Electron Secure Defaults

Starter kit and documentation for building security conscious Electron apps

Overview

electron-secure-defaults is a security-enhanced fork of electron-quick-start-typescript. It can be used as a starter kit for a new Electron app or as a resource for improving an existing project. This repository provides a secure frontend foundation for the 1Password desktop app.

Features

Enhanced security measures for Electron apps
Configuration used in conjunction with electron-hardener
Annotated code for easy understanding and reference

Summary

electron-secure-defaults is a security-focused repository that provides enhanced security defaults for Electron apps. It includes features such as secure content loading, restricted permission requests, and a defined content security policy. The code is annotated for easy understanding and reference. It serves as a secure foundation for the 1Password desktop app and can be used as a starting point or resource for improving the security of other Electron projects.

Eslint: ESLint is a linter for JavaScript that analyzes code to detect and report on potential problems and errors, as well as enforce consistent code style and best practices, helping developers to write cleaner, more maintainable code.
Typescript: TypeScript is a superset of JavaScript, providing optional static typing, classes, interfaces, and other features that help developers write more maintainable and scalable code. TypeScript's static typing system can catch errors at compile-time, making it easier to build and maintain large applications.