🎉 Electron 将每 12 周发布一个新的主要稳定版本！🎉

⚡️ 哇，好快啊！可是为什么？​

🌐 ⚡️ Wow that's quick! But why?

简而言之，Chromium 不会停止发布，因此 Electron 的速度也不会减慢。

🌐 Simply put, Chromium doesn't stop shipping so Electron is not going to slow down either.

Chromium 每六周都会按固定的时间表发布新版本。为了在 Electron 中提供最新版本的 Chromium，我们的时间表需要与其保持一致。有关 Chromium 发布周期的更多信息，可点击这里了解。

🌐 Chromium releases on a consistent 6-week schedule. To deliver the most up-to-date versions of Chromium in Electron, our schedule needs to track theirs. More information around Chromium's release cycle can be found here.

🚀 为什么每12周一次？​

🌐 🚀 Why every 12 weeks?

每六周，Chromium 就会发布一个新版本，包含新功能、错误修复/安全修复以及 V8 的改进。Electron 的用户一直明确表示希望能够及时获得这些更新，因此我们已调整了稳定版的发布时间，以与 Chromium 的每隔一个稳定版本同步。首先，Electron v6.0.0 将包含 M76，并计划于 2019 年 7 月 30 日 正式发布，这与 Chromium M76 的发布日相同。

🌐 Every 6 weeks, a new Chromium release comes out with new features, bug fixes / security fixes, and V8 improvements. Electron's users have been loud and clear about wanting these changes in a timely manner, so we've adjusted our stable release dates to match every other Chromium stable release. Up first, Electron v6.0.0 will include M76 and is scheduled for stable release on July 30, 2019, the same release day as Chromium M76.

🚧 这对我和我的 Electron 应用意味着什么？​

🌐 🚧 What does this mean for me and my Electron app?

你将比以前更早接触到新的 Chromium 和 V8 功能及修复。重要的是，你还将知道这些新变化何时到来，这样你就能够比以前更好地进行计划。

🌐 You'll have access to new Chromium and V8 features and fixes sooner than before. Importantly, you'll also know when those new changes are coming, so you'll be able to plan with better information than before.

Electron 团队将继续支持最新的三个主要版本。例如，当v6.0.0 在 2019 年 7 月 30 日稳定发布时，我们将支持 v6.x、v5.x 和 v4.x，而 v3.x 将进入生命周期结束阶段。

🌐 The Electron team will continue to support the latest three major versions. For example, when v6.0.0 goes stable on July 30, 2019, we will support v6.x, v5.x, and v4.x, while v3.x will reach End-Of-Life.

💬 应用反馈计划​

🌐 💬 App Feedback Program

请考虑加入我们的应用反馈计划，帮助我们测试测试版发布和稳定性。参与该计划的项目会在其应用上测试 Electron 测试版；作为回报，他们发现的新问题会在稳定版本发布时优先处理。

🌐 Please consider joining our App Feedback Program to help us with testing our beta releases and stabilization. Projects who participate in this program test Electron betas on their apps; and in return, the new bugs they find are prioritized for the stable release.

📝 Electron 发布简史​

🌐 📝 A brief history of Electron releases

在 v3.0.0 之前，关于稳定版本的决策并没有遵循固定的时间表。我们在 v3.0.0 和 v4.0.0 时为项目添加了内部时间表。今年早些时候，我们决定首次公开 Electron v5.0.0 的稳定发布日期。宣布我们的稳定发布日期整体上得到了积极的反馈，我们也很高兴在未来的发行版本中继续这样做。

🌐 The decisions around stable releases before v3.0.0 did not follow a schedule. We added internal schedules to the project with v3.0.0 and v4.0.0. Earlier this year, we decided to publicize our stable release date for the first time for Electron v5.0.0. Announcing our stable release dates was positively received overall and we're excited to continue doing that for future releases.

为了更好地优化这些与升级相关的工作，我们在治理系统中创建了升级和发布工作小组。这些小组使我们能够更好地确定优先级和分配工作，我们希望随着每一次后续发布，这一点会变得更加明显。

🌐 In order to better streamline these upgrade-related efforts, our Upgrades and Releases Working Groups were created within our Governance system. They have allowed us to better prioritize and delegate this work, which we hope will become more apparent with each subsequent release.

这是我们的新节奏与 Chromium 节奏相比的位置：

📨 如果你有任何问题，请发送邮件至 info@electronjs.org。

Electron 团队很高兴地宣布 Electron 5.0.0 的发布！你可以通过 npm 使用 npm install electron@latest 安装，或从我们的发布页面下载压缩包。本次发布包含了大量升级、修复和新功能。我们迫不及待地想看看你们会用这些功能创造出什么！继续阅读以了解本次发布的详细信息，并请分享你们的任何反馈！

🌐 The Electron team is excited to announce the release of Electron 5.0.0! You can install it with npm via npm install electron@latest or download the tarballs from our releases page. The release is packed with upgrades, fixes, and new features. We can't wait to see what you build with them! Continue reading for details about this release, and please share any feedback you have!

有什么新功能？​

🌐 What's New?

Electron 的大部分功能由 Chromium、Node.js 和 V8 的核心组件提供。Electron 会跟进这些项目的最新进展，为用户提供新的 JavaScript 功能、性能改进和安全修复。在 Electron 5 中，这些软件包中的每一个都有一次主要版本更新：

🌐 Much of Electron's functionality is provided by the core components of Chromium, Node.js, and V8. Electron keeps up-to-date with these projects to provide our users with new JavaScript features, performance improvements, and security fixes. Each of these packages has a major version bump in Electron 5:

• Chromium 73.0.3683.119
  • 70 新增
  • 71 新增
  • 72 新增
  • 73 新增
• Node.js 12.0.0
  • Node 12 博客文章
• V8 7.3.492.27。
  • 新的 JS 特性

Electron 5 还包括对 Electron 特定 API 的改进。主要更改总结如下；有关完整的更改列表，请查看 Electron v5.0.0 发布说明。

🌐 Electron 5 also includes improvements to Electron-specific APIs. A summary of the major changes is below; for the full list of changes, check out the Electron v5.0.0 release notes.

