Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
vite-plugin-electron-renderer
Advanced tools
Support use Node.js API in Electron-Renderer
English | 简体中文
In short, vite-plugin-electron-renderer
is responsible for polyfilling Electron, Node.js built-in modules.
npm i vite-plugin-electron-renderer -D
import renderer from 'vite-plugin-electron-renderer'
export default {
plugins: [
renderer(),
],
}
C/C++
, esm
package in the Renderer process.import renderer from 'vite-plugin-electron-renderer'
export default {
plugins: [
renderer({
resolve: {
// C/C++ modules must be pre-bundle
serialport: { type: 'cjs' },
// `esm` modules only if Vite does not pre-bundle them correctly
got: { type: 'esm' },
},
}),
],
}
By the way, if a module is marked as
type: 'cjs'
, the plugin just loads it in usingrequire()
. So it should be put intodependencies
.
renderer(options: RendererOptions)
export interface RendererOptions {
/**
* Explicitly tell Vite how to load modules, which is very useful for C/C++ and `esm` modules
*
* - `type.cjs` just wraps esm-interop
* - `type.esm` pre-bundle to `cjs` and wraps esm-interop
*
* @experimental
*/
resolve?: {
[module: string]: {
type: 'cjs' | 'esm',
/** Full custom how to pre-bundle */
build?: (args: {
cjs: (module: string) => Promise<string>,
esm: (module: string, buildOptions?: import('esbuild').BuildOptions) => Promise<string>,
}) => Promise<string>
}
}
}
Load Electron and Node.js cjs-packages/built-in-modules (Schematic)
┏————————————————————————————————————————┓ ┏—————————————————┓
│ import { ipcRenderer } from 'electron' │ │ Vite dev server │
┗————————————————————————————————————————┛ ┗—————————————————┛
│ │
│ 1. Pre-Bundling electron module into │
│ node_modules/.vite-electron-renderer/electron │
│ │
│ 2. HTTP(Request): electron module │
│ ————————————————————————————————————————————————> │
│ │
│ 3. Alias redirects to │
│ node_modules/.vite-electron-renderer/electron │
│ ↓ │
│ const { ipcRenderer } = require('electron') │
│ export { ipcRenderer } │
│ │
│ 4. HTTP(Response): electron module │
│ <———————————————————————————————————————————————— │
│ │
┏————————————————————————————————————————┓ ┏—————————————————┓
│ import { ipcRenderer } from 'electron' │ │ Vite dev server │
┗————————————————————————————————————————┛ ┗—————————————————┛
In general. Vite will pre-bundle all third-party modules in a Web-based usage format, but it can not adapt to Electron Renderer process especially C/C++ modules. So we must be make a little changes for this.
// 👉 https://github.com/electron-vite/vite-plugin-electron-renderer/blob/v0.13.0/src/optimizer.ts#L139-L142
const _M_ = require("serialport");
export default (_M_.default || _M_);
export const SerialPort = _M_.SerialPort;
// export other members ...
Classify | e.g. | dependencies | devDependencies |
---|---|---|---|
Node.js C/C++ native modules | serialport, sqlite3 | ✅ | ❌ |
Node.js CJS packages | electron-store | ✅ | ✅ |
Node.js ESM packages | execa, got, node-fetch | ✅ | ✅ (Recommend) |
Web packages | Vue, React | ✅ | ✅ (Recommend) |
devDependencies
?Doing so will reduce the size of the packaged APP by electron-builder.
FAQs
Support use Node.js API in Electron-Renderer
The npm package vite-plugin-electron-renderer receives a total of 7,266 weekly downloads. As such, vite-plugin-electron-renderer popularity was classified as popular.
We found that vite-plugin-electron-renderer demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.