MIT License
Vite+Electron = 🔥
This is a secure template for electron applications. Written following the latest safety requirements, recommendations and best practices.
Under the hood is used Vite — super fast, nextgen bundler, and electron-builder for compilation.
This template maintained by Alex Kozack. You can 💖 sponsor him for continued development of this template.
Found a problem? Pull requests are welcome.
If you have ideas, questions or suggestions - Welcome to discussions. 😊
Follow these steps to get started with this template:
.github/workflows
-- it uses npm
by default.That's all you need. 😉
Note: This template uses npm v7 feature — Installing Peer Dependencies Automatically. If you are using a different package manager, you may need to install some peerDependencies manually.
.env
files. You can also specify types of your environment variables in types/vite-env.d.ts
.Vite provides you with many useful features, such as: TypeScript
, TSX/JSX
, CSS/JSON Importing
, CSS Modules
, Web Assembly
and much more.
See this discussion if you want completly remove TypeScript.
See examples of web pages for different frameworks.
main
branch, release
workflow starts, which creates release draft.
yy.mm.dd-minutes
.compile
job in release
workflow.This template was created to make my work easier. It may not be universal, but I try to keep it that way.
I am actively involved in its development. But I do not guarantee that this template will be maintained in the future.
At the moment, there are the following problems:
renderer
package in CI implemented by , which has a very early version. This is not a problem if you do not use Vue or TypeScript..github/actions/release-notes
is used for generation. It may not provide some scenarios. If you encounter a problem - write about it.Some improvement or problems can be listed in issues.
Pull requests are welcome.
The template required a minimum dependencies. Only Vite is used for building, nothing more.
The structure of this template is very similar to the structure of a monorepo.
The entire source code of the program is divided into three modules (packages) that are bundled each independently:
packages/main
packages/preload
BrowserWindow.webPreferences.preload
. See Checklist: Security Recommendations.packages/renderer
Packages main
and preload
are built in library mode as it is a simple javascript.
renderer
package build as regular web app.
The build of web resources is performed in the scripts/build.js
. Its analogue is a sequential call to vite build
for each package.
Next step is run packaging and compilation a ready for distribution Electron app for macOS, Windows and Linux with "auto update" support out of the box.
To do this, using the electron-builder:
compile
: This script is configured to compile the application as quickly as possible. It is not ready for distribution, is compiled only for the current platform and is used for debugging.According to Electron's security guidelines, Node.js integration is disabled for remote content. This means that you cannot call any Node.js api in the packages/renderer
directly. To do this, you must describe the interface in the packages/preload
where Node.js api is allowed:
// packages/preload/src/index.ts
import {readFile} from 'fs/promises'
const api = {
readConfig: () => readFile('/path/to/config.json', {encoding: 'utf-8'}),
}
contextBridge.exposeInMainWorld('electron', api)
// packages/renderer/src/App.vue
import {useElectron} from '/@/use/electron'
const {readConfig} = useElectron()
Read more about Security Considerations.
Note: Context isolation disabled for test
environment. See #693.
All environment variables set as part of the import.meta
, so you can access them as follows: import.meta.env
.
You can also specify types of your environment variables in types/vite-env.d.ts
.
The mode option is used to specify the value of import.meta.env.MODE
and the corresponding environment variables files that needs to be loaded.
By default, there are two modes:
production
is used by defaultdevelopment
is used by npm run watch
scripttest
is used by npm test
scriptWhen running building, environment variables are loaded from the following files in your project root:
.env # loaded in all cases
.env.local # loaded in all cases, ignored by git
.env.[mode] # only loaded in specified env mode
.env.[mode].local # only loaded in specified env mode, ignored by git
Note: only variables prefixed with VITE_
are exposed to your code (e.g. VITE_SOME_KEY=123
) and SOME_KEY=123
will not. You can access VITE_SOME_KEY
using import.meta.env.VITE_SOME_KEY
. This is because the .env
files may be used by some users for server-side or build scripts and may contain sensitive information that should not be exposed in code shipped to browsers.
See Contributing Guide.