Promisification​

Electron 5 继续推进 Promisification initiative 计划，将 Electron 的基于回调的 API 转换为使用 Promise。这些 API 已在 Electron 5 中被转换：

🌐 Electron 5 continues Promisification initiative initiative to convert Electron's callback-based API to use Promises. These APIs were converted for Electron 5:

• app.getFileIcon
• contentTracing.getCategories
• contentTracing.startRecording
• contentTracing.stopRecording
• debugger.sendCommand
• Cookies API
• shell.openExternal
• webContents.loadFile
• webContents.loadURL
• webContents.zoomLevel
• webContents.zoomFactor
• win.capturePage

macOS 的系统颜色访问​

🌐 System colors access for macOS

这些函数已被更改或添加到 systemPreferences 中，以访问 macOS 系统的颜色：

🌐 These functions were changed or added to systemPreferences to access macOS systems' colors:

• systemPreferences.getAccentColor
• systemPreferences.getColor
• systemPreferences.getSystemColor

进程内存信息​

🌐 Process memory information

已添加函数 process.getProcessMemoryInfo 来获取当前进程的内存使用情况统计。

🌐 The function process.getProcessMemoryInfo has been added to get memory usage statistics about the current process.

远程 API 的额外筛选功能​

🌐 Additional filtering for remote APIs

为了提高 remote API 的安全性，已添加了新的远程事件，以便可以对 remote.getBuiltin、remote.getCurrentWindow、remote.getCurrentWebContents 和 <webview>.getWebContents 进行过滤。

🌐 To improve security in the remote API, new remote events have been added so that remote.getBuiltin, remote.getCurrentWindow, remote.getCurrentWebContents and <webview>.getWebContents can be filtered.

浏览器窗口上的多个浏览器视图​

🌐 Multiple BrowserViews on BrowserWindow

BrowserWindow 现在支持在同一个 BrowserWindow 中管理多个 BrowserView。

🌐 BrowserWindow now supports managing multiple BrowserViews within the same BrowserWindow.

重大变化​

🌐 Breaking Changes

打包应用的默认值​

🌐 Defaults for packaged apps

打包的应用现在将与默认应用表现相同：除非应用已有菜单，否则将创建默认应用菜单；除非应用自行处理事件，否则 window-all-closed 事件将被自动处理。

🌐 Packaged apps will now behave the same as the default app: a default application menu will be created unless the app has one and the window-all-closed event will be automatically handled unless the app handles the event.

混合沙盒​

🌐 Mixed sandbox

混合沙箱模式现在默认启用。使用 sandbox: true 启动的渲染器现在将真正处于沙箱环境中，而之前只有在也启用了混合沙箱模式时，它们才会被沙箱化。

🌐 Mixed sandbox mode is now enabled by default. Renderers launched with sandbox: true will now be actually sandboxed, where previously they would only be sandboxed if mixed-sandbox mode was also enabled.

安全性改进​

🌐 Security improvements

nodeIntegration 和 webviewTag 的默认值现在为 false，以提高安全性。

🌐 The default values of nodeIntegration and webviewTag are now false to improve security.

拼写检查器现在异步​

🌐 Spellchecker now asynchronous

SpellCheck API 已经更改为提供异步结果。

🌐 The SpellCheck API has been changed to provide asynchronous results.

弃用​

🌐 Deprecations

以下 API 在 Electron 5.0.0 中被弃用，并计划在 6.0.0 中删除：

🌐 The following APIs are newly deprecated in Electron 5.0.0 and planned for removal in 6.0.0:

适用于 arm 和 arm64 的 Mksnapshot 二进制文件​

🌐 Mksnapshot binaries for arm and arm64

mksnapshot 的 ARM 和 ARM64 原生二进制文件已被弃用，并将在 6.0.0 中移除。可以使用 x64 二进制文件为 ARM 和 ARM64 创建快照。

🌐 Native binaries of mksnapshot for arm and arm64 are deprecated and will be removed in 6.0.0. Snapshots can be created for arm and arm64 using the x64 binaries.

WebContents 上的 ServiceWorker API​

🌐 ServiceWorker APIs on WebContents

已弃用 WebContents 上的 ServiceWorker API，准备将其移除。

🌐 Deprecated ServiceWorker APIs on WebContents in preparation for their removal.

• webContents.hasServiceWorker
• webContents.unregisterServiceWorker

带有沙盒 webContents 的自动模块​

🌐 Automatic modules with sandboxed webContents

为了提高安全性，以下模块将不再通过 require 直接使用，而需要通过 remote.require 在沙盒化的 webcontents 中引入：

🌐 In order to improve security, the following modules are being deprecated for use directly via require and will instead need to be included via remote.require in a sandboxed webcontents:

• electron.screen
• child_process
• fs
• os
• path

webFrame 隔离世界 API​

🌐 webFrame Isolated World APIs

webFrame.setIsolatedWorldContentSecurityPolicy、webFrame.setIsolatedWorldHumanReadableName、webFrame.setIsolatedWorldSecurityOrigin 已被弃用，建议使用 webFrame.setIsolatedWorldInfo。

混合沙盒​

🌐 Mixed sandbox

enableMixedSandbox 和 --enable-mixed-sandbox 命令行开关仍然存在以保持兼容性，但已不推荐使用且不起作用。

2.0.x 停止支持​

🌐 End of support for 2.0.x

根据我们的支持版本政策，2.0.x 已经终止支持。

🌐 Per our supported versions policy, 2.0.x has reached end of life.

应用反馈计划​

🌐 App Feedback Program

我们继续使用我们的应用反馈计划进行测试。参与该计划的项目会在他们的应用上测试 Electron 测试版；作为回报，他们发现的新问题会被优先处理用于正式版本。如果你想参与或了解更多信息，请查看我们关于该计划的博客文章。

🌐 We continue to use our App Feedback Program for testing. Projects who participate in this program test Electron betas on their apps; and in return, the new bugs they find are prioritized for the stable release. If you'd like to participate or learn more, check out our blog post about the program.

