S
SkillsMD 发现、学习和掌握最新的 AI 技术 Skills。基于真实社区数据,为开发者提供最权威的 AI 工具导航。
关于 聚焦 AI 技术 Skills 每周数据更新 中英双语文档 © 2026 SkillsMD. All rights reserved.
Electron 架构专家 | 主进程/渲染器设计、IPC通信、安全最佳实践与打包指南 | SkillsMD
首页 / Skills / electron-architect Electron 架构专家 | 主进程/渲染器设计、IPC通信、安全最佳实践与打包指南 electron-architect by tomlord1122/tomtom-skill
npx skills add https://github.com/tomlord1122/tomtom-skill --skill electron-architect🇨🇳 中文介绍 Electron 架构专家
专为 Electron 桌面应用程序架构、主进程/渲染器进程设计、IPC 通信、安全最佳实践和应用程序打包提供支持的专家助手。
思考流程
激活后,遵循以下结构化思考方法来设计 Electron 应用程序:
步骤 1:应用程序需求分析
目标: 理解桌面应用程序需要实现什么功能。
关键问题:
核心功能是什么?(编辑器、仪表板、工具、媒体)
需要哪些系统资源?(文件系统、网络、硬件)
目标平台是什么?(macOS、Windows、Linux 或全部)
是否有离线需求?
预期的数据敏感性如何?(本地文件、凭证、用户数据)
行动:
列出所有需要系统访问的功能(文件、网络、原生 API)
识别用户交互模式(单窗口、多窗口、托盘应用)
确定数据持久化需求(本地存储、SQLite、文件系统)
映射集成点(外部 API、本地服务、硬件)
决策点: 你应该能够阐明:
"此应用需要访问 [X] 系统资源"
"主要的用户流程是 [Y]"
"安全敏感级别为 [Z]"
步骤 2:架构设计(安全第一)
目标: 设计安全的主进程/渲染器架构。
思考框架 - 安全原则:
最小权限: 渲染器应具有最小能力深度防御: 多层保护显式通信: 所有 IPC 通道都是显式的且经过验证
架构决策矩阵:
🇺🇸 English Electron Architecture Expert
Expert assistant for Electron desktop application architecture, Main/Renderer process design, IPC communication, security best practices, and application packaging.
Thinking Process
When activated, follow this structured thinking approach to design Electron applications:
Step 1: Application Requirements Analysis
Goal: Understand what the desktop application needs to accomplish.
Key Questions to Ask:
What is the core functionality? (editor, dashboard, utility, media)
What system resources are needed? (file system, network, hardware)
What is the target platform? (macOS, Windows, Linux, or all)
Are there offline requirements?
What is the expected data sensitivity? (local files, credentials, user data)
Actions:
List all features requiring system access (files, network, native APIs)
Identify user interaction patterns (single window, multi-window, tray app)
Determine data persistence needs (local storage, SQLite, file system)
Map integration points (external APIs, local services, hardware)
Decision Point: You should be able to articulate:
"This app needs access to [X] system resources"
"The main user flows are [Y]"
"Security sensitivity level is [Z]"
Step 2: Architecture Design (Security First)
Goal: Design a secure Main/Renderer architecture.
广告位招租
在这里展示您的产品或服务
触达数万 AI 开发者,精准高效
联系我们 UI 渲染 渲染器进程 视为不受信任(如同浏览器) 文件系统访问 主进程 通过验证的 IPC 暴露 网络请求 首选主进程 避免渲染器 CORS 问题 原生对话框 主进程 用户同意文件访问 加密操作 主进程 保护密钥免受渲染器访问 Shell 命令 仅限主进程 绝不暴露给渲染器
"这需要主进程访问吗?"
"所需的最小 IPC 接口是什么?"
步骤 3:IPC 设计
"主进程和渲染器之间流动什么数据?"
"谁发起通信?"
"两端需要什么验证?"
通信需求 模式 方向 请求/响应 invoke/handle 渲染器 → 主进程 发送即忘 send 渲染器 → 主进程 推送通知 webContents.send 主进程 → 渲染器 双向流 MessagePort 双向
所有通道都有明确的名称
主进程处理器进行输入验证
不从渲染器输入执行任意代码
敏感操作需要用户确认
对昂贵操作进行速率限制
// 在 shared/ 中定义通道类型
interface IpcChannels {
'file:open': { args: void; return: string | null };
'file:save': { args: { path: string; content: string }; return: boolean };
}
步骤 4:预加载脚本设计
"渲染器绝对需要的最小功能是什么?"
