Electron: securely delete a file from filesystem - node.js

I need to do a secure file deletion within a cross platform electron app, trying to avoid data remanence of those files, so a simple fs.unlink is not enough.
The effect I'd like to achieve is similar to the unix shred command.
I tried in a linux Environment where I could just invoke a shred with a direct system call, but I need it to work in a cross-platform environment (windows and osx in particular) and I didn't found any useful command or npm library.
Any suggestion on how this could be done?

Related

How to update the PATH variable in a platform agnostic way using node js

i am making a CLI to automate the installation process of a software. I install it in a directory like $HOME/.software-name/. Now i would like to know about a platfrom agnostic way to update the system PATH environment variable so that in the future the user can run the command easily.
I am not looking for a os specific way like setx on windows or writing to the ~/.bashrc. I would prefer a library to do the task or a builtin function.
i know that i can retrieve the env variable using process.env.variableName but setting it would not work outside the child process (ie, NodeJS). It does work inside the NodeJS process but that is obviously not what is wanted here.
Thanks :)

NodeJS app for end-user distribution

I'm looking for the proper way to distribute/deploy a node.js app that would run as a small webserver on the user's machine.
Is there a stub method or install script or a "install wizard" that would download all node_modules dependencies, download the latest nodejs binary, set up the environment, etc... or I have to distribute it bulk with everything packed? Is there any guide for that purpose?
Edited :
You could install node and npm, download your dependencies by running npm install in the command line (first declare them within your package.json) only then users can run your script. This is how you do development in Node.js, or deploy to a development server. See using npm. You could automate that with a shell script if that is what you are after.
However, when distributing programs to end-users that might not be the best approach. Linux users are used to a package (.deb for instance) and Windows users are used to an .exe or a setup wizard.
That is why I recommended the tools below. I also assumed you were targeting Windows as this is less of a problem is unix-like environments.
If you want a single file (.exe), pkg and nexe are made for that purpose. These Node.js tools are used by the developer to compile JavaScript code into a single executable binary that is convenient for end-users and Windows deployment. The resulting .exe file is very light and does not require node to be installed on the end-user’s computers.
Electron along with electron-packager can produce setup wizards, but it installs a lot of files even for the smallest program. Your program will include all of node and webkit, that is why it produces heavy installs.
NSIS can also create a setup wizard, it is simple and does common stuff well (copying files, running shell scripts).
Original answer:
Short answer is: not really.
You have to keep in mind that Javascript is and has always been interpreted, so until recently never compiled to binary as you might do with other languages. Some exploration has been going on, but essentially you won’t get a "good practice" answer.
The long answer is, maybe, for some limited use cases:
There is the fresh new pkg that does exactly this, and it looks promising.
There has been nexe for a while, it works great for some use cases (maybe yours). Native/compiled modules are still an issue however.
Electron might work for a full blown app with a significant user interface, but it is not light or compact.
You could always use browserify to concatenate and uglify all your code with the modules you use and then make an installer with something like NSIS to setup node and your script. Native modules would still be a problem however.

Deploy linux binaries without internet access and without root?

boundaries:
I have a Linux64 (Redhat 6.8) test-server here which I can access via FTP in our intranet. This server has no access to the internet.
I want to use an SVN command line client and Python with cx_Oracle and an oracle client on that machine
I don't have root access.
I don't have much idea of Linux
I thought I will start with the easiest thing which was SVN in my opinion:
My first guess was, that I could just download the binaries for SVN for Redhat 6 on my windows machine and copy them to the Linux machine using FTP.
But what I found here was "yum install subversion" (which does not work due to missing root and internet access) and a file "subversion_installer_1.9.sh" that I got from WANdisco (but which also needs root and internet access again).
Why is that so complicated? I come from a windows world and I am a little bit disappointed at the moment, because I always thought that stuff like this should work quite easy on LINUX (just copying binaries and you are good to go).
What do I overlook?
How would you do that?
You can "install" Subversion and Python and cx_Oracle without root access but since you are straying outside of the "normal" approach to things you will find it much more difficult than if you simply followed the "normal" approach. And the "normal" approach is to use a package manager (like yum) which requires root access. The Windows approach is simply different. There have been many arguments over which is "better" but I won't get into that here!
Installing something on Linux is as easy as copying binaries. The difficulty lies with getting the right binaries to copy. Unlike Windows where the system API (kernel32.dll/user32.dll/gdi32.dll) is extremely consistent and highly compatible between versions, Linux distributions have multiple system APIs (glibc, newlib, uclibc) and more frequent ABI breakage the n in libc.so.n changes.
When you download binaries from a repository hosted by your distribution maintainer, you know that they are built to use the same versions of the various dependencies as every other binary on your system. There's no such guarantee for binaries obtained from the developer, who may use a totally different distribution.
So the common thing for open source projects such as subversion is to obtain an archive of the source code from the developer, unpack it, run ./configure to customize the makefiles for the system libraries on your system, make to build binaries that use your distro's particular flavor of system libraries, and make install DESTDIR=~/somesoft to install in any directory you have write access to.

How can I (literally) open a file with Node?

I'm creating a command-line utility with Node that will be able to open (launch) files for the user programmatically, using the application they would use to do so by default.
After reading through the docs, I don't think fs.open() can do that.
Is there any way to do this in Node without having to pull in shell scripts?
You'd need to call a special OS-dependent program via child_process.exec() or child_process.spawn(). On Windows you'd use start, for OSX you'd use open, and for Linux you'd generally use xdg-open. You might look at using an already made module on npm for handling all these cases, such as open.

Setup standalone cygwin applications

I want to setup a minimal set of cygwin applications (ls, diff, path, find, grep) so that they run on a machine without the full cygwin install.
I am assuming all I need are the *.exe files and *.dll that are relevant. So far, this is what I have. It works so far, but I was wondering if there are any issues down the road that I might experience.
Not really, but you might want to look at UnxUtils, which has some advantages over cygwin for the sort of application you're describing:
It does not depend on an external DLL.
The executables use msvcrt.dll, rather than cygwin.dll so they play nicely with native windows paths. There is no disconnect between the /cygdrive path and the native paths used by the rest of the system.
Because of (2) it integrates much more nicely into command or bat files if you have occasion to have to do this.
UnxUtils is quite good for deploying functionality like sed to windows machines because you can just drop sed.exe into an application directory and not have to worry about registering any DLL's or other installation complexities. CMD.exe will pipe and redirect well enough to use these in batch files, and the utilities do not mind \r\n line terminators.
There is also the GnuWin32 project. I use that and CygWin, so sometimes I have a hard-time telling what kind of environment I'm working in..... not that that's a bad thing!
One issue I can see is licensing. You may need to research under what conditions you are allowed to redistribute binaries. (It may be a simple as including a statement in a README file about where to obtain the source.)
Another issue is Cygwin updates. When new binaries are released, how will you keep end users up to date?
A third potential problem would be configuration files that an application would need. No doubt this would be easy enough to figure out in testing, however.
Have you considered MinGW? It would seem to fit your purposes better than Cygwin.

Resources