From cec8ba4abbd31569bf1dd686d75a696374f73763 Mon Sep 17 00:00:00 2001 From: Anny Yang Date: Wed, 31 Jan 2024 12:37:56 -0800 Subject: [PATCH 1/2] adds fuses to templates --- packages/template/base/tmpl/forge.config.js | 7 +++++++ packages/template/base/tmpl/package.json | 4 ++++ packages/template/vite-typescript/tmpl/forge.config.ts | 6 ++++++ packages/template/vite-typescript/tmpl/package.json | 2 ++ packages/template/vite/tmpl/forge.config.js | 7 +++++++ packages/template/vite/tmpl/package.json | 2 ++ packages/template/webpack-typescript/tmpl/forge.config.ts | 6 ++++++ packages/template/webpack-typescript/tmpl/package.json | 2 ++ packages/template/webpack/tmpl/forge.config.js | 7 +++++++ 9 files changed, 43 insertions(+) diff --git a/packages/template/base/tmpl/forge.config.js b/packages/template/base/tmpl/forge.config.js index 179a35e131..450dd7a3d1 100644 --- a/packages/template/base/tmpl/forge.config.js +++ b/packages/template/base/tmpl/forge.config.js @@ -1,3 +1,6 @@ +const { FusesPlugin } = require('@electron-forge/plugin-fuses'); +const { FuseV1Options, FuseVersion } = require('@electron/fuses'); + module.exports = { packagerConfig: { asar: true, @@ -26,5 +29,9 @@ module.exports = { name: '@electron-forge/plugin-auto-unpack-natives', config: {}, }, + new FusesPlugin({ + version: FuseVersion.V1, + [FuseV1Options.RunAsNode]: false, + }), ], }; diff --git a/packages/template/base/tmpl/package.json b/packages/template/base/tmpl/package.json index ec4b7f596b..4b1bb912e9 100644 --- a/packages/template/base/tmpl/package.json +++ b/packages/template/base/tmpl/package.json @@ -10,6 +10,10 @@ "make": "electron-forge make", "publish": "electron-forge publish" }, + "devDependencies": { + "@electron/fuses": "^1.7.0", + "@electron-forge/plugin-fuses": "^7.2.0" + }, "keywords": [], "author": "", "license": "MIT" diff --git a/packages/template/vite-typescript/tmpl/forge.config.ts b/packages/template/vite-typescript/tmpl/forge.config.ts index ec2b06b858..5431e96ec8 100644 --- a/packages/template/vite-typescript/tmpl/forge.config.ts +++ b/packages/template/vite-typescript/tmpl/forge.config.ts @@ -4,6 +4,8 @@ import { MakerZIP } from '@electron-forge/maker-zip'; import { MakerDeb } from '@electron-forge/maker-deb'; import { MakerRpm } from '@electron-forge/maker-rpm'; import { VitePlugin } from '@electron-forge/plugin-vite'; +import { FusesPlugin } from '@electron-forge/plugin-fuses'; +import { FuseV1Options, FuseVersion } from '@electron/fuses'; const config: ForgeConfig = { packagerConfig: {}, @@ -31,6 +33,10 @@ const config: ForgeConfig = { }, ], }), + new FusesPlugin({ + version: FuseVersion.V1, + [FuseV1Options.RunAsNode]: false, + }), ], }; diff --git a/packages/template/vite-typescript/tmpl/package.json b/packages/template/vite-typescript/tmpl/package.json index 4e477a9ce6..8646d4124d 100644 --- a/packages/template/vite-typescript/tmpl/package.json +++ b/packages/template/vite-typescript/tmpl/package.json @@ -1,5 +1,7 @@ { "devDependencies": { + "@electron/fuses": "^1.7.0", + "@electron-forge/plugin-fuses": "^7.2.0", "@electron-forge/plugin-vite": "ELECTRON_FORGE/VERSION", "@typescript-eslint/eslint-plugin": "^5.0.0", "@typescript-eslint/parser": "^5.0.0", diff --git a/packages/template/vite/tmpl/forge.config.js b/packages/template/vite/tmpl/forge.config.js index 04403354a6..228af3fd6e 100644 --- a/packages/template/vite/tmpl/forge.config.js +++ b/packages/template/vite/tmpl/forge.config.js @@ -1,3 +1,6 @@ +const { FusesPlugin } = require('@electron-forge/plugin-fuses'); +const { FuseV1Options, FuseVersion } = require('@electron/fuses'); + module.exports = { packagerConfig: {}, rebuildConfig: {}, @@ -44,5 +47,9 @@ module.exports = { ], }, }, + new FusesPlugin({ + version: FuseVersion.V1, + [FuseV1Options.RunAsNode]: false, + }), ], }; diff --git a/packages/template/vite/tmpl/package.json