Research
wget to Wipeout: Malicious Go Modules Fetch Destructive Payload
Socket's research uncovers three dangerous Go modules that contain obfuscated disk-wiping malware, threatening complete data loss.
By Kush Pandya - May 01, 2025
📅 You're Invited: Meet the Socket team at RSAC (April 28 – May 1).RSVP →
electron-edge-js
Advanced tools
.NET and Node.js in-process on Electron
This is a fork of edge-js adapted to support Electron
Version support policy
Electron officially supports 3 latest released versions. You can read more about Electron release schedule and support here Electron Releases.
electron-edge-js support policy
- Windows supports 6 latest Electron releases.
- macOS comes precompiled with 6 latest Electron releases. When using Electron version that is not pre-compiled
electron-edge-jsbinaries will be compiled duringnpm installusingnode-gyp. - Linux will will always compile
electron-edge-jsbinaries duringnpm installusingnode-gyp.
NOTE: Due to nan module compatibility issues versions prior to Electron 29 are not supported.
Windows supported versions
| Electron | x86/x64 | arm64 |
|---|---|---|
| Electron 31.x - 36.x | :heavy_check_mark: | :heavy_check_mark: |
macOS binaries pre-compiled for
| Electron | x64 | arm64 |
|---|---|---|
| Electron 31.x - 36.x | :heavy_check_mark: | :heavy_check_mark: |
Supports Electron 29.x - 36.x
Linux
On Linux npm install will compile binaries with correct Electron headers for a given Electron version.
Linux supported versions
| Electron | x64 | arm64 |
|---|---|---|
| Electron 29.x - 36.x | :heavy_check_mark: | :heavy_check_mark: |
Other Linux architectures might work but have not been tested.
Usage is the same as edge-js, replace require('edge-js') with require('electron-edge-js'):
npm install electron-edge-js
-var edge = require('edge-js');
+var edge = require('electron-edge-js');
var helloWorld = edge.func(function () {/*
async (input) => {
return ".NET Welcomes " + input.ToString();
}
*/});
Quick start
Sample app that shows how to work with .NET Core using inline code and compiled C# libraries.
https://github.com/agracio/electron-edge-js-quick-start
Pre-requisites
- Windows: Visual C++ Redistributable
Packaging Electron application
electron-edge-js needs to be specified as an external module, some examples
webpack
webpack.config.js
externals: {
'electron-edge-js': 'commonjs2 electron-edge-js',
},
node: {
__dirname: true,
__filename: true,
},
From #138
webpack.config.js
externals: {
'electron-edge-js': 'commonjs2 electron-edge-js',
},
node: {
__dirname: false,
__filename: false,
},
extraResources:[
"./node_modules/electron-edge-js/**",
]
Electron main.js
// https://github.com/ScottJMarshall/electron-webpack-module-resolution
require("module").globalPaths.push(process.cwd()+'/node_modules');
var edge = require('electron-edge-js');
Vue.js
vue.config.js
module.export = {
pluginOptions: {
electronBuilder: {
externals:["electron-edge-js"]
}
}
}
Related issues to use for troubleshooting:
https://github.com/agracio/electron-edge-js/issues/39
https://github.com/agracio/electron-edge-js/issues/74
https://github.com/agracio/electron-edge-js/issues/21
https://github.com/agracio/electron-edge-js/issues/138
electron-builder
electron-edge-js should be excluded from rebuild.
electron-forge
electron-forge example based on electron-edge-js-quick-start
https://github.com/agracio/electron-edge-js-quick-start-forge
Async execution
If electron-edge-js module is used on main Electron thread it will cause Electron app to freeze when executing long-running .NET code even if your C# code is fully async.
To avoid this you can use worker thread packages such as threads.js or piscina
This issue is not present when using Electron IPC
Workaround from #97
main.js
const { fork } = require("child_process"); fork("../child.js", [], { env: {file: 'filename'}, })
child.js
const path = require('path');
const powerpoint = require('office-script').powerpoint;
const filePath = '../../directory/';
powerpoint.open(path.join(${remotePath}${process.env.file}.pptx), function(err) {
if(err) throw err;
});
Window refresh issue
If electron-edge-js module is used on main Electron thread refreshing the window (F5, Ctrl+R, Command+R etc) will cause a hard crash in electron-edge-js module and Electron app.
Currently there is no solution to this issue other than using Electron IPC.
Documentation
For full documentation see edge-js repo.
FAQs
Edge.js: run .NET and Node.js in-process on Electron
The npm package electron-edge-js receives a total of 1,231 weekly downloads. As such, electron-edge-js popularity was classified as popular.
We found that electron-edge-js demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 29 Apr 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Using Trusted Protocols Against You: Gmail as a C2 Mechanism
Socket uncovers malicious packages on PyPI using Gmail's SMTP protocol for command and control (C2) to exfiltrate data and execute commands.
By Olivia Brown - Apr 30, 2025
Product
A New Overview in our Dashboard
We redesigned Socket's first logged-in page to display rich and insightful visualizations about your repositories protected against supply chain threats.
By André Staltz - Apr 29, 2025