:electron: A complete tool for building and publishing Electron applications A complete tool for building and publishing Electron applications
Installations
npm install @electron-forge/coreDeveloper
Developer Guide
Module System
CommonJS
Min. Node Version
>= 16.4.0
Typescript Support
No
Node Version
20.11.1
NPM Version
lerna/7.4.2/node@v20.11.1+arm64 (darwin)
Statistics
6,511 Stars
3,165 Commits
521 Forks
77 Watching
31 Branches
99 Contributors
Updated on 28 Nov 2024
Languages
TypeScript (95.17%)
JavaScript (4.38%)
HTML (0.31%)
Shell (0.07%)
CSS (0.03%)
Batchfile (0.03%)
Total Downloads
Cumulative downloads
Total Downloads
10,574,361
Last day
-7.6%
27,243
Compared to previous day
Last week
7.7%
146,512
Compared to previous week
Last month
9.9%
616,100
Compared to previous month
Last year
77.7%
5,245,439
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
35
Dev Dependencies
23
Electron Forge
A complete tool for building modern Electron applications.
Electron Forge unifies the existing (and well maintained) build tools for Electron development into a simple, easy to use package so that anyone can jump right in to Electron development.
Website | Goals | Docs and Usage | Configuration | Support | Contributing | Changelog
Getting Started
Pre-requisites:
- Node 16.4.0 or higher
- Git
If you have a more recent version of npm or yarn, you can use
npx,
or
yarn create.
1npx create-electron-app my-new-app 2# or 3yarn create electron-app my-new-app 4 5# then 6cd my-new-app 7npm start
For more information on creating a new project from a template, see our CLI documentation.
Docs and Usage
For Electron Forge documentation and usage you should check out our website: electronforge.io
Project Goals
- Starting with Electron should be as simple as a single command.
- Developers shouldn't have to worry about setting up build tooling, native module rebuilding, etc. Everything should "just work" for them out of the box.
- Everything from creating the project to packaging the project for release should be handled by one core dependency in a standard way while still offering users maximum choice and freedom.
With these goals in mind, under the hood this project uses, among others:
@electron/rebuild: Automatically recompiles native Node.js modules against the correct Electron version.@electron/packager: Customizes and bundles your Electron app to get it ready for distribution.
Contributing
If you are interested in reporting/fixing issues and contributing directly to the code base, please see CONTRIBUTING.md for more information on what we're looking for and how to get started.
Community
Please report bugs or feature requests in our issue tracker. You can find help for debugging your Electron Forge on the Support page, and ask questions in the official Electron Discord server, where there is a dedicated channel for Electron Forge.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
30 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10
Reason
all dependencies are pinned
Details
- Info: 2 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 6 out of 6 third-party GitHubAction dependencies pinned
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
Found 19/21 approved changesets -- score normalized to 9
Reason
5 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'pull-requests' permission set to 'read': .github/workflows/semantic.yml:16
- Warn: jobLevel 'statuses' permission set to 'write': .github/workflows/semantic.yml:17
- Info: found token with 'none' permissions: .github/workflows/add-to-project.yml:1
- Warn: no topLevel permission defined: .github/workflows/gh-pages.yml:1
- Info: topLevel 'contents' permission set to 'read': .github/workflows/semantic.yml:11
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 28 are checked with a SAST tool
Score
5.9
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More