electron-dev

Solid

Electron desktop application development with React, TypeScript, and Vite. Use when building desktop apps, implementing IPC communication, managing windows/tray, handling PTY terminals, integrating WebRTC/audio, or packaging with electron-builder. Covers patterns from AudioBash, Yap, and Pisscord projects.

Web & Frontend 233 stars 44 forks Updated today MIT

Install

View on GitHub

Quality Score: 89/100

Stars 20%

Recency 20%

100

Frontmatter 20%

Documentation 15%

100

Issue Health 10%

License 10%

100

Description 5%

100

Skill Content

# Electron desktop development Patterns and practices for building production-quality Electron applications with React and TypeScript. ## Security baseline (Electron 30+) Electron's defaults have hardened over the past several releases. As of Electron 28+, `contextIsolation: true` and `sandbox: true` are the defaults for new BrowserWindow instances — most security advice from older guides assumed you had to opt in. You don't anymore; you have to opt OUT, and you should not. Set explicitly anyway, so a config drift never weakens the security model: ```javascript const win = new BrowserWindow({ webPreferences: { contextIsolation: true, // default since 12, mandatory for any prod app sandbox: true, // default since 28; renderer runs sandboxed nodeIntegration: false, // never enable in renderer webSecurity: true, // never disable preload: path.join(__dirname, 'preload.cjs') } }); ``` Validate every IPC message in main. Don't trust the renderer. ### Electron Fuses + ASAR integrity Electron Fuses are package-time toggles baked into the binary. The two relevant for security distribution: - `EnableEmbeddedAsarIntegrityValidation` — verifies the app.asar hash at runtime against a hash embedded in the binary. Defends against attackers swapping the asar contents post-install. - `OnlyLoadAppFromAsar` — refuses to load app code from anywhere except the validated asar. These are **opt-in**, not default. Enable b...

Details

Author: jamditis
Repository: jamditis/claude-skills-journalism
Created: 5 months ago
Last Updated: today
Language: HTML
License: MIT

Similar Skills

Semantically similar based on skill content — not just same category

Web & Frontend Featured

electron-development

Master Electron desktop app development with secure IPC, contextIsolation, preload scripts, multi-process architecture, electron-builder packaging, code signing, and auto-update.

27,681 Updated today

davila7

AI & Automation Featured

electron-development

Master Electron desktop app development with secure IPC, contextIsolation, preload scripts, multi-process architecture, electron-builder packaging, code signing, and auto-update.

39,227 Updated today

sickn33

AI & Automation Solid

moai-framework-electron

Electron 33+ desktop app development specialist covering Main/Renderer process architecture, IPC communication, auto-update, and packaging with Electron Forge. Use when building cross-platform desktop applications.

1,042 Updated today

modu-ai

AI & Automation Listed

electron-security

Security audit for Electron desktop applications including context isolation, nodeIntegration, sandbox config, preload scripts, IPC (ipcMain/ipcRenderer/contextBridge), webview tag risks, deep link handling, auto-updater security, and Electron CVE awareness. Use this skill whenever the user mentions Electron, electron-builder, contextBridge, nodeIntegration, preload.js, BrowserWindow webPreferences, ipcMain, ipcRenderer, electron-updater, or asks "audit my Electron app", "Electron security", "is my preload safe". Trigger when the codebase contains `electron` in package.json or `electron.js`/`main.ts` referenced as entry.

1 Updated 6 days ago

hlsitechio

AI & Automation Solid

electron-main-preload-generator

Generate secure main process and preload script boilerplate with proper context isolation, IPC patterns, and security best practices for Electron applications

1,034 Updated today

a5c-ai