It may take distributors some time - or years - to figure how and why they want to package Electron apps, but it will happen eventually due to user demand.
Electron apps package NodeJS code. npm downloads NodeJS code directly from GitHub, typically from hundreds of individual GitHub accounts. This subjects users to the danger of some of these accounts to go rogue and deliver malware to them, since NodeJS technology doesn't have any safeguards against this and such unsafe behavior is done rather by its design, there's little chance that major packaging systems would adopt them. You can see that the Atom editor for example isn't packaged by Debian or any RPM packaging systems (https://repology.org/project/atom/versions). They can't subject their users to such dangers, and they shouldn't.
Perhaps Electron can be used w/out NodeJS, but it brands itself as ElectronJS, and your project too has the npm part in it.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.