"我是否暴露了超出必要的功能?"
"每个暴露的函数都经过验证了吗?"
最小接口: 仅暴露绝对需要的功能不暴露原始 IPC: 包装 ipcRenderer,不要直接暴露类型定义: 为渲染器提供 TypeScript 类型单向绑定: 优先使用 invoke 而非 send/on 对 // 错误:暴露原始 ipcRenderer
contextBridge.exposeInMainWorld('electron', { ipcRenderer });
// 错误:任意通道执行
contextBridge.exposeInMainWorld('api', {
send: (channel, data) => ipcRenderer.send(channel, data)
});
// 正确:显式、有限的 API
contextBridge.exposeInMainWorld('api', {
openFile: () => ipcRenderer.invoke('dialog:openFile'),
saveFile: (content: string) => ipcRenderer.invoke('file:save', content)
});
步骤 5:窗口管理策略
"此应用需要多少个窗口?"
"窗口之间如何通信?"
"窗口关闭时会发生什么?"
应用类型 模式 单文档 一个主窗口 多文档 每个文档一个窗口,状态在主进程中共享 仪表板 + 详情 父子窗口 系统工具 带弹出窗口的托盘应用
为每种窗口类型设置合适的 webPreferences
窗口状态持久化(位置、大小)
正确的关闭/退出行为(隐藏 vs 销毁)
深度链接 / 协议处理
步骤 6:数据持久化策略
"哪些数据需要持久化?"
"这些数据的敏感性如何?"
"数据是否需要跨设备同步?"
数据类型 解决方案 安全性 用户偏好设置 electron-store 明文或加密 结构化数据 SQLite (better-sqlite3) 文件级加密 大文件 文件系统 操作系统级权限 凭证 系统密钥链 (keytar) 操作系统安全存储
敏感数据在静态时加密
凭证存储在系统密钥链中,而非文件
备份/导出功能
更新时的数据迁移策略
步骤 7:打包与分发
"目标平台是哪些?"
"如何交付更新?"
"需要哪些签名/公证?"
平台 签名 分发 macOS 开发者 ID + 公证 DMG、PKG 或 Mac App Store Windows 代码签名证书 NSIS、MSI 或 Microsoft Store Linux 可选 GPG AppImage、deb、rpm、Snap
electron-updater 配置
更新服务器(GitHub releases、S3 等)
关键更新的分阶段推出
回滚能力
步骤 8:测试策略
单元测试: 主进程中的业务逻辑集成测试: IPC 通信端到端测试: 使用 Spectron/Playwright 进行 UI 流程测试平台测试: 针对所有目标平台的 CI 矩阵
隔离测试 IPC 处理器
测试预加载脚本的类型契约
关键用户流程的端到端测试
平台特定行为测试
使用方法
搭建新项目 bash /mnt/skills/user/electron-architect/scripts/scaffold-project.sh [project-name] [ui-framework] [package-manager]
project-name - 项目名称(默认:my-electron-app)ui-framework - UI 框架:vanilla、react、svelte、vue(默认:vanilla)package-manager - 包管理器:pnpm、npm、yarn(默认:pnpm) bash /mnt/skills/user/electron-architect/scripts/scaffold-project.sh my-app
bash /mnt/skills/user/electron-architect/scripts/scaffold-project.sh my-app react
bash /mnt/skills/user/electron-architect/scripts/scaffold-project.sh my-app svelte pnpm
nodeIntegration: false
contextIsolation: true
sandbox: true
文档资源
Electron: https://www.electronjs.org/docs/latest/
Electron Forge: https://www.electronforge.io/
electron-builder: https://www.electron.build/
项目结构 src/
├── main/
│ ├── main.ts # 主进程入口
│ ├── ipc/ # IPC 处理器
│ │ └── file-handlers.ts
│ ├── services/ # 后端服务
│ │ └── database.ts
│ └── menu.ts # 应用程序菜单
├── preload/
│ └── preload.ts # 上下文桥接
├── renderer/ # UI (React/Svelte/Vue)
│ ├── App.tsx
│ └── components/
└── shared/
└── types.ts # 共享类型定义
安全配置
BrowserWindow 设置 // main.ts - 安全配置
const mainWindow = new BrowserWindow({
width: 1200,
height: 800,
webPreferences: {
nodeIntegration: false, // 禁用 Node.js
contextIsolation: true, // 启用上下文隔离
sandbox: true, // 沙盒模式
preload: path.join(__dirname, 'preload.js'),
webSecurity: true, // 强制执行同源策略
}
});
预加载脚本模式 // preload.ts - 安全的 API 暴露
import { contextBridge, ipcRenderer } from 'electron';
contextBridge.exposeInMainWorld('electronAPI', {
// 单向:渲染器 → 主进程
saveFile: (content: string) =>
ipcRenderer.invoke('file:save', content),
