::Current,
+            s => {
+                warn!("Unknown index status {s:?}");
+                continue;
+            }
+        };
+
+        let worktree_status = match status {
+            // Note: order matters here, since we're checking a bitmap!
+            s if s.contains(git2::Status::CONFLICTED) => GitStatus::Conflict,
+            s if s.contains(git2::Status::WT_NEW) => GitStatus::Untracked,
+            s if s.contains(git2::Status::WT_MODIFIED) => GitStatus::Modified,
+            s if s.contains(git2::Status::WT_DELETED) => GitStatus::Removed,
+            s if s.contains(git2::Status::WT_RENAMED) => GitStatus::Renamed,
+            s if s.contains(git2::Status::WT_TYPECHANGE) => GitStatus::TypeChange,
+            s if s.contains(git2::Status::CURRENT) => GitStatus::Current,
+            s => {
+                warn!("Unknown worktree status {s:?}");
+                continue;
+            }
+        };
+
+        let status = if index_status == GitStatus::Current {
+            worktree_status.clone()
+        } else {
+            index_status.clone()
+        };
+
+        let staged = if index_status == GitStatus::Current && worktree_status == GitStatus::Current
+        {
+            // No change, so can't be added
+            false
+        } else if index_status != GitStatus::Current {
+            true
+        } else {
+            false
+        };
+
+        // Get previous content from Git, if it's in there
+        let prev = match head_tree.clone() {
+            None => None,
+            Some(t) => match t.get_path(&Path::new(&rela_path)) {
+                Ok(entry) => {
+                    let obj = entry.to_object(&repo).unwrap();
+                    let content = obj.as_blob().unwrap().content();
+                    let name = Path::new(entry.name().unwrap_or_default());
+                    SyncModel::from_bytes(content.into(), name)?.map(|m| m.0)
+                }
+                Err(_) => None,
+            },
+        };
+
+        let next = {
+            let full_path = repo.workdir().unwrap().join(rela_path.clone());
+            SyncModel::from_file(full_path.as_path())?.map(|m| m.0)
+        };
+
+        entries.push(GitStatusEntry {
+            status,
+            staged,
+            rela_path,
+            prev: prev.clone(),
+            next: next.clone(),
+        })
+    }
+
+    let origins = repo.remotes()?.into_iter().filter_map(|o| Some(o?.to_string())).collect();
+    let local_branches = local_branch_names(&repo)?;
+    let remote_branches = remote_branch_names(&repo)?;
+
+    Ok(GitStatusSummary {
+        entries,
+        origins,
+        path: dir.to_string_lossy().to_string(),
+        head_ref,
+        head_ref_shorthand,
+        local_branches,
+        remote_branches,
+    })
+}
+
+#[cfg(test)]
+fn convert_git_time_to_date(_git_time: git2::Time) -> DateTime<Utc> {
+    DateTime::from_timestamp(0, 0).unwrap()
+}
+
+#[cfg(not(test))]
+fn convert_git_time_to_date(git_time: git2::Time) -> DateTime<Utc> {
+    let timestamp = git_time.seconds();
+    DateTime::from_timestamp(timestamp, 0).unwrap()
+}
+
+// // Write a test
+// #[cfg(test)]
+// mod test {
+//     use crate::error::Error::GitRepoNotFound;
+//     use crate::error::Result;
+//     use crate::git::{
+//         git_add, git_commit, git_init, git_log, git_status, git_unstage, open_repo, GitStatus,
+//         GitStatusEntry,
+//     };
+//     use std::fs::{create_dir_all, remove_file, File};
+//     use std::io::Write;
+//     use std::path::{Path, PathBuf};
+//     use tempdir::TempDir;
+//
+//     fn new_dir() -> PathBuf {
+//         let p = TempDir::new("yaak-git").unwrap().into_path();
+//         p
+//     }
+//
+//     fn new_file(path: &Path, content: &str) {
+//         let parent = path.parent().unwrap();
+//         create_dir_all(parent).unwrap();
+//         File::create(path).unwrap().write_all(content.as_bytes()).unwrap();
+//     }
+//
+//     #[tokio::test]
+//     async fn test_status_no_repo() {
+//         let dir = &new_dir();
+//         let result = git_status(dir).await;
+//         assert!(matches!(result, Err(GitRepoNotFound(_))));
+//     }
+//
+//     #[test]
+//     fn test_open_repo() -> Result<()> {
+//         let dir = &new_dir();
+//         git_init(dir)?;
+//         open_repo(dir.as_path())?;
+//         Ok(())
+//     }
+//
+//     #[test]
+//     fn test_open_repo_from_subdir() -> Result<()> {
+//         let dir = &new_dir();
+//         git_init(dir)?;
+//
+//         let sub_dir = dir.join("a").join("b");
+//         create_dir_all(sub_dir.as_path())?; // Create sub dir
+//
+//         open_repo(sub_dir.as_path())?;
+//         Ok(())
+//     }
+//
+//     #[tokio::test]
+//     async fn test_status() -> Result<()> {
+//         let dir = &new_dir();
+//         git_init(dir)?;
+//
+//         assert_eq!(git_status(dir).await?.entries, Vec::new());
+//
+//         new_file(&dir.join("foo.txt"), "foo");
+//         new_file(&dir.join("bar.txt"), "bar");
+//         new_file(&dir.join("dir/baz.txt"), "baz");
+//         assert_eq!(
+//             git_status(dir).await?.entries,
+//             vec![
+//                 GitStatusEntry {
+//                     rela_path: "bar.txt".to_string(),
+//                     status: GitStatus::Added,
+//                     staged: false,
+//                     prev: None,
+//                     next: Some("bar".to_string()),
+//                 },
+//                 GitStatusEntry {
+//                     rela_path: "dir/baz.txt".to_string(),
+//                     status: GitStatus::Added,
+//                     staged: false,
+//                     prev: None,
+//                     next: Some("baz".to_string()),
+//                 },
+//                 GitStatusEntry {
+//                     rela_path: "foo.txt".to_string(),
+//                     status: GitStatus::Added,
+//                     staged: false,
+//                     prev: None,
+//                     next: Some("foo".to_string()),
+//                 },
+//             ],
+//         );
+//         Ok(())
+//     }
+//
+//     #[tokio::test]
+//     fn test_add() -> Result<()> {
+//         let dir = &new_dir();
+//         git_init(dir)?;
+//
+//         new_file(&dir.join("foo.txt"), "foo");
+//         new_file(&dir.join("bar.txt"), "bar");
+//
+//         git_add(dir, Path::new("foo.txt"))?;
+//
+//         assert_eq!(
+//             git_status(dir).await?.entries,
+//             vec![
+//                 GitStatusEntry {
+//                     rela_path: "bar.txt".to_string(),
+//                     status: GitStatus::Added,
+//                     staged: false,
+//                     prev: None,
+//                     next: Some("bar".to_string()),
+//                 },
+//                 GitStatusEntry {
+//                     rela_path: "foo.txt".to_string(),
+//                     status: GitStatus::Added,
+//                     staged: true,
+//                     prev: None,
+//                     next: Some("foo".to_string()),
+//                 },
+//             ],
+//         );
+//
+//         new_file(&dir.join("foo.txt"), "foo foo");
+//         assert_eq!(
+//             git_status(dir).await?.entries,
+//             vec![
+//                 GitStatusEntry {
+//                     rela_path: "bar.txt".to_string(),
+//                     status: GitStatus::Added,
+//                     staged: false,
+//                     prev: None,
+//                     next: Some("bar".to_string()),
+//                 },
+//                 GitStatusEntry {
+//                     rela_path: "foo.txt".to_string(),
+//                     status: GitStatus::Added,
+//                     staged: true,
+//                     prev: None,
+//                     next: Some("foo foo".to_string()),
+//                 },
+//             ],
+//         );
+//         Ok(())
+//     }
+//
+//     #[tokio::test]
+//     fn test_unstage() -> Result<()> {
+//         let dir = &new_dir();
+//         git_init(dir)?;
+//
+//         new_file(&dir.join("foo.txt"), "foo");
+//         new_file(&dir.join("bar.txt"), "bar");
+//
+//         git_add(dir, Path::new("foo.txt"))?;
+//         assert_eq!(
+//             git_status(dir).await?.entries,
+//             vec![
+//                 GitStatusEntry {
+//                     rela_path: "bar.txt".to_string(),
+//                     status: GitStatus::Added,
+//                     staged: false,
+//                     prev: None,
+//                     next: Some("bar".to_string()),
+//                 },
+//                 GitStatusEntry {
+//                     rela_path: "foo.txt".to_string(),
+//                     status: GitStatus::Added,
+//                     staged: true,
+//                     prev: None,
+//                     next: Some("foo".to_string()),
+//                 },
+//             ]
+//         );
+//
+//         git_unstage(dir, Path::new("foo.txt"))?;
+//         assert_eq!(
+//             git_status(dir).await?.entries,
+//             vec![
+//                 GitStatusEntry {
+//                     rela_path: "bar.txt".to_string(),
+//                     status: GitStatus::Added,
+//                     staged: false,
+//                     prev: None,
+//                     next: Some("bar".to_string()),
+//                 },
+//                 GitStatusEntry {
+//                     rela_path: "foo.txt".to_string(),
+//                     status: GitStatus::Added,
+//                     staged: false,
+//                     prev: None,
+//                     next: Some("foo".to_string()),
+//                 }
+//             ]
+//         );
+//
+//         Ok(())
+//     }
+//
+//     #[tokio::test]
+//     fn test_commit() -> Result<()> {
+//         let dir = &new_dir();
+//         git_init(dir)?;
+//
+//         new_file(&dir.join("foo.txt"), "foo");
+//         new_file(&dir.join("bar.txt"), "bar");
+//
+//         assert_eq!(
+//             git_status(dir).await?.entries,
+//             vec![
+//                 GitStatusEntry {
+//                     rela_path: "bar.txt".to_string(),
+//                     status: GitStatus::Added,
+//                     staged: false,
+//                     prev: None,
+//                     next: Some("bar".to_string()),
+//                 },
+//                 GitStatusEntry {
+//                     rela_path: "foo.txt".to_string(),
+//                     status: GitStatus::Added,
+//                     staged: false,
+//                     prev: None,
+//                     next: Some("foo".to_string()),
+//                 },
+//             ]
+//         );
+//
+//         git_add(dir, Path::new("foo.txt"))?;
+//         git_commit(dir, "This is my message")?;
+//
+//         assert_eq!(
+//             git_status(dir).await?.entries,
+//             vec![
+//                 GitStatusEntry {
+//                     rela_path: "bar.txt".to_string(),
+//                     status: GitStatus::Added,
+//                     staged: false,
+//                     prev: None,
+//                     next: Some("bar".to_string()),
+//                 },
+//                 GitStatusEntry {
+//                     rela_path: "foo.txt".to_string(),
+//                     status: GitStatus::Current,
+//                     staged: false,
+//                     prev: Some("foo".to_string()),
+//                     next: Some("foo".to_string()),
+//                 },
+//             ]
+//         );
+//
+//         new_file(&dir.join("foo.txt"), "foo foo");
+//         git_add(dir, Path::new("foo.txt"))?;
+//         assert_eq!(
+//             git_status(dir).await?.entries,
+//             vec![
+//                 GitStatusEntry {
+//                     rela_path: "bar.txt".to_string(),
+//                     status: GitStatus::Added,
+//                     staged: false,
+//                     prev: None,
+//                     next: Some("bar".to_string()),
+//                 },
+//                 GitStatusEntry {
+//                     rela_path: "foo.txt".to_string(),
+//                     status: GitStatus::Modified,
+//                     staged: true,
+//                     prev: Some("foo".to_string()),
+//                     next: Some("foo foo".to_string()),
+//                 },
+//             ]
+//         );
+//         Ok(())
+//     }
+//
+//     #[tokio::test]
+//     async fn test_add_removed_file() -> Result<()> {
+//         let dir = &new_dir();
+//         git_init(dir)?;
+//
+//         let foo_path = &dir.join("foo.txt");
+//         let bar_path = &dir.join("bar.txt");
+//
+//         new_file(foo_path, "foo");
+//         new_file(bar_path, "bar");
+//
+//         git_add(dir, Path::new("foo.txt"))?;
+//         git_commit(dir, "Initial commit")?;
+//
+//         remove_file(foo_path)?;
+//         assert_eq!(
+//             git_status(dir).await?.entries,
+//             vec![
+//                 GitStatusEntry {
+//                     rela_path: "bar.txt".to_string(),
+//                     status: GitStatus::Added,
+//                     staged: false,
+//                     prev: None,
+//                     next: Some("bar".to_string()),
+//                 },
+//                 GitStatusEntry {
+//                     rela_path: "foo.txt".to_string(),
+//                     status: GitStatus::Removed,
+//                     staged: false,
+//                     prev: Some("foo".to_string()),
+//                     next: None,
+//                 },
+//             ],
+//         );
+//
+//         git_add(dir, Path::new("foo.txt"))?;
+//         assert_eq!(
+//             git_status(dir).await?.entries,
+//             vec![
+//                 GitStatusEntry {
+//                     rela_path: "bar.txt".to_string(),
+//                     status: GitStatus::Added,
+//                     staged: false,
+//                     prev: None,
+//                     next: Some("bar".to_string()),
+//                 },
+//                 GitStatusEntry {
+//                     rela_path: "foo.txt".to_string(),
+//                     status: GitStatus::Removed,
+//                     staged: true,
+//                     prev: Some("foo".to_string()),
+//                     next: None,
+//                 },
+//             ],
+//         );
+//         Ok(())
+//     }
+//
+//     #[tokio::test]
+//     fn test_log_empty() -> Result<()> {
+//         let dir = &new_dir();
+//         git_init(dir)?;
+//
+//         let log = git_log(dir)?;
+//         assert_eq!(log.len(), 0);
+//         Ok(())
+//     }
+//
+//     #[test]
+//     fn test_log() -> Result<()> {
+//         let dir = &new_dir();
+//         git_init(dir)?;
+//
+//         new_file(&dir.join("foo.txt"), "foo");
+//         new_file(&dir.join("bar.txt"), "bar");
+//
+//         git_add(dir, Path::new("foo.txt"))?;
+//         git_commit(dir, "This is my message")?;
+//
+//         let log = git_log(dir)?;
+//         assert_eq!(log.len(), 1);
+//         assert_eq!(log.get(0).unwrap().message, Some("This is my message".to_string()));
+//         Ok(())
+//     }
+// }
--- a/src-tauri/yaak-git/src/lib.rs
+++ b/src-tauri/yaak-git/src/lib.rs
@@ -0,0 +1,38 @@
+use crate::commands::{add, branch, checkout, commit, delete_branch, fetch_all, initialize, log, merge_branch, pull, push, status, unstage};
+use tauri::{
+    generate_handler,
+    plugin::{Builder, TauriPlugin},
+    Runtime,
+};
+
+mod branch;
+mod callbacks;
+mod commands;
+mod error;
+mod fetch;
+mod git;
+mod merge;
+mod pull;
+mod push;
+mod repository;
+mod util;
+
+pub fn init<R: Runtime>() -> TauriPlugin<R> {
+    Builder::new("yaak-git")
+        .invoke_handler(generate_handler![
+            add,
+            branch,
+            checkout,
+            commit,
+            delete_branch,
+            fetch_all,
+            initialize,
+            log,
+            merge_branch,
+            pull,
+            push,
+            status,
+            unstage
+        ])
+        .build()
+}
--- a/src-tauri/yaak-git/src/merge.rs
+++ b/src-tauri/yaak-git/src/merge.rs
@@ -0,0 +1,135 @@
+use crate::error::Error::MergeConflicts;
+use crate::util::bytes_to_string;
+use git2::{AnnotatedCommit, Branch, IndexEntry, Reference, Repository};
+use log::{debug, info};
+
+pub(crate) fn do_merge(
+    repo: &Repository,
+    local_branch: &Branch,
+    commit_to_merge: &AnnotatedCommit,
+) -> crate::error::Result<()> {
+    debug!("Merging remote branches");
+    let analysis = repo.merge_analysis(&[&commit_to_merge])?;
+
+    if analysis.0.is_fast_forward() {
+        let refname = bytes_to_string(local_branch.get().name_bytes())?;
+        match repo.find_reference(&refname) {
+            Ok(mut r) => {
+                merge_fast_forward(repo, &mut r, &commit_to_merge)?;
+            }
+            Err(_) => {
+                // The branch doesn't exist, so set the reference to the commit directly. Usually
+                // this is because you are pulling into an empty repository.
+                repo.reference(
+                    &refname,
+                    commit_to_merge.id(),
+                    true,
+                    &format!("Setting {} to {}", refname, commit_to_merge.id()),
+                )?;
+                repo.set_head(&refname)?;
+                repo.checkout_head(Some(
+                    git2::build::CheckoutBuilder::default()
+                        .allow_conflicts(true)
+                        .conflict_style_merge(true)
+                        .force(),
+                ))?;
+            }
+        };
+    } else if analysis.0.is_normal() {
+        let head_commit = repo.reference_to_annotated_commit(&repo.head()?)?;
+        merge_normal(repo, &head_commit, commit_to_merge)?;
+    } else {
+        debug!("Skipping merge. Nothing to do")
+    }
+
+    Ok(())
+}
+
+pub(crate) fn merge_fast_forward(
+    repo: &Repository,
+    local_reference: &mut Reference,
+    remote_commit: &AnnotatedCommit,
+) -> crate::error::Result<()> {
+    info!("Performing fast forward");
+    let name = match local_reference.name() {
+        Some(s) => s.to_string(),
+        None => String::from_utf8_lossy(local_reference.name_bytes()).to_string(),
+    };
+    let msg = format!("Fast-Forward: Setting {} to id: {}", name, remote_commit.id());
+    local_reference.set_target(remote_commit.id(), &msg)?;
+    repo.set_head(&name)?;
+    repo.checkout_head(Some(
+        git2::build::CheckoutBuilder::default()
+            // For some reason, the force is required to make the working directory actually get
+            // updated I suspect we should be adding some logic to handle dirty working directory
+            // states, but this is just an example so maybe not.
+            .force(),
+    ))?;
+    Ok(())
+}
+
+pub(crate) fn merge_normal(
+    repo: &Repository,
+    local: &AnnotatedCommit,
+    remote: &AnnotatedCommit,
+) -> crate::error::Result<()> {
+    info!("Performing normal merge");
+    let local_tree = repo.find_commit(local.id())?.tree()?;
+    let remote_tree = repo.find_commit(remote.id())?.tree()?;
+    let ancestor = repo.find_commit(repo.merge_base(local.id(), remote.id())?)?.tree()?;
+
+    let mut idx = repo.merge_trees(&ancestor, &local_tree, &remote_tree, None)?;
+
+    if idx.has_conflicts() {
+        let conflicts = idx.conflicts()?;
+        for conflict in conflicts {
+            if let Ok(conflict) = conflict {
+                print_conflict(&conflict);
+            }
+        }
+        return Err(MergeConflicts);
+    }
+
+    let result_tree = repo.find_tree(idx.write_tree_to(repo)?)?;
+    // now create the merge commit
+    let msg = format!("Merge: {} into {}", remote.id(), local.id());
+    let sig = repo.signature()?;
+    let local_commit = repo.find_commit(local.id())?;
+    let remote_commit = repo.find_commit(remote.id())?;
+
+    // Do our merge commit and set current branch head to that commit.
+    let _merge_commit = repo.commit(
+        Some("HEAD"),
+        &sig,
+        &sig,
+        &msg,
+        &result_tree,
+        &[&local_commit, &remote_commit],
+    )?;
+
+    // Set working tree to match head.
+    repo.checkout_head(None)?;
+
+    Ok(())
+}
+
+fn print_conflict(conflict: &git2::IndexConflict) {
+    let ancestor = conflict.ancestor.as_ref().map(path_from_index_entry);
+    let ours = conflict.our.as_ref().map(path_from_index_entry);
+    let theirs = conflict.their.as_ref().map(path_from_index_entry);
+
+    println!("Conflict detected:");
+    if let Some(path) = ancestor {
+        println!("  Common ancestor: {:?}", path);
+    }
+    if let Some(path) = ours {
+        println!("  Ours: {:?}", path);
+    }
+    if let Some(path) = theirs {
+        println!("  Theirs: {:?}", path);
+    }
+}
+
+fn path_from_index_entry(entry: &IndexEntry) -> String {
+    String::from_utf8_lossy(entry.path.as_slice()).into_owned()
+}
--- a/src-tauri/yaak-git/src/pull.rs
+++ b/src-tauri/yaak-git/src/pull.rs
@@ -0,0 +1,54 @@
+use crate::callbacks::default_callbacks;
+use crate::error::Error::NoActiveBranch;
+use crate::error::Result;
+use crate::merge::do_merge;
+use crate::repository::open_repo;
+use crate::util::{bytes_to_string, get_current_branch};
+use git2::{FetchOptions, ProxyOptions};
+use log::debug;
+use serde::{Deserialize, Serialize};
+use std::path::Path;
+use ts_rs::TS;
+
+#[derive(Debug, Clone, Serialize, Deserialize, TS, PartialEq)]
+#[serde(rename_all = "camelCase")]
+#[ts(export, export_to = "gen_git.ts")]
+pub(crate) struct PullResult {
+    received_bytes: usize,
+    received_objects: usize,
+}
+
+pub(crate) fn git_pull(dir: &Path) -> Result<PullResult> {
+    let repo = open_repo(dir)?;
+
+    let branch = get_current_branch(&repo)?.ok_or(NoActiveBranch)?;
+    let branch_ref = branch.get();
+    let branch_ref = bytes_to_string(branch_ref.name_bytes())?;
+
+    let remote_name = repo.branch_upstream_remote(&branch_ref)?;
+    let remote_name = bytes_to_string(&remote_name)?;
+    debug!("Pulling from {remote_name}");
+
+    let mut remote = repo.find_remote(&remote_name)?;
+
+    let mut options = FetchOptions::new();
+    let callbacks = default_callbacks();
+    options.remote_callbacks(callbacks);
+
+    let mut proxy = ProxyOptions::new();
+    proxy.auto();
+    options.proxy_options(proxy);
+
+    remote.fetch(&[&branch_ref], Some(&mut options), None)?;
+
+    let stats = remote.stats();
+
+    let fetch_head = repo.find_reference("FETCH_HEAD")?;
+    let fetch_commit = repo.reference_to_annotated_commit(&fetch_head)?;
+    do_merge(&repo, &branch, &fetch_commit)?;
+
+    Ok(PullResult {
+        received_bytes: stats.received_bytes(),
+        received_objects: stats.received_objects(),
+    })
+}
--- a/src-tauri/yaak-git/src/push.rs
+++ b/src-tauri/yaak-git/src/push.rs
@@ -0,0 +1,74 @@
+use crate::branch::branch_set_upstream_after_push;
+use crate::callbacks::default_callbacks;
+use crate::error::Result;
+use crate::repository::open_repo;
+use git2::{ProxyOptions, PushOptions};
+use serde::{Deserialize, Serialize};
+use std::path::Path;
+use std::sync::Mutex;
+use ts_rs::TS;
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize, TS)]
+#[serde(rename_all = "snake_case")]
+#[ts(export, export_to = "gen_git.ts")]
+pub(crate) enum PushType {
+    Branch,
+    Tag,
+}
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize, TS)]
+#[serde(rename_all = "snake_case")]
+#[ts(export, export_to = "gen_git.ts")]
+pub(crate) enum PushResult {
+    Success,
+    NothingToPush,
+}
+
+pub(crate) fn git_push(dir: &Path) -> Result<PushResult> {
+    let repo = open_repo(dir)?;
+    let head = repo.head()?;
+    let branch = head.shorthand().unwrap();
+    let mut remote = repo.find_remote("origin")?;
+
+    let mut options = PushOptions::new();
+    options.packbuilder_parallelism(0);
+    
+    let push_result = Mutex::new(PushResult::NothingToPush);
+    
+    let mut callbacks = default_callbacks();
+    callbacks.push_transfer_progress(|_current, _total, _bytes| {
+        let mut push_result = push_result.lock().unwrap();   
+        *push_result = PushResult::Success;
+    });
+    
+    options.remote_callbacks(default_callbacks());
+
+    let mut proxy = ProxyOptions::new();
+    proxy.auto();
+    options.proxy_options(proxy);
+
+    // Push the current branch
+    let force = false;
+    let delete = false;
+    let branch_modifier = match (force, delete) {
+        (true, true) => "+:",
+        (false, true) => ":",
+        (true, false) => "+",
+        (false, false) => "",
+    };
+
+    let ref_type = PushType::Branch;
+
+    let ref_type = match ref_type {
+        PushType::Branch => "heads",
+        PushType::Tag => "tags",
+    };
+
+    let refspec = format!("{branch_modifier}refs/{ref_type}/{branch}");
+    remote.push(&[refspec], Some(&mut options))?;
+
+    branch_set_upstream_after_push(&repo, branch)?;
+
+    let push_result = push_result.lock().unwrap();
+    Ok(push_result.clone())
+}
--- a/src-tauri/yaak-git/src/repository.rs
+++ b/src-tauri/yaak-git/src/repository.rs
@@ -0,0 +1,11 @@
+use std::path::Path;
+use crate::error::Error::{GitRepoNotFound, GitUnknown};
+
+pub(crate) fn open_repo(dir: &Path) -> crate::error::Result<git2::Repository> {
+    match git2::Repository::discover(dir) {
+        Ok(r) => Ok(r),
+        Err(e) if e.code() == git2::ErrorCode::NotFound => Err(GitRepoNotFound(dir.to_path_buf())),
+        Err(e) => Err(GitUnknown(e)),
+    }
+}
+
--- a/src-tauri/yaak-git/src/util.rs
+++ b/src-tauri/yaak-git/src/util.rs
@@ -0,0 +1,118 @@
+use crate::error::Error::{GenericError, NoDefaultRemoteFound};
+use crate::error::Result;
+use git2::{Branch, BranchType, Repository};
+use std::env;
+use std::path::{Path, PathBuf};
+
+const DEFAULT_REMOTE_NAME: &str = "origin";
+
+pub(crate) fn find_ssh_key() -> Option<PathBuf> {
+    let home_dir = env::var("HOME").ok()?;
+    let key_paths = [
+        format!("{}/.ssh/id_ed25519", home_dir),
+        format!("{}/.ssh/id_rsa", home_dir),
+        format!("{}/.ssh/id_ecdsa", home_dir),
+        format!("{}/.ssh/id_dsa", home_dir),
+    ];
+
+    for key_path in key_paths.iter() {
+        let path = Path::new(key_path);
+        if path.exists() {
+            return Some(path.to_path_buf());
+        }
+    }
+    None
+}
+
+pub(crate) fn get_current_branch(repo: &Repository) -> Result<Option<Branch>> {
+    for b in repo.branches(None)? {
+        let branch = b?.0;
+        if branch.is_head() {
+            return Ok(Some(branch));
+        }
+    }
+    Ok(None)
+}
+
+pub(crate) fn local_branch_names(repo: &Repository) -> Result<Vec<String>> {
+    let mut branches = Vec::new();
+    for branch in repo.branches(Some(BranchType::Local))? {
+        let branch = branch?.0;
+        let name = branch.name_bytes()?;
+        let name = bytes_to_string(name)?;
+        branches.push(name);
+    }
+    Ok(branches)
+}
+
+pub(crate) fn remote_branch_names(repo: &Repository) -> Result<Vec<String>> {
+    let mut branches = Vec::new();
+    for branch in repo.branches(Some(BranchType::Remote))? {
+        let branch = branch?.0;
+        let name = branch.name_bytes()?;
+        let name = bytes_to_string(name)?;
+        branches.push(name);
+    }
+    Ok(branches)
+}
+
+pub(crate) fn get_branch_by_name<'s>(repo: &'s Repository, name: &str) -> Result<Branch<'s>> {
+    Ok(repo.find_branch(name, BranchType::Local)?)
+}
+
+pub(crate) fn bytes_to_string(bytes: &[u8]) -> Result<String> {
+    Ok(String::from_utf8(bytes.to_vec())?)
+}
+
+pub(crate) fn get_default_remote_for_push_in_repo(repo: &Repository) -> Result<String> {
+    let config = repo.config()?;
+
+    let branch = get_current_branch(repo)?;
+
+    if let Some(branch) = branch {
+        let remote_name = bytes_to_string(branch.name_bytes()?)?;
+
+        let entry_name = format!("branch.{}.pushRemote", &remote_name);
+
+        if let Ok(entry) = config.get_entry(&entry_name) {
+            return bytes_to_string(entry.value_bytes());
+        }
+
+        if let Ok(entry) = config.get_entry("remote.pushDefault") {
+            return bytes_to_string(entry.value_bytes());
+        }
+
+        let entry_name = format!("branch.{}.remote", &remote_name);
+
+        if let Ok(entry) = config.get_entry(&entry_name) {
+            return bytes_to_string(entry.value_bytes());
+        }
+    }
+
+    get_default_remote_in_repo(repo)
+}
+
+pub(crate) fn get_default_remote_in_repo(repo: &Repository) -> Result<String> {
+    let remotes = repo.remotes()?;
+
+    // if `origin` exists return that
+    let found_origin = remotes.iter().any(|r| r.is_some_and(|r| r == DEFAULT_REMOTE_NAME));
+    if found_origin {
+        return Ok(DEFAULT_REMOTE_NAME.into());
+    }
+
+    // if only one remote exists pick that
+    if remotes.len() == 1 {
+        let first_remote = remotes
+            .iter()
+            .next()
+            .flatten()
+            .map(String::from)
+            .ok_or_else(|| GenericError("no remote found".into()))?;
+
+        return Ok(first_remote);
+    }
+
+    // inconclusive
+    Err(NoDefaultRemoteFound)
+}
--- a/src-tauri/yaak-grpc/Cargo.toml
+++ b/src-tauri/yaak-grpc/Cargo.toml
@@ -9,8 +9,10 @@ anyhow = "1.0.79"
 async-recursion = "1.1.1"
 dunce = "1.0.4"
 hyper = "1.5.2"
-hyper-rustls = { version = "0.27.5", default-features = false, features = ["http2", "rustls-platform-verifier"] }
-hyper-util = { version = "0.1.10", features = ["client-legacy", "client"] }
+hyper-rustls = { version = "0.27.5", default-features = false, features = ["http2"] }
+hyper-util = { version = "0.1.10", default-features = false, features = ["client-legacy"] }
+rustls = { version = "0.23.21", default-features = false, features = ["custom-provider", "ring"] }
+rustls-platform-verifier = "0.5.0"
 log = "0.4.20"
 md5 = "0.7.0"
 prost = "0.13.4"
--- a/src-tauri/yaak-grpc/src/transport.rs
+++ b/src-tauri/yaak-grpc/src/transport.rs
@@ -2,17 +2,30 @@ use hyper_rustls::{HttpsConnector, HttpsConnectorBuilder};
 use hyper_util::client::legacy::connect::HttpConnector;
 use hyper_util::client::legacy::Client;
 use hyper_util::rt::TokioExecutor;
+use rustls::crypto::ring;
+use rustls::ClientConfig;
+use rustls_platform_verifier::BuilderVerifierExt;
+use std::sync::Arc;
 use tonic::body::BoxBody;