下一步计划​

🌐 What's Next

在短期内，你可以预期团队将继续专注于跟进构成 Electron 的主要组件的发展，包括 Chromium、Node 和 V8。虽然我们谨慎地不对发布日期做出承诺，但我们的计划是在大约每季度发布一次包含这些组件新版本的 Electron 主要版本。暂定的 6.0.0 计划 列出了 Electron 6 开发生命周期中的关键日期。此外，请参阅我们的版本说明文档 以获取关于 Electron 版本控制的更详细信息。

🌐 In the short term, you can expect the team to continue to focus on keeping up with the development of the major components that make up Electron, including Chromium, Node, and V8. Although we are careful not to make promises about release dates, our plan is release new major versions of Electron with new versions of those components approximately quarterly. The tentative 6.0.0 schedule maps out key dates in the Electron 6 development life cycle. Also, see our versioning document for more detailed information about versioning in Electron.

有关即将发布的 Electron 版本中计划的重大更改的信息，请参阅我们的计划重大更改文档。

🌐 For information on planned breaking changes in upcoming versions of Electron, see our Planned Breaking Changes doc.

Electron 中用 C++ 或 Objective-C 编写的功能是如何转化为 JavaScript 供终端用户使用的？

🌐 How do Electron's features written in C++ or Objective-C get to JavaScript so they're available to an end-user?

背景​

🌐 Background

Electron 是一个 JavaScript 平台，其主要目的是降低开发者构建强大桌面应用的门槛，而无需担心特定平台的实现细节。然而，从本质上讲，Electron 本身仍然需要使用某个系统语言来编写平台特定的功能。

实际上，Electron 会为你处理原生代码，以便你可以专注于单个 JavaScript API。

🌐 In reality, Electron handles the native code for you so that you can focus on a single JavaScript API.

那是如何工作的呢？Electron 中用 C++ 或 Objective-C 编写的功能是如何传递到 JavaScript 中，从而让终端用户可以使用的？

🌐 How does that work, though? How do Electron's features written in C++ or Objective-C get to JavaScript so they're available to an end-user?

要追踪这条路径，让我们从 app 模块 开始。

🌐 To trace this pathway, let's start with the app module.

通过打开我们 lib/ 目录中的 app.ts 文件，你会在顶部附近看到以下这行代码：

🌐 By opening the app.ts file inside our lib/ directory, you'll find the following line of code towards the top:

const binding = process.electronBinding('app');

这一行直接指向 Electron 将其 C++/Objective-C 模块绑定到 JavaScript 供开发者使用的机制。这个函数由 ElectronBindings 类的头文件和实现文件创建。

🌐 This line points directly to Electron's mechanism for binding its C++/Objective-C modules to JavaScript for use by developers. This function is created by the header and implementation file for the ElectronBindings class.

process.electronBinding​

这些文件添加了 process.electronBinding 函数，其行为类似于 Node.js 的 process.binding。process.binding 是 Node.js require() 方法的底层实现，只不过它允许用户 require 本地代码，而不是其他用 JS 编写的代码。这个自定义的 process.electronBinding 函数赋予了从 Electron 加载本地代码的能力。

🌐 These files add the process.electronBinding function, which behaves like Node.js’ process.binding. process.binding is a lower-level implementation of Node.js' require() method, except it allows users to require native code instead of other code written in JS. This custom process.electronBinding function confers the ability to load native code from Electron.

当顶层 JavaScript 模块（如 app）需要这个本地代码时，该本地代码的状态是如何确定和设置的？方法是如何暴露给 JavaScript 的？属性又是怎样的？

🌐 When a top-level JavaScript module (like app) requires this native code, how is the state of that native code determined and set? Where are the methods exposed up to JavaScript? What about the properties?

native_mate​

目前，这个问题的答案可以在 native_mate 中找到：这是 Chromium 的 gin 库 的一个分支，它使在 C++ 和 JavaScript 之间传递类型更加容易。

🌐 At present, answers to this question can be found in native_mate: a fork of Chromium's gin library that makes it easier to marshal types between C++ and JavaScript.

在 native_mate/native_mate 中有一个 object_template_builder 的头文件和实现文件。这使我们能够在本地代码中形成模块，其结构符合 JavaScript 开发者的预期。

🌐 Inside native_mate/native_mate there's a header and implementation file for object_template_builder. This is what allow us to form modules in native code whose shape conforms to what JavaScript developers would expect.

mate::ObjectTemplateBuilder​

如果我们把每个 Electron 模块都看作一个 object，就更容易理解为什么我们希望使用 object_template_builder 来构建它们。这个类是基于 V8 提供的一个类构建的，V8 是谷歌的开源高性能 JavaScript 和 WebAssembly 引擎，用 C++ 编写。V8 实现了 JavaScript（ECMAScript）规范，因此它的原生功能实现可以直接与 JavaScript 中的实现对应。例如，v8::ObjectTemplate 给我们提供了没有专用构造函数和原型的 JavaScript 对象。它使用 Object[.prototype]，在 JavaScript 中等同于 Object.create()。

🌐 If we look at every Electron module as an object, it becomes easier to see why we would want to use object_template_builder to construct them. This class is built on top of a class exposed by V8, which is Google’s open source high-performance JavaScript and WebAssembly engine, written in C++. V8 implements the JavaScript (ECMAScript) specification, so its native functionality implementations can be directly correlated to implementations in JavaScript. For example, v8::ObjectTemplate gives us JavaScript objects without a dedicated constructor function and prototype. It uses Object[.prototype], and in JavaScript would be equivalent to Object.create().

要查看其实际效果，请查看应用模块的实现文件 atom_api_app.cc。在底部有如下内容：

🌐 To see this in action, look to the implementation file for the app module, atom_api_app.cc. At the bottom is the following:

mate::ObjectTemplateBuilder(isolate, prototype->PrototypeTemplate())
    .SetMethod("getGPUInfo", &App::GetGPUInfo)

在上面这一行中，.SetMethod 被调用在 mate::ObjectTemplateBuilder 上。.SetMethod 可以在 ObjectTemplateBuilder 类的任何实例上被调用，以在 JavaScript 中设置 对象原型 的方法，语法如下：

🌐 In the above line, .SetMethod is called on mate::ObjectTemplateBuilder. .SetMethod can be called on any instance of the ObjectTemplateBuilder class to set methods on the Object prototype in JavaScript, with the following syntax:

.SetMethod("method_name", &function_to_bind)

这是 JavaScript 等效的：

🌐 This is the JavaScript equivalent of:

function App{}
App.prototype.getGPUInfo = function () {
  // implementation here
}