// 单向:主进程 → 渲染器
onUpdateAvailable: (callback: (version: string) => void) =>
ipcRenderer.on('update-available', (_, version) => callback(version)),
// 请求-响应模式
openFile: () => ipcRenderer.invoke('dialog:openFile'),
});
// 渲染器的类型声明
declare global {
interface Window {
electronAPI: {
saveFile: (content: string) => Promise<boolean>;
onUpdateAvailable: (callback: (version: string) => void) => void;
openFile: () => Promise<string | null>;
}
}
}
主进程处理器 // main/ipc/file-handlers.ts
import { ipcMain, dialog } from 'electron';
import { readFile, writeFile } from 'fs/promises';
export function registerFileHandlers() {
ipcMain.handle('dialog:openFile', async () => {
const { canceled, filePaths } = await dialog.showOpenDialog({
properties: ['openFile'],
filters: [{ name: 'Text', extensions: ['txt', 'md'] }]
});
if (canceled) return null;
return readFile(filePaths[0], 'utf-8');
});
ipcMain.handle('file:save', async (_, content: string) => {
const { canceled, filePath } = await dialog.showSaveDialog({});
if (canceled || !filePath) return false;
await writeFile(filePath, content);
return true;
});
}
IPC 通信模式
模式 1:Invoke(请求-响应) // 渲染器
const data = await window.electronAPI.fetchData(id);
// 主进程
ipcMain.handle('fetch-data', async (event, id) => {
return await database.get(id);
});
模式 2:Send/On(发送即忘) // 主进程 → 渲染器
mainWindow.webContents.send('notification', message);
// 渲染器
window.electronAPI.onNotification((msg) => showToast(msg));
模式 3:双向事件 // 渲染器发送,等待主进程响应
const result = await window.electronAPI.processFile(path);
打包配置
Electron Forge {
"config": {
"forge": {
"packagerConfig": {
"asar": true,
"icon": "./assets/icon"
},
"makers": [
{ "name": "@electron-forge/maker-squirrel" },
{ "name": "@electron-forge/maker-dmg" },
{ "name": "@electron-forge/maker-deb" }
]
}
}
}
向用户呈现结果
始终遵循安全最佳实践
提供完整的 IPC 通信示例
考虑跨平台兼容性
包含 API 的 TypeScript 类型
注意 Electron 版本差异
故障排除
nodeIntegration 已正确禁用
使用带有 contextBridge 的预加载脚本
"Cannot access window.electronAPI"
检查预加载脚本路径是否正确
验证 contextIsolation 是否为 true
确保调用了 contextBridge.exposeInMainWorld
"IPC message not received"
验证通道名称是否完全匹配
检查处理器是否在窗口加载前注册
对异步响应使用 invoke
Thinking Framework - Security Principles:
Least Privilege: Renderer should have minimal capabilitiesDefense in Depth: Multiple layers of protectionExplicit Communication: All IPC channels are explicit and validated Architecture Decision Matrix:
Capability Needed Where to Implement Security Consideration UI Rendering Renderer process Treat as untrusted (like a browser) File system access Main process Expose via validated IPC Network requests Main process preferred Avoid renderer CORS issues Native dialogs Main process User consent for file access Crypto operations Main process Protect keys from renderer Shell commands Main process only Never expose to renderer
Decision Point: For each feature, answer:
"Does this need Main process access?"