 pub(crate) fn get_transport() -> Client<HttpsConnector<HttpConnector>, BoxBody> {
-    let connector = HttpsConnectorBuilder::new().with_platform_verifier();
-    let connector = connector.https_or_http().enable_http2().wrap_connector({
-        let mut http_connector = HttpConnector::new();
-        http_connector.enforce_http(false);
-        http_connector
-    });
-    Client::builder(TokioExecutor::new())
+    let arc_crypto_provider = Arc::new(ring::default_provider());
+    let config = ClientConfig::builder_with_provider(arc_crypto_provider)
+        .with_safe_default_protocol_versions()
+        .unwrap()
+        .with_platform_verifier()
+        .with_no_client_auth();
+
+    let mut http = HttpConnector::new();
+    http.enforce_http(false);
+
+    let connector =
+        HttpsConnectorBuilder::new().with_tls_config(config).https_or_http().enable_http2().build();
+
+    let client = Client::builder(TokioExecutor::new())
        .pool_max_idle_per_host(0)
        .http2_only(true)
-        .build(connector)
+        .build(connector);
+
+    client
 }
--- a/src-tauri/yaak-http/Cargo.toml
+++ b/src-tauri/yaak-http/Cargo.toml
@@ -0,0 +1,10 @@
+[package]
+name = "yaak-http"
+version = "0.1.0"
+edition = "2021"
+publish = false
+
+[dependencies]
+yaak-models = { workspace = true }
+regex = "1.11.0"
+urlencoding = "2.1.3"
--- a/src-tauri/yaak-http/src/lib.rs
+++ b/src-tauri/yaak-http/src/lib.rs
@@ -0,0 +1,183 @@
+use yaak_models::models::HttpUrlParameter;
+
+pub fn apply_path_placeholders(
+    url: &str,
+    parameters: Vec<HttpUrlParameter>,
+) -> (String, Vec<HttpUrlParameter>) {
+    let mut new_parameters = Vec::new();
+
+    let mut url = url.to_string();
+    for p in parameters {
+        if !p.enabled || p.name.is_empty() {
+            continue;
+        }
+
+        // Replace path parameters with values from URL parameters
+        let old_url_string = url.clone();
+        url = replace_path_placeholder(&p, url.as_str());
+
+        // Remove as param if it modified the URL
+        if old_url_string == *url {
+            new_parameters.push(p);
+        }
+    }
+
+    (url, new_parameters)
+}
+
+fn replace_path_placeholder(p: &HttpUrlParameter, url: &str) -> String {
+    if !p.enabled {
+        return url.to_string();
+    }
+
+    if !p.name.starts_with(":") {
+        return url.to_string();
+    }
+
+    let re = regex::Regex::new(format!("(/){}([/?#]|$)", p.name).as_str()).unwrap();
+    let result = re
+        .replace_all(url, |cap: &regex::Captures| {
+            format!(
+                "{}{}{}",
+                cap[1].to_string(),
+                urlencoding::encode(p.value.as_str()),
+                cap[2].to_string()
+            )
+        })
+        .into_owned();
+    result
+}
+
+#[cfg(test)]
+mod placeholder_tests {
+    use crate::{apply_path_placeholders, replace_path_placeholder};
+    use yaak_models::models::{HttpRequest, HttpUrlParameter};
+
+    #[test]
+    fn placeholder_middle() {
+        let p = HttpUrlParameter {
+            name: ":foo".into(),
+            value: "xxx".into(),
+            enabled: true,
+            id: None,
+        };
+        assert_eq!(
+            replace_path_placeholder(&p, "https://example.com/:foo/bar"),
+            "https://example.com/xxx/bar",
+        );
+    }
+
+    #[test]
+    fn placeholder_end() {
+        let p = HttpUrlParameter {
+            name: ":foo".into(),
+            value: "xxx".into(),
+            enabled: true,
+            id: None,
+        };
+        assert_eq!(
+            replace_path_placeholder(&p, "https://example.com/:foo"),
+            "https://example.com/xxx",
+        );
+    }
+
+    #[test]
+    fn placeholder_query() {
+        let p = HttpUrlParameter {
+            name: ":foo".into(),
+            value: "xxx".into(),
+            enabled: true,
+            id: None,
+        };
+        assert_eq!(
+            replace_path_placeholder(&p, "https://example.com/:foo?:foo"),
+            "https://example.com/xxx?:foo",
+        );
+    }
+
+    #[test]
+    fn placeholder_missing() {
+        let p = HttpUrlParameter {
+            enabled: true,
+            name: "".to_string(),
+            value: "".to_string(),
+            id: None,
+        };
+        assert_eq!(
+            replace_path_placeholder(&p, "https://example.com/:missing"),
+            "https://example.com/:missing",
+        );
+    }
+
+    #[test]
+    fn placeholder_disabled() {
+        let p = HttpUrlParameter {
+            enabled: false,
+            name: ":foo".to_string(),
+            value: "xxx".to_string(),
+            id: None,
+        };
+        assert_eq!(
+            replace_path_placeholder(&p, "https://example.com/:foo"),
+            "https://example.com/:foo",
+        );
+    }
+
+    #[test]
+    fn placeholder_prefix() {
+        let p = HttpUrlParameter {
+            name: ":foo".into(),
+            value: "xxx".into(),
+            enabled: true,
+            id: None,
+        };
+        assert_eq!(
+            replace_path_placeholder(&p, "https://example.com/:foooo"),
+            "https://example.com/:foooo",
+        );
+    }
+
+    #[test]
+    fn placeholder_encode() {
+        let p = HttpUrlParameter {
+            name: ":foo".into(),
+            value: "Hello World".into(),
+            enabled: true,
+            id: None,
+        };
+        assert_eq!(
+            replace_path_placeholder(&p, "https://example.com/:foo"),
+            "https://example.com/Hello%20World",
+        );
+    }
+
+    #[test]
+    fn apply_placeholder() {
+        let req = HttpRequest {
+            url: "example.com/:a/bar".to_string(),
+            url_parameters: vec![
+                HttpUrlParameter {
+                    name: "b".to_string(),
+                    value: "bbb".to_string(),
+                    enabled: true,
+                    id: None,
+                },
+                HttpUrlParameter {
+                    name: ":a".to_string(),
+                    value: "aaa".to_string(),
+                    enabled: true,
+                    id: None,
+                },
+            ],
+            ..Default::default()
+        };
+
+        let (url, url_parameters) = apply_path_placeholders(&req.url, req.url_parameters);
+
+        // Pattern match back to access it
+        assert_eq!(url, "example.com/aaa/bar");
+        assert_eq!(url_parameters.len(), 1);
+        assert_eq!(url_parameters[0].name, "b");
+        assert_eq!(url_parameters[0].value, "bbb");
+    }
+}
--- a/src-tauri/yaak-license/Cargo.toml
+++ b/src-tauri/yaak-license/Cargo.toml
@@ -17,4 +17,4 @@ log = "0.4.22"
 serde_json = "1.0.132"

 [build-dependencies]
-tauri-plugin = { version = "2.0.3", features = ["build"] }
+tauri-plugin = { workspace = true, features = ["build"] }
--- a/src-tauri/yaak-license/bindings/gen_models.ts
+++ b/src-tauri/yaak-license/bindings/gen_models.ts
@@ -0,0 +1,3 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+
+export type CheckActivationRequestPayload = { activationId: string, };
--- a/src-tauri/yaak-license/src/license.rs
+++ b/src-tauri/yaak-license/src/license.rs
@@ -11,11 +11,11 @@ use yaak_models::queries::UpdateSource;

 const KV_NAMESPACE: &str = "license";
 const KV_ACTIVATION_ID_KEY: &str = "activation_id";
-const TRIAL_SECONDS: u64 = 3600 * 24 * 14;
+const TRIAL_SECONDS: u64 = 3600 * 24 * 30;

 #[derive(Debug, Clone, Serialize, Deserialize, TS)]
 #[serde(rename_all = "camelCase")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub struct CheckActivationRequestPayload {
    pub activation_id: String,
 }
--- a/src-tauri/yaak-models/Cargo.toml
+++ b/src-tauri/yaak-models/Cargo.toml
@@ -15,7 +15,7 @@ sea-query = { version = "0.32.1", features = ["with-chrono", "attr"] }
 sea-query-rusqlite = { version = "0.7.0", features = ["with-chrono"] }
 serde = { version = "1.0.204", features = ["derive"] }
 serde_json = "1.0.122"
-sqlx = { version = "0.8.0", features = ["sqlite", "runtime-tokio-rustls"] }
+sqlx = { version = "0.8.0", default-features = false, features = ["migrate", "sqlite", "runtime-tokio-rustls"] }
 tauri = { workspace = true }
-thiserror = "1.0.63"
+thiserror = "2.0.11"
 ts-rs = { workspace = true, features = ["chrono-impl", "serde-json-impl"] }
--- a/src-tauri/yaak-models/bindings/gen_models.ts
+++ b/src-tauri/yaak-models/bindings/gen_models.ts
@@ -1,6 +1,6 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.