b/packages/template/vite/tmpl/package.json index 03feaefeef..231b54f32a 100644 --- a/packages/template/vite/tmpl/package.json +++ b/packages/template/vite/tmpl/package.json @@ -1,5 +1,7 @@ { "devDependencies": { + "@electron/fuses": "^1.7.0", + "@electron-forge/plugin-fuses": "^7.2.0", "@electron-forge/plugin-vite": "ELECTRON_FORGE/VERSION" } } diff --git a/packages/template/webpack-typescript/tmpl/forge.config.ts b/packages/template/webpack-typescript/tmpl/forge.config.ts index a303ad52ee..073b38c216 100644 --- a/packages/template/webpack-typescript/tmpl/forge.config.ts +++ b/packages/template/webpack-typescript/tmpl/forge.config.ts @@ -5,6 +5,8 @@ import { MakerDeb } from '@electron-forge/maker-deb'; import { MakerRpm } from '@electron-forge/maker-rpm'; import { AutoUnpackNativesPlugin } from '@electron-forge/plugin-auto-unpack-natives'; import { WebpackPlugin } from '@electron-forge/plugin-webpack'; +import { FusesPlugin } from '@electron-forge/plugin-fuses'; +import { FuseV1Options, FuseVersion } from '@electron/fuses'; import { mainConfig } from './webpack.main.config'; import { rendererConfig } from './webpack.renderer.config'; @@ -33,6 +35,10 @@ const config: ForgeConfig = { ], }, }), + new FusesPlugin({ + version: FuseVersion.V1, + [FuseV1Options.RunAsNode]: false, + }), ], }; diff --git a/packages/template/webpack-typescript/tmpl/package.json b/packages/template/webpack-typescript/tmpl/package.json index 72d70fb4d9..0c73cd5272 100644 --- a/packages/template/webpack-typescript/tmpl/package.json +++ b/packages/template/webpack-typescript/tmpl/package.json @@ -1,5 +1,7 @@ { "devDependencies": { + "@electron/fuses": "^1.7.0", + "@electron-forge/plugin-fuses": "^7.2.0", "@electron-forge/plugin-webpack": "ELECTRON_FORGE/VERSION", "@typescript-eslint/eslint-plugin": "^5.0.0", "@typescript-eslint/parser": "^5.0.0", diff --git a/packages/template/webpack/tmpl/forge.config.js b/packages/template/webpack/tmpl/forge.config.js index 6ad9269c6f..12e0888236 100644 --- a/packages/template/webpack/tmpl/forge.config.js +++ b/packages/template/webpack/tmpl/forge.config.js @@ -1,3 +1,6 @@ +const { FusesPlugin } = require('@electron-forge/plugin-fuses'); +const { FuseV1Options, FuseVersion } = require('@electron/fuses'); + module.exports = { packagerConfig: { asar: true, @@ -45,5 +48,9 @@ module.exports = { }, }, }, + new FusesPlugin({ + version: FuseVersion.V1, + [FuseV1Options.RunAsNode]: false, + }), ], }; From 14b6adfaa3904b27541c5939e1ae7e749e657d6f Mon Sep 17 00:00:00 2001 From: Anny Yang Date: Wed, 31 Jan 2024 17:28:18 -0800 Subject: [PATCH 2/2] adds more fuse defaults and comments for claritt --- packages/template/base/tmpl/forge.config.js | 7 +++++++ .../template/vite-typescript/tmpl/forge.config.ts | 11 ++++++++++- packages/template/vite/tmpl/forge.config.js | 11 ++++++++++- .../template/webpack-typescript/tmpl/forge.config.ts | 7 +++++++ packages/template/webpack/tmpl/forge.config.js | 7 +++++++ 5 files changed, 41 insertions(+), 2 deletions(-) diff --git a/packages/template/base/tmpl/forge.config.js b/packages/template/base/tmpl/forge.config.js index 450dd7a3d1..fa4a1138df 100644 --- a/packages/template/base/tmpl/forge.config.js +++ b/packages/template/base/tmpl/forge.config.js @@ -29,9 +29,16 @@ module.exports = { name: '@electron-forge/plugin-auto-unpack-natives', config: {}, }, + // Fuses are used to enable/disable various Electron functionality + // at package time, before code signing the application new FusesPlugin({ version: FuseVersion.V1, [FuseV1Options.RunAsNode]: false, + [FuseV1Options.EnableCookieEncryption]: true, + [FuseV1Options.EnableNodeOptionsEnvironmentVariable]: false, + [FuseV1Options.EnableNodeCliInspectArguments]: false, + [FuseV1Options.EnableEmbeddedAsarIntegrityValidation]: true, + [FuseV1Options.OnlyLoadAppFromAsar]: true, }), ], }; diff --git a/packages/template/vite-typescript/tmpl/forge.config.ts b/packages/template/vite-typescript/tmpl/forge.config.ts index 5431e96ec8..1ab9f7e906 100644 --- a/packages/template/vite-typescript/tmpl/forge.config.ts +++ b/packages/template/vite-typescript/tmpl/forge.config.ts @@ -8,7 +8,9 @@ import { FusesPlugin } from '@electron-forge/plugin-fuses'; import { FuseV1Options, FuseVersion } from '@electron/fuses'; const config: ForgeConfig = { - packagerConfig: {}, + packagerConfig: { + asar: true, + }, rebuildConfig: {}, makers: [new MakerSquirrel({}), new MakerZIP({}, ['darwin']), new MakerRpm({}), new MakerDeb({})], plugins: [ @@ -33,9 +35,16 @@ const config: ForgeConfig = { }, ], }), + // Fuses are used to enable/disable various Electron functionality + // at package time, before code signing the application new FusesPlugin({ version: FuseVersion.V1, [FuseV1Options.RunAsNode]: false, + [FuseV1Options.EnableCookieEncryption]: true, + [FuseV1Options.EnableNodeOptionsEnvironmentVariable]: false, + [FuseV1Options.EnableNodeCliInspectArguments]: false, + [FuseV1Options.EnableEmbeddedAsarIntegrityValidation]: true, + [FuseV1Options.OnlyLoadAppFromAsar]: true, }), ], }; diff --git a/packages/template/vite/tmpl/forge.config.js b/packages/template/vite/tmpl/forge.config.js index 228af3fd6e..45572b88fe 100644 --- a/packages/template/vite/tmpl/forge.config.js +++ b/packages/template/vite/tmpl/forge.config.js @@ -2,7 +2,9 @@ const { FusesPlugin } = require('@electron-forge/plugin-fuses'); const { FuseV1Options, FuseVersion } = require('@electron/fuses'); module.exports = { - packagerConfig: {}, + packagerConfig: { + asar: true, + }, rebuildConfig: {}, makers: [ { @@ -47,9 +49,16 @@ module.exports = { ], }, }, + // Fuses are used to enable/disable various Electron functionality + // at package time, before code signing the application new FusesPlugin({ version: FuseVersion.V1, [FuseV1Options.RunAsNode]: false, + [FuseV1Options.EnableCookieEncryption]: true, + [FuseV1Options.EnableNodeOptionsEnvironmentVariable]: false, + [FuseV1Options.EnableNodeCliInspectArguments]: false, + [FuseV1Options.EnableEmbeddedAsarIntegrityValidation]: true, + [FuseV1Options.OnlyLoadAppFromAsar]: true, }), ], }; diff --git a/packages/template/webpack-typescript/tmpl/forge.config.ts b/packages/template/webpack-typescript/tmpl/forge.config.ts index 073b38c216..1dcc889870 100644 --- a/packages/template/webpack-typescript/tmpl/forge.config.ts +++ b/packages/template/webpack-typescript/tmpl/forge.config.ts @@ -35,9 +35,16 @@ const config: ForgeConfig = { ], }, }), + // Fuses are used to enable/disable various Electron functionality + // at package time, before code signing the application new FusesPlugin({ version: FuseVersion.V1, [FuseV1Options.RunAsNode]: false, + [FuseV1Options.EnableCookieEncryption]: true, + [FuseV1Options.EnableNodeOptionsEnvironmentVariable]: false, + [FuseV1Options.EnableNodeCliInspectArguments]: false, + [FuseV1Options.EnableEmbeddedAsarIntegrityValidation]: true, + [FuseV1Options.OnlyLoadAppFromAsar]: true, }), ], }; diff --git a/packages/template/webpack/tmpl/forge.config.js b/packages/template/webpack/tmpl/forge.config.js index 12e0888236..d6aa49c127 100644 --- a/packages/template/webpack/tmpl/forge.config.js +++ b/packages/template/webpack/tmpl/forge.config.js @@ -48,9 +48,16 @@ module.exports = { }, }, }, + // Fuses are used to enable/disable various Electron functionality + // at package time, before code signing the application new FusesPlugin({ version: FuseVersion.V1, [FuseV1Options.RunAsNode]: false, + [FuseV1Options.EnableCookieEncryption]: true, + [FuseV1Options.EnableNodeOptionsEnvironmentVariable]: false, + [FuseV1Options.EnableNodeCliInspectArguments]: false, + [FuseV1Options.EnableEmbeddedAsarIntegrityValidation]: true, + [FuseV1Options.OnlyLoadAppFromAsar]: true, }), ], };