此类还包含用于设置模块属性的函数：

🌐 This class also contains functions to set properties on a module:

.SetProperty("property_name", &getter_function_to_bind)

or

.SetProperty("property_name", &getter_function_to_bind, &setter_function_to_bind)

这些将反过来成为 Object.defineProperty 的 JavaScript 实现：

🌐 These would in turn be the JavaScript implementations of Object.defineProperty:

function App {}
Object.defineProperty(App.prototype, 'myProperty', {
  get() {
    return _myProperty
  }
})

and

function App {}
Object.defineProperty(App.prototype, 'myProperty', {
  get() {
    return _myProperty
  }
  set(newPropertyValue) {
    _myProperty = newPropertyValue
  }
})

现在，我们可以按照开发者的期望，创建由原型和属性构成的 JavaScript 对象，并且更清晰地推断在这个较低的系统级别实现的函数和属性！

🌐 It’s possible to create JavaScript objects formed with prototypes and properties as developers expect them, and more clearly reason about functions and properties implemented at this lower system level!

关于在何处实现任何给定模块方法的决定本身就是一个复杂且常常不确定的问题，我们将在以后的文章中讨论。

🌐 The decision around where to implement any given module method is itself a complex and oft-nondeterministic one, which we'll cover in a future post.

随着 Electron 在桌面应用中的流行，我们的团队也在不断壮大：我们有更多全职维护者，他们来自不同的公司，生活在不同的时区，并且有不同的兴趣。我们正在引入一个治理结构，以便我们能够平稳地继续发展。

🌐 As Electron grows in popularity for desktop applications, the team working on it has also grown: we have more fulltime maintainers who work for different companies, live in different timezones, and have different interests. We're introducing a governance structure so we can keep growing smoothly.

为什么要改变？​

🌐 Why are things changing?

Electron 项目中的人们与来自世界各地的志愿者、全职维护者以及依赖 Electron 的多家公司进行跨时区的协调。到目前为止，我们在非正式的协调方式上取得了成功；但随着团队的增长，我们发现这种方法无法扩展。我们也希望让新贡献者更容易在项目中找到归属感。

🌐 People in the Electron project coordinate in timezones around the world with volunteers, with full-time maintainers, and with several companies who all rely on Electron. Until now, we've been successful with informal coordination; but as the team has grown, we've found that the approach doesn't scale. We also want to make it easier for new contributors to find a place to call home in the project.

工作组​

🌐 Working Groups

Electron 的治理包括负责项目不同部分的工作组。我们一开始就有七个工作组：

🌐 Electron governance includes working groups that are responsible for different parts of the project. We're starting out with seven groups:

• 社区与安全：处理行为准则相关问题。
• 文档与工具：负责面向外部的工具（例如 Fiddle、Forge）以及 Electron 文档 的管理。
• 外展：帮助发展 Electron 社区。
• 发布：确保发布稳定且按计划进行。
• 安全：执行安全测试并应对安全问题。
• 升级：整合上游升级，例如 V8、Chromium 和 Node 的新版本。
• 网站：维护并改进Electron 网站。

这些小组将相互协调，但每个小组都有自己的会议时间表和议程，以便各自高效运作。有关这些小组的更多详细信息，请参阅治理仓库。

🌐 These groups will coordinate with each other, but each has their own meeting schedules and agendas to be productive on their own. More details on these groups are available at the governance repository.

这会改变 Electron 项目的方向吗？​

🌐 Does this change the Electron project's direction?

这不应该对 Electron 的方向产生任何直接影响。如果我们的策略成功，工作小组将使新贡献者更容易找到自己感兴趣的主题，并通过将与他们日常工作无关的讨论转移到其他小组来简化维护者的工作。如果发生这种情况，可能会间接影响事情的发展，因为会有更多不受阻碍的人一起工作。

🌐 This shouldn't have any direct effect on Electron's direction. If our strategy is successful, working groups will make it easier for new contributors to find topics that interest them, and make maintainers' lives simpler by moving discussion unrelated to their day-to-day work to other groups. If that happens, it may indirectly affect things by having more unblocked people working together.

我可以在哪里了解更多信息？​

🌐 Where can I learn more?

• 治理 仓库 和 章程 包含关于新治理结构的信息。
• 每个工作小组都有自己的页面：社区、文档与工具、外展、版本发布、安全、升级 和 网站。
• 你可以通过提交问题或发送邮件至info@electronjs.org来联系维护者。

Chrome 中发现了一个高危漏洞，该漏洞会影响所有基于 Chromium 的软件，包括 Electron。

🌐 A High severity vulnerability has been discovered in Chrome which affects all software based on Chromium, including Electron.

此漏洞已被分配编号 CVE-2019-5786。你可以在 Chrome 博客文章 中阅读更多相关信息。

🌐 This vulnerability has been assigned CVE-2019-5786. You can read more about it in the Chrome Blog Post.

请注意，Chrome 已报告此漏洞正在被广泛利用，因此强烈建议你尽快升级 Electron。

🌐 Please note that Chrome has reports of this vulnerability being used in the wild so it is strongly recommended you upgrade Electron ASAP.

范围​

🌐 Scope

这会影响任何可能运行第三方或不受信任的 JavaScript 的 Electron 应用。

🌐 This affects any Electron application that may run third-party or untrusted JavaScript.

缓解措施​

🌐 Mitigation

受影响的应用应升级到 Electron 的修补版本。

🌐 Affected apps should upgrade to a patched version of Electron.

我们已发布 Electron 的新版本，其中包含针对此漏洞的修复：

🌐 We've published new versions of Electron which include fixes for this vulnerability:

• 4.0.8
• 3.1.6
• 3.0.16
• 2.0.18

Electron 5 的最新测试版跟踪了 Chromium 73，因此已经修复：

🌐 The latest beta of Electron 5 was tracking Chromium 73 and therefore is already patched:

• 5.0.0-beta.5

更多信息​

🌐 Further Information

此漏洞由谷歌威胁分析组的Clement Lecigne发现，并报告给了Chrome团队。Chrome博客文章可以在这里找到。

🌐 This vulnerability was discovered by Clement Lecigne of Google's Threat Analysis Group and reported to the Chrome team. The Chrome blog post can be found here.