-export type AnyModel = CookieJar | Environment | Folder | GrpcConnection | GrpcEvent | GrpcRequest | HttpRequest | HttpResponse | Plugin | Settings | KeyValue | Workspace | WorkspaceMeta;
+export type AnyModel = CookieJar | Environment | Folder | GrpcConnection | GrpcEvent | GrpcRequest | HttpRequest | HttpResponse | Plugin | Settings | KeyValue | Workspace | WorkspaceMeta | WebsocketConnection | WebsocketEvent | WebsocketRequest;

 export type Cookie = { raw_cookie: string, domain: CookieDomain, expires: CookieExpires, path: [string, boolean], };

@@ -48,6 +48,8 @@ export type ModelPayload = { model: AnyModel, windowLabel: string, updateSource:

 export type Plugin = { model: "plugin", id: string, createdAt: string, updatedAt: string, checkedAt: string | null, directory: string, enabled: boolean, url: string | null, };

+export type PluginKeyValue = { model: "plugin_key_value", createdAt: string, updatedAt: string, pluginName: string, key: string, value: string, };
+
 export type ProxySetting = { "type": "enabled", http: string, https: string, auth: ProxySettingAuth | null, } | { "type": "disabled" };

 export type ProxySettingAuth = { user: string, password: string, };
@@ -60,6 +62,18 @@ export type SyncState = { model: "sync_state", id: string, workspaceId: string,

 export type UpdateSource = "sync" | "window" | "plugin" | "background" | "import";

+export type WebsocketConnection = { model: "websocket_connection", id: string, createdAt: string, updatedAt: string, workspaceId: string, requestId: string, elapsed: number, error: string | null, headers: Array<HttpResponseHeader>, state: WebsocketConnectionState, status: number, url: string, };
+
+export type WebsocketConnectionState = "initialized" | "connected" | "closed";
+
+export type WebsocketEvent = { model: "websocket_event", id: string, createdAt: string, updatedAt: string, workspaceId: string, requestId: string, connectionId: string, isServer: boolean, message: Array<number>, messageType: WebsocketEventType, };
+
+export type WebsocketEventType = "binary" | "close" | "frame" | "ping" | "pong" | "text";
+
+export type WebsocketMessageType = "text" | "binary";
+
+export type WebsocketRequest = { model: "websocket_request", id: string, createdAt: string, updatedAt: string, workspaceId: string, folderId: string | null, authentication: Record<string, any>, authenticationType: string | null, description: string, headers: Array<HttpRequestHeader>, message: string, name: string, sortPriority: number, url: string, urlParameters: Array<HttpUrlParameter>, };
+
 export type Workspace = { model: "workspace", id: string, createdAt: string, updatedAt: string, name: string, description: string, settingValidateCertificates: boolean, settingFollowRedirects: boolean, settingRequestTimeout: number, };

 export type WorkspaceMeta = { model: "workspace_meta", id: string, workspaceId: string, createdAt: string, updatedAt: string, settingSyncDir: string | null, };
--- a/src-tauri/yaak-models/index.ts
+++ b/src-tauri/yaak-models/index.ts
@@ -1 +1 @@
-export * from './bindings/models';
+export * from './bindings/gen_models';
--- a/src-tauri/yaak-models/src/lib.rs
+++ b/src-tauri/yaak-models/src/lib.rs
@@ -3,3 +3,4 @@ pub mod models;
 pub mod queries;

 pub mod plugin;
+pub mod render;
--- a/src-tauri/yaak-models/src/models.rs
+++ b/src-tauri/yaak-models/src/models.rs
@@ -10,7 +10,7 @@ use ts_rs::TS;

 #[derive(Debug, Clone, Serialize, Deserialize, TS)]
 #[serde(rename_all = "camelCase", tag = "type")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub enum ProxySetting {
    Enabled {
        http: String,
@@ -22,7 +22,7 @@ pub enum ProxySetting {

 #[derive(Debug, Clone, Serialize, Deserialize, TS)]
 #[serde(rename_all = "camelCase")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub struct ProxySettingAuth {
    pub user: String,
    pub password: String,
@@ -30,7 +30,7 @@ pub struct ProxySettingAuth {

 #[derive(Debug, Clone, Serialize, Deserialize, TS)]
 #[serde(rename_all = "snake_case")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub enum EditorKeymap {
    Default,
    Vim,
@@ -72,7 +72,7 @@ impl Default for EditorKeymap {

 #[derive(Debug, Clone, Serialize, Deserialize, Default, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub struct Settings {
    #[ts(type = "\"settings\"")]
    pub model: String,
@@ -125,7 +125,7 @@ impl<'s> TryFrom<&Row<'s>> for Settings {
    fn try_from(r: &Row<'s>) -> Result<Self, Self::Error> {
        let proxy: Option<String> = r.get("proxy")?;
        let editor_keymap: String = r.get("editor_keymap")?;
-        Ok(Settings {
+        Ok(Self {
            id: r.get("id")?,
            model: r.get("model")?,
            created_at: r.get("created_at")?,
@@ -147,9 +147,9 @@ impl<'s> TryFrom<&Row<'s>> for Settings {
    }
 }

-#[derive(Debug, Clone, Serialize, Deserialize, Default, TS)]
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize, Default, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub struct Workspace {
    #[ts(type = "\"workspace\"")]
    pub model: String,
@@ -187,7 +187,7 @@ impl<'s> TryFrom<&Row<'s>> for Workspace {
    type Error = rusqlite::Error;

    fn try_from(r: &Row<'s>) -> Result<Self, Self::Error> {
-        Ok(Workspace {
+        Ok(Self {
            id: r.get("id")?,
            model: r.get("model")?,
            created_at: r.get("created_at")?,
@@ -215,7 +215,7 @@ impl Workspace {

 #[derive(Debug, Clone, Serialize, Deserialize, Default, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub struct WorkspaceMeta {
    #[ts(type = "\"workspace_meta\"")]
    pub model: String,
@@ -243,7 +243,7 @@ impl<'s> TryFrom<&Row<'s>> for WorkspaceMeta {
    type Error = rusqlite::Error;

    fn try_from(r: &Row<'s>) -> Result<Self, Self::Error> {
-        Ok(WorkspaceMeta {
+        Ok(Self {
            id: r.get("id")?,
            workspace_id: r.get("workspace_id")?,
            model: r.get("model")?,
@@ -255,7 +255,7 @@ impl<'s> TryFrom<&Row<'s>> for WorkspaceMeta {
 }

 #[derive(Debug, Clone, Serialize, Deserialize, TS)]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 enum CookieDomain {
    HostOnly(String),
    Suffix(String),
@@ -264,14 +264,14 @@ enum CookieDomain {
 }

 #[derive(Debug, Clone, Serialize, Deserialize, TS)]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 enum CookieExpires {
    AtUtc(String),
    SessionEnd,
 }

 #[derive(Debug, Clone, Serialize, Deserialize, TS)]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub struct Cookie {
    raw_cookie: String,
    domain: CookieDomain,
@@ -281,7 +281,7 @@ pub struct Cookie {

 #[derive(Debug, Clone, Serialize, Deserialize, Default, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub struct CookieJar {
    #[ts(type = "\"cookie_jar\"")]
    pub model: String,
@@ -313,7 +313,7 @@ impl<'s> TryFrom<&Row<'s>> for CookieJar {

    fn try_from(r: &Row<'s>) -> Result<Self, Self::Error> {
        let cookies: String = r.get("cookies")?;
-        Ok(CookieJar {
+        Ok(Self {
            id: r.get("id")?,
            model: r.get("model")?,
            workspace_id: r.get("workspace_id")?,
@@ -325,9 +325,9 @@ impl<'s> TryFrom<&Row<'s>> for CookieJar {
    }
 }

-#[derive(Debug, Clone, Serialize, Deserialize, Default, TS)]
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize, Default, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub struct Environment {
    #[ts(type = "\"environment\"")]
    pub model: String,
@@ -361,7 +361,7 @@ impl<'s> TryFrom<&Row<'s>> for Environment {

    fn try_from(r: &Row<'s>) -> Result<Self, Self::Error> {
        let variables: String = r.get("variables")?;
-        Ok(Environment {
+        Ok(Self {
            id: r.get("id")?,
            model: r.get("model")?,
            workspace_id: r.get("workspace_id")?,
@@ -374,9 +374,9 @@ impl<'s> TryFrom<&Row<'s>> for Environment {
    }
 }

-#[derive(Debug, Clone, Serialize, Deserialize, Default, TS)]
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize, Default, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub struct EnvironmentVariable {
    #[serde(default = "default_true")]
    #[ts(optional, as = "Option<bool>")]
@@ -387,9 +387,9 @@ pub struct EnvironmentVariable {
    pub id: Option<String>,
 }

-#[derive(Debug, Clone, Serialize, Deserialize, Default, TS)]
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize, Default, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub struct Folder {
    #[ts(type = "\"folder\"")]
    pub model: String,
@@ -424,7 +424,7 @@ impl<'s> TryFrom<&Row<'s>> for Folder {
    type Error = rusqlite::Error;

    fn try_from(r: &Row<'s>) -> Result<Self, Self::Error> {
-        Ok(Folder {
+        Ok(Self {
            id: r.get("id")?,
            model: r.get("model")?,
            sort_priority: r.get("sort_priority")?,
@@ -438,9 +438,9 @@ impl<'s> TryFrom<&Row<'s>> for Folder {
    }
 }

-#[derive(Debug, Clone, Serialize, Deserialize, Default, TS)]
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize, Default, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub struct HttpRequestHeader {
    #[serde(default = "default_true")]
    #[ts(optional, as = "Option<bool>")]
@@ -451,9 +451,9 @@ pub struct HttpRequestHeader {
    pub id: Option<String>,
 }

-#[derive(Debug, Clone, Serialize, Deserialize, Default, TS)]
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize, Default, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub struct HttpUrlParameter {
    #[serde(default = "default_true")]
    #[ts(optional, as = "Option<bool>")]
@@ -464,9 +464,9 @@ pub struct HttpUrlParameter {
    pub id: Option<String>,
 }

-#[derive(Debug, Clone, Serialize, Deserialize, Default, TS)]
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize, Default, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub struct HttpRequest {
    #[ts(type = "\"http_request\"")]
    pub model: String,
@@ -484,7 +484,7 @@ pub struct HttpRequest {
    pub body_type: Option<String>,
    pub description: String,
    pub headers: Vec<HttpRequestHeader>,
-    #[serde(default = "default_http_request_method")]
+    #[serde(default = "default_http_method")]
    pub method: String,
    pub name: String,
    pub sort_priority: f32,
@@ -524,7 +524,7 @@ impl<'s> TryFrom<&Row<'s>> for HttpRequest {
        let body: String = r.get("body")?;
        let authentication: String = r.get("authentication")?;
        let headers: String = r.get("headers")?;
-        Ok(HttpRequest {
+        Ok(Self {
            id: r.get("id")?,
            model: r.get("model")?,
            sort_priority: r.get("sort_priority")?,
@@ -546,9 +546,246 @@ impl<'s> TryFrom<&Row<'s>> for HttpRequest {
    }
 }

+#[derive(Debug, Clone, Serialize, Deserialize, TS)]
+#[serde(rename_all = "snake_case")]
+#[ts(export, export_to = "gen_models.ts")]
+pub enum WebsocketConnectionState {
+    Initialized,
+    Connected,
+    Closed,
+}
+
+impl Default for WebsocketConnectionState {
+    fn default() -> Self {
+        Self::Initialized
+    }
+}
+
 #[derive(Debug, Clone, Serialize, Deserialize, Default, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
+pub struct WebsocketConnection {
+    #[ts(type = "\"websocket_connection\"")]
+    pub model: String,
+    pub id: String,
+    pub created_at: NaiveDateTime,
+    pub updated_at: NaiveDateTime,
+    pub workspace_id: String,
+    pub request_id: String,
+
+    pub elapsed: i32,
+    pub error: Option<String>,
+    pub headers: Vec<HttpResponseHeader>,
+    pub state: WebsocketConnectionState,
+    pub status: i32,
+    pub url: String,
+}
+
+#[derive(Iden)]
+pub enum WebsocketConnectionIden {
+    #[iden = "websocket_connections"]
+    Table,
+    Id,
+    Model,
+    CreatedAt,
+    UpdatedAt,
+    WorkspaceId,
+    RequestId,
+
+    Elapsed,
+    Error,
+    Headers,
+    State,
+    Status,
+    Url,
+}
+
+impl<'s> TryFrom<&Row<'s>> for WebsocketConnection {
+    type Error = rusqlite::Error;
+
+    fn try_from(r: &Row<'s>) -> Result<Self, Self::Error> {
+        let headers: String = r.get("headers")?;
+        let state: String = r.get("state")?;
+        Ok(Self {
+            id: r.get("id")?,
+            model: r.get("model")?,
+            workspace_id: r.get("workspace_id")?,
+            request_id: r.get("request_id")?,
+            created_at: r.get("created_at")?,
+            updated_at: r.get("updated_at")?,
+            url: r.get("url")?,
+            headers: serde_json::from_str(headers.as_str()).unwrap_or_default(),
+            elapsed: r.get("elapsed")?,
+            error: r.get("error")?,
+            state: serde_json::from_str(format!(r#""{state}""#).as_str()).unwrap(),
+            status: r.get("status")?,
+        })
+    }
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize, Eq, PartialEq, TS)]
+#[serde(rename_all = "snake_case")]
+#[ts(export, export_to = "gen_models.ts")]
+pub enum WebsocketMessageType {
+    Text,
+    Binary,
+}
+
+impl Default for WebsocketMessageType {
+    fn default() -> Self {
+        Self::Text
+    }
+}
+
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize, Default, TS)]
+#[serde(default, rename_all = "camelCase")]
+#[ts(export, export_to = "gen_models.ts")]
+pub struct WebsocketRequest {
+    #[ts(type = "\"websocket_request\"")]
+    pub model: String,
+    pub id: String,
+    pub created_at: NaiveDateTime,
+    pub updated_at: NaiveDateTime,
+    pub workspace_id: String,
+    pub folder_id: Option<String>,
+
+    #[ts(type = "Record<string, any>")]
+    pub authentication: BTreeMap<String, Value>,
+    pub authentication_type: Option<String>,
+    pub description: String,
+    pub headers: Vec<HttpRequestHeader>,
+    pub message: String,
+    pub name: String,
+    pub sort_priority: f32,
+    pub url: String,
+    pub url_parameters: Vec<HttpUrlParameter>,
+}
+
+#[derive(Iden)]
+pub enum WebsocketRequestIden {
+    #[iden = "websocket_requests"]
+    Table,
+    Id,
+    Model,
+    CreatedAt,
+    UpdatedAt,
+    WorkspaceId,
+    FolderId,
+
+    Authentication,
+    AuthenticationType,
+    Message,
+    Description,
+    Headers,
+    Name,
+    SortPriority,
+    Url,
+    UrlParameters,
+}
+
+impl<'s> TryFrom<&Row<'s>> for WebsocketRequest {
+    type Error = rusqlite::Error;
+
+    fn try_from(r: &Row<'s>) -> Result<Self, Self::Error> {
+        let url_parameters: String = r.get("url_parameters")?;
+        let authentication: String = r.get("authentication")?;
+        let headers: String = r.get("headers")?;
+        Ok(Self {
+            id: r.get("id")?,
+            model: r.get("model")?,
+            sort_priority: r.get("sort_priority")?,
+            workspace_id: r.get("workspace_id")?,
+            created_at: r.get("created_at")?,
+            updated_at: r.get("updated_at")?,
+            url: r.get("url")?,
+            url_parameters: serde_json::from_str(url_parameters.as_str()).unwrap_or_default(),
+            message: r.get("message")?,
+            description: r.get("description")?,
+            authentication: serde_json::from_str(authentication.as_str()).unwrap_or_default(),
+            authentication_type: r.get("authentication_type")?,
+            headers: serde_json::from_str(headers.as_str()).unwrap_or_default(),
+            folder_id: r.get("folder_id")?,
+            name: r.get("name")?,
+        })
+    }
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize, Eq, PartialEq, TS)]
+#[serde(rename_all = "snake_case")]
+#[ts(export, export_to = "gen_models.ts")]
+pub enum WebsocketEventType {
+    Binary,
+    Close,
+    Frame,
+    Ping,
+    Pong,
+    Text,
+}
+
+impl Default for WebsocketEventType {
+    fn default() -> Self {
+        Self::Text
+    }
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize, Default, TS)]
+#[serde(default, rename_all = "camelCase")]
+#[ts(export, export_to = "gen_models.ts")]
+pub struct WebsocketEvent {
+    #[ts(type = "\"websocket_event\"")]
+    pub model: String,
+    pub id: String,
+    pub created_at: NaiveDateTime,
+    pub updated_at: NaiveDateTime,
+    pub workspace_id: String,
+    pub request_id: String,
+    pub connection_id: String,
+    pub is_server: bool,
+
+    pub message: Vec<u8>,
+    pub message_type: WebsocketEventType,
+}
+
+#[derive(Iden)]
+pub enum WebsocketEventIden {
+    #[iden = "websocket_events"]
+    Table,
+    Model,
+    Id,
+    CreatedAt,
+    UpdatedAt,
+    WorkspaceId,
+    RequestId,
+    ConnectionId,
+    IsServer,
+
+    MessageType,
+    Message,
+}
+
+impl<'s> TryFrom<&Row<'s>> for WebsocketEvent {
+    type Error = rusqlite::Error;
+
+    fn try_from(r: &Row<'s>) -> Result<Self, Self::Error> {
+        let message_type: String = r.get("message_type")?;
+        Ok(Self {
+            id: r.get("id")?,
+            model: r.get("model")?,
+            workspace_id: r.get("workspace_id")?,
+            request_id: r.get("request_id")?,
+            connection_id: r.get("connection_id")?,
+            created_at: r.get("created_at")?,
+            updated_at: r.get("updated_at")?,
+            message: r.get("message")?,
+            is_server: r.get("is_server")?,
+            message_type: serde_json::from_str(message_type.as_str()).unwrap_or_default(),
+        })
+    }
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize, Default, TS)]
+#[serde(default, rename_all = "camelCase")]
+#[ts(export, export_to = "gen_models.ts")]
 pub struct HttpResponseHeader {
    pub name: String,
    pub value: String,
@@ -556,7 +793,7 @@ pub struct HttpResponseHeader {