"What is the minimal IPC surface needed?"
Step 3: IPC Design Goal: Design safe, type-safe IPC communication.
"What data flows between Main and Renderer?"
"Who initiates the communication?"
"What validation is needed on each end?"
Communication Need Pattern Direction Request/response invoke/handle Renderer → Main Fire and forget send Renderer → Main Push notification webContents.send Main → Renderer Two-way stream MessagePort Bidirectional
All channels have explicit names
Input validation on Main process handlers
No arbitrary code execution from renderer input
Sensitive operations require user confirmation
Rate limiting for expensive operations
// Define channel types in shared/
interface IpcChannels {
'file:open': { args: void; return: string | null };
'file:save': { args: { path: string; content: string }; return: boolean };
}
Step 4: Preload Script Design Goal: Create a minimal, secure bridge between worlds.
"What is the absolute minimum the renderer needs?"
"Am I exposing more than necessary?"
"Is each exposed function validated?"
Preload Design Principles:
Minimal Surface: Only expose what's absolutely neededNo Raw IPC: Wrap ipcRenderer, don't expose directlyType Definitions: Provide TypeScript types for rendererOne-Way Binding: Prefer invoke over send/on pairs // BAD: Exposes raw ipcRenderer
contextBridge.exposeInMainWorld('electron', { ipcRenderer });
// BAD: Arbitrary channel execution
contextBridge.exposeInMainWorld('api', {
send: (channel, data) => ipcRenderer.send(channel, data)
});
// GOOD: Explicit, limited API
contextBridge.exposeInMainWorld('api', {
openFile: () => ipcRenderer.invoke('dialog:openFile'),
saveFile: (content: string) => ipcRenderer.invoke('file:save', content)
});
Step 5: Window Management Strategy Goal: Design appropriate window management for the application.
"How many windows does this app need?"
"How do windows communicate?"
"What happens when windows are closed?"
App Type Pattern Single document One main window Multi-document Window per document, shared state in Main Dashboard + details Parent-child windows System utility Tray app with popup
Window Configuration Checklist:
Appropriate webPreferences for each window type
Window state persistence (position, size)
Proper close/quit behavior (hide vs destroy)
Deep linking / protocol handling
Step 6: Data Persistence Strategy Goal: Design secure, reliable data storage.
"What data needs to persist?"
"How sensitive is this data?"
"Does data need to sync across devices?"
Data Type Solution Security User preferences electron-store Plain or encrypted Structured data SQLite (better-sqlite3) File-level encryption Large files File system OS-level permissions Credentials system keychain (keytar) OS secure storage
Sensitive data encrypted at rest
Credentials in system keychain, not files
Backup/export functionality
Data migration strategy for updates
Step 7: Packaging and Distribution Goal: Configure reliable cross-platform distribution.
"Which platforms are targets?"
"How will updates be delivered?"
"What signing/notarization is needed?"
Platform Signing Distribution macOS Developer ID + Notarization DMG, PKG, or Mac App Store Windows Code signing certificate NSIS, MSI, or Microsoft Store Linux Optional GPG AppImage, deb, rpm, Snap
electron-updater configuration
Update server (GitHub releases, S3, etc.)
Staged rollouts for critical updates
Rollback capability
Step 8: Testing Strategy Goal: Ensure the application is reliable across platforms.
