CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl/npm-electron-forge--plugin-fuses

A plugin for flipping Electron Fuses in Electron Forge

Pending

Quality

Pending

Does it follow best practices?

Impact

Pending

No eval scenarios have been run

SecuritybySnyk

Pending

The risk profile of this skill

Overview
Eval results
Files

index.mddocs/

Electron Forge Plugin Fuses

Electron Forge Plugin Fuses provides functionality for configuring Electron Fuses when packaging applications with Electron Forge. Electron Fuses are build-time configuration options that control security and behavioral features of Electron applications.

Package Information

  • Package Name: @electron-forge/plugin-fuses
  • Package Type: npm
  • Language: TypeScript
  • Installation: npm install --save-dev @electron-forge/plugin-fuses @electron/fuses

Core Imports

import { FusesPlugin } from "@electron-forge/plugin-fuses";

For CommonJS:

const { FusesPlugin } = require("@electron-forge/plugin-fuses");

Basic Usage

import { FusesPlugin } from "@electron-forge/plugin-fuses";
import { FuseV1Options, FuseVersion } from "@electron/fuses";

// Add to forge.config.js
const forgeConfig = {
  plugins: [
    new FusesPlugin({
      version: FuseVersion.V1,
      [FuseV1Options.RunAsNode]: false,
      [FuseV1Options.EnableCookieEncryption]: true,
      [FuseV1Options.EnableNodeOptionsEnvironmentVariable]: false
    })
  ]
};

module.exports = forgeConfig;

Architecture

The plugin integrates with Electron Forge's packaging lifecycle through the packageAfterCopy hook, which executes after application files are copied but before final packaging. It uses the @electron/fuses library to apply fuse configurations to the Electron executable, with platform-specific handling for macOS code signing requirements.

Capabilities

Plugin Class

Main plugin class that integrates Electron Fuses configuration into the Electron Forge build process.

/**
 * Plugin for flipping Electron Fuses during packaging
 * Extends PluginBase to integrate with Electron Forge's plugin system
 */
class FusesPlugin extends PluginBase<FuseConfig> {
  constructor(fusesConfig: FuseConfig);
  name: string; // Always 'fuses'
  fusesConfig: FuseConfig;
  getHooks(): ForgeMultiHookMap;
}

Usage Example:

import { FusesPlugin } from "@electron-forge/plugin-fuses";
import { FuseV1Options, FuseVersion } from "@electron/fuses";

const plugin = new FusesPlugin({
  version: FuseVersion.V1,
  [FuseV1Options.RunAsNode]: false,
  [FuseV1Options.EnableCookieEncryption]: true
});

Types

FuseConfig

Configuration interface from @electron/fuses that defines available fuse options.

/**
 * Configuration object for Electron Fuses
 * Imported from @electron/fuses package
 */
interface FuseConfig {
  version: FuseVersion;
  [FuseV1Options.RunAsNode]?: boolean;
  [FuseV1Options.EnableCookieEncryption]?: boolean;
  [FuseV1Options.EnableNodeOptionsEnvironmentVariable]?: boolean;
  [FuseV1Options.EnableNodeCliInspectArguments]?: boolean;
  [FuseV1Options.EnableEmbeddedAsarIntegrityValidation]?: boolean;
  [FuseV1Options.OnlyLoadAppFromAsar]?: boolean;
  [FuseV1Options.LoadBrowserProcessSpecificV8Snapshot]?: boolean;
  // Additional fuse options as defined in @electron/fuses
}

enum FuseVersion {
  V1 = "1"
}

enum FuseV1Options {
  RunAsNode = "RunAsNode",
  EnableCookieEncryption = "EnableCookieEncryption",
  EnableNodeOptionsEnvironmentVariable = "EnableNodeOptionsEnvironmentVariable",
  EnableNodeCliInspectArguments = "EnableNodeCliInspectArguments",
  EnableEmbeddedAsarIntegrityValidation = "EnableEmbeddedAsarIntegrityValidation",
  OnlyLoadAppFromAsar = "OnlyLoadAppFromAsar",
  LoadBrowserProcessSpecificV8Snapshot = "LoadBrowserProcessSpecificV8Snapshot"
}

Electron Forge Types

Types imported from @electron-forge packages used by the plugin.

/**
 * Platform identifier for different operating systems
 * From @electron-forge/shared-types
 */
type ForgePlatform = "darwin" | "linux" | "mas" | "win32";

/**
 * Hook mapping interface for Electron Forge plugins
 * From @electron-forge/shared-types
 */
interface ForgeMultiHookMap {
  packageAfterCopy?: Array<Hook<'packageAfterCopy'>>;
  // Other hooks omitted for brevity
}

/**
 * Base class for Electron Forge plugins
 * From @electron-forge/plugin-base
 */
abstract class PluginBase<C> {
  constructor(config: C);
  abstract getHooks(): ForgeMultiHookMap;
}

Platform-Specific Behavior

The plugin handles platform-specific executable paths and code signing requirements:

  • macOS/Darwin: Executable located at <basePath>/MacOS/<appName>, handles code signing considerations for ARM64
  • Windows: Executable located at <basePath>/<appName>.exe
  • Linux: Executable located at <basePath>/<appName>

Security Considerations

Electron Fuses control critical security features of Electron applications:

  • RunAsNode: Controls whether Node.js can be enabled at runtime
  • EnableCookieEncryption: Enables encryption of cookies in the session store
  • EnableNodeOptionsEnvironmentVariable: Controls access to NODE_OPTIONS environment variable
  • OnlyLoadAppFromAsar: Restricts loading to bundled ASAR files only

Carefully configure these options based on your application's security requirements.

Install with Tessl CLI

npx tessl i tessl/npm-electron-forge--plugin-fuses

docs

index.md

tile.json