要了解有关保持你的 Electron 应用安全的最佳做法的更多信息，请参阅我们的[安全教程]。

🌐 To learn more about best practices for keeping your Electron apps secure, see our security tutorial.

如果你希望报告 Electron 中的漏洞，请提交 [GitHub 安全咨询]。

🌐 Please file a GitHub Security Advisory if you wish to report a vulnerability in Electron.

Electron 团队将从 Electron v4.0 开始停止对 32 位 Linux（ia32 / i386）的支持。支持基于 32 位 Linux 安装的最后版本是 Electron v3.1，该版本将在 Electron v6 发布之前继续获得支持更新。对 64 位 Linux 和 armv7l 的支持将保持不变。

🌐 The Electron team will discontinue support for 32-bit Linux (ia32 / i386) starting with Electron v4.0. The last version of Electron that supports 32-bit based installations of Linux is Electron v3.1, which will receive support releases until Electron v6 is released. Support for 64-bit based Linux and armv7l will continue unchanged.

Electron 不再支持哪些功能？​

🌐 What exactly is Electron no longer supporting?

你可能在电脑上看到过“64位”和“32位”的描述，或者在下载软件时作为选项出现。这个术语用来描述特定的计算机架构。1990年代和2000年代初期生产的大多数电脑都采用基于32位架构的CPU，而之后生产的大多数电脑则基于更新、更强大的64位架构。任天堂64（明白了吗？）和PlayStation 2是首批搭载新架构的广泛可用的消费设备，而2010年之后销售的电脑几乎全部配备了64位处理器。因此，对32位的支持正在减少：Google在2016年3月停止为32位Linux发布Chrome，Canonical在2017年停止提供32位桌面镜像，并在Ubuntu 18.10中彻底放弃对32位的支持。Arch Linux、elementary OS以及其他知名的Linux发行版已经放弃了对这种老旧处理器架构的支持。

🌐 You may have seen the description "64-bit" and "32-bit" as stickers on your computer or as options for downloading software. The term is used to describe a specific computer architecture. Most computers made in the 1990s and early 2000s were made with CPUs that were based on the 32-bit architecture, while most computers made later were based on the newer and more powerful 64-bit architecture. The Nintendo 64 (get it?) and the PlayStation 2 were the first widely available consumer devices with the new architecture, computers sold after 2010 contained almost exclusively 64-bit processors. As a result, support has been shrinking: Google stopped releasing Chrome for 32-bit Linux in March 2016, Canonical stopped providing 32-bit desktop images in 2017 and dropped support for 32-bit altogether with Ubuntu 18.10. Arch Linux, elementary OS, and other prominent Linux distributions have already dropped support for the aging processor architecture.

直到现在，Electron 一直提供并支持可以在较旧的 32 位架构上运行的版本。从 v4.0 版本开始，Electron 团队将不再提供 32 位 Linux 的二进制文件或支持。

🌐 Until now, Electron has provided and supported builds that run on the older 32-bit architecture. From release v4.0 onwards, the Electron team will no longer be able to provide binaries or support for 32-bit Linux.

Electron 一直是一个充满活力的开源项目，我们将继续支持和鼓励有兴趣为各种架构构建 Electron 的开发者。

🌐 Electron has always been a vibrant open source project and we continue to support and encourage developers interested in building Electron for exotic architectures.

这对开发者意味着什么？​

🌐 What does that mean for developers?

如果你目前没有为 Linux 提供应用的 32 位发行版，则无需采取任何措施。

🌐 If you are not currently providing 32-bit distributions of your app for Linux, no action is required.

发布 32 位 Linux Electron 应用的项目需要决定下一步怎么做。Electron 3 将支持 32 位 Linux，直到 Electron 6 发布，这为做出决定和制定计划提供了一些时间。

🌐 Projects which ship 32-bit Linux Electron applications will need to decide how to proceed. 32-bit Linux will be supported on Electron 3 until the release of Electron 6, which gives some time to make decisions and plans.

这对用户意味着什么？​

🌐 What does that mean for users?

如果你是 Linux 用户，但不确定自己是否在运行 64 位系统，你很可能正在使用 64 位架构。为了确认，你可以在终端中运行 lscpu 或 uname -m 命令，任意一个都会显示你当前的系统架构。

🌐 If you are a Linux user and not sure whether or not you're running a 64-bit based system, you are likely running on a 64-bit based architecture. To make sure, you can run the lscpu or uname -m commands in your terminal. Either one will print your current architecture.

如果你在32位处理器上使用Linux，你很可能已经遇到过很难找到适用于你的操作系统的最新软件的问题。Electron团队与Linux社区的其他知名成员一样，建议你升级到64位架构。

🌐 If you are using Linux on a 32-bit processor, you have likely already encountered difficulties finding recently released software for your operating system. The Electron team joins other prominent members in the Linux community by recommending that you upgrade to a 64-bit based architecture.

发现一个代码漏洞，允许在子窗口中重新启用 Node。

🌐 A code vulnerability has been discovered that allows Node to be re-enabled in child windows.

使用 sandbox: true 或 nativeWindowOpen: true 以及 nodeIntegration: false 打开 BrowserView 会导致 webContents 可以调用 window.open，并且新打开的子窗口将启用 nodeIntegration。此漏洞影响所有受支持的 Electron 版本。

🌐 Opening a BrowserView with sandbox: true or nativeWindowOpen: true and nodeIntegration: false results in a webContents where window.open can be called and the newly opened child window will have nodeIntegration enabled. This vulnerability affects all supported versions of Electron.

缓解措施​

🌐 Mitigation

我们已经发布了包含此漏洞修复的新版本 Electron： 2.0.17， 3.0.15， 3.1.3， 4.0.4，以及 5.0.0-beta.2。 我们鼓励所有 Electron 开发者立即将他们的应用更新到最新的稳定版本。

🌐 We've published new versions of Electron which include fixes for this vulnerability: 2.0.17, 3.0.15, 3.1.3, 4.0.4, and 5.0.0-beta.2. We encourage all Electron developers to update their apps to the latest stable version immediately.

