Update / Audit postinstall task

[GabeIsman]

The postinstall task has a deprecation warning about using an old API of electron-rebuild. Not to mention it's not super clear to me that the current setup is even the right approach. Would a simple npm rebuild be more effective than electron-rebuild?

[garrettr]

As far as I can tell, the call to electron-rebuild in the postinstall task is sufficient, and the electron-rebuild-related code in tasks/postinstall.js is no longer necessary.

To test, I removed the electron-rebuild code from tasks/postinstall.js, rm -rf node_modules/, and reran npm install. After the install was complete, I tested the following commands to make sure they still work as expected:

1. npm run dev
2. npm run test
3. npm run build-app
4. npm run test-e2e

They all worked without issues.

[garrettr]

Would a simple npm rebuild be more effective than electron-rebuild?

Background: native Node modules have components written in native code, e.g. C/C++. They are automatically built during npm install for the platform they are being installed on. Since they are built against the Node ABI, they need to be rebuilt whenever the version of Node you are using changes.

npm rebuild is meant to be used to rebuild native modules whenever you change your system's version of Node, so the native modules will be compatible with the new Node's ABI.

Using Electron adds another wrinkle: for reasons, Electron uses its own version of Node, which may or may not match your system version. electron-rebuild recompiles native Node modules that are used in an Electron app against Electron's Node's ABI.

Here's a quick one-liner to find installed packages with native components:

$ find -E node_modules -regex ".*\.(c|cc|cpp)" | cut -d'/' -f2 | uniq
ref
ref-array
ffi
tempfile
node-gyp
node-sass
fsevents

If I'm understanding all of this correctly (big "if"), we only need electron-rebuild if one of our application's "dependencies" in package.json has a native component. For example, we can see from the above one-liner that node-sass has native components, but since it is only included in "devDependencies", I don't think it warrants the use of electron-rebuild—it should work just fine with our system level Node.

It is a little bit difficult to figure out how all the dependencies of this application interact, partially because it's using a two package.json structure leftover from electron-react-boilerplate. However, I think the use of electron-builder is still warranted at least because the application uses rusty-secrets, which in turn uses ffi, ref, and ref-array, which all have native components.