Comment by esperent
> Some apps are years behind on Electron today
Could you give some examples? This seems like a potential security risk.
> Some apps are years behind on Electron today
Could you give some examples? This seems like a potential security risk.
Random output from my system:
App Name: Microsoft Azure Storage Explorer.app Electron Version: 25.8.4 -n File Name: /Applications/Microsoft Azure Storage Explorer.app/Contents/Frameworks/Electron Framework.framework/Electron Framework -e App Name: MongoDB Compass.app Electron Version: 30.4.0 -n File Name: /Applications/MongoDB Compass.app/Contents/Frameworks/Electron Framework.framework/Electron Framework -e App Name: Obsidian.app Electron Version: 25.8.1 -n File Name: /Applications/Obsidian.app/Contents/Frameworks/Electron Framework.framework/Electron Framework
And to answer your question: yes this is very much a security issue. There are many unpatched versions that are vulnerable to webp exploits, including chat apps (with the serious implications of that being obvious)
Web devs shouldn't be allowed anywhere near native APIs.