如果由于某种原因你无法升级 Electron 版本，你可以通过禁用所有子 Web 内容来缓解此问题：

🌐 If for some reason you are unable to upgrade your Electron version, you can mitigate this issue by disabling all child web contents:

view.webContents.on('-add-new-contents', (e) => e.preventDefault());

更多信息​

🌐 Further Information

此漏洞由 PalmerAL 发现，并负责任地报告给了 Electron 项目。

🌐 This vulnerability was found and reported responsibly to the Electron project by PalmerAL.

要了解有关保持你的 Electron 应用安全的最佳做法的更多信息，请参阅我们的[安全教程]。

🌐 To learn more about best practices for keeping your Electron apps secure, see our security tutorial.

如果你希望报告 Electron 中的漏洞，请提交 [GitHub 安全咨询]。

🌐 Please file a GitHub Security Advisory if you wish to report a vulnerability in Electron.

如果你在 Electron 5.0 中使用原生 Node.js 插件时遇到问题，则可能需要更新它才能与最新版本的 V8 引擎兼容。

🌐 If you're having trouble using a native Node.js addon with Electron 5.0, there's a chance it needs to be updated to work with the most recent version of V8.

再见 v8::Handle，你好 v8::Local​

🌐 Goodbye v8::Handle, Hello v8::Local

2014 年，V8 团队弃用了本地句柄的 v8::Handle，改用 v8::Local。Electron 5.0 包含的 V8 版本最终完全移除了 v8::Handle，仍然使用它的原生 Node.js 插件需要在可以与 Electron 5.0 一起使用之前进行更新。

🌐 In 2014, the V8 team deprecated v8::Handle in favor of v8::Local for local handles. Electron 5.0 includes a version of V8 that has finally removed v8::Handle for good, and native Node.js addons that still use it will need to be updated before they can be used with Electron 5.0.

所需的代码更改很少，但所有仍然使用 v8::Handle 的本地 Node 模块在 Electron 5.0 中都会构建失败，并且需要进行修改。好消息是，Node.js v12 也将包含此 V8 更改，因此任何使用 v8::Handle 的模块无论如何都需要更新，以便在即将发布的 Node 版本中正常工作。

🌐 The required code change is minimal, but every native Node module that still uses v8::Handle will fail to build with Electron 5.0 and will need to be modified. The good news is that Node.js v12 will also include this V8 change, so any modules that use v8::Handle will need to be updated anyway to work with the upcoming version of Node.

我维护一个原生插件，可以帮忙吗？​

🌐 I maintain a native addon, how can I help?

如果你维护一个 Node.js 原生插件，确保将所有 v8::Handle 替换为 v8::Local。前者只是后者的一个别名，因此针对这个特定问题不需要做其他更改。

🌐 If you maintain a native addon for Node.js, ensure you replace all occurrences of v8::Handle with v8::Local. The former was just an alias of the latter, so no other changes need to be made to address this specific issue.

你可能也有兴趣了解一下 N-API，它作为 Node.js 本身的一部分独立于 V8 维护，旨在使原生插件免受底层 JavaScript 引擎变化的影响。你可以在 Node.js 网站上的 N-API 文档 中找到更多信息。

🌐 You may also be interested in looking into N-API, which is maintained separately from V8 as a part of Node.js itself, and aims to insulate native addons from changes in the underlying JavaScript engine. You can find more information in the N-API documentation on the Node.js website.

救命！我在应用中使用了原生插件，但它不起作用！​

🌐 Help! I use a native addon in my app and it won't work!

如果你在应用中使用 Node.js 的本地插件，而该本地插件由于此问题无法构建，请联系插件作者，看看他们是否发布了修复该问题的新版本。如果没有，联系作者（或提交一个 Pull Request!）可能是你最好的选择。

🌐 If you're consuming a native addon for Node.js in your app and the native addon will not build because of this issue, check with the author of the addon to see if they've released a new version that fixes the problem. If not, reaching out to the author (or opening a Pull Request!) is probably your best bet.

Electron首次激动地公开我们的发布计划，从v5.0.0开始。这是我们迈出的第一步，制定一个公开的长期时间表。

🌐 For the first time ever, Electron is excited to publicize our release schedule starting with v5.0.0. This is our first step in having a public, long-term timeline.

如我们在 v4.0.0 稳定版 博客文章 中提到的那样，我们计划大约每季度发布一次，以保持与 Chromium 发布的更紧密节奏。Chromium 的新版本发布速度非常快——每 6 周一次。

🌐 As mentioned in our v4.0.0 stable release blog post, we are planning to release approximately quarterly to maintain closer cadence with Chromium releases. Chromium releases a new version very quickly -- every 6 weeks.

看看 Electron 与 Chromium 的进展对比情况：

2018年下半年，我们的首要任务是更快地发布，并逐渐赶上Chromium。我们之所以成功，是因为坚持了预定的时间线。Electron 3.0.0 和 4.0.0 在每次发布时的 2-3 个月内发布。我们对继续保持这一速度，期待在5.0.0及以后版本的发布中保持乐观。Electron大约每季度都会有一次大型发行，我们现在正跟上Chromium的发行节奏。抢先于Chromium稳定版发布一直是我们的目标，我们正在朝这个方向迈进。

🌐 In the last half of 2018, our top priority was releasing faster and catching up closer to Chromium. We succeeded by sticking to a predetermined timeline. Electron 3.0.0 and 4.0.0 were released in a 2-3 month timeline for each release. We are optimistic about continuing that pace in releasing 5.0.0 and beyond. With a major Electron release approximately every quarter, we're now keeping pace with Chromium's release cadence. Getting ahead of Chromium stable release is always a goal for us and we are taking steps towards that.

我们很想像 Node.js 和 Chromium 那样承诺未来的日期，但我们尚未达到那个阶段。我们乐观地认为，未来我们将能够制定一个长期的时间表。

🌐 We would love to promise future dates like Node.js and Chromium do, but we are not at that place yet. We are optimistic that we will reach a long-term timeline in the future.

考虑到这一点，我们正在迈出第一步，公开发布 v5.0.0 的发布时间表。你可以在这里查看。

🌐 With that in mind, we are taking first steps by publicly posting our release schedule for v5.0.0. You can find that here.

