Pandipipas/scoreko-electron-dev
1
0
Fork 0
mirror of https://github.com/Pandipipas/scoreko-electron-dev.git synced 2026-06-06 05:32:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
ed5a7d0994c8034fbfa5462142b113ff93c019e1
scoreko-electron-dev/docs/refactor/PHASE_2_SUMMARY.md
T

2.3 KiB
Raw Blame History

Phase 2 Summary

Scope

Executed the IPC and process-management phase only.

Documentation used as source of truth:

  • docs/refactor/ARCHITECTURE_AUDIT.md
  • docs/refactor/ARCHITECTURE_RULES.md
  • docs/refactor/TARGET_ARCHITECTURE.md
  • docs/refactor/MIGRATION_PLAN.md
  • docs/refactor/SESSION_HANDOFF.md

IPC And Preload Decision

No IPC or preload layer was added.

This is intentional. The current architecture defines a zero-surface IPC model as the secure target because there is no custom renderer and no product requirement for desktop APIs to cross into web content.

To make that decision enforceable, a regression test now scans src/main and fails if main-process source introduces:

  • ipcMain
  • ipcRenderer
  • contextBridge
  • preload

Process Management Changes

  • Narrowed NodecgProcessManager so startNodecgProcess no longer returns the raw ChildProcess.
  • Removed the public internal getProcess escape hatch from NodecgProcessManager.
  • Added explicit NodeCG process states:
    • idle
    • starting
    • running
    • stopping
    • stopped
    • failed
  • Added getState as the narrow observable process-management API.
  • Made NodeCG startup idempotent while an async startup is already in progress.
  • Prevented new startup while process shutdown is in progress.
  • Preserved process-tree termination through platform-process-killer.ts.
  • Preserved ELECTRON_RUN_AS_NODE, shell: false, windowsHide: true, and detached POSIX process-group behavior.

Security Notes

  • No raw Electron IPC APIs are imported in production source.
  • No preload script is configured or exposed.
  • No renderer/main business logic boundary was added.
  • No filesystem, process, shell, or update primitives were exposed to web content.
  • BrowserWindow security settings from Phase 1 remain unchanged.

Verification

Commands run successfully:

npm run typecheck
npm test
npm run lint

Current test result:

55 tests passing

Additional sanity search:

rg -n "ipcMain|ipcRenderer|contextBridge|preload|nodeIntegration:\s*true|webSecurity:\s*false|\bany\b" src/main src/tests

Result:

  • No production IPC or preload surface exists.
  • No unsafe Electron settings were introduced.
  • Remaining IPC/preload string matches are limited to the regression test that guards the zero-surface policy.
Reference in New Issue View Git Blame Copy Permalink