electron-builder-encryptor

electron-builder-encryptor

English | 简体中文

simple electron package encryption tool

Examples

• electron-builder-encryptor-demo

Features

• 🐵 Very easy to use, just add a few lines of code
• 💚 Framework agnostic, easy to add to your existing projects
• 🤷‍♂️ It only takes effect when packaging with electron-builder, and does not affect development and debugging
• 🔒 Use bytenode to encrypt the main process and custom method to encrypt the renderer process
• 👀 Prevent tampering with the app.asar file

Usage

npm i electron-builder-encryptor -D

# These 5 libraries need to be added to the project
npm i adm-zip bytenode mime original-fs yaml

Add afterPack to electron-builder configuration

// package.json
{
    "build": {
        "asar": true,
        "afterPack": "node_modules/electron-builder-encryptor"
    }
}

or

// electron-builder.json
{
    "asar": true,
    "afterPack": "node_modules/electron-builder-encryptor"
}

in mian process

if (!app.isPackaged) {
    // address before packing
    mainWindow.loadFile('renderer/index.html')
} else {
    // address after packing
    mainWindow.loadURL('myclient://apps/index.html')
}

Note: The renderer process that needs to be encrypted must be placed in the renderer folder under the directory where the entry file main.js is located

Configuration

// encryptor.config.ts or encryptor.config.js
import { defineConfig } from 'electron-builder-encryptor'

export default defineConfig({
    /**
     * encryption key
     */
    key: 'xxx000777',
})

all configuration

export declare interface UserConfig {
    /**
     * encryption key
     */
    key?: string
    /**
     * renderer protocol scheme
     * @default 'myclient'
     */
    protocol?: string
    /**
     * electron custom schemes to be registered with options.
     * @default
     * {standard: true, secure: true, bypassCSP: true, allowServiceWorkers: true, supportFetchAPI: true, corsEnabled: true, stream: true}
     */
    privileges?: Privileges
    /**
     * preload.js directory, with the program execution directory as the root node
     * @default preload.js
     */
    preload?: string | string[]
    renderer?: {
        /**
         * renderer entry directory, with the program execution directory as the root node
         * @default 'renderer'
         */
        entry: string
        /**
         * The encrypted storage path of the rendering process, with the program execution directory as the root node
         * @default 'resources/renderer.pkg'
         */
        output: string
    }
    /**
     * Synchronously detect whether the program has been tampered with when starting the app
     */
    syncValidationChanges?: boolean
    /**
     * Automatically run the renderer process after the main process is started. After setting it to false, you can use the __runRenderer() method to start it manually.
     * @default true
     */
    autoRunRenderer?: boolean
}

Migrating from v0.x

In order to update renderer and mian separately, 1.x separates the encrypted renderer.pkg by default. If you need to restore the behavior of 0.x, you can set renderer.output to ''

export default defineConfig({
    renderer: {
        entry: 'renderer',
        output: ''
    }
})

When package.json exists in the renderer folder, the renderer.yml file will be generated in the packaged renderer.pkg directory

License

MIT License