为了帮助我们测试测试版发布和稳定性，请考虑加入我们的应用反馈计划。

🌐 To help us with testing our beta releases and stabilization, please consider joining our App Feedback Program.

Electron 团队很高兴地宣布，Electron 4 的稳定版本现已发布！你可以从 electronjs.org 或通过 npm 使用 npm install electron@latest 安装。本次发布包含了大量升级、修复和新功能，我们迫不及待想看到你们用它们创造出什么。查看更多关于此版本的详细信息，并在探索进程中分享你的反馈！

🌐 The Electron team is excited to announce that the stable release of Electron 4 is now available! You can install it from electronjs.org or from npm via npm install electron@latest. The release is packed with upgrades, fixes, and new features, and we can't wait to see what you build with them. Read more for details about this release, and please share any feedback you have as you explore!

有什么新功能？​

🌐 What's New?

Electron 的大部分功能由 Chromium、Node.js 和 V8 提供，这些是构成 Electron 的核心组件。因此，Electron 团队的一个关键目标是尽可能跟上这些项目的变化，为开发 Electron 应用的开发者提供访问新的 Web 和 JavaScript 功能的机会。为此，Electron 4 对每个组件都进行了重大版本升级；Electron v4.0.0 包括 Chromium 69.0.3497.106、Node 10.11.0 和 V8 6.9.427.24。

🌐 A large part of Electron's functionality is provided by Chromium, Node.js, and V8, the core components that make up Electron. As such, a key goal for the Electron team is to keep up with changes to these projects as much as possible, providing developers who build Electron apps access to new web and JavaScript features. To this end, Electron 4 features major version bumps to each of these components; Electron v4.0.0 includes Chromium 69.0.3497.106, Node 10.11.0, and V8 6.9.427.24.

此外，Electron 4 对 Electron 特定的 API 也进行了更改。你可以在下面找到 Electron 4 主要更改的摘要；有关完整的更改列表，请查看 Electron v4.0.0 发布说明。

🌐 In addition, Electron 4 includes changes to Electron-specific APIs. You can find a summary of the major changes in Electron 4 below; for the full list of changes, check out the Electron v4.0.0 release notes.

禁用 remote 模块​

🌐 Disabling the remote Module

你现在可以出于安全原因禁用 remote 模块。该模块可以为 BrowserWindow 和 webview 标签禁用：

🌐 You now have the ability to disable the remote module for security reasons. The module can be disabled for BrowserWindows and for webview tags:

// BrowserWindow
new BrowserWindow({
  webPreferences: {
    enableRemoteModule: false
  }
})

// webview tag
<webview src="http://www.google.com/" enableremotemodule="false"></webview>

有关更多信息，请参阅 BrowserWindow 和 <webview> 标签 文档。

🌐 See the BrowserWindow and <webview> Tag documentation for more information.

过滤 remote.require() / remote.getGlobal() 请求​

🌐 Filtering remote.require() / remote.getGlobal() Requests

如果你不想在渲染器进程或 webview 中完全禁用 remote 模块，但希望对哪些模块可以通过 remote.require 引入有更多控制，这个功能会很有用。

🌐 This feature is useful if you don't want to completely disable the remote module in your renderer process or webview but would like additional control over which modules can be required via remote.require.

当在渲染器进程中通过 remote.require 加载模块时，会在 app 模块 上触发一个 remote-require 事件。你可以在事件中（第一个参数）调用 event.preventDefault() 来阻止模块加载。发生 require 的 WebContents 实例 会作为第二个参数传入，而模块的名称会作为第三个参数传入。相同的事件也会在 WebContents 实例上触发，但在这种情况下，参数只有事件和模块名称。在两种情况下，你都可以通过设置 event.returnValue 的值来返回自定义值。

🌐 When a module is required via remote.require in a renderer process, a remote-require event is raised on the app module. You can call event.preventDefault() on the the event (the first argument) to prevent the module from being loaded. The WebContents instance where the require occurred is passed as the second argument, and the name of the module is passed as the third argument. The same event is also emitted on the WebContents instance, but in this case the only arguments are the event and the module name. In both cases, you can return a custom value by setting the value of event.returnValue.

// Control `remote.require` from all WebContents:
app.on('remote-require', function (event, webContents, requestedModuleName) {
  // ...
});

// Control `remote.require` from a specific WebContents instance:
browserWin.webContents.on(
  'remote-require',
  function (event, requestedModuleName) {
    // ...
  },
);

以类似的方式，当调用 remote.getGlobal(name) 时，会触发一个 remote-get-global 事件。其工作原理与 remote-require 事件相同：调用 preventDefault() 可以防止返回全局对象，并设置 event.returnValue 来返回自定义值。

🌐 In a similar fashion, when remote.getGlobal(name) is called, a remote-get-global event is raised. This works the same way as the remote-require event: call preventDefault() to prevent the global from being returned, and set event.returnValue to return a custom value.

// Control `remote.getGlobal` from all WebContents:
app.on(
  'remote-get-global',
  function (event, webContents, requrestedGlobalName) {
    // ...
  },
);

// Control `remote.getGlobal` from a specific WebContents instance:
browserWin.webContents.on(
  'remote-get-global',
  function (event, requestedGlobalName) {
    // ...
  },
);

更多信息，请参阅以下文档：

🌐 For more information, see the following documentation:

• remote.require
• remote.getGlobal
• app
• WebContents

JavaScript 访问“关于”面板​

🌐 JavaScript Access to the About Panel

在 macOS 上，你现在可以调用 app.showAboutPanel() 来以编程方式显示“关于”面板，就像点击通过 {role: 'about'} 创建的菜单项一样。有关更多信息，请参阅 showAboutPanel 文档

🌐 On macOS, you can now call app.showAboutPanel() to programmatically show the About panel, just like clicking the menu item created via {role: 'about'}. See the showAboutPanel documentation for more information

控制 WebContents 后台节流​

🌐 Controlling WebContents Background Throttling

WebContents 实例现在有一个方法 setBackgroundThrottling(allowed)，可以在页面处于后台时启用或禁用计时器和动画的节流功能。

let win = new BrowserWindow(...)
win.webContents.setBackgroundThrottling(enableBackgroundThrottling)

请参阅 ‘setBackgroundThrottling’ 文档 以获取更多信息。

🌐 See the setBackgroundThrottling documentation for more information.

