
Security News
npm v12 Ships With Install Scripts Off by Default, Begins Deprecating 2FA-Bypass Tokens
npm v12 is generally available, turning install scripts off by default and beginning the deprecation of 2FA-bypass publishing tokens.
electron-installer-snap
Advanced tools
Builds Snap files for Electron applications that have already been bundled and customized.
Requires Node 10 or greater, and snapcraft.
The easiest way is to use Electron Forge and enable the snap maker.
To use this as a standalone CLI, install electron-installer-snap to your project:
npm install --save-dev electron-installer-snap
# or
yarn add --dev electron-installer-snap
Then add to your package.json:
{
// ...
"scripts": {
"build:package": "electron-packager . --out=out"
"build:snap": "electron-installer-snap --src=out/myappname-linux-x64"
},
// ...
}
Then you can run npm run build:package && npm run build:snap, which will prepare the Electron app
for bundling and generate a .snap file in your current directory.
It is recommended to ignore the generated snap directory in your version control.
Available command-line options are displayed when you run electron-installer-snap --help.
For the JavaScript API, please see the API docs.
Thank you to Canonical for the support in getting this module created, during the September 2017 Ubuntu Rally and the January 2018 Snapcraft Summit.
This project is copyrighted under the Apache License (version 2). See LICENSE for details.
FAQs
Build snapcraft packages for Electron applications
The npm package electron-installer-snap receives a total of 3,820 weekly downloads. As such, electron-installer-snap popularity was classified as popular.
We found that electron-installer-snap demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Security News
npm v12 is generally available, turning install scripts off by default and beginning the deprecation of 2FA-bypass publishing tokens.

Research
/Security News
Socket tracks the activity as Operation “Muck and Load”: a threat actor uses commit-farming workflows, public dead drops, and protected archives to stage Windows RAT and infostealer malware.

Security News
pnpm 11.10 hardens registry auth to block token redirection, tightens pack-app and deploy, and makes the Rust port (v12) installable.