or run

npx @tessl/cli init
Log in

Version

Tile

Overview

Evals

Files

docs

index.md
tile.json

tessl/npm-electron-forge--plugin-fuses

A plugin for flipping Electron Fuses in Electron Forge

Workspace
tessl
Visibility
Public
Created
Last updated
Describes
npmpkg:npm/@electron-forge/plugin-fuses@7.8.x

To install, run

npx @tessl/cli install tessl/npm-electron-forge--plugin-fuses@7.8.0

index.mddocs/

Electron Forge Plugin Fuses

Electron Forge Plugin Fuses provides functionality for configuring Electron Fuses when packaging applications with Electron Forge. Electron Fuses are build-time configuration options that control security and behavioral features of Electron applications.

Package Information

  • Package Name: @electron-forge/plugin-fuses
  • Package Type: npm
  • Language: TypeScript
  • Installation: npm install --save-dev @electron-forge/plugin-fuses @electron/fuses

Core Imports

import { FusesPlugin } from "@electron-forge/plugin-fuses";

For CommonJS:

const { FusesPlugin } = require("@electron-forge/plugin-fuses");

Basic Usage

import { FusesPlugin } from "@electron-forge/plugin-fuses";
import { FuseV1Options, FuseVersion } from "@electron/fuses";

// Add to forge.config.js
const forgeConfig = {
  plugins: [
    new FusesPlugin({
      version: FuseVersion.V1,
      [FuseV1Options.RunAsNode]: false,
      [FuseV1Options.EnableCookieEncryption]: true,
      [FuseV1Options.EnableNodeOptionsEnvironmentVariable]: false
    })
  ]
};

module.exports = forgeConfig;

Architecture

The plugin integrates with Electron Forge's packaging lifecycle through the packageAfterCopy hook, which executes after application files are copied but before final packaging. It uses the @electron/fuses library to apply fuse configurations to the Electron executable, with platform-specific handling for macOS code signing requirements.

Capabilities

Plugin Class

Main plugin class that integrates Electron Fuses configuration into the Electron Forge build process.

/**
 * Plugin for flipping Electron Fuses during packaging
 * Extends PluginBase to integrate with Electron Forge's plugin system
 */
class FusesPlugin extends PluginBase<FuseConfig> {
  constructor(fusesConfig: FuseConfig);
  name: string; // Always 'fuses'
  fusesConfig: FuseConfig;
  getHooks(): ForgeMultiHookMap;
}

Usage Example:

import { FusesPlugin } from "@electron-forge/plugin-fuses";
import { FuseV1Options, FuseVersion } from "@electron/fuses";

const plugin = new FusesPlugin({
  version: FuseVersion.V1,
  [FuseV1Options.RunAsNode]: false,
  [FuseV1Options.EnableCookieEncryption]: true
});

Types

FuseConfig

Configuration interface from @electron/fuses that defines available fuse options.

/**
 * Configuration object for Electron Fuses
 * Imported from @electron/fuses package
 */
interface FuseConfig {
  version: FuseVersion;
  [FuseV1Options.RunAsNode]?: boolean;
  [FuseV1Options.EnableCookieEncryption]?: boolean;
  [FuseV1Options.EnableNodeOptionsEnvironmentVariable]?: boolean;
  [FuseV1Options.EnableNodeCliInspectArguments]?: boolean;
  [FuseV1Options.EnableEmbeddedAsarIntegrityValidation]?: boolean;
  [FuseV1Options.OnlyLoadAppFromAsar]?: boolean;
  [FuseV1Options.LoadBrowserProcessSpecificV8Snapshot]?: boolean;
  // Additional fuse options as defined in @electron/fuses
}

enum FuseVersion {
  V1 = "1"
}

enum FuseV1Options {
  RunAsNode = "RunAsNode",
  EnableCookieEncryption = "EnableCookieEncryption",
  EnableNodeOptionsEnvironmentVariable = "EnableNodeOptionsEnvironmentVariable",
  EnableNodeCliInspectArguments = "EnableNodeCliInspectArguments",
  EnableEmbeddedAsarIntegrityValidation = "EnableEmbeddedAsarIntegrityValidation",
  OnlyLoadAppFromAsar = "OnlyLoadAppFromAsar",
  LoadBrowserProcessSpecificV8Snapshot = "LoadBrowserProcessSpecificV8Snapshot"
}

Electron Forge Types

Types imported from @electron-forge packages used by the plugin.

/**
 * Platform identifier for different operating systems
 * From @electron-forge/shared-types
 */
type ForgePlatform = "darwin" | "linux" | "mas" | "win32";

/**
 * Hook mapping interface for Electron Forge plugins
 * From @electron-forge/shared-types
 */
interface ForgeMultiHookMap {
  packageAfterCopy?: Array<Hook<'packageAfterCopy'>>;
  // Other hooks omitted for brevity
}

/**
 * Base class for Electron Forge plugins
 * From @electron-forge/plugin-base
 */
abstract class PluginBase<C> {
  constructor(config: C);
  abstract getHooks(): ForgeMultiHookMap;
}

Platform-Specific Behavior

The plugin handles platform-specific executable paths and code signing requirements:

  • macOS/Darwin: Executable located at <basePath>/MacOS/<appName>, handles code signing considerations for ARM64
  • Windows: Executable located at <basePath>/<appName>.exe
  • Linux: Executable located at <basePath>/<appName>

Security Considerations

Electron Fuses control critical security features of Electron applications:

  • RunAsNode: Controls whether Node.js can be enabled at runtime
  • EnableCookieEncryption: Enables encryption of cookies in the session store
  • EnableNodeOptionsEnvironmentVariable: Controls access to NODE_OPTIONS environment variable
  • OnlyLoadAppFromAsar: Restricts loading to bundled ASAR files only

Carefully configure these options based on your application's security requirements.