重大变化​

🌐 Breaking Changes

不再支持 macOS 10.9​

🌐 No More macOS 10.9 Support

Chromium 不再支持 macOS 10.9（OS X Mavericks），因此 Electron 4.0 及更高版本也不支持它。

🌐 Chromium no longer supports macOS 10.9 (OS X Mavericks), and as a result Electron 4.0 and beyond does not support it either.

单实例锁定​

🌐 Single Instance Locking

以前，要将你的应用设置为单实例应用（确保在任何给定时间只运行一个应用实例），你可以使用 app.makeSingleInstance() 方法。从 Electron 4.0 开始，你必须改用 app.requestSingleInstanceLock()。该方法的返回值指示此应用实例是否成功获得锁。如果未能获得锁，你可以假设你的应用的另一个实例已持有锁并且正在运行，然后立即退出。

🌐 Previously, to make your app a Single Instance Application (ensuring that only one instance of your app is running at any given time), you could use the app.makeSingleInstance() method. Starting in Electron 4.0, you must use app.requestSingleInstanceLock() instead. The return value of this method indicates whether or not this instance of your application successfully obtained the lock. If it failed to obtain the lock, you can assume that another instance of your application is already running with the lock and exit immediately.

关于使用 requestSingleInstanceLock() 的示例以及在各种平台上细微行为的信息，请参见 app.requestSingleInstanceLock() 及相关方法的文档 和 second-instance 事件。

🌐 For an example of using requestSingleInstanceLock() and information on nuanced behavior on various platforms, see the documentation for app.requestSingleInstanceLock() and related methods and the second-instance event.

win_delay_load_hook​

在为 Windows 构建本地模块时，模块的 binding.gyp 中的 win_delay_load_hook 变量必须为 true（这是默认值）。如果没有这个钩子，本地模块将在 Windows 上加载失败，并显示类似 Cannot find module 的错误信息。参见本地模块指南 以获取更多信息。

🌐 When building native modules for windows, the win_delay_load_hook variable in the module's binding.gyp must be true (which is the default). If this hook is not present, then the native module will fail to load on Windows, with an error message like Cannot find module. See the native module guide for more information.

弃用​

🌐 Deprecations

以下重大变更计划在 Electron 5.0 中进行，因此在 Electron 4.0 中已弃用。

🌐 The following breaking changes are planned for Electron 5.0, and thus are deprecated in Electron 4.0.

已为 nativeWindowOpen 版 Windows 禁用 Node.js 集成​

🌐 Node.js Integration Disabled for nativeWindowOpen-ed Windows

从 Electron 5.0 开始，使用 nativeWindowOpen 选项打开的子窗口将始终禁用 Node.js 集成。

🌐 Starting in Electron 5.0, child windows opened with the nativeWindowOpen option will always have Node.js integration disabled.

webPreferences 默认值​

🌐 webPreferences Default Values

在创建新的 BrowserWindow 并设置 webPreferences 选项时，以下 webPreferences 选项的默认值已被弃用，建议使用下面列出的新默认值：

🌐 When creating a new BrowserWindow with the webPreferences option set, the following webPreferences option defaults are deprecated in favor of new defaults listed below:

请注意：目前存在一个已知的错误（#9736），如果 contextIsolation 启用，webview 标签将无法工作。请关注 GitHub 上的该问题以获取最新信息！

🌐 Please note: there is currently a known bug (#9736) that prevents the webview tag from working if contextIsolation is on. Keep an eye on the GitHub issue for up-to-date information!

在Electron 安全文档中了解有关上下文隔离、Node 集成以及 webview 标签的更多信息。

🌐 Learn more about context isolation, Node integration, and the webview tag in the Electron security document.

Electron 4.0 仍将使用当前的默认值，但如果你没有为它们传递明确的值，你将看到弃用警告。为了让你的应用为 Electron 5.0 做好准备，请为这些选项使用明确的值。有关每个选项的详细信息，请参见 BrowserWindow 文档。

🌐 Electron 4.0 will still use the current defaults, but if you don't pass an explicit value for them, you'll see a deprecation warning. To prepare your app for Electron 5.0, use explicit values for these options. See the BrowserWindow docs for details on each of these options.

webContents.findInPage(text[, options])​

medialCapitalAsWordStart 和 wordStart 选项已被弃用，因为它们已在上游移除。

🌐 The medialCapitalAsWordStart and wordStart options have been deprecated as they have been removed upstream.

应用反馈计划​

🌐 App Feedback Program

我们在 Electron 3.0 开发进程中建立的应用反馈计划非常成功，因此我们在 4.0 的开发进程中也继续了这一计划。我们想向 Atlassian、Discord、MS Teams、OpenFin、Slack、Symphony、WhatsApp 以及其他参与 4.0 测试版周期的计划成员表示衷心的感谢。要了解更多关于应用反馈计划的信息并参与未来的测试版，请查看我们关于该计划的博客文章。

🌐 The App Feedback Program we instituted during the development of Electron 3.0 was successful, so we've continued it during the development of 4.0 as well. We'd like to extend a massive thank you to Atlassian, Discord, MS Teams, OpenFin, Slack, Symphony, WhatsApp, and the other program members for their involvement during the 4.0 beta cycle. To learn more about the App Feedback Program and to participate in future betas, check out our blog post about the program.

下一步计划​

🌐 What's Next

在短期内，你可以预期团队将继续专注于跟进构成 Electron 的主要组件的开发，包括 Chromium、Node 和 V8。虽然我们谨慎地不对发布日期作出承诺，但我们的计划是大约每季度随着这些组件的新版本发布 Electron 的新主版本。查看我们的版本说明文档以了解有关 Electron 版本控制的详细信息。

🌐 In the short term, you can expect the team to continue to focus on keeping up with the development of the major components that make up Electron, including Chromium, Node, and V8. Although we are careful not to make promises about release dates, our plan is release new major versions of Electron with new versions of those components approximately quarterly. See our versioning document for more detailed information about versioning in Electron.

有关即将发布的 Electron 版本中计划的重大更改的信息，请参阅我们的计划重大更改文档。

🌐 For information on planned breaking changes in upcoming versions of Electron, see our Planned Breaking Changes doc.