Gathering detailed insights and metrics for electron-updater
Gathering detailed insights and metrics for electron-updater
Gathering detailed insights and metrics for electron-updater
Gathering detailed insights and metrics for electron-updater
electron-updater-yaml
Create yml/yaml files for `electron-updater`.
@felixrieseberg/electron-forge-maker-nsis
An `electron-forge` maker for NSIS that supports `electron-forge` v6 and can be used as a replacement for `electron-builder`. Supports code-signing and basic updates with `electron-updater`.
electron-updater-tools
Tools for building native addons compatible with electron-updater
electron-updater-example
electron-updater example project
A complete solution to package and build a ready for distribution Electron app with “auto update” support out of the box
npm install electron-updater
89.7
Supply Chain
75.6
Quality
92.2
Maintenance
100
Vulnerability
98.6
License
v26.0.0-alpha.6
Published on 07 Nov 2024
v26.0.0-alpha.5
Published on 01 Nov 2024
v26.0.0-alpha.4
Published on 28 Oct 2024
electron-updater@6.4.0-alpha.1
Published on 28 Oct 2024
v26.0.0-alpha.3
Published on 16 Oct 2024
v26.0.0-alpha.2
Published on 13 Oct 2024
Module System
Min. Node Version
Typescript Support
Node Version
NPM Version
13,715 Stars
3,217 Commits
1,741 Forks
149 Watching
40 Branches
544 Contributors
Updated on 27 Nov 2024
TypeScript (90.6%)
NSIS (6.81%)
JavaScript (1.64%)
Shell (0.63%)
Dockerfile (0.27%)
Smarty (0.03%)
CSS (0.02%)
Cumulative downloads
Total Downloads
Last day
25.2%
49,566
Compared to previous day
Last week
5.5%
249,090
Compared to previous week
Last month
9.6%
1,087,772
Compared to previous month
Last year
-57.7%
26,136,233
Compared to previous year
A complete solution to package and build a ready for distribution Electron, Proton Native app for macOS, Windows and Linux with “auto update” support out of the box. :shipit:
Always looking for community contributions! 👀 Setting up a dev environment is easy to do 🪩
See the full documentation on electron.build.
7z
, zip
, tar.xz
, tar.7z
, tar.lz
, tar.gz
, tar.bz2
, dir
(unpacked directory).dmg
, pkg
, mas
.deb
), rpm
, freebsd
, pacman
, p5p
, apk
.nsis
(Installer), nsis-web
(Web installer), portable
(portable app without installation), AppX (Windows Store), MSI, Squirrel.Windows.Question | Answer |
---|---|
“I want to configure electron-builder” | See options |
“I found a bug or I have a question” | Open an issue |
“I want to support development” | Donate |
Yarn is strongly recommended instead of npm.
yarn add electron-builder --dev
In order to use with pnpm
, you'll need to adjust your .npmrc
to use any one the following approaches in order for your dependencies to be bundled correctly (ref: #6389):
node-linker=hoisted
public-hoist-pattern=*
shamefully-hoist=true
Note: Setting shamefully-hoist to true is the same as setting public-hoist-pattern to *.
Yarn 3 use PnP by default, but electron-builder still need node-modules(ref: yarnpkg/berry#4804). Add configuration in the .yarnrc.yaml
as follows:
nodeLinker: "node-modules"
will declare to use node-modules instead of PnP.
electron-webpack-quick-start is a recommended way to create a new Electron application. See Boilerplates.
Specify the standard fields in the application package.json
— name, description
, version
and author.
Specify the build configuration in the package.json
as follows:
1"build": { 2 "appId": "your.id", 3 "mac": { 4 "category": "your.app.category.type" 5 } 6}
See all options. Option files to indicate which files should be packed in the final application, including the entry file, maybe required.
You can also use separate configuration files, such as js
, ts
, yml
, and json
/json5
. See read-config-file for supported extensions. JS Example for programmatic API
Add icons.
Add the scripts key to the development package.json
:
1"scripts": { 2 "app:dir": "electron-builder --dir", 3 "app:dist": "electron-builder" 4}
Then you can run yarn app:dist
(to package in a distributable format (e.g. dmg, windows installer, deb package)) or yarn app:dir
(only generates the package directory without really packaging it. This is useful for testing purposes).
To ensure your native dependencies are always matched electron version, simply add script "postinstall": "electron-builder install-app-deps"
to your package.json
.
If you have native addons of your own that are part of the application (not as a dependency), set nodeGypRebuild to true
.
Please note that everything is packaged into an asar archive by default.
For an app that will be shipped to production, you should sign your application. See Where to buy code signing certificates.
See node_modules/electron-builder/out/index.d.ts
. Typings for TypeScript are provided and also can be found here.
Code snippet provided below is also shown "in action" here as well.
1"use strict" 2 3const builder = require("electron-builder") 4const Platform = builder.Platform 5 6// Promise is returned 7builder.build({ 8 targets: Platform.MAC.createTarget(), 9 config: { 10 "//": "build options, see https://goo.gl/QQXmcV" 11 } 12}) 13 .then(() => { 14 // handle result 15 }) 16 .catch((error) => { 17 // handle error 18 })
Set the DEBUG
environment variable to debug what electron-builder is doing:
1DEBUG=electron-builder
FPM_DEBUG
env to add more details about building linux targets (except snap and appimage).
DEBUG_DMG=true
env var to add more debugging/verbosity from hdiutil
(macOS).
!!! tip "cmd"
On Windows the environment variable is set using the set command.
bash set DEBUG=electron-builder
!!! tip "PowerShell"
PowerShell uses different syntax to set environment variables.
bash $env:DEBUG=electron-builder
We do this open source work in our free time. If you'd like us to invest more time on it, please donate.
The latest stable version of the package.
Stable Version
1
7.5/10
Summary
electron-updater Code Signing Bypass on Windows
Affected Versions
<= 6.3.0-alpha.5
Patched Versions
6.3.0-alpha.6
Reason
no dangerous workflow patterns detected
Reason
30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10
Reason
license file detected
Details
Reason
binaries present in source code
Details
Reason
detected GitHub workflow tokens with excessive permissions
Details
Reason
SAST tool is not run on all commits -- score normalized to 6
Details
Reason
Found 9/25 approved changesets -- score normalized to 3
Reason
dependency not pinned by hash detected -- score normalized to 2
Details
Reason
9 existing vulnerabilities detected
Details
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
Reason
project is not fuzzed
Details
Score
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More