 #[derive(Debug, Clone, Serialize, Deserialize, TS)]
 #[serde(rename_all = "snake_case")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub enum HttpResponseState {
    Initialized,
    Connected,
@@ -571,7 +808,7 @@ impl Default for HttpResponseState {

 #[derive(Debug, Clone, Serialize, Deserialize, Default, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub struct HttpResponse {
    #[ts(type = "\"http_response\"")]
    pub model: String,
@@ -626,7 +863,7 @@ impl<'s> TryFrom<&Row<'s>> for HttpResponse {
    fn try_from(r: &Row<'s>) -> Result<Self, Self::Error> {
        let headers: String = r.get("headers")?;
        let state: String = r.get("state")?;
-        Ok(HttpResponse {
+        Ok(Self {
            id: r.get("id")?,
            model: r.get("model")?,
            workspace_id: r.get("workspace_id")?,
@@ -658,9 +895,9 @@ impl HttpResponse {
    }
 }

-#[derive(Debug, Clone, Serialize, Deserialize, Default, TS)]
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize, Default, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub struct GrpcMetadataEntry {
    #[serde(default = "default_true")]
    #[ts(optional, as = "Option<bool>")]
@@ -671,9 +908,9 @@ pub struct GrpcMetadataEntry {
    pub id: Option<String>,
 }

-#[derive(Debug, Clone, Serialize, Deserialize, Default, TS)]
+#[derive(Debug, Clone, PartialEq, Serialize, Deserialize, Default, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub struct GrpcRequest {
    #[ts(type = "\"grpc_request\"")]
    pub model: String,
@@ -725,7 +962,7 @@ impl<'s> TryFrom<&Row<'s>> for GrpcRequest {
    fn try_from(r: &Row<'s>) -> Result<Self, Self::Error> {
        let authentication: String = r.get("authentication")?;
        let metadata: String = r.get("metadata")?;
-        Ok(GrpcRequest {
+        Ok(Self {
            id: r.get("id")?,
            model: r.get("model")?,
            workspace_id: r.get("workspace_id")?,
@@ -748,7 +985,7 @@ impl<'s> TryFrom<&Row<'s>> for GrpcRequest {

 #[derive(Debug, Clone, Serialize, Deserialize, TS)]
 #[serde(rename_all = "snake_case")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub enum GrpcConnectionState {
    Initialized,
    Connected,
@@ -763,7 +1000,7 @@ impl Default for GrpcConnectionState {

 #[derive(Debug, Clone, Serialize, Deserialize, Default, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub struct GrpcConnection {
    #[ts(type = "\"grpc_connection\"")]
    pub model: String,
@@ -810,7 +1047,7 @@ impl<'s> TryFrom<&Row<'s>> for GrpcConnection {
    fn try_from(r: &Row<'s>) -> Result<Self, Self::Error> {
        let trailers: String = r.get("trailers")?;
        let state: String = r.get("state")?;
-        Ok(GrpcConnection {
+        Ok(Self {
            id: r.get("id")?,
            model: r.get("model")?,
            workspace_id: r.get("workspace_id")?,
@@ -831,7 +1068,7 @@ impl<'s> TryFrom<&Row<'s>> for GrpcConnection {

 #[derive(Debug, Clone, Serialize, Deserialize, Eq, PartialEq, TS)]
 #[serde(rename_all = "snake_case")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub enum GrpcEventType {
    Info,
    Error,
@@ -849,7 +1086,7 @@ impl Default for GrpcEventType {

 #[derive(Debug, Clone, Serialize, Deserialize, Default, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub struct GrpcEvent {
    #[ts(type = "\"grpc_event\"")]
    pub model: String,
@@ -892,7 +1129,7 @@ impl<'s> TryFrom<&Row<'s>> for GrpcEvent {
    fn try_from(r: &Row<'s>) -> Result<Self, Self::Error> {
        let event_type: String = r.get("event_type")?;
        let metadata: String = r.get("metadata")?;
-        Ok(GrpcEvent {
+        Ok(Self {
            id: r.get("id")?,
            model: r.get("model")?,
            workspace_id: r.get("workspace_id")?,
@@ -911,7 +1148,7 @@ impl<'s> TryFrom<&Row<'s>> for GrpcEvent {

 #[derive(Debug, Clone, Serialize, Deserialize, Default, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub struct Plugin {
    #[ts(type = "\"plugin\"")]
    pub model: String,
@@ -944,7 +1181,7 @@ impl<'s> TryFrom<&Row<'s>> for Plugin {
    type Error = rusqlite::Error;

    fn try_from(r: &Row<'s>) -> Result<Self, Self::Error> {
-        Ok(Plugin {
+        Ok(Self {
            id: r.get("id")?,
            model: r.get("model")?,
            created_at: r.get("created_at")?,
@@ -959,7 +1196,7 @@ impl<'s> TryFrom<&Row<'s>> for Plugin {

 #[derive(Debug, Clone, Serialize, Deserialize, Default, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub struct SyncState {
    #[ts(type = "\"sync_state\"")]
    pub model: String,
@@ -977,7 +1214,7 @@ pub struct SyncState {

 #[derive(Debug, Clone, Serialize, Deserialize, Default, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub struct SyncHistory {
    #[ts(type = "\"sync_history\"")]
    pub model: String,
@@ -1012,7 +1249,7 @@ impl<'s> TryFrom<&Row<'s>> for SyncState {
    type Error = rusqlite::Error;

    fn try_from(r: &Row<'s>) -> Result<Self, Self::Error> {
-        Ok(SyncState {
+        Ok(Self {
            id: r.get("id")?,
            workspace_id: r.get("workspace_id")?,
            model: r.get("model")?,
@@ -1029,7 +1266,7 @@ impl<'s> TryFrom<&Row<'s>> for SyncState {

 #[derive(Debug, Clone, Serialize, Deserialize, Default, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub struct KeyValue {
    #[ts(type = "\"key_value\"")]
    pub model: String,
@@ -1058,7 +1295,7 @@ impl<'s> TryFrom<&Row<'s>> for KeyValue {
    type Error = rusqlite::Error;

    fn try_from(r: &Row<'s>) -> Result<Self, Self::Error> {
-        Ok(KeyValue {
+        Ok(Self {
            model: r.get("model")?,
            created_at: r.get("created_at")?,
            updated_at: r.get("updated_at")?,
@@ -1069,11 +1306,53 @@ impl<'s> TryFrom<&Row<'s>> for KeyValue {
    }
 }

+#[derive(Debug, Clone, Serialize, Deserialize, Default, TS)]
+#[serde(default, rename_all = "camelCase")]
+#[ts(export, export_to = "gen_models.ts")]
+pub struct PluginKeyValue {
+    #[ts(type = "\"plugin_key_value\"")]
+    pub model: String,
+    pub created_at: NaiveDateTime,
+    pub updated_at: NaiveDateTime,
+
+    pub plugin_name: String,
+    pub key: String,
+    pub value: String,
+}
+
+#[derive(Iden)]
+pub enum PluginKeyValueIden {
+    #[iden = "plugin_key_values"]
+    Table,
+    Model,
+    CreatedAt,
+    UpdatedAt,
+
+    PluginName,
+    Key,
+    Value,
+}
+
+impl<'s> TryFrom<&Row<'s>> for PluginKeyValue {
+    type Error = rusqlite::Error;
+
+    fn try_from(r: &Row<'s>) -> Result<Self, Self::Error> {
+        Ok(Self {
+            model: r.get("model")?,
+            created_at: r.get("created_at")?,
+            updated_at: r.get("updated_at")?,
+            plugin_name: r.get("plugin_name")?,
+            key: r.get("key")?,
+            value: r.get("value")?,
+        })
+    }
+}
+
 fn default_true() -> bool {
    true
 }

-fn default_http_request_method() -> String {
+fn default_http_method() -> String {
    "GET".to_string()
 }

@@ -1087,9 +1366,12 @@ pub enum ModelType {
    TypeHttpRequest,
    TypeHttpResponse,
    TypePlugin,
+    TypeSyncState,
+    TypeWebSocketConnection,
+    TypeWebSocketEvent,
+    TypeWebsocketRequest,
    TypeWorkspace,
    TypeWorkspaceMeta,
-    TypeSyncState,
 }

 impl ModelType {
@@ -1107,6 +1389,9 @@ impl ModelType {
            ModelType::TypeWorkspace => "wk",
            ModelType::TypeWorkspaceMeta => "wm",
            ModelType::TypeSyncState => "ss",
+            ModelType::TypeWebSocketConnection => "wc",
+            ModelType::TypeWebSocketEvent => "we",
+            ModelType::TypeWebsocketRequest => "wr",
        }
        .to_string()
    }
@@ -1114,7 +1399,7 @@ impl ModelType {

 #[derive(Debug, Clone, Serialize, TS)]
 #[serde(rename_all = "camelCase", untagged)]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub enum AnyModel {
    CookieJar(CookieJar),
    Environment(Environment),
@@ -1129,6 +1414,9 @@ pub enum AnyModel {
    KeyValue(KeyValue),
    Workspace(Workspace),
    WorkspaceMeta(WorkspaceMeta),
+    WebsocketConnection(WebsocketConnection),
+    WebsocketEvent(WebsocketEvent),
+    WebsocketRequest(WebsocketRequest),
 }

 impl<'de> Deserialize<'de> for AnyModel {
--- a/src-tauri/yaak-models/src/queries.rs
+++ b/src-tauri/yaak-models/src/queries.rs
@@ -5,7 +5,9 @@ use crate::models::{
    GrpcConnection, GrpcConnectionIden, GrpcConnectionState, GrpcEvent, GrpcEventIden, GrpcRequest,
    GrpcRequestIden, HttpRequest, HttpRequestIden, HttpResponse, HttpResponseHeader,
    HttpResponseIden, HttpResponseState, KeyValue, KeyValueIden, ModelType, Plugin, PluginIden,
-    Settings, SettingsIden, SyncState, SyncStateIden, Workspace, WorkspaceIden, WorkspaceMeta,
+    PluginKeyValue, PluginKeyValueIden, Settings, SettingsIden, SyncState, SyncStateIden,
+    WebsocketConnection, WebsocketConnectionIden, WebsocketEvent, WebsocketEventIden,
+    WebsocketRequest, WebsocketRequestIden, Workspace, WorkspaceIden, WorkspaceMeta,
    WorkspaceMetaIden,
 };
 use crate::plugin::SqliteConnection;
@@ -23,8 +25,7 @@ use std::path::Path;
 use tauri::{AppHandle, Emitter, Listener, Manager, Runtime, WebviewWindow};
 use ts_rs::TS;

-const MAX_GRPC_CONNECTIONS_PER_REQUEST: usize = 20;
-const MAX_HTTP_RESPONSES_PER_REQUEST: usize = MAX_GRPC_CONNECTIONS_PER_REQUEST;
+const MAX_HISTORY_ITEMS: usize = 20;

 pub async fn set_key_value_string<R: Runtime>(
    mgr: &WebviewWindow<R>,
@@ -165,6 +166,90 @@ pub async fn get_key_value_raw<R: Runtime>(
    db.query_row(sql.as_str(), &*params.as_params(), |row| row.try_into()).ok()
 }

+pub async fn get_plugin_key_value<R: Runtime>(
+    mgr: &impl Manager<R>,
+    plugin_name: &str,
+    key: &str,
+) -> Option<PluginKeyValue> {
+    let dbm = &*mgr.state::<SqliteConnection>();
+    let db = dbm.0.lock().await.get().unwrap();
+    let (sql, params) = Query::select()
+        .from(PluginKeyValueIden::Table)
+        .column(Asterisk)
+        .cond_where(
+            Cond::all()
+                .add(Expr::col(PluginKeyValueIden::PluginName).eq(plugin_name))
+                .add(Expr::col(PluginKeyValueIden::Key).eq(key)),
+        )
+        .build_rusqlite(SqliteQueryBuilder);
+
+    db.query_row(sql.as_str(), &*params.as_params(), |row| row.try_into()).ok()
+}
+
+pub async fn set_plugin_key_value<R: Runtime>(
+    mgr: &impl Manager<R>,
+    plugin_name: &str,
+    key: &str,
+    value: &str,
+) -> (PluginKeyValue, bool) {
+    let existing = get_plugin_key_value(mgr, plugin_name, key).await;
+
+    let dbm = &*mgr.state::<SqliteConnection>();
+    let db = dbm.0.lock().await.get().unwrap();
+    let (sql, params) = Query::insert()
+        .into_table(PluginKeyValueIden::Table)
+        .columns([
+            PluginKeyValueIden::CreatedAt,
+            PluginKeyValueIden::UpdatedAt,
+            PluginKeyValueIden::PluginName,
+            PluginKeyValueIden::Key,
+            PluginKeyValueIden::Value,
+        ])
+        .values_panic([
+            CurrentTimestamp.into(),
+            CurrentTimestamp.into(),
+            plugin_name.into(),
+            key.into(),
+            value.into(),
+        ])
+        .on_conflict(
+            OnConflict::new()
+                .update_columns([PluginKeyValueIden::UpdatedAt, PluginKeyValueIden::Value])
+                .to_owned(),
+        )
+        .returning_all()
+        .build_rusqlite(SqliteQueryBuilder);
+
+    let mut stmt = db.prepare(sql.as_str()).expect("Failed to prepare PluginKeyValue upsert");
+    let m: PluginKeyValue = stmt
+        .query_row(&*params.as_params(), |row| row.try_into())
+        .expect("Failed to upsert KeyValue");
+    (m, existing.is_none())
+}
+
+pub async fn delete_plugin_key_value<R: Runtime>(
+    mgr: &impl Manager<R>,
+    plugin_name: &str,
+    key: &str,
+) -> bool {
+    if let None = get_plugin_key_value(mgr, plugin_name, key).await {
+        return false;
+    }
+
+    let dbm = &*mgr.state::<SqliteConnection>();
+    let db = dbm.0.lock().await.get().unwrap();
+    let (sql, params) = Query::delete()
+        .from_table(PluginKeyValueIden::Table)
+        .cond_where(
+            Cond::all()
+                .add(Expr::col(PluginKeyValueIden::PluginName).eq(plugin_name))
+                .add(Expr::col(PluginKeyValueIden::Key).eq(key)),
+        )
+        .build_rusqlite(SqliteQueryBuilder);
+    db.execute(sql.as_str(), &*params.as_params()).expect("Failed to delete PluginKeyValue");
+    true
+}
+
 pub async fn list_workspaces<R: Runtime>(mgr: &impl Manager<R>) -> Result<Vec<Workspace>> {
    let dbm = &*mgr.state::<SqliteConnection>();
    let db = dbm.0.lock().await.get().unwrap();
@@ -582,8 +667,8 @@ pub async fn upsert_grpc_connection<R: Runtime>(
    update_source: &UpdateSource,
 ) -> Result<GrpcConnection> {
    let connections =
-        list_http_responses_for_request(window, connection.request_id.as_str(), None).await?;
-    for c in connections.iter().skip(MAX_GRPC_CONNECTIONS_PER_REQUEST - 1) {
+        list_grpc_connections_for_request(window, connection.request_id.as_str()).await?;
+    for c in connections.iter().skip(MAX_HISTORY_ITEMS - 1) {
        debug!("Deleting old grpc connection {}", c.id);
        delete_grpc_connection(window, c.id.as_str(), update_source).await?;
    }
@@ -834,6 +919,381 @@ pub async fn list_grpc_events<R: Runtime>(
    Ok(items.map(|v| v.unwrap()).collect())
 }

