Gathering detailed insights and metrics for electron-asar-hot-updater
Installations
npm install electron-asar-hot-updaterDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Node Version
12.13.1
NPM Version
6.12.1
Score
66.6
Supply Chain
91.4
Quality
71.7
Maintenance
50
Vulnerability
97.9
License
Releases
Unable to fetch releases
Contributors
3
Unable to fetch Contributors
Languages
2
JavaScript
C#
JavaScript (87.58%)
C# (12.42%)
Love this project? Help keep it running — sponsor us today! 🚀
Developer
yansenlei
Download Statistics
Total Downloads
10,530
Last Day
1
Last Week
11
Last Month
55
Last Year
1,103
GitHub Statistics
MIT License
186 Stars
33 Commits
48 Forks
4 Watchers
1 Branches
3 Contributors
Updated on Feb 14, 2025
Bundle Size
798.02 kB
Minified
214.83 kB
Minified + Gzipped
Maintainers
1
Package Meta Information
Latest Version
0.1.3
Package Id
electron-asar-hot-updater@0.1.3
Unpacked Size
34.46 kB
Size
12.06 kB
File Count
11
NPM Version
6.12.1
Node Version
12.13.1
Total Downloads
Cumulative downloads
Total Downloads
10,530
Last Day
0%
1
Compared to previous day
Last Week
83.3%
11
Compared to previous week
Last Month
-75.9%
55
Compared to previous month
Last Year
14.4%
1,103
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
electron-asar-hot-updater
ä¸æ–‡æ–‡æ¡£ | English
What it is
A NodeJs module for Electron, that handles app.asar updates. Reconstruction of
electron-asar-updater
How it works (Read this first)
- EAU (Electron Asar Updater) was built upon Electron Application Updater to handle the process of updating the app.asar file inside an Electron app ; it simply replaces the app.asar file (at /resources/) with the new one called "update.asar"!
- The check for "updates" must by triggered by the application. EAU doesn't make any kind of periodic checks on its own.
- EAU talks to an API (let's call it so) to tell it if there is a new update.
- The API receives a request from EAU with the client's current version of the application (must be specified inside the application package.json file).
- The API then responds with the new update, ... or simply false to abort.
- If there's an update available the API should respond with the source for this update update.asar file.
- EAU then downloads the .asar file, deletes the old app.asar and renames the update.asar to app.asar.
But why ? (use cases)
- If you think these are too complicated to implement: https://www.npmjs.com/package/electron-updater http://electron.atom.io/docs/v0.33.0/api/auto-updater/
- If you don't think it's reasonable to update the hole .app or .exe file (up to 100MB) when you're only changing one file (usually 40MB).
- If you want to see
progresswhen updating. - If you want to
checkthe version on theserver sideor on theclient side. - If you want to use
zipto compress files, make your ASAR file smaller.
Installation
1$ npm install --save electron-asar-hot-updater
Now, inside the main.js file, call it like this:
1const { app, dialog } = require('electron'); 2const EAU = require('electron-asar-hot-updater'); 3 4app.on('ready', function () { 5 // Initiate the module 6 EAU.init({ 7 'api': 'http://...', // The API EAU will talk to 8 'server': false, // Where to check. true: server side, false: client side, default: true. 9 'debug': false, // Default: false. 10 'headers': { Authorization: 'token' }, // Default: {} 11 'body': { 12 name: packageInfo.name, 13 current: packageInfo.version 14 }, // Default: name and the current version 15 'formatRes': function(res) { return res } // Optional,Format the EAU.check response body, exemple => {version: xx, asar: xx} 16 }); 17 18 EAU.check(function (error, last, body) { 19 if (error) { 20 if (error === 'no_update_available') { return false; } 21 if (error === 'version_not_specified' && process.env.NODE_ENV === 'development') { return false } // Don't worry about this error when developing 22 dialog.showErrorBox('info', error) 23 return false 24 } 25 26 EAU.progress(function (state) { 27 // The state is an object that looks like this: 28 // { 29 // percent: 0.5, 30 // speed: 554732, 31 // size: { 32 // total: 90044871, 33 // transferred: 27610959 34 // }, 35 // time: { 36 // elapsed: 36.235, 37 // remaining: 81.403 38 // } 39 // } 40 }) 41 42 EAU.download(function (error) { 43 if (error) { 44 dialog.showErrorBox('info', error) 45 return false 46 } 47 // dialog.showErrorBox('info', 'App updated successfully! Restart it please.') 48 if (process.platform === 'darwin') { 49 app.relaunch() 50 app.quit() 51 } else { 52 app.quit() 53 } 54 }) 55 56 }) 57})
The update server
The server can return the version details, for example
1const express = require('express') 2var bodyParser = require('body-parser'); 3const app = express() 4 5app.use(bodyParser.json()); 6app.use(bodyParser.urlencoded({ extended: false })); 7 8var desktop_app_version = '1.0.0'; 9var desktop_app_URL = 'http://127.0.0.1:8083/update.asar' // or ../update.zip 10 11app.post('/update', function (req, res) { 12 if(req.body && req.body.current != desktop_app_version){ // check for server side 13 res.write(JSON.stringify( {"last": desktop_app_version, "source": desktop_app_URL} ).replace(/[\/]/g, '\\/') ); 14 }else{ 15 res.write(JSON.stringify( {"last": desktop_app_version} ).replace(/[\/]/g, '\\/') ); 16 } 17 res.end(); 18}); 19 20app.listen(3000) 21console.log('run port: 3000')
Or you can return version information for client to check
1app.post('/update', function (req, res) { 2 res.write(JSON.stringify( { 3 "name": "app", 4 "version": "0.0.1", 5 "asar": "http://127.0.0.1:8083/update.asar", 6 "sha1": "203448645d8a32b9a08ca9a0eb88006f874d0c78", // Optional, If set, verify `asar` file legitimacy 7 "info": "1.fix bug\n2.feat..." 8 } ).replace(/[\/]/g, '\\/') ); 9 res.end(); 10});
If you use a zip file, the plug-in will unzip the file after downloading it, which will make your update file smaller, but you must make sure that update.asar is at the root of the zip package:
── update.zip
└── update.asar
Now uses a really dumb-but-simple .exe to update
This is to get around the fact that the prompt text from the timeout command was always being shown, even when redirecting to NUL
The updater.exe is a really simple C# console app, compiled with Mono. Source code. from electron-asar-updater pull #2. If the user system version is win7, you may need to manually install .Net framework first.
License
:smiley: if you have any comments or wish to contribute to this project, you are welcome to submit Issues or PR.
MIT - yansenlei
No vulnerabilities found.
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
binaries present in source code
Details
- Warn: binary detected: updater.exe:1
Reason
Found 3/23 approved changesets -- score normalized to 1
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 10 are checked with a SAST tool
Score
3
/10
Last Scanned on 2025-02-03
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More