fix: update electron-builder installOrRebuild usage for v26 compatibility

[a4xrbj1]

In electron-builder v26.x, the installOrRebuild function signature in yarn.ts changed. The second argument changed from appDir: string to { appDir, projectDir, workspaceRoot }: DirectoryPaths. This causes meteor-desktop to crash during the build process with "TypeError: The "path" argument must be of type string" because it passes a string, leaving projectDir undefined.

Additionally, Meteor 3.x's web.cordova architecture emits ES modules which use import.meta. However, meteor-desktop serves these scripts via index.html as classic scripts (without type="module"), leading to Uncaught SyntaxError: Cannot use 'import.meta' outside a module.

Finally, Electron 38 changed the electron module export behavior, causing electron.protocol to be undefined in
skeleton/app.js
, leading to a crash on startup.

This PR:

Updates the installOrRebuild call site to pass the expected object.
Updates updateDdpUrl in lib/meteorApp.js to inject type="module" into script tags in the generated index.html, while preserving
cordova.js
.
Updates
skeleton/app.js
to import protocol directly from electron.
Code Change 1: Electron Builder Compatibility
File: lib/electronBuilder.js

javascript
<<<<
async installOrRebuild(arch, platform = process.platform, install = false) {
this.log.debug(calling installOrRebuild from electron-builder for arch ${arch});
this.prepareLastRebuildObject(arch, platform);
await this.yarn.installOrRebuild(this.$.desktop.getSettings().builderOptions || {},
this.$.env.paths.electronApp.root, this.lastRebuild, install);
}

async installOrRebuild(arch, platform = process.platform, install = false) {
    this.log.debug(`calling installOrRebuild from electron-builder for arch ${arch}`);
    this.prepareLastRebuildObject(arch, platform);
    await this.yarn.installOrRebuild(this.$.desktop.getSettings().builderOptions || {},
        // Electron-builder v26+ expects an object with directory paths
        {
            appDir: this.$.env.paths.electronApp.root,
            projectDir: this.$.env.paths.electronApp.root,
            workspaceRoot: null
        },
        this.lastRebuild,
        install,
        process.env
    );
}

Code Change 2: Meteor 3.x ESM Support
File: lib/meteorApp.js

Method: updateDdpUrl

javascript
<<<<
runtimeConfig.ROOT_URL = this.$.env.options.ddpUrl;
runtimeConfig.DDP_DEFAULT_CONNECTION_URL = this.$.env.options.ddpUrl;
content = content.replace(
this.replacer, $1"${encodeURIComponent(JSON.stringify(runtimeConfig))}"$3
);

runtimeConfig.ROOT_URL = this.$.env.options.ddpUrl;
runtimeConfig.DDP_DEFAULT_CONNECTION_URL = this.$.env.options.ddpUrl;
// Inject type="module" for Meteor 3.x ESM support, excluding cordova.js
content = content.replace(/<script src="/g, '<script type="module" src="/');
content = content.replace(/<script type="module" src="\/cordova\.js"/g, '<script src="/cordova.js"');
content = content.replace(
    this.replacer, `$1"${encodeURIComponent(JSON.stringify(runtimeConfig))}"$3`
);

Code Change 3: Electron 38 Compatibility
File:
skeleton/app.js

Description: Electron v38 changed how the protocol module is exported or accessed. electron.protocol is undefined in the default export when using some transpilers. This change uses require('electron') to correctly access protocol.

javascript
<<<<
import electron from 'electron';
// ...
if (semver.lt(process.versions.electron, '5.0.0-beta.0')) {
electron.protocol.registerStandardSchemes(['meteor'], { secure: true });
} else {
electron.protocol.registerSchemesAsPrivileged([
{ scheme: 'meteor', privileges: { standard: true, secure: true, supportFetchAPI: true, stream: true } }
]);
}

// import electron from 'electron';
let electron;
try {
electron = require('electron');
} catch (e) { }
if (typeof electron !== 'object') {
// If require returned a string (path), it means we got the npm package.
// We need the internal module.
try {
electron = module.constructor._load('electron', module, true);
} catch(e) { }
}
const { protocol } = electron;
// ...
if (semver.lt(process.versions.electron, '5.0.0-beta.0')) {
protocol.registerStandardSchemes(['meteor'], { secure: true });
} else {
protocol.registerSchemesAsPrivileged([
{ scheme: 'meteor', privileges: { standard: true, secure: true, supportFetchAPI: true, stream: true } }
]);
}

Code Change 4: User Project Fix
File:
package.json

Description: The electron package must be in devDependencies, not dependencies. If checking frontend dependency lists, ensure electron is moved. This prevents electron from being bundled into the app logic where it shadows the runtime's internal electron module.

json
// In package.json
"devDependencies": {
"electron": "^38.0.0",
...
}

[Copilot]

Pull request overview

This pull request claims to fix electron-builder v26 compatibility by updating the installOrRebuild function signature, but the described fix is not included in the PR. Instead, the PR contains a large set of changes that appear to be a migration from the original meteor-desktop package to @meteor-community/meteor-desktop, including package renaming, dependency updates, test updates, and modernization of the Electron integration code.