+pub async fn delete_websocket_request<R: Runtime>(
+    window: &WebviewWindow<R>,
+    id: &str,
+    update_source: &UpdateSource,
+) -> Result<WebsocketRequest> {
+    let request = match get_websocket_request(window, id).await? {
+        Some(r) => r,
+        None => {
+            return Err(ModelNotFound(id.to_string()));
+        }
+    };
+
+    let dbm = &*window.app_handle().state::<SqliteConnection>();
+    let db = dbm.0.lock().await.get().unwrap();
+    let (sql, params) = Query::delete()
+        .from_table(WebsocketRequestIden::Table)
+        .cond_where(Expr::col(WebsocketRequestIden::Id).eq(id))
+        .build_rusqlite(SqliteQueryBuilder);
+    db.execute(sql.as_str(), &*params.as_params())?;
+
+    emit_deleted_model(window, &AnyModel::WebsocketRequest(request.to_owned()), update_source);
+    Ok(request)
+}
+
+pub async fn delete_websocket_connection<R: Runtime>(
+    window: &WebviewWindow<R>,
+    id: &str,
+    update_source: &UpdateSource,
+) -> Result<WebsocketConnection> {
+    let m = get_websocket_connection(window, id).await?;
+
+    let dbm = &*window.app_handle().state::<SqliteConnection>();
+    let db = dbm.0.lock().await.get().unwrap();
+    let (sql, params) = Query::delete()
+        .from_table(WebsocketConnectionIden::Table)
+        .cond_where(Expr::col(WebsocketConnectionIden::Id).eq(id))
+        .build_rusqlite(SqliteQueryBuilder);
+    db.execute(sql.as_str(), &*params.as_params())?;
+
+    emit_deleted_model(window, &AnyModel::WebsocketConnection(m.to_owned()), update_source);
+    Ok(m)
+}
+
+pub async fn delete_all_websocket_connections<R: Runtime>(
+    window: &WebviewWindow<R>,
+    request_id: &str,
+    update_source: &UpdateSource,
+) -> Result<()> {
+    for c in list_websocket_connections_for_request(window, request_id).await? {
+        delete_websocket_connection(window, &c.id, update_source).await?;
+    }
+    Ok(())
+}
+
+pub async fn delete_all_websocket_connections_for_workspace<R: Runtime>(
+    window: &WebviewWindow<R>,
+    workspace_id: &str,
+    update_source: &UpdateSource,
+) -> Result<()> {
+    for c in list_websocket_connections_for_workspace(window, workspace_id).await? {
+        delete_websocket_connection(window, &c.id, update_source).await?;
+    }
+    Ok(())
+}
+
+pub async fn get_websocket_connection<R: Runtime>(
+    mgr: &impl Manager<R>,
+    id: &str,
+) -> Result<WebsocketConnection> {
+    let dbm = &*mgr.state::<SqliteConnection>();
+    let db = dbm.0.lock().await.get().unwrap();
+    let (sql, params) = Query::select()
+        .from(WebsocketConnectionIden::Table)
+        .column(Asterisk)
+        .cond_where(Expr::col(WebsocketConnectionIden::Id).eq(id))
+        .build_rusqlite(SqliteQueryBuilder);
+    let mut stmt = db.prepare(sql.as_str())?;
+    Ok(stmt.query_row(&*params.as_params(), |row| row.try_into())?)
+}
+
+pub async fn upsert_websocket_event<R: Runtime>(
+    window: &WebviewWindow<R>,
+    event: WebsocketEvent,
+    update_source: &UpdateSource,
+) -> Result<WebsocketEvent> {
+    let id = match event.id.as_str() {
+        "" => generate_model_id(ModelType::TypeWebSocketEvent),
+        _ => event.id.to_string(),
+    };
+
+    let dbm = &*window.app_handle().state::<SqliteConnection>();
+    let db = dbm.0.lock().await.get().unwrap();
+    let (sql, params) = Query::insert()
+        .into_table(WebsocketEventIden::Table)
+        .columns([
+            WebsocketEventIden::Id,
+            WebsocketEventIden::CreatedAt,
+            WebsocketEventIden::UpdatedAt,
+            WebsocketEventIden::WorkspaceId,
+            WebsocketEventIden::ConnectionId,
+            WebsocketEventIden::RequestId,
+            WebsocketEventIden::MessageType,
+            WebsocketEventIden::IsServer,
+            WebsocketEventIden::Message,
+        ])
+        .values_panic([
+            id.into(),
+            timestamp_for_upsert(update_source, event.created_at).into(),
+            timestamp_for_upsert(update_source, event.updated_at).into(),
+            event.workspace_id.into(),
+            event.connection_id.into(),
+            event.request_id.into(),
+            serde_json::to_string(&event.message_type)?.into(),
+            event.is_server.into(),
+            event.message.into(),
+        ])
+        .on_conflict(
+            OnConflict::column(WebsocketEventIden::Id)
+                .update_columns([
+                    WebsocketEventIden::UpdatedAt,
+                    WebsocketEventIden::MessageType,
+                    WebsocketEventIden::IsServer,
+                    WebsocketEventIden::Message,
+                ])
+                .to_owned(),
+        )
+        .returning_all()
+        .build_rusqlite(SqliteQueryBuilder);
+
+    let mut stmt = db.prepare(sql.as_str())?;
+    let m: WebsocketEvent = stmt.query_row(&*params.as_params(), |row| row.try_into())?;
+    emit_upserted_model(window, &AnyModel::WebsocketEvent(m.to_owned()), update_source);
+    Ok(m)
+}
+
+pub async fn duplicate_websocket_request<R: Runtime>(
+    window: &WebviewWindow<R>,
+    id: &str,
+    update_source: &UpdateSource,
+) -> Result<WebsocketRequest> {
+    let mut request = match get_websocket_request(window, id).await? {
+        None => return Err(ModelNotFound(id.to_string())),
+        Some(r) => r,
+    };
+    request.id = "".to_string();
+    request.sort_priority = request.sort_priority + 0.001;
+    upsert_websocket_request(window, request, update_source).await
+}
+
+pub async fn upsert_websocket_request<R: Runtime>(
+    window: &WebviewWindow<R>,
+    request: WebsocketRequest,
+    update_source: &UpdateSource,
+) -> Result<WebsocketRequest> {
+    let id = match request.id.as_str() {
+        "" => generate_model_id(ModelType::TypeWebsocketRequest),
+        _ => request.id.to_string(),
+    };
+    let trimmed_name = request.name.trim();
+
+    let dbm = &*window.app_handle().state::<SqliteConnection>();
+    let db = dbm.0.lock().await.get().unwrap();
+    let (sql, params) = Query::insert()
+        .into_table(WebsocketRequestIden::Table)
+        .columns([
+            WebsocketRequestIden::Id,
+            WebsocketRequestIden::CreatedAt,
+            WebsocketRequestIden::UpdatedAt,
+            WebsocketRequestIden::WorkspaceId,
+            WebsocketRequestIden::FolderId,
+            WebsocketRequestIden::Authentication,
+            WebsocketRequestIden::AuthenticationType,
+            WebsocketRequestIden::Description,
+            WebsocketRequestIden::Headers,
+            WebsocketRequestIden::Message,
+            WebsocketRequestIden::Name,
+            WebsocketRequestIden::SortPriority,
+            WebsocketRequestIden::Url,
+            WebsocketRequestIden::UrlParameters,
+        ])
+        .values_panic([
+            id.into(),
+            timestamp_for_upsert(update_source, request.created_at).into(),
+            timestamp_for_upsert(update_source, request.updated_at).into(),
+            request.workspace_id.into(),
+            request.folder_id.as_ref().map(|s| s.as_str()).into(),
+            serde_json::to_string(&request.authentication)?.into(),
+            request.authentication_type.as_ref().map(|s| s.as_str()).into(),
+            request.description.into(),
+            serde_json::to_string(&request.headers)?.into(),
+            request.message.into(),
+            trimmed_name.into(),
+            request.sort_priority.into(),
+            request.url.into(),
+            serde_json::to_string(&request.url_parameters)?.into(),
+        ])
+        .on_conflict(
+            OnConflict::column(WebsocketRequestIden::Id)
+                .update_columns([
+                    WebsocketRequestIden::UpdatedAt,
+                    WebsocketRequestIden::WorkspaceId,
+                    WebsocketRequestIden::FolderId,
+                    WebsocketRequestIden::Authentication,
+                    WebsocketRequestIden::AuthenticationType,
+                    WebsocketRequestIden::Description,
+                    WebsocketRequestIden::Headers,
+                    WebsocketRequestIden::Message,
+                    WebsocketRequestIden::Name,
+                    WebsocketRequestIden::SortPriority,
+                    WebsocketRequestIden::Url,
+                    WebsocketRequestIden::UrlParameters,
+                ])
+                .to_owned(),
+        )
+        .returning_all()
+        .build_rusqlite(SqliteQueryBuilder);
+
+    let mut stmt = db.prepare(sql.as_str())?;
+    let m: WebsocketRequest = stmt.query_row(&*params.as_params(), |row| row.try_into())?;
+    emit_upserted_model(window, &AnyModel::WebsocketRequest(m.to_owned()), update_source);
+    Ok(m)
+}
+
+pub async fn list_websocket_connections_for_workspace<R: Runtime>(
+    mgr: &impl Manager<R>,
+    workspace_id: &str,
+) -> Result<Vec<WebsocketConnection>> {
+    let dbm = &*mgr.state::<SqliteConnection>();
+    let db = dbm.0.lock().await.get().unwrap();
+
+    let (sql, params) = Query::select()
+        .from(WebsocketConnectionIden::Table)
+        .cond_where(Expr::col(WebsocketConnectionIden::WorkspaceId).eq(workspace_id))
+        .column(Asterisk)
+        .order_by(WebsocketConnectionIden::CreatedAt, Order::Desc)
+        .build_rusqlite(SqliteQueryBuilder);
+    let mut stmt = db.prepare(sql.as_str())?;
+    let items = stmt.query_map(&*params.as_params(), |row| row.try_into())?;
+    Ok(items.map(|v| v.unwrap()).collect())
+}
+
+pub async fn list_websocket_connections_for_request<R: Runtime>(
+    mgr: &impl Manager<R>,
+    request_id: &str,
+) -> Result<Vec<WebsocketConnection>> {
+    let dbm = &*mgr.state::<SqliteConnection>();
+    let db = dbm.0.lock().await.get().unwrap();
+
+    let (sql, params) = Query::select()
+        .from(WebsocketConnectionIden::Table)
+        .cond_where(Expr::col(WebsocketConnectionIden::RequestId).eq(request_id))
+        .column(Asterisk)
+        .order_by(WebsocketConnectionIden::CreatedAt, Order::Desc)
+        .build_rusqlite(SqliteQueryBuilder);
+    let mut stmt = db.prepare(sql.as_str())?;
+    let items = stmt.query_map(&*params.as_params(), |row| row.try_into())?;
+    Ok(items.map(|v| v.unwrap()).collect())
+}
+
+pub async fn upsert_websocket_connection<R: Runtime>(
+    window: &WebviewWindow<R>,
+    connection: &WebsocketConnection,
+    update_source: &UpdateSource,
+) -> Result<WebsocketConnection> {
+    let connections =
+        list_websocket_connections_for_request(window, connection.request_id.as_str()).await?;
+    for c in connections.iter().skip(MAX_HISTORY_ITEMS - 1) {
+        debug!("Deleting old websocket connection {}", c.id);
+        delete_websocket_connection(window, c.id.as_str(), update_source).await?;
+    }
+
+    let id = match connection.id.as_str() {
+        "" => generate_model_id(ModelType::TypeWebSocketConnection),
+        _ => connection.id.to_string(),
+    };
+    let dbm = &*window.app_handle().state::<SqliteConnection>();
+    let db = dbm.0.lock().await.get().unwrap();
+    let (sql, params) = Query::insert()
+        .into_table(WebsocketConnectionIden::Table)
+        .columns([
+            WebsocketConnectionIden::Id,
+            WebsocketConnectionIden::CreatedAt,
+            WebsocketConnectionIden::UpdatedAt,
+            WebsocketConnectionIden::WorkspaceId,
+            WebsocketConnectionIden::RequestId,
+            WebsocketConnectionIden::Elapsed,
+            WebsocketConnectionIden::Error,
+            WebsocketConnectionIden::Headers,
+            WebsocketConnectionIden::State,
+            WebsocketConnectionIden::Status,
+            WebsocketConnectionIden::Url,
+        ])
+        .values_panic([
+            id.as_str().into(),
+            timestamp_for_upsert(update_source, connection.created_at).into(),
+            timestamp_for_upsert(update_source, connection.updated_at).into(),
+            connection.workspace_id.as_str().into(),
+            connection.request_id.as_str().into(),
+            connection.elapsed.into(),
+            connection.error.as_ref().map(|s| s.as_str()).into(),
+            serde_json::to_string(&connection.headers)?.into(),
+            serde_json::to_value(&connection.state)?.as_str().into(),
+            connection.status.into(),
+            connection.url.as_str().into(),
+        ])
+        .on_conflict(
+            OnConflict::column(WebsocketConnectionIden::Id)
+                .update_columns([
+                    WebsocketConnectionIden::UpdatedAt,
+                    WebsocketConnectionIden::Elapsed,
+                    WebsocketConnectionIden::Error,
+                    WebsocketConnectionIden::Headers,
+                    WebsocketConnectionIden::State,
+                    WebsocketConnectionIden::Status,
+                    WebsocketConnectionIden::Url,
+                ])
+                .to_owned(),
+        )
+        .returning_all()
+        .build_rusqlite(SqliteQueryBuilder);
+
+    let mut stmt = db.prepare(sql.as_str())?;
+    let m: WebsocketConnection = stmt.query_row(&*params.as_params(), |row| row.try_into())?;
+    emit_upserted_model(window, &AnyModel::WebsocketConnection(m.to_owned()), update_source);
+    Ok(m)
+}
+
+pub async fn get_websocket_request<R: Runtime>(
+    mgr: &impl Manager<R>,
+    id: &str,
+) -> Result<Option<WebsocketRequest>> {
+    let dbm = &*mgr.state::<SqliteConnection>();
+    let db = dbm.0.lock().await.get().unwrap();
+
+    let (sql, params) = Query::select()
+        .from(WebsocketRequestIden::Table)
+        .column(Asterisk)
+        .cond_where(Expr::col(WebsocketRequestIden::Id).eq(id))
+        .build_rusqlite(SqliteQueryBuilder);
+    let mut stmt = db.prepare(sql.as_str())?;
+    Ok(stmt.query_row(&*params.as_params(), |row| row.try_into()).optional()?)
+}
+
+pub async fn list_websocket_requests<R: Runtime>(
+    mgr: &impl Manager<R>,
+    workspace_id: &str,
+) -> Result<Vec<WebsocketRequest>> {
+    let dbm = &*mgr.state::<SqliteConnection>();
+    let db = dbm.0.lock().await.get().unwrap();
+    let (sql, params) = Query::select()
+        .from(WebsocketRequestIden::Table)
+        .cond_where(Expr::col(WebsocketRequestIden::WorkspaceId).eq(workspace_id))
+        .column(Asterisk)
+        .build_rusqlite(SqliteQueryBuilder);
+    let mut stmt = db.prepare(sql.as_str())?;
+    let items = stmt.query_map(&*params.as_params(), |row| row.try_into())?;
+    Ok(items.map(|v| v.unwrap()).collect())
+}
+
+pub async fn list_websocket_events<R: Runtime>(
+    mgr: &impl Manager<R>,
+    connection_id: &str,
+) -> Result<Vec<WebsocketEvent>> {
+    let dbm = &*mgr.state::<SqliteConnection>();
+    let db = dbm.0.lock().await.get().unwrap();
+    let (sql, params) = Query::select()
+        .from(WebsocketEventIden::Table)
+        .cond_where(Expr::col(WebsocketEventIden::ConnectionId).eq(connection_id))
+        .column(Asterisk)
+        .build_rusqlite(SqliteQueryBuilder);
+    let mut stmt = db.prepare(sql.as_str())?;
+    let items = stmt.query_map(&*params.as_params(), |row| row.try_into())?;
+    Ok(items.map(|v| v.unwrap()).collect())
+}
+
 pub async fn upsert_cookie_jar<R: Runtime>(
    window: &WebviewWindow<R>,
    cookie_jar: &CookieJar,
@@ -1599,7 +2059,7 @@ pub async fn create_http_response<R: Runtime>(
    update_source: &UpdateSource,
 ) -> Result<HttpResponse> {
    let responses = list_http_responses_for_request(window, request_id, None).await?;
-    for response in responses.iter().skip(MAX_HTTP_RESPONSES_PER_REQUEST - 1) {
+    for response in responses.iter().skip(MAX_HISTORY_ITEMS - 1) {
        debug!("Deleting old response {}", response.id);
        delete_http_response(window, response.id.as_str(), update_source).await?;
    }
@@ -1999,7 +2459,7 @@ pub fn generate_id() -> String {

 #[derive(Debug, Clone, Serialize, Deserialize, TS)]
 #[serde(rename_all = "camelCase")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub struct ModelPayload {
    pub model: AnyModel,
    pub window_label: String,
@@ -2008,7 +2468,7 @@ pub struct ModelPayload {

 #[derive(Debug, Clone, Serialize, Deserialize, TS)]
 #[serde(rename_all = "snake_case")]
-#[ts(export, export_to = "models.ts")]
+#[ts(export, export_to = "gen_models.ts")]
 pub enum UpdateSource {
    Sync,
    Window,
@@ -2093,6 +2553,7 @@ pub struct BatchUpsertResult {
    pub folders: Vec<Folder>,
    pub http_requests: Vec<HttpRequest>,
    pub grpc_requests: Vec<GrpcRequest>,
+    pub websocket_requests: Vec<WebsocketRequest>,
 }

 pub async fn batch_upsert<R: Runtime>(
@@ -2102,25 +2563,28 @@ pub async fn batch_upsert<R: Runtime>(
    folders: Vec<Folder>,
    http_requests: Vec<HttpRequest>,
    grpc_requests: Vec<GrpcRequest>,
+    websocket_requests: Vec<WebsocketRequest>,
    update_source: &UpdateSource,
 ) -> Result<BatchUpsertResult> {
    let mut imported_resources = BatchUpsertResult::default();

    if workspaces.len() > 0 {
+        info!("Batch inserting {} workspaces", workspaces.len());
        for v in workspaces {
            let x = upsert_workspace(&window, v, update_source).await?;
            imported_resources.workspaces.push(x.clone());
        }
-        info!("Imported {} workspaces", imported_resources.workspaces.len());
    }

    if environments.len() > 0 {
        while imported_resources.environments.len() < environments.len() {
            for v in environments.clone() {
-                if let Some(fid) = v.environment_id.clone() {
+                if let Some(id) = v.environment_id.clone() {
+                    let has_parent_to_import = environments.iter().find(|m| m.id == id).is_some();
                    let imported_parent =
-                        imported_resources.environments.iter().find(|f| f.id == fid);
-                    if imported_parent.is_none() {
+                        imported_resources.environments.iter().find(|m| m.id == id);
+                    // If there's also a parent to upsert, wait for that one
+                    if imported_parent.is_none() && has_parent_to_import {
                        continue;
                    }
                }
@@ -2137,9 +2601,11 @@ pub async fn batch_upsert<R: Runtime>(
    if folders.len() > 0 {
        while imported_resources.folders.len() < folders.len() {
            for v in folders.clone() {
-                if let Some(fid) = v.folder_id.clone() {
-                    let imported_parent = imported_resources.folders.iter().find(|f| f.id == fid);
-                    if imported_parent.is_none() {
+                if let Some(id) = v.folder_id.clone() {
+                    let has_parent_to_import = folders.iter().find(|m| m.id == id).is_some();
+                    let imported_parent = imported_resources.folders.iter().find(|m| m.id == id);
+                    // If there's also a parent to upsert, wait for that one
+                    if imported_parent.is_none() && has_parent_to_import {
                        continue;
                    }
                }
@@ -2169,6 +2635,14 @@ pub async fn batch_upsert<R: Runtime>(
        info!("Imported {} grpc_requests", imported_resources.grpc_requests.len());
    }

