New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
electron-packager unexpectedly copies entire package.json into distribution #1184
Comments
👋 Thanks for opening your first issue here! If you have a question about using Electron Packager, read the support docs. If you're reporting a 🐞 bug, please make sure you include steps to reproduce it. Development and issue triage is community-driven, so please be patient and we will get back to you as soon as we can. To help make it easier for us to investigate your issue, please follow the contributing guidelines. |
So here is my awful hacky workaround. It creates a custom I'm going to leave this issue open, as I don't know whether this is the expected or best way to achieve this. It certainly feels like an ugly way to achieve the behavior that I expected. #!/usr/bin/env node
const packager = require("electron-packager");
const {readFileSync, writeFileSync} = require('fs');
(async () => {
const appPaths = await packager({
dir: '.',
name: 'MyElectronApp',
overwrite: true,
prune: true,
afterPrune: [(buildPath, electronVersion, platform, arch, callback) => {
const packageJsonPath = buildPath + '/package.json';
const devPackageJson = JSON.parse(readFileSync(packageJsonPath));
const prodPackageJson = Object.fromEntries(['name', 'version', 'main'].map(k => [k, devPackageJson[k]]));
writeFileSync(packageJsonPath, JSON.stringify(prodPackageJson, null, 2));
callback();
}],
});
console.log(`Electron app bundles created: ${appPaths.join("\n")}`);
})(); |
Could you please provide more data on where did you add this? |
Preflight Checklist
Issue Details
Expected Behavior
electron-packager creates a distribution with the minimal
package.json
required for Electron. As far as I know, it only needs to contain themain
field. It should not leak private info about my development setup.Actual Behavior
electron-packager seems to just copy-paste my entire
package.json
into the distribution. This contains all kind of unnecessary and private info, such as mydevDependencies
andscripts
. These are never accessed at runtime and so should not be distributed.To Reproduce
A minimal repo here on this branch, but it seems to happen under standard conditions.
Additional Information
Is there a standard way to work around this behavior?
The text was updated successfully, but these errors were encountered: