`electron`

Ecosystem:
npm

Package URL:
pkg:npm/electron

Total PRs:
10,827 Dependabot PRs

Latest PR:
about 3 hours ago

Unique Repositories:
2,830 repositories

Unique Repos (30 days):
231 repositories

Security Advisories

Electron's Content-Secrity-Policy disabling eval not applied consistently in renderers with sandbox disabled

GHSA-gxh7-wv9q-fwfr CVE-2023-23623 HIGH published over 2 years ago • updated 6 days ago

### Impact A Content-Security-Policy that disables eval, specifically setting a `script-src` directive and _not_ providing `unsafe-eval` in that di...

Unpreventable top-level navigation

GHSA-2q4g-w47c-4674 CVE-2020-15174 HIGH published over 5 years ago • updated 2 days ago

### Impact The `will-navigate` event that apps use to prevent navigations to unexpected destinations [as per our security recommendations](https://...

View all 28 advisories

Recent PRs

RSS Feed

Bump the npm_and_yarn group across 18 directories with 24 updates

you112ef/Same-aide-ai #8

37.2.3 → 37.3.1 Minor PR

Open about 3 hours ago 1 comment

Bump the npm_and_yarn group across 17 directories with 22 updates

osAplet/vscode-microsoft #6

34.3.2 → 35.7.5 Major PR

Open about 3 hours ago 2 comments

Bump the all group across 1 directory with 67 updates

microsoft/vscode-copilot-chat #4341

37.8.0 → 40.8.0 Major PR

Open about 5 hours ago 2 comments

build(deps-dev): Bump electron from 33.4.11 to 35.7.5

Hiosdra/MCP-manager #3

33.4.11 → 35.7.5 Major PR

Closed 1 day ago 1 comment

build(deps-dev): Bump the electron group with 2 updates

marylin/claudette #6

31.7.7 → 40.8.0 Major PR

Open 2 days ago 1 comment

chore(deps)(deps-dev): bump the dev-dependencies group across 1 directory with 16 updates

PixelDroid19/CheeseJs #11

40.6.0 → 40.8.0 Minor PR

Open 2 days ago 1 comment

chore(deps): bump the minor-and-patch group across 1 directory with 6 updates

i-denipermana/prpal #17

40.6.0 → 40.8.0 Minor PR

Open 2 days ago 1 comment

Bump the npm_and_yarn group across 1 directory with 4 updates

tylerbishopdev/MuseVault #1

33.4.11 → 35.7.5 Major PR

Open 2 days ago 1 comment

Bump electron from 34.5.8 to 40.8.0 in /electron in the npm_and_yarn group across 1 directory

averyjl/averyos.com-runtime #274

34.5.8 → 40.8.0 Major PR

Open 2 days ago 1 comment

build(deps-dev): bump the dev-deps group with 14 updates

loc/electron-window #2

33.4.11 → 40.8.0 Major PR

Closed 2 days ago 1 comment

deps(deps-dev): bump the dev-deps group with 2 updates

thelastoutpostworkshop/ESPConnect #145

40.6.1 → 40.8.0 Minor PR

Closed 3 days ago 1 comment

Bump electron from 6.1.7 to 40.8.0

hey-its-brian/MagicMirror #21

6.1.7 → 40.8.0 Major PR

Open 3 days ago 1 comment

Bump the minor group across 1 directory with 39 updates

KittyCAD/modeling-app #10351

40.0.0 → 40.6.1 Minor PR

Open 4 days ago 1 comment

chore(deps): bump the minor-and-patch group with 24 updates

Forge-Space/siza #315

40.6.1 → 40.8.0 Minor PR

Open 4 days ago 3 comments

chore(deps): bump the npm_and_yarn group across 1 directory with 37 updates

mrheyday/app #12

22.1.0 → 35.7.5 Major PR

Open 4 days ago 2 comments

chore(deps): bump the npm_and_yarn group across 1 directory with 36 updates

mrheyday/app #11

22.1.0 → 35.7.5 Major PR

Open 4 days ago 3 comments

chore(deps-dev): bump electron from 35.7.5 to 40.8.0

2019julie-x/ClippyPOE #4

35.7.5 → 40.8.0 Major PR

Open 4 days ago 1 comment

chore(deps): bump the npm-root-nonbreaking group across 1 directory with 20 updates

webrenew/agent-observer #215

40.4.1 → 40.8.0 Minor PR

Closed 4 days ago 3 comments

Bump the all group across 1 directory with 67 updates

microsoft/vscode-copilot-chat #4253

37.8.0 → 40.8.0 Major PR

Closed 5 days ago 1 comment

chore(deps-dev): bump the dev-dependencies-minor-patch group with 13 updates

middleapi/orpc #1462

40.7.0 → 40.8.0 Minor PR

Closed 5 days ago 4 comments

chore(deps)(deps-dev): bump the dev-dependencies group across 1 directory with 15 updates

PixelDroid19/CheeseJs #10

40.6.0 → 40.8.0 Minor PR

Open 5 days ago 1 comment

chore(deps-dev): bump electron from 39.2.3 to 40.8.0 in /app

PseudoDarwinist/surf #12

39.2.3 → 40.8.0 Major PR

Open 5 days ago 1 comment

chore(deps-dev): bump electron from 33.4.11 to 40.6.1

Chia-Network/core-registry-dashboard-ui #308

33.4.11 → 40.6.1 Major PR

Open 5 days ago 1 comment

build(deps-dev): bump electron from 39.2.1 to 40.6.1

Chia-Network/Climate-Tokenization-Engine-UI #641

39.2.1 → 40.6.1 Major PR

Open 5 days ago 1 comment

Bump electron from 33.2.0 to 35.7.5 in /electron/webgpu-demo3

Armchair-Software/webgpu-shader-demo #6

33.2.0 → 35.7.5 Major PR

Closed 5 days ago 1 comment

chore(deps-dev): Bump electron from 34.5.8 to 40.7.0 in the npm_and_yarn group across 1 directory

TheDemonTuan/all-agent-in-one #1

34.5.8 → 40.7.0 Major PR

Open 5 days ago 6 comments

Bump electron from 38.2.0 to 40.7.0

thunrobi/cc-electron #30

38.2.0 → 40.7.0 Major PR

Closed 6 days ago 1 comment

chore: bump electron from 40.0.0 to 40.7.0

netease-im/nim-electron-quick-start #102

40.0.0 → 40.7.0 Minor PR

Closed 6 days ago 1 comment

chore(deps-dev): bump electron from 40.6.1 to 40.7.0

sircharlo/jw-launcher #314

40.6.1 → 40.7.0 Minor PR

Closed 6 days ago 1 comment

chore(deps-dev): bump the dev-dependencies-minor-patch group across 1 directory with 43 updates

middleapi/orpc #1459

40.6.1 → 40.7.0 Minor PR

Open 6 days ago 3 comments

Bump the npm_and_yarn group across 15 directories with 23 updates

kanavbhatia/vscode #4

35.2.2 → 35.7.5 Minor PR

Closed 6 days ago 1 comment

Bump the npm_and_yarn group across 15 directories with 24 updates

sizzlebop/void #8

34.3.2 → 35.7.5 Major PR

Closed 6 days ago 1 comment

Bump the npm_and_yarn group across 15 directories with 23 updates

DemianParkhomenko/vscode #6

34.5.1 → 35.7.5 Major PR

Closed 6 days ago 1 comment

Bump the npm_and_yarn group across 11 directories with 9 updates

Raiff1982/azure-sdk-for-js #9

10.4.7 → 40.7.0 Major PR

Closed 6 days ago 1 comment

Bump the npm_and_yarn group across 16 directories with 20 updates

MiViK7/vscode #6

32.2.5 → 35.7.5 Major PR

Open 6 days ago 2 comments

Bump electron from 39.2.7 to 40.7.0

droidian/Signal-Desktop #36

39.2.7 → 40.7.0 Major PR

Closed 6 days ago 1 comment

Bump the npm_and_yarn group across 34 directories with 13 updates

ar27111994/DefinitelyTyped #10

1.8.8 → 40.7.0 Major PR

Closed 6 days ago 1 comment

Bump electron from 40.4.1 to 40.7.0

signalapp/Signal-Desktop #7747

40.4.1 → 40.7.0 Minor PR

Closed 6 days ago 1 comment

Bump the npm_and_yarn group across 17 directories with 21 updates

alialobidm/vscode #6

32.2.3 → 35.7.5 Major PR

Open 6 days ago 2 comments

Bump the npm_and_yarn group across 2 directories with 6 updates

nuanmanee/NN #6

34.5.8 → 40.7.0 Major PR

Closed 6 days ago 1 comment

Bump the npm_and_yarn group across 1 directory with 15 updates

Robs68/pwndoc #8

2.0.18 → 40.7.0 Major PR

Closed 6 days ago 1 comment

Bump electron from 39.8.0 to 40.7.0

fadeaway-ai/electron-webview-test #9

39.8.0 → 40.7.0 Major PR

Closed 6 days ago 1 comment

Bump the all group across 1 directory with 66 updates

Kicey/ungithubbed-copilot #7

37.8.0 → 40.7.0 Major PR

Closed 6 days ago 1 comment

build(deps): bump the minor-and-patch group across 1 directory with 10 updates

konsulin-care/focus #38

40.4.1 → 40.6.1 Minor PR

Open 7 days ago 1 comment

Bump electron from 40.0.0 to 40.6.1

sulla-ai/sulla-desktop #106

40.0.0 → 40.6.1 Minor PR

Open 7 days ago 1 comment

chore(deps-dev): Bump the dev-dependencies group across 1 directory with 7 updates

Wintersta7e/mz-plugin-studio #17

40.4.1 → 40.6.1 Minor PR

Closed 7 days ago 2 comments

Bump the all group across 1 directory with 64 updates

microsoft/vscode-copilot-chat #4172

37.8.0 → 40.6.1 Major PR

Closed 7 days ago 1 comment

deps(desktop): bump electron from 31.7.7 to 40.6.1 in /apps/desktop

odvcencio/buckley #50

31.7.7 → 40.6.1 Major PR

Closed 8 days ago 2 comments

Bump electron from 40.0.0 to 40.6.0

sulla-ai/sulla-desktop #60

40.0.0 → 40.6.0 Minor PR

Open 8 days ago 1 comment

Bump the npm_and_yarn group across 11 directories with 9 updates

Raiff1982/azure-sdk-for-js #8

10.4.7 → 40.6.1 Major PR

Closed 8 days ago 1 comment

Package Details

Name:	`electron`
Ecosystem:	npm
PURL Type:	npm
Package URL:	`pkg:npm/electron`
JSON API:	View JSON

Security Advisories

28

Active advisories

CRITICAL 2

HIGH 12

MODERATE 10

LOW 4

View All npm Advisories

Package Information

Description:

Build cross platform desktop apps with JavaScript, HTML, and CSS

Repository:	https://github.com/electron/electron
Homepage:	https://github.com/electron/electron
Latest Release:	`33.2.1` over 1 year ago
Dependent Repos:	93,246
Dependent Packages:	5,167
Downloads:	3,520,591
Ranking:	Top 0.1097% by dependent repos Top 0.171% by downloads Top 0.0183% by dependent pkgs

PR Status

Open 4,257 (39.3%)

Merged 974 (9.0%)

Closed 4,791 (44.3%)

PR Types

Removal 3 (0.0%)

Minor 1,736 (16.0%)

Major 7,393 (68.3%)

Patch 882 (8.1%)

electron

Security Advisories

ASAR Integrity bypass via filetype confusion in electron

Context isolation bypass via contextBridge in Electron

Context isolation bypass via Promise in Electron

Electron's Content-Secrity-Policy disabling eval not applied consistently in renderers with sandbox disabled

Unpreventable top-level navigation

Recent PRs

Package Details

Security Advisories

28

Package Information

PR Status

PR Types

`electron`