+    if websocket_requests.len() > 0 {
+        for v in websocket_requests {
+            let x = upsert_websocket_request(&window, v, update_source).await?;
+            imported_resources.websocket_requests.push(x.clone());
+        }
+        info!("Imported {} websocket_requests", imported_resources.websocket_requests.len());
+    }
+
    Ok(imported_resources)
 }

@@ -2187,6 +2661,7 @@ pub async fn get_workspace_export_resources<R: Runtime>(
            folders: Vec::new(),
            http_requests: Vec::new(),
            grpc_requests: Vec::new(),
+            websocket_requests: Vec::new(),
        },
    };

@@ -2196,6 +2671,9 @@ pub async fn get_workspace_export_resources<R: Runtime>(
        data.resources.folders.append(&mut list_folders(mgr, workspace_id).await?);
        data.resources.http_requests.append(&mut list_http_requests(mgr, workspace_id).await?);
        data.resources.grpc_requests.append(&mut list_grpc_requests(mgr, workspace_id).await?);
+        data.resources
+            .websocket_requests
+            .append(&mut list_websocket_requests(mgr, workspace_id).await?);
    }

    // Nuke environments if we don't want them
--- a/src-tauri/yaak-models/src/render.rs
+++ b/src-tauri/yaak-models/src/render.rs
@@ -0,0 +1,34 @@
+use std::collections::HashMap;
+use crate::models::{Environment, EnvironmentVariable};
+
+pub fn make_vars_hashmap(
+    base_environment: &Environment,
+    environment: Option<&Environment>,
+) -> HashMap<String, String> {
+    let mut variables = HashMap::new();
+    variables = add_variable_to_map(variables, &base_environment.variables);
+
+    if let Some(e) = environment {
+        variables = add_variable_to_map(variables, &e.variables);
+    }
+
+    variables
+}
+
+fn add_variable_to_map(
+    m: HashMap<String, String>,
+    variables: &Vec<EnvironmentVariable>,
+) -> HashMap<String, String> {
+    let mut map = m.clone();
+    for variable in variables {
+        if !variable.enabled || variable.value.is_empty() {
+            continue;
+        }
+        let name = variable.name.as_str();
+        let value = variable.value.as_str();
+        map.insert(name.into(), value.into());
+    }
+
+    map
+}
+
--- a/src-tauri/yaak-plugins/Cargo.toml
+++ b/src-tauri/yaak-plugins/Cargo.toml
@@ -6,17 +6,19 @@ publish = false

 [dependencies]
 dunce = "1.0.4"
+futures-util = "0.3.30"
 log = "0.4.21"
-rand = "0.8.5"
+md5 = "0.7.0"
+path-slash = "0.2.1"
+rand = "0.9.0"
+regex = "1.10.6"
 serde = { version = "1.0.198", features = ["derive"] }
 serde_json = "1.0.113"
 tauri = { workspace = true }
 tauri-plugin-shell = { workspace = true }
-tokio = { version = "1.42.0", features = ["macros", "rt-multi-thread", "process"] }
-ts-rs = { workspace = true, features = ["import-esm"] }
 thiserror = "2.0.7"
-yaak-models = { workspace = true }
-regex = "1.10.6"
-path-slash = "0.2.1"
+tokio = { version = "1.42.0", features = ["macros", "rt-multi-thread", "process"] }
 tokio-tungstenite = "0.26.1"
-futures-util = "0.3.30"
+ts-rs = { workspace = true, features = ["import-esm"] }
+yaak-models = { workspace = true }
+yaak-templates = { workspace = true }
--- a/src-tauri/yaak-plugins/bindings/events.ts
+++ b/src-tauri/yaak-plugins/bindings/events.ts
@@ -1,290 +0,0 @@
-// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { Environment } from "./models.js";
-import type { Folder } from "./models.js";
-import type { GrpcRequest } from "./models.js";
-import type { HttpRequest } from "./models.js";
-import type { HttpResponse } from "./models.js";
-import type { JsonValue } from "./serde_json/JsonValue.js";
-import type { Workspace } from "./models.js";
-
-export type BootRequest = { dir: string, watch: boolean, };
-
-export type BootResponse = { name: string, version: string, };
-
-export type CallHttpAuthenticationRequest = { config: { [key in string]?: JsonValue }, method: string, url: string, headers: Array<HttpHeader>, };
-
-export type CallHttpAuthenticationResponse = { 
-/**
- * HTTP headers to add to the request. Existing headers will be replaced, while
- * new headers will be added.
- */
-setHeaders: Array<HttpHeader>, };
-
-export type CallHttpRequestActionArgs = { httpRequest: HttpRequest, };
-
-export type CallHttpRequestActionRequest = { key: string, pluginRefId: string, args: CallHttpRequestActionArgs, };
-
-export type CallTemplateFunctionArgs = { purpose: RenderPurpose, values: { [key in string]?: string }, };
-
-export type CallTemplateFunctionRequest = { name: string, args: CallTemplateFunctionArgs, };
-
-export type CallTemplateFunctionResponse = { value: string | null, };
-
-export type Color = "custom" | "default" | "primary" | "secondary" | "info" | "success" | "notice" | "warning" | "danger";
-
-export type CopyTextRequest = { text: string, };
-
-export type EditorLanguage = "text" | "javascript" | "json" | "html" | "xml" | "graphql" | "markdown";
-
-export type EmptyPayload = {};
-
-export type ErrorResponse = { error: string, };
-
-export type ExportHttpRequestRequest = { httpRequest: HttpRequest, };
-
-export type ExportHttpRequestResponse = { content: string, };
-
-export type FileFilter = { name: string, 
-/**
- * File extensions to require
- */
-extensions: Array<string>, };
-
-export type FilterRequest = { content: string, filter: string, };
-
-export type FilterResponse = { content: string, };
-
-export type FindHttpResponsesRequest = { requestId: string, limit?: number, };
-
-export type FindHttpResponsesResponse = { httpResponses: Array<HttpResponse>, };
-
-export type FormInput = { "type": "text" } & FormInputText | { "type": "editor" } & FormInputEditor | { "type": "select" } & FormInputSelect | { "type": "checkbox" } & FormInputCheckbox | { "type": "file" } & FormInputFile | { "type": "http_request" } & FormInputHttpRequest;
-
-export type FormInputBase = { name: string, 
-/**
- * Whether the user must fill in the argument
- */
-optional?: boolean, 
-/**
- * The label of the input
- */
-label?: string, 
-/**
- * Visually hide the label of the input
- */
-hideLabel?: boolean, 
-/**
- * The default value
- */
-defaultValue?: string, };
-
-export type FormInputCheckbox = { name: string, 
-/**
- * Whether the user must fill in the argument
- */
-optional?: boolean, 
-/**
- * The label of the input
- */
-label?: string, 
-/**
- * Visually hide the label of the input
- */
-hideLabel?: boolean, 
-/**
- * The default value
- */
-defaultValue?: string, };
-
-export type FormInputEditor = { 
-/**
- * Placeholder for the text input
- */
-placeholder?: string | null, 
-/**
- * Don't show the editor gutter (line numbers, folds, etc.)
- */
-hideGutter?: boolean, 
-/**
- * Language for syntax highlighting
- */
-language?: EditorLanguage, name: string, 
-/**
- * Whether the user must fill in the argument
- */
-optional?: boolean, 
-/**
- * The label of the input
- */
-label?: string, 
-/**
- * Visually hide the label of the input
- */
-hideLabel?: boolean, 
-/**
- * The default value
- */
-defaultValue?: string, };
-
-export type FormInputFile = { 
-/**
- * The title of the file selection window
- */
-title: string, 
-/**
- * Allow selecting multiple files
- */
-multiple?: boolean, directory?: boolean, defaultPath?: string, filters?: Array<FileFilter>, name: string, 
-/**
- * Whether the user must fill in the argument
- */
-optional?: boolean, 
-/**
- * The label of the input
- */
-label?: string, 
-/**
- * Visually hide the label of the input
- */
-hideLabel?: boolean, 
-/**
- * The default value
- */
-defaultValue?: string, };
-
-export type FormInputHttpRequest = { name: string, 
-/**
- * Whether the user must fill in the argument
- */
-optional?: boolean, 
-/**
- * The label of the input
- */
-label?: string, 
-/**
- * Visually hide the label of the input
- */
-hideLabel?: boolean, 
-/**
- * The default value
- */
-defaultValue?: string, };
-
-export type FormInputSelect = { 
-/**
- * The options that will be available in the select input
- */
-options: Array<FormInputSelectOption>, name: string, 
-/**
- * Whether the user must fill in the argument
- */
-optional?: boolean, 
-/**
- * The label of the input
- */
-label?: string, 
-/**
- * Visually hide the label of the input
- */
-hideLabel?: boolean, 
-/**
- * The default value
- */
-defaultValue?: string, };
-
-export type FormInputSelectOption = { name: string, value: string, };
-
-export type FormInputText = { 
-/**
- * Placeholder for the text input
- */
-placeholder?: string | null, 
-/**
- * Placeholder for the text input
- */
-password?: boolean, name: string, 
-/**
- * Whether the user must fill in the argument
- */
-optional?: boolean, 
-/**
- * The label of the input
- */
-label?: string, 
-/**
- * Visually hide the label of the input
- */
-hideLabel?: boolean, 
-/**
- * The default value
- */
-defaultValue?: string, };
-
-export type GetHttpAuthenticationResponse = { name: string, label: string, shortLabel: string, config: Array<FormInput>, };
-
-export type GetHttpRequestActionsRequest = Record<string, never>;
-
-export type GetHttpRequestActionsResponse = { actions: Array<HttpRequestAction>, pluginRefId: string, };
-
-export type GetHttpRequestByIdRequest = { id: string, };
-
-export type GetHttpRequestByIdResponse = { httpRequest: HttpRequest | null, };
-
-export type GetTemplateFunctionsResponse = { functions: Array<TemplateFunction>, pluginRefId: string, };
-
-export type HttpHeader = { name: string, value: string, };
-
-export type HttpRequestAction = { key: string, label: string, icon?: Icon, };
-
-export type Icon = "copy" | "info" | "check_circle" | "alert_triangle" | "_unknown";
-
-export type ImportRequest = { content: string, };
-
-export type ImportResources = { workspaces: Array<Workspace>, environments: Array<Environment>, folders: Array<Folder>, httpRequests: Array<HttpRequest>, grpcRequests: Array<GrpcRequest>, };
-
-export type ImportResponse = { resources: ImportResources, };
-
-export type InternalEvent = { id: string, pluginRefId: string, pluginName: string, replyId: string | null, windowContext: WindowContext, payload: InternalEventPayload, };
-
-export type InternalEventPayload = { "type": "boot_request" } & BootRequest | { "type": "boot_response" } & BootResponse | { "type": "reload_request" } & EmptyPayload | { "type": "reload_response" } & EmptyPayload | { "type": "terminate_request" } | { "type": "terminate_response" } | { "type": "import_request" } & ImportRequest | { "type": "import_response" } & ImportResponse | { "type": "filter_request" } & FilterRequest | { "type": "filter_response" } & FilterResponse | { "type": "export_http_request_request" } & ExportHttpRequestRequest | { "type": "export_http_request_response" } & ExportHttpRequestResponse | { "type": "send_http_request_request" } & SendHttpRequestRequest | { "type": "send_http_request_response" } & SendHttpRequestResponse | { "type": "get_http_request_actions_request" } & EmptyPayload | { "type": "get_http_request_actions_response" } & GetHttpRequestActionsResponse | { "type": "call_http_request_action_request" } & CallHttpRequestActionRequest | { "type": "get_template_functions_request" } | { "type": "get_template_functions_response" } & GetTemplateFunctionsResponse | { "type": "call_template_function_request" } & CallTemplateFunctionRequest | { "type": "call_template_function_response" } & CallTemplateFunctionResponse | { "type": "get_http_authentication_request" } & EmptyPayload | { "type": "get_http_authentication_response" } & GetHttpAuthenticationResponse | { "type": "call_http_authentication_request" } & CallHttpAuthenticationRequest | { "type": "call_http_authentication_response" } & CallHttpAuthenticationResponse | { "type": "copy_text_request" } & CopyTextRequest | { "type": "render_http_request_request" } & RenderHttpRequestRequest | { "type": "render_http_request_response" } & RenderHttpRequestResponse | { "type": "template_render_request" } & TemplateRenderRequest | { "type": "template_render_response" } & TemplateRenderResponse | { "type": "show_toast_request" } & ShowToastRequest | { "type": "prompt_text_request" } & PromptTextRequest | { "type": "prompt_text_response" } & PromptTextResponse | { "type": "get_http_request_by_id_request" } & GetHttpRequestByIdRequest | { "type": "get_http_request_by_id_response" } & GetHttpRequestByIdResponse | { "type": "find_http_responses_request" } & FindHttpResponsesRequest | { "type": "find_http_responses_response" } & FindHttpResponsesResponse | { "type": "empty_response" } & EmptyPayload | { "type": "error_response" } & ErrorResponse;
-
-export type PromptTextRequest = { id: string, title: string, label: string, description?: string, defaultValue?: string, placeholder?: string, 
-/**
- * Text to add to the confirmation button
- */
-confirmText?: string, 
-/**
- * Text to add to the cancel button
- */
-cancelText?: string, 
-/**
- * Require the user to enter a non-empty value
- */
-required?: boolean, };
-
-export type PromptTextResponse = { value: string | null, };
-
-export type RenderHttpRequestRequest = { httpRequest: HttpRequest, purpose: RenderPurpose, };
-
-export type RenderHttpRequestResponse = { httpRequest: HttpRequest, };
-
-export type RenderPurpose = "send" | "preview";
-
-export type SendHttpRequestRequest = { httpRequest: HttpRequest, };
-
-export type SendHttpRequestResponse = { httpResponse: HttpResponse, };
-
-export type ShowToastRequest = { message: string, color?: Color, icon?: Icon, };
-
-export type TemplateFunction = { name: string, description?: string, 
-/**
- * Also support alternative names. This is useful for not breaking existing
- * tags when changing the `name` property
- */
-aliases?: Array<string>, args: Array<FormInput>, };
-
-export type TemplateRenderRequest = { data: JsonValue, purpose: RenderPurpose, };
-
-export type TemplateRenderResponse = { data: JsonValue, };
-
-export type WindowContext = { "type": "none" } | { "type": "label", label: string, };
--- a/src-tauri/yaak-plugins/bindings/gen_events.ts
+++ b/src-tauri/yaak-plugins/bindings/gen_events.ts
@@ -0,0 +1,406 @@
+// This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
+import type { Environment } from "./gen_models.js";
+import type { Folder } from "./gen_models.js";
+import type { GrpcRequest } from "./gen_models.js";
+import type { HttpRequest } from "./gen_models.js";
+import type { HttpResponse } from "./gen_models.js";
+import type { JsonValue } from "./serde_json/JsonValue.js";
+import type { WebsocketRequest } from "./gen_models.js";
+import type { Workspace } from "./gen_models.js";
+
+export type BootRequest = { dir: string, watch: boolean, };
+
+export type BootResponse = { name: string, version: string, };
+
+export type CallHttpAuthenticationActionArgs = { contextId: string, values: { [key in string]?: JsonPrimitive }, };
+
+export type CallHttpAuthenticationActionRequest = { index: number, pluginRefId: string, args: CallHttpAuthenticationActionArgs, };
+
+export type CallHttpAuthenticationRequest = { contextId: string, values: { [key in string]?: JsonPrimitive }, method: string, url: string, headers: Array<HttpHeader>, };
+
+export type CallHttpAuthenticationResponse = { 
+/**
+ * HTTP headers to add to the request. Existing headers will be replaced, while
+ * new headers will be added.
+ */
+setHeaders: Array<HttpHeader>, };
+
+export type CallHttpRequestActionArgs = { httpRequest: HttpRequest, };
+
+export type CallHttpRequestActionRequest = { index: number, pluginRefId: string, args: CallHttpRequestActionArgs, };
+
+export type CallTemplateFunctionArgs = { purpose: RenderPurpose, values: { [key in string]?: string }, };
+
+export type CallTemplateFunctionRequest = { name: string, args: CallTemplateFunctionArgs, };
+
+export type CallTemplateFunctionResponse = { value: string | null, };
+
+export type CloseWindowRequest = { label: string, };
+
+export type Color = "primary" | "secondary" | "info" | "success" | "notice" | "warning" | "danger";
+
+export type CompletionOptionType = "constant" | "variable";
+
+export type Content = { "type": "text", content: string, } | { "type": "markdown", content: string, };
+
+export type CopyTextRequest = { text: string, };
+
+export type DeleteKeyValueRequest = { key: string, };
+
+export type DeleteKeyValueResponse = { deleted: boolean, };
+
+export type EditorLanguage = "text" | "javascript" | "json" | "html" | "xml" | "graphql" | "markdown";
+
+export type EmptyPayload = {};
+
+export type ErrorResponse = { error: string, };
+
+export type ExportHttpRequestRequest = { httpRequest: HttpRequest, };
+
+export type ExportHttpRequestResponse = { content: string, };
+
+export type FileFilter = { name: string, 
+/**
+ * File extensions to require
+ */
+extensions: Array<string>, };
+
+export type FilterRequest = { content: string, filter: string, };
+
+export type FilterResponse = { content: string, };
+
+export type FindHttpResponsesRequest = { requestId: string, limit?: number, };
+
+export type FindHttpResponsesResponse = { httpResponses: Array<HttpResponse>, };
+
+export type FormInput = { "type": "text" } & FormInputText | { "type": "editor" } & FormInputEditor | { "type": "select" } & FormInputSelect | { "type": "checkbox" } & FormInputCheckbox | { "type": "file" } & FormInputFile | { "type": "http_request" } & FormInputHttpRequest | { "type": "accordion" } & FormInputAccordion | { "type": "banner" } & FormInputBanner | { "type": "markdown" } & FormInputMarkdown;
+
+export type FormInputAccordion = { label: string, inputs?: Array<FormInput>, hidden?: boolean, };
+
+export type FormInputBanner = { inputs?: Array<FormInput>, hidden?: boolean, color?: Color, };
+
+export type FormInputBase = { 
+/**
+ * The name of the input. The value will be stored at this object attribute in the resulting data
+ */
+name: string, 
+/**
+ * Whether this input is visible for the given configuration. Use this to
+ * make branching forms.
+ */
+hidden?: boolean, 
+/**
+ * Whether the user must fill in the argument
+ */
+optional?: boolean, 
+/**
+ * The label of the input
+ */
+label?: string, 
+/**
+ * Visually hide the label of the input
+ */
+hideLabel?: boolean, 
+/**
+ * The default value
+ */
+defaultValue?: string, disabled?: boolean, };
+
+export type FormInputCheckbox = { 
+/**
+ * The name of the input. The value will be stored at this object attribute in the resulting data
+ */
+name: string, 
+/**
+ * Whether this input is visible for the given configuration. Use this to
+ * make branching forms.
+ */
+hidden?: boolean, 
+/**
+ * Whether the user must fill in the argument
+ */
+optional?: boolean, 
+/**
+ * The label of the input
+ */
+label?: string, 
+/**
+ * Visually hide the label of the input
+ */
+hideLabel?: boolean, 
+/**
+ * The default value
+ */
+defaultValue?: string, disabled?: boolean, };
+
+export type FormInputEditor = { 
+/**
+ * Placeholder for the text input
+ */
+placeholder?: string | null, 
+/**
+ * Don't show the editor gutter (line numbers, folds, etc.)
+ */
+hideGutter?: boolean, 
+/**
+ * Language for syntax highlighting
+ */
+language?: EditorLanguage, readOnly?: boolean, completionOptions?: Array<GenericCompletionOption>, 
+/**
+ * The name of the input. The value will be stored at this object attribute in the resulting data
+ */
+name: string, 
+/**
+ * Whether this input is visible for the given configuration. Use this to
+ * make branching forms.
+ */
+hidden?: boolean, 
+/**
+ * Whether the user must fill in the argument
+ */
+optional?: boolean, 
+/**
+ * The label of the input
+ */
+label?: string, 
+/**
+ * Visually hide the label of the input
+ */
+hideLabel?: boolean, 
+/**
+ * The default value
+ */
+defaultValue?: string, disabled?: boolean, };
+
+export type FormInputFile = { 
+/**
+ * The title of the file selection window
+ */
+title: string, 
+/**
+ * Allow selecting multiple files
+ */
+multiple?: boolean, directory?: boolean, defaultPath?: string, filters?: Array<FileFilter>, 
+/**
+ * The name of the input. The value will be stored at this object attribute in the resulting data
+ */
+name: string, 
+/**
+ * Whether this input is visible for the given configuration. Use this to
+ * make branching forms.
+ */
+hidden?: boolean, 
+/**
+ * Whether the user must fill in the argument
+ */
+optional?: boolean, 
+/**
+ * The label of the input
+ */
+label?: string, 
+/**
+ * Visually hide the label of the input
+ */
+hideLabel?: boolean, 
+/**
+ * The default value
+ */
+defaultValue?: string, disabled?: boolean, };
+
+export type FormInputHttpRequest = { 
+/**
+ * The name of the input. The value will be stored at this object attribute in the resulting data
+ */
+name: string, 
+/**
+ * Whether this input is visible for the given configuration. Use this to
+ * make branching forms.
+ */
+hidden?: boolean, 
+/**
+ * Whether the user must fill in the argument
+ */
+optional?: boolean, 
+/**
+ * The label of the input
+ */
+label?: string, 
+/**
+ * Visually hide the label of the input
+ */
+hideLabel?: boolean, 
+/**
+ * The default value
+ */
+defaultValue?: string, disabled?: boolean, };
+
+export type FormInputMarkdown = { content: string, hidden?: boolean, };
+
+export type FormInputSelect = { 
+/**
+ * The options that will be available in the select input
+ */
+options: Array<FormInputSelectOption>, 
+/**
+ * The name of the input. The value will be stored at this object attribute in the resulting data
+ */
+name: string, 
+/**
+ * Whether this input is visible for the given configuration. Use this to
+ * make branching forms.
+ */
+hidden?: boolean, 
+/**
+ * Whether the user must fill in the argument
+ */
+optional?: boolean, 
+/**
+ * The label of the input
+ */
+label?: string, 
+/**
+ * Visually hide the label of the input
+ */
+hideLabel?: boolean, 
+/**
+ * The default value
+ */
+defaultValue?: string, disabled?: boolean, };
+
+export type FormInputSelectOption = { label: string, value: string, };
+
+export type FormInputText = { 
+/**
+ * Placeholder for the text input
+ */
+placeholder?: string | null, 
+/**
+ * Placeholder for the text input
+ */
+password?: boolean, 
+/**
+ * Whether to allow newlines in the input, like a <textarea/>
+ */
+multiLine?: boolean, completionOptions?: Array<GenericCompletionOption>, 
+/**
+ * The name of the input. The value will be stored at this object attribute in the resulting data
+ */
+name: string, 
+/**
+ * Whether this input is visible for the given configuration. Use this to
+ * make branching forms.
+ */
+hidden?: boolean, 
+/**
+ * Whether the user must fill in the argument
+ */
+optional?: boolean, 
+/**
+ * The label of the input
+ */
+label?: string, 
+/**
+ * Visually hide the label of the input
+ */
+hideLabel?: boolean, 
+/**
+ * The default value
+ */
+defaultValue?: string, disabled?: boolean, };
+
+export type GenericCompletionOption = { label: string, detail?: string, info?: string, type?: CompletionOptionType, boost?: number, };
+
+export type GetHttpAuthenticationConfigRequest = { contextId: string, values: { [key in string]?: JsonPrimitive }, };
+
+export type GetHttpAuthenticationConfigResponse = { args: Array<FormInput>, pluginRefId: string, actions?: Array<HttpAuthenticationAction>, };
+
+export type GetHttpAuthenticationSummaryResponse = { name: string, label: string, shortLabel: string, };
+
+export type GetHttpRequestActionsRequest = Record<string, never>;
+
+export type GetHttpRequestActionsResponse = { actions: Array<HttpRequestAction>, pluginRefId: string, };
+
+export type GetHttpRequestByIdRequest = { id: string, };
+
+export type GetHttpRequestByIdResponse = { httpRequest: HttpRequest | null, };
+
+export type GetKeyValueRequest = { key: string, };
+
+export type GetKeyValueResponse = { value?: string, };
+
+export type GetTemplateFunctionsResponse = { functions: Array<TemplateFunction>, pluginRefId: string, };
+
+export type HttpAuthenticationAction = { label: string, icon?: Icon, };
+
+export type HttpHeader = { name: string, value: string, };
+
+export type HttpRequestAction = { label: string, icon?: Icon, };
+
+export type Icon = "alert_triangle" | "check" | "check_circle" | "chevron_down" | "copy" | "info" | "pin" | "search" | "trash" | "_unknown";
+
+export type ImportRequest = { content: string, };
+
+export type ImportResources = { workspaces: Array<Workspace>, environments: Array<Environment>, folders: Array<Folder>, httpRequests: Array<HttpRequest>, grpcRequests: Array<GrpcRequest>, websocketRequests: Array<WebsocketRequest>, };
+
+export type ImportResponse = { resources: ImportResources, };
+
+export type InternalEvent = { id: string, pluginRefId: string, pluginName: string, replyId: string | null, windowContext: WindowContext, payload: InternalEventPayload, };
+
+export type InternalEventPayload = { "type": "boot_request" } & BootRequest | { "type": "boot_response" } & BootResponse | { "type": "reload_request" } & EmptyPayload | { "type": "reload_response" } & EmptyPayload | { "type": "terminate_request" } | { "type": "terminate_response" } | { "type": "import_request" } & ImportRequest | { "type": "import_response" } & ImportResponse | { "type": "filter_request" } & FilterRequest | { "type": "filter_response" } & FilterResponse | { "type": "export_http_request_request" } & ExportHttpRequestRequest | { "type": "export_http_request_response" } & ExportHttpRequestResponse | { "type": "send_http_request_request" } & SendHttpRequestRequest | { "type": "send_http_request_response" } & SendHttpRequestResponse | { "type": "get_http_request_actions_request" } & EmptyPayload | { "type": "get_http_request_actions_response" } & GetHttpRequestActionsResponse | { "type": "call_http_request_action_request" } & CallHttpRequestActionRequest | { "type": "get_template_functions_request" } | { "type": "get_template_functions_response" } & GetTemplateFunctionsResponse | { "type": "call_template_function_request" } & CallTemplateFunctionRequest | { "type": "call_template_function_response" } & CallTemplateFunctionResponse | { "type": "get_http_authentication_summary_request" } & EmptyPayload | { "type": "get_http_authentication_summary_response" } & GetHttpAuthenticationSummaryResponse | { "type": "get_http_authentication_config_request" } & GetHttpAuthenticationConfigRequest | { "type": "get_http_authentication_config_response" } & GetHttpAuthenticationConfigResponse | { "type": "call_http_authentication_request" } & CallHttpAuthenticationRequest | { "type": "call_http_authentication_response" } & CallHttpAuthenticationResponse | { "type": "call_http_authentication_action_request" } & CallHttpAuthenticationActionRequest | { "type": "call_http_authentication_action_response" } & EmptyPayload | { "type": "copy_text_request" } & CopyTextRequest | { "type": "copy_text_response" } & EmptyPayload | { "type": "render_http_request_request" } & RenderHttpRequestRequest | { "type": "render_http_request_response" } & RenderHttpRequestResponse | { "type": "get_key_value_request" } & GetKeyValueRequest | { "type": "get_key_value_response" } & GetKeyValueResponse | { "type": "set_key_value_request" } & SetKeyValueRequest | { "type": "set_key_value_response" } & SetKeyValueResponse | { "type": "delete_key_value_request" } & DeleteKeyValueRequest | { "type": "delete_key_value_response" } & DeleteKeyValueResponse | { "type": "open_window_request" } & OpenWindowRequest | { "type": "window_navigate_event" } & WindowNavigateEvent | { "type": "close_window_request" } & CloseWindowRequest | { "type": "template_render_request" } & TemplateRenderRequest | { "type": "template_render_response" } & TemplateRenderResponse | { "type": "show_toast_request" } & ShowToastRequest | { "type": "show_toast_response" } & EmptyPayload | { "type": "prompt_text_request" } & PromptTextRequest | { "type": "prompt_text_response" } & PromptTextResponse | { "type": "get_http_request_by_id_request" } & GetHttpRequestByIdRequest | { "type": "get_http_request_by_id_response" } & GetHttpRequestByIdResponse | { "type": "find_http_responses_request" } & FindHttpResponsesRequest | { "type": "find_http_responses_response" } & FindHttpResponsesResponse | { "type": "empty_response" } & EmptyPayload | { "type": "error_response" } & ErrorResponse;
+
+export type JsonPrimitive = string | number | boolean | null;
+
+export type OpenWindowRequest = { url: string, 
+/**
+ * Label for the window. If not provided, a random one will be generated.
+ */
+label: string, title?: string, size?: WindowSize, };
+
+export type PromptTextRequest = { id: string, title: string, label: string, description?: string, defaultValue?: string, placeholder?: string, 
+/**
+ * Text to add to the confirmation button
+ */
+confirmText?: string, 
+/**
+ * Text to add to the cancel button
+ */
+cancelText?: string, 
+/**
+ * Require the user to enter a non-empty value
+ */
+required?: boolean, };
+
+export type PromptTextResponse = { value: string | null, };
+
+export type RenderHttpRequestRequest = { httpRequest: HttpRequest, purpose: RenderPurpose, };
+
+export type RenderHttpRequestResponse = { httpRequest: HttpRequest, };
+
+export type RenderPurpose = "send" | "preview";
+
+export type SendHttpRequestRequest = { httpRequest: Partial<HttpRequest>, };
+
+export type SendHttpRequestResponse = { httpResponse: HttpResponse, };
+
+export type SetKeyValueRequest = { key: string, value: string, };
+
+export type SetKeyValueResponse = {};
+
+export type ShowToastRequest = { message: string, color?: Color, icon?: Icon, };
+
+export type TemplateFunction = { name: string, description?: string, 
+/**
+ * Also support alternative names. This is useful for not breaking existing
+ * tags when changing the `name` property
+ */
+aliases?: Array<string>, args: Array<FormInput>, };
+
+export type TemplateRenderRequest = { data: JsonValue, purpose: RenderPurpose, };
+
+export type TemplateRenderResponse = { data: JsonValue, };
+
+export type WindowContext = { "type": "none" } | { "type": "label", label: string, };
+
+export type WindowNavigateEvent = { url: string, };
+
+export type WindowSize = { width: number, height: number, };
--- a/packages/plugin-runtime-types/src/bindings/models.ts
+++ b/packages/plugin-runtime-types/src/bindings/models.ts
@@ -22,4 +22,6 @@ export type HttpResponseState = "initialized" | "connected" | "closed";

 export type HttpUrlParameter = { enabled?: boolean, name: string, value: string, id?: string, };

+export type WebsocketRequest = { model: "websocket_request", id: string, createdAt: string, updatedAt: string, workspaceId: string, folderId: string | null, authentication: Record<string, any>, authenticationType: string | null, description: string, headers: Array<HttpRequestHeader>, message: string, name: string, sortPriority: number, url: string, urlParameters: Array<HttpUrlParameter>, };
+
 export type Workspace = { model: "workspace", id: string, createdAt: string, updatedAt: string, name: string, description: string, settingValidateCertificates: boolean, settingFollowRedirects: boolean, settingRequestTimeout: number, };
--- a/src-tauri/yaak-plugins/index.ts
+++ b/src-tauri/yaak-plugins/index.ts
@@ -1,2 +1,2 @@
-export * from './bindings/models';
-export * from './bindings/events';
+export * from './bindings/gen_models';
+export * from './bindings/gen_events';
--- a/src-tauri/yaak-plugins/src/error.rs
+++ b/src-tauri/yaak-plugins/src/error.rs
@@ -20,6 +20,9 @@ pub enum Error {
    #[error("JSON error: {0}")]
    JsonErr(#[from] serde_json::Error),

+    #[error("Timeout elapsed: {0}")]
+    TimeoutElapsed(#[from] tokio::time::error::Elapsed),
+
    #[error("Plugin not found: {0}")]
    PluginNotFoundErr(String),

@@ -36,10 +39,4 @@ pub enum Error {
    UnknownEventErr,
 }

-impl Into<String> for Error {
-    fn into(self) -> String {
-        todo!()
-    }
-}
-
 pub type Result<T> = std::result::Result<T, Error>;
--- a/src-tauri/yaak-plugins/src/events.rs
+++ b/src-tauri/yaak-plugins/src/events.rs
@@ -1,14 +1,13 @@
 use serde::{Deserialize, Serialize};
-use serde_json::Value;
 use std::collections::HashMap;
 use tauri::{Runtime, WebviewWindow};
 use ts_rs::TS;

-use yaak_models::models::{Environment, Folder, GrpcRequest, HttpRequest, HttpResponse, Workspace};
+use yaak_models::models::{Environment, Folder, GrpcRequest, HttpRequest, HttpResponse, WebsocketRequest, Workspace};

 #[derive(Debug, Clone, Serialize, Deserialize, TS)]
 #[serde(rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct InternalEvent {
    pub id: String,
    pub plugin_ref_id: String,
@@ -29,12 +28,12 @@ pub(crate) struct InternalEventRawPayload {
    pub plugin_name: String,
    pub reply_id: Option<String>,
    pub window_context: WindowContext,
-    pub payload: Value,
+    pub payload: serde_json::Value,
 }

 #[derive(Debug, Clone, Serialize, Deserialize, TS)]
 #[serde(rename_all = "snake_case", tag = "type")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub enum WindowContext {
    None,
    Label { label: String },
@@ -50,7 +49,7 @@ impl WindowContext {

 #[derive(Debug, Clone, Serialize, Deserialize, TS)]
 #[serde(rename_all = "snake_case", tag = "type")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub enum InternalEventPayload {
    BootRequest(BootRequest),
    BootResponse(BootResponse),
@@ -84,20 +83,38 @@ pub enum InternalEventPayload {
    CallTemplateFunctionRequest(CallTemplateFunctionRequest),
    CallTemplateFunctionResponse(CallTemplateFunctionResponse),

-    GetHttpAuthenticationRequest(EmptyPayload),
-    GetHttpAuthenticationResponse(GetHttpAuthenticationResponse),
+    // Http Authentication
+    GetHttpAuthenticationSummaryRequest(EmptyPayload),
+    GetHttpAuthenticationSummaryResponse(GetHttpAuthenticationSummaryResponse),
+    GetHttpAuthenticationConfigRequest(GetHttpAuthenticationConfigRequest),
+    GetHttpAuthenticationConfigResponse(GetHttpAuthenticationConfigResponse),
    CallHttpAuthenticationRequest(CallHttpAuthenticationRequest),
    CallHttpAuthenticationResponse(CallHttpAuthenticationResponse),
+    CallHttpAuthenticationActionRequest(CallHttpAuthenticationActionRequest),
+    CallHttpAuthenticationActionResponse(EmptyPayload),

    CopyTextRequest(CopyTextRequest),
+    CopyTextResponse(EmptyPayload),

    RenderHttpRequestRequest(RenderHttpRequestRequest),
    RenderHttpRequestResponse(RenderHttpRequestResponse),

+    GetKeyValueRequest(GetKeyValueRequest),
+    GetKeyValueResponse(GetKeyValueResponse),
+    SetKeyValueRequest(SetKeyValueRequest),
+    SetKeyValueResponse(SetKeyValueResponse),
+    DeleteKeyValueRequest(DeleteKeyValueRequest),
+    DeleteKeyValueResponse(DeleteKeyValueResponse),
+
+    OpenWindowRequest(OpenWindowRequest),
+    WindowNavigateEvent(WindowNavigateEvent),
+    CloseWindowRequest(CloseWindowRequest),
+
    TemplateRenderRequest(TemplateRenderRequest),
    TemplateRenderResponse(TemplateRenderResponse),

    ShowToastRequest(ShowToastRequest),
+    ShowToastResponse(EmptyPayload),

    PromptTextRequest(PromptTextRequest),
    PromptTextResponse(PromptTextResponse),
@@ -117,19 +134,19 @@ pub enum InternalEventPayload {

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default)]
-#[ts(export, type = "{}", export_to = "events.ts")]
+#[ts(export, type = "{}", export_to = "gen_events.ts")]
 pub struct EmptyPayload {}

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default)]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct ErrorResponse {
    pub error: String,
 }

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct BootRequest {
    pub dir: String,
    pub watch: bool,
@@ -137,7 +154,7 @@ pub struct BootRequest {

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct BootResponse {
    pub name: String,
    pub version: String,
@@ -145,21 +162,21 @@ pub struct BootResponse {

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct ImportRequest {
    pub content: String,
 }

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct ImportResponse {
    pub resources: ImportResources,
 }

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct FilterRequest {
    pub content: String,
    pub filter: String,
@@ -167,49 +184,50 @@ pub struct FilterRequest {

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct FilterResponse {
    pub content: String,
 }

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct ExportHttpRequestRequest {
    pub http_request: HttpRequest,
 }

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct ExportHttpRequestResponse {
    pub content: String,
 }

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct SendHttpRequestRequest {
+    #[ts(type = "Partial<HttpRequest>")]
    pub http_request: HttpRequest,
 }

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct SendHttpRequestResponse {
    pub http_response: HttpResponse,
 }