Changes:

• Package renamed from meteor-desktop to @meteor-community/meteor-desktop and Meteor packages renamed from omega:* to communitypackages:*
• Updated dependencies including Electron (to v17), electron-builder (to v24), and various other packages
• Modernized Electron integration code including single instance handling, contextBridge usage, and protocol registration
• Updated test fixtures and test code for newer Meteor versions (2.6.1) and updated dependencies
• Various code refactoring including async/await conversion and removal of deprecated devtron support

Reviewed changes

Copilot reviewed 49 out of 54 changed files in this pull request and generated 8 comments.

Show a summary per file

File	Description
package.json	Package renaming to @meteor-community scope, dependency version updates, critical bugs found
plugins/bundler/bundler.js	Major refactoring with async/await, critical bugs in file processing logic
plugins/bundler/package.js	Package renamed to communitypackages:meteor-desktop-bundler
plugins/watcher/package.js	Package renamed to communitypackages:meteor-desktop-watcher
plugins/watcher/watcher.js	Updated to reference renamed packages
skeleton/preload.js	Added contextBridge support, critical bug in electron module exposure
skeleton/app.js	Updated single instance handling API, protocol registration, and window management
skeleton/index.js	Updated reify import to @meteorjs/reify
skeleton/modules/autoupdate.js	Added desktopHCP setting check
lib/meteorApp.js	Updated asar import and package references
lib/electronApp.js	Updated asar API usage (promises instead of callbacks)
lib/defaultDependencies.js	Updated default Electron and electron-builder versions
lib/skeletonDependencies.js	Updated dependency versions
tests/*	Multiple test updates for new Meteor version, package names, and API changes
README.md	Updated documentation for package migration and repository changes
CHANGELOG.md	Added changelog entries for versions 3.0.0-3.3.0
.github/*	Added GitHub workflows, issue templates, and removed old CI configs
._package.json	macOS metadata file that should not be committed

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

There's a bug in this code: the variable code is used on line 899, but code is not defined in this scope. The code should be using fileContents[file] instead. This will cause a ReferenceError when cache misses occur and the code tries to transform files from disk.

Suggested change

	const transformed = await babelCore.transformAsync(code, {
	const transformed = await babelCore.transformAsync(fileContents[file], {

[Copilot]

The asJSON() method returns a hardcoded stub for Desktop.electron (line 296), but the actual electron modules from exposedModules are populated into Desktop.electron after asJSON() is called (lines 321-323). This means that contextBridge.exposeInMainWorld('Desktop', Desktop.asJSON()) on line 325 will expose a Desktop object with only the stub electron object, missing the actual exposed electron modules. The Desktop.electron assignment on lines 321-323 happens after asJSON() is already called, so those modules won't be included in the exposed object.

Consider refactoring to ensure exposedModules are properly included in the returned JSON object, or call asJSON() after populating Desktop.electron.

[Copilot]

Line 792 performs another shelljs.cp('-rf', desktopPath, desktopTmpPath) after all the manual copying logic from lines 747-791. This appears to be a mistake as it will overwrite the carefully constructed .desktop-staging directory with the original .desktop contents, undoing all the manual file-by-file copying, permission setting, and cleanup operations performed earlier. This line should be removed, or if it's intentional, the manual copying logic above it should be removed instead.

Suggested change

shelljs.cp('-rf', desktopPath, desktopTmpPath);

[Copilot]

The versionDesktop middleware calls next() unconditionally on line 130, even after sending a response with res.end() on line 128. This will cause the request to continue being processed by subsequent middleware after the response has already been sent, which can lead to errors. The next() call should only be executed if the pathname does not end with 'version.desktop.json'. Consider wrapping next() in an else block or returning early after calling res.end().

[Copilot]

The package has a dependency on "meteor-desktop": "^2.2.5" (line 93), which is the old package name. This package is being renamed to "@meteor-community/meteor-desktop" as part of this PR. Having a dependency on the old package name in the new package creates a circular/conflicting dependency. This dependency should be removed.

Suggested change

"meteor-desktop": "^2.2.5",

[Copilot]

There are commented-out lines 794-795 that appear to be duplicates of the operations performed earlier in the code (del.sync and stampPerformance). These commented lines should either be removed entirely if they're no longer needed, or the comment should explain why they're being kept for future reference.

Suggested change

	// del.sync([path.join(desktopTmpPath, '**', '*.test.js')]);
	// this.stampPerformance('copy .desktop');

[Copilot]

Missing semicolon after the require statement on line 127. This will cause a syntax error when the code is executed.

[Copilot]

Unused import asar.