Unit Tests: Business logic in Main processIntegration Tests: IPC communicationE2E Tests: Spectron/Playwright for UI flowsPlatform Tests: CI matrix for all target platforms
Test IPC handlers in isolation
Test preload script type contracts
E2E tests for critical user flows
Platform-specific behavior tests
Usage
Scaffold New Project bash /mnt/skills/user/electron-architect/scripts/scaffold-project.sh [project-name] [ui-framework] [package-manager]
project-name - Name of the project (default: my-electron-app)ui-framework - UI framework: vanilla, react, svelte, vue (default: vanilla)package-manager - Package manager: pnpm, npm, yarn (default: pnpm) bash /mnt/skills/user/electron-architect/scripts/scaffold-project.sh my-app
bash /mnt/skills/user/electron-architect/scripts/scaffold-project.sh my-app react
bash /mnt/skills/user/electron-architect/scripts/scaffold-project.sh my-app svelte pnpm
nodeIntegration: false
contextIsolation: true
sandbox: true
Documentation Resources
Electron: https://www.electronjs.org/docs/latest/
Electron Forge: https://www.electronforge.io/
electron-builder: https://www.electron.build/
Project Structure src/
├── main/
│ ├── main.ts # Main process entry
│ ├── ipc/ # IPC handlers
│ │ └── file-handlers.ts
│ ├── services/ # Backend services
│ │ └── database.ts
│ └── menu.ts # Application menu
├── preload/
│ └── preload.ts # Context bridge
├── renderer/ # UI (React/Svelte/Vue)
│ ├── App.tsx
│ └── components/
└── shared/
└── types.ts # Shared type definitions
Security Configuration
BrowserWindow Settings // main.ts - Secure configuration
const mainWindow = new BrowserWindow({
width: 1200,
height: 800,
webPreferences: {
nodeIntegration: false, // Disable Node.js
contextIsolation: true, // Enable context isolation
sandbox: true, // Sandbox mode
preload: path.join(__dirname, 'preload.js'),
webSecurity: true, // Enforce same-origin
}
});
Preload Script Pattern // preload.ts - Safe API exposure
import { contextBridge, ipcRenderer } from 'electron';
contextBridge.exposeInMainWorld('electronAPI', {
// One-way: Renderer → Main
saveFile: (content: string) =>
ipcRenderer.invoke('file:save', content),
// One-way: Main → Renderer
onUpdateAvailable: (callback: (version: string) => void) =>
ipcRenderer.on('update-available', (_, version) => callback(version)),
// Request-response pattern
openFile: () => ipcRenderer.invoke('dialog:openFile'),
});
// Type declaration for renderer
declare global {
interface Window {
electronAPI: {
saveFile: (content: string) => Promise<boolean>;
onUpdateAvailable: (callback: (version: string) => void) => void;
openFile: () => Promise<string | null>;
}
}
}
Main Process Handlers // main/ipc/file-handlers.ts
import { ipcMain, dialog } from 'electron';
import { readFile, writeFile } from 'fs/promises';
export function registerFileHandlers() {
ipcMain.handle('dialog:openFile', async () => {
const { canceled, filePaths } = await dialog.showOpenDialog({
properties: ['openFile'],
filters: [{ name: 'Text', extensions: ['txt', 'md'] }]
});
if (canceled) return null;
return readFile(filePaths[0], 'utf-8');
});
ipcMain.handle('file:save', async (_, content: string) => {
const { canceled, filePath } = await dialog.showSaveDialog({});
if (canceled || !filePath) return false;
await writeFile(filePath, content);
return true;
});
}
IPC Communication Patterns
Pattern 1: Invoke (Request-Response) // Renderer
const data = await window.electronAPI.fetchData(id);
// Main
ipcMain.handle('fetch-data', async (event, id) => {
return await database.get(id);
});
Pattern 2: Send/On (Fire-and-Forget) // Main → Renderer
mainWindow.webContents.send('notification', message);
// Renderer
window.electronAPI.onNotification((msg) => showToast(msg));
Pattern 3: Two-Way Events // Renderer sends, awaits Main response
const result = await window.electronAPI.processFile(path);
Packaging Configuration
Electron Forge {
"config": {
"forge": {
"packagerConfig": {
"asar": true,
"icon": "./assets/icon"
},
"makers": [
{ "name": "@electron-forge/maker-squirrel" },
{ "name": "@electron-forge/maker-dmg" },
{ "name": "@electron-forge/maker-deb" }
]
}
}
}
Present Results to User When providing Electron solutions:
Always follow security best practices
Provide complete IPC communication examples
Consider cross-platform compatibility
Include TypeScript types for the API
Note Electron version differences
Troubleshooting
nodeIntegration is correctly disabled
Use preload script with contextBridge
"Cannot access window.electronAPI"
Check preload script path is correct
Verify contextIsolation is true
Ensure contextBridge.exposeInMainWorld is called
"IPC message not received"
Verify channel names match exactly
Check if handler is registered before window loads
Use invoke for async responses
Laravel架构模式指南:生产级开发模式与最佳实践
1,100 周安装