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct CopyTextRequest {
    pub text: String,
 }

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct RenderHttpRequestRequest {
    pub http_request: HttpRequest,
    pub purpose: RenderPurpose,
@@ -217,14 +235,14 @@ pub struct RenderHttpRequestRequest {

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct RenderHttpRequestResponse {
    pub http_request: HttpRequest,
 }

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct TemplateRenderRequest {
    pub data: serde_json::Value,
    pub purpose: RenderPurpose,
@@ -232,25 +250,62 @@ pub struct TemplateRenderRequest {

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct TemplateRenderResponse {
    pub data: serde_json::Value,
 }

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
+pub struct OpenWindowRequest {
+    pub url: String,
+    /// Label for the window. If not provided, a random one will be generated.
+    pub label: String,
+    #[ts(optional)]
+    pub title: Option<String>,
+    #[ts(optional)]
+    pub size: Option<WindowSize>,
+}
+
+#[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
+#[serde(default, rename_all = "camelCase")]
+#[ts(export, export_to = "gen_events.ts")]
+pub struct WindowSize {
+    pub width: f64,
+    pub height: f64,
+}
+
+#[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
+#[serde(default, rename_all = "camelCase")]
+#[ts(export, export_to = "gen_events.ts")]
+pub struct CloseWindowRequest {
+    pub label: String,
+}
+
+#[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
+#[serde(default, rename_all = "camelCase")]
+#[ts(export, export_to = "gen_events.ts")]
+pub struct WindowNavigateEvent {
+    pub url: String,
+}
+
+#[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
+#[serde(default, rename_all = "camelCase")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct ShowToastRequest {
    pub message: String,
+
    #[ts(optional)]
    pub color: Option<Color>,
+
    #[ts(optional)]
    pub icon: Option<Icon>,
 }

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct PromptTextRequest {
    // A unique ID to identify the prompt (eg. "enter-password")
    pub id: String,
@@ -277,17 +332,15 @@ pub struct PromptTextRequest {

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct PromptTextResponse {
    pub value: Option<String>,
 }

 #[derive(Debug, Clone, Serialize, Deserialize, TS)]
 #[serde(rename_all = "snake_case")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub enum Color {
-    Custom,
-    Default,
    Primary,
    Secondary,
    Info,
@@ -299,18 +352,23 @@ pub enum Color {

 impl Default for Color {
    fn default() -> Self {
-        Color::Default
+        Color::Secondary
    }
 }

 #[derive(Debug, Clone, Serialize, Deserialize, TS)]
 #[serde(rename_all = "snake_case")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub enum Icon {
+    AlertTriangle,
+    Check,
+    CheckCircle,
+    ChevronDown,
    Copy,
    Info,
-    CheckCircle,
-    AlertTriangle,
+    Pin,
+    Search,
+    Trash,

    #[serde(untagged)]
    #[ts(type = "\"_unknown\"")]
@@ -319,17 +377,45 @@ pub enum Icon {

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
-pub struct GetHttpAuthenticationResponse {
+#[ts(export, export_to = "gen_events.ts")]
+pub struct GetHttpAuthenticationSummaryResponse {
    pub name: String,
    pub label: String,
    pub short_label: String,
-    pub config: Vec<FormInput>,
 }

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
+pub struct HttpAuthenticationAction {
+    pub label: String,
+
+    #[ts(optional)]
+    pub icon: Option<Icon>,
+}
+
+#[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
+#[serde(default, rename_all = "camelCase")]
+#[ts(export, export_to = "gen_events.ts")]
+pub struct GetHttpAuthenticationConfigRequest {
+    pub context_id: String,
+    pub values: HashMap<String, JsonPrimitive>,
+}
+
+#[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
+#[serde(default, rename_all = "camelCase")]
+#[ts(export, export_to = "gen_events.ts")]
+pub struct GetHttpAuthenticationConfigResponse {
+    pub args: Vec<FormInput>,
+    pub plugin_ref_id: String,
+
+    #[ts(optional)]
+    pub actions: Option<Vec<HttpAuthenticationAction>>,
+}
+
+#[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
+#[serde(default, rename_all = "camelCase")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct HttpHeader {
    pub name: String,
    pub value: String,
@@ -337,9 +423,10 @@ pub struct HttpHeader {

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct CallHttpAuthenticationRequest {
-    pub config: serde_json::Map<String, serde_json::Value>,
+    pub context_id: String,
+    pub values: HashMap<String, JsonPrimitive>,
    pub method: String,
    pub url: String,
    pub headers: Vec<HttpHeader>,
@@ -347,7 +434,34 @@ pub struct CallHttpAuthenticationRequest {

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
+pub struct CallHttpAuthenticationActionRequest {
+    pub index: i32,
+    pub plugin_ref_id: String,
+    pub args: CallHttpAuthenticationActionArgs,
+}
+
+#[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
+#[serde(default, rename_all = "camelCase")]
+#[ts(export, export_to = "gen_events.ts")]
+pub struct CallHttpAuthenticationActionArgs {
+    pub context_id: String,
+    pub values: HashMap<String, JsonPrimitive>,
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize, TS)]
+#[serde(untagged)]
+#[ts(export, export_to = "gen_events.ts")]
+pub enum JsonPrimitive {
+    String(String),
+    Number(f64),
+    Boolean(bool),
+    Null,
+}
+
+#[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
+#[serde(default, rename_all = "camelCase")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct CallHttpAuthenticationResponse {
    /// HTTP headers to add to the request. Existing headers will be replaced, while
    /// new headers will be added.
@@ -356,7 +470,7 @@ pub struct CallHttpAuthenticationResponse {

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct GetTemplateFunctionsResponse {
    pub functions: Vec<TemplateFunction>,
    pub plugin_ref_id: String,
@@ -364,9 +478,10 @@ pub struct GetTemplateFunctionsResponse {

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct TemplateFunction {
    pub name: String,
+
    #[ts(optional)]
    pub description: Option<String>,

@@ -379,7 +494,7 @@ pub struct TemplateFunction {

 #[derive(Debug, Clone, Serialize, Deserialize, TS)]
 #[serde(rename_all = "snake_case", tag = "type")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub enum FormInput {
    Text(FormInputText),
    Editor(FormInputEditor),
@@ -387,14 +502,23 @@ pub enum FormInput {
    Checkbox(FormInputCheckbox),
    File(FormInputFile),
    HttpRequest(FormInputHttpRequest),
+    Accordion(FormInputAccordion),
+    Banner(FormInputBanner),
+    Markdown(FormInputMarkdown),
 }

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct FormInputBase {
+    /// The name of the input. The value will be stored at this object attribute in the resulting data
    pub name: String,

+    /// Whether this input is visible for the given configuration. Use this to
+    /// make branching forms.
+    #[ts(optional)]
+    pub hidden: Option<bool>,
+
    /// Whether the user must fill in the argument
    #[ts(optional)]
    pub optional: Option<bool>,
@@ -410,11 +534,14 @@ pub struct FormInputBase {
    /// The default value
    #[ts(optional)]
    pub default_value: Option<String>,
+
+    #[ts(optional)]
+    pub disabled: Option<bool>,
 }

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct FormInputText {
    #[serde(flatten)]
    pub base: FormInputBase,
@@ -426,11 +553,18 @@ pub struct FormInputText {
    /// Placeholder for the text input
    #[ts(optional)]
    pub password: Option<bool>,
+
+    /// Whether to allow newlines in the input, like a <textarea/>
+    #[ts(optional)]
+    pub multi_line: Option<bool>,
+
+    #[ts(optional)]
+    pub completion_options: Option<Vec<GenericCompletionOption>>,
 }

 #[derive(Debug, Clone, Serialize, Deserialize, TS)]
 #[serde(rename_all = "snake_case")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub enum EditorLanguage {
    Text,
    Javascript,
@@ -449,7 +583,7 @@ impl Default for EditorLanguage {

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct FormInputEditor {
    #[serde(flatten)]
    pub base: FormInputBase,
@@ -465,11 +599,45 @@ pub struct FormInputEditor {
    /// Language for syntax highlighting
    #[ts(optional)]
    pub language: Option<EditorLanguage>,
+
+    #[ts(optional)]
+    pub read_only: Option<bool>,
+
+    #[ts(optional)]
+    pub completion_options: Option<Vec<GenericCompletionOption>>,
 }

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
+pub struct GenericCompletionOption {
+    label: String,
+
+    #[ts(optional)]
+    detail: Option<String>,
+
+    #[ts(optional)]
+    info: Option<String>,
+
+    #[ts(optional)]
+    #[serde(rename = "type")]
+    pub type_: Option<CompletionOptionType>,
+
+    #[ts(optional)]
+    pub boost: Option<i32>,
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize, TS)]
+#[serde(rename_all = "snake_case")]
+#[ts(export, export_to = "gen_events.ts")]
+pub enum CompletionOptionType {
+    Constant,
+    Variable,
+}
+
+#[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
+#[serde(default, rename_all = "camelCase")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct FormInputHttpRequest {
    #[serde(flatten)]
    pub base: FormInputBase,
@@ -477,7 +645,7 @@ pub struct FormInputHttpRequest {

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct FormInputFile {
    #[serde(flatten)]
    pub base: FormInputBase,
@@ -504,7 +672,7 @@ pub struct FormInputFile {

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct FileFilter {
    pub name: String,
    /// File extensions to require
@@ -513,7 +681,7 @@ pub struct FileFilter {

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct FormInputSelect {
    #[serde(flatten)]
    pub base: FormInputBase,
@@ -524,7 +692,7 @@ pub struct FormInputSelect {

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct FormInputCheckbox {
    #[serde(flatten)]
    pub base: FormInputBase,
@@ -532,15 +700,68 @@ pub struct FormInputCheckbox {

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct FormInputSelectOption {
-    pub name: String,
+    pub label: String,
    pub value: String,
 }

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
+pub struct FormInputAccordion {
+    pub label: String,
+
+    #[ts(optional)]
+    pub inputs: Option<Vec<FormInput>>,
+
+    #[ts(optional)]
+    pub hidden: Option<bool>,
+}
+
+#[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
+#[serde(default, rename_all = "camelCase")]
+#[ts(export, export_to = "gen_events.ts")]
+pub struct FormInputBanner {
+    #[ts(optional)]
+    pub inputs: Option<Vec<FormInput>>,
+
+    #[ts(optional)]
+    pub hidden: Option<bool>,
+
+    #[ts(optional)]
+    pub color: Option<Color>,
+}
+
+#[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
+#[serde(default, rename_all = "camelCase")]
+#[ts(export, export_to = "gen_events.ts")]
+pub struct FormInputMarkdown {
+    pub content: String,
+
+    #[ts(optional)]
+    pub hidden: Option<bool>,
+}
+
+#[derive(Debug, Clone, Serialize, Deserialize, TS)]
+#[serde(rename_all = "snake_case", tag = "type")]
+#[ts(export, export_to = "gen_events.ts")]
+pub enum Content {
+    Text { content: String },
+    Markdown { content: String },
+}
+
+impl Default for Content {
+    fn default() -> Self {
+        Self::Text {
+            content: String::default(),
+        }
+    }
+}
+
+#[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
+#[serde(default, rename_all = "camelCase")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct CallTemplateFunctionRequest {
    pub name: String,
    pub args: CallTemplateFunctionArgs,
@@ -548,14 +769,14 @@ pub struct CallTemplateFunctionRequest {

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct CallTemplateFunctionResponse {
    pub value: Option<String>,
 }

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct CallTemplateFunctionArgs {
    pub purpose: RenderPurpose,
    pub values: HashMap<String, String>,
@@ -563,7 +784,7 @@ pub struct CallTemplateFunctionArgs {

 #[derive(Debug, Clone, Serialize, Deserialize, TS)]
 #[serde(rename_all = "snake_case")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub enum RenderPurpose {
    Send,
    Preview,
@@ -577,12 +798,12 @@ impl Default for RenderPurpose {

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default)]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct GetHttpRequestActionsRequest {}

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct GetHttpRequestActionsResponse {
    pub actions: Vec<HttpRequestAction>,
    pub plugin_ref_id: String,
@@ -590,9 +811,8 @@ pub struct GetHttpRequestActionsResponse {

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct HttpRequestAction {
-    pub key: String,
    pub label: String,
    #[ts(optional)]
    pub icon: Option<Icon>,
@@ -600,37 +820,37 @@ pub struct HttpRequestAction {

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct CallHttpRequestActionRequest {
-    pub key: String,
+    pub index: i32,
    pub plugin_ref_id: String,
    pub args: CallHttpRequestActionArgs,
 }

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct CallHttpRequestActionArgs {
    pub http_request: HttpRequest,
 }

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct GetHttpRequestByIdRequest {
    pub id: String,
 }

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct GetHttpRequestByIdResponse {
    pub http_request: Option<HttpRequest>,
 }

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct FindHttpResponsesRequest {
    pub request_id: String,
    #[ts(optional)]
@@ -639,18 +859,61 @@ pub struct FindHttpResponsesRequest {

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct FindHttpResponsesResponse {
    pub http_responses: Vec<HttpResponse>,
 }

 #[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
 #[serde(default, rename_all = "camelCase")]
-#[ts(export, export_to = "events.ts")]
+#[ts(export, export_to = "gen_events.ts")]
 pub struct ImportResources {
    pub workspaces: Vec<Workspace>,
    pub environments: Vec<Environment>,
    pub folders: Vec<Folder>,
    pub http_requests: Vec<HttpRequest>,
    pub grpc_requests: Vec<GrpcRequest>,
+    pub websocket_requests: Vec<WebsocketRequest>,
+}
+
+#[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
+#[serde(default, rename_all = "camelCase")]
+#[ts(export, export_to = "gen_events.ts")]
+pub struct GetKeyValueRequest {
+    pub key: String,
+}
+
+#[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
+#[serde(default, rename_all = "camelCase")]
+#[ts(export, export_to = "gen_events.ts")]
+pub struct GetKeyValueResponse {
+    #[ts(optional)]
+    pub value: Option<String>,
+}
+
+#[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
+#[serde(default, rename_all = "camelCase")]
+#[ts(export, export_to = "gen_events.ts")]
+pub struct SetKeyValueRequest {
+    pub key: String,
+    pub value: String,
+}
+
+#[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
+#[serde(default)]
+#[ts(export, type = "{}", export_to = "gen_events.ts")]
+pub struct SetKeyValueResponse {}
+
+#[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
+#[serde(default, rename_all = "camelCase")]
+#[ts(export, export_to = "gen_events.ts")]
+pub struct DeleteKeyValueRequest {
+    pub key: String,
+}
+
+#[derive(Debug, Clone, Default, Serialize, Deserialize, TS)]
+#[serde(default)]
+#[ts(export, export_to = "gen_events.ts")]
+pub struct DeleteKeyValueResponse {
+    pub deleted: bool,
 }
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Gregory Schier	74f14a8392	Tweak some things for launch	2025-02-18 21:28:03 -08:00
Gregory Schier	ccbc8d4e18	Update	2025-02-15 12:04:35 -08:00
Gregory Schier	e4cc11aec5	Update	2025-02-15 07:29:50 -08:00
Gregory Schier	7fdf6f2798	Update	2025-02-15 07:12:12 -08:00
Gregory Schier	2aa27f7003	Create FUNDING.yml	2025-02-15 05:22:39 -08:00
Gregory Schier	3aaa0355e1	Show folders in sync confirm dialog	2025-02-09 08:35:29 -08:00
Gregory Schier	325c88f251	Show push errors in commit dialog	2025-02-07 22:50:12 -08:00
Gregory Schier	83ab93cebf	Show push errors in commit dialog	2025-02-07 22:20:39 -08:00
Gregory Schier	c6289f13c1	Handle external files	2025-02-07 22:14:40 -08:00
Gregory Schier	266892dc8d	Error for http remotes	2025-02-07 13:31:27 -08:00
Gregory Schier	a42bee098b	Handle remote branches	2025-02-07 13:21:30 -08:00
Gregory Schier	2da898d2d4	Cargo lock	2025-02-07 12:38:59 -08:00
Gregory Schier	246e0d3f79	Vendor openssl for lib git	2025-02-07 12:38:39 -08:00
Gregory Schier	1a7c27663a	Git support (#143 )	2025-02-07 07:59:48 -08:00
Gregory Schier	cffc7714c1	Update README.md	2025-02-04 06:58:34 -08:00
Gregory Schier	25c1b04043	New loading icon	2025-02-04 06:52:25 -08:00
Gregory Schier	4d80c8d993	Actually handle "enabled" checkbox on auth form	2025-02-03 12:53:11 -08:00
Gregory Schier	1682d1ef0c	Fix banner height	2025-02-03 12:46:15 -08:00
Gregory Schier	903bae2a18	Fix large response banner height	2025-02-03 12:41:11 -08:00
Gregory Schier	a15176841b	Add features to README	2025-02-03 12:19:13 -08:00
Gregory Schier	11ef1ff2c6	Add features to README	2025-02-03 12:17:36 -08:00
Gregory Schier	615ad81ab5	Fix row height debug thing	2025-02-03 12:00:51 -08:00
Gregory Schier	fcf2577430	Url parameters for websocket URLs	2025-02-03 11:40:19 -08:00
Gregory Schier	dd0516cc55	Support list of notifications	2025-02-03 07:12:32 -08:00
Gregory Schier	17dc1991f1	Auto-scroll component for websocket/grpc/sse	2025-02-03 07:05:14 -08:00
Gregory Schier	be0ef7afce	Fix sync	2025-01-31 09:27:38 -08:00
Gregory Schier	6ab9c1c3a0	Pre-publish stuff	2025-01-31 09:05:44 -08:00
Gregory Schier	c8be8082c5	Websocket Support (#159 )	2025-01-31 09:00:11 -08:00
Gregory Schier	d411713502	Fix dynamic form defaults	2025-01-27 08:38:53 -08:00
Gregory Schier	93bd437e71	Fix editor formatting	2025-01-27 08:17:31 -08:00
Gregory Schier	229d9c1bd6	Better HTTP methods	2025-01-27 07:59:00 -08:00
Gregory Schier	662c38d7a0	Multi-line multi-part values	2025-01-27 07:30:06 -08:00
Gregory Schier	1d37a15cfe	Fix types	2025-01-27 06:06:02 -08:00
Gregory Schier	22db739413	Swap curl and license badge	2025-01-26 13:19:26 -08:00
Gregory Schier	6393bbbc0e	Slight padding	2025-01-26 13:18:40 -08:00
Gregory Schier	f678593903	OAuth 2 (#158 )	2025-01-26 13:13:45 -08:00
Gregory Schier	82b1ad35ff	Fix UrlBar wrapping on focus	2025-01-22 06:43:38 -08:00
Gregory Schier	4ae045cf18	Fix Faker issue	2025-01-21 13:23:13 -08:00