单个可执行应用 | Node.js API 文档

¥Single executable applications

新增于: v19.7.0, v18.16.0

稳定性: 1 - 实验：此功能正在设计中并将更改。

¥Stability: 1 - Experimental: This feature is being designed and will change.

此功能允许将 Node.js 应用方便地分发到未安装 Node.js 的系统。

¥This feature allows the distribution of a Node.js application conveniently to a system that does not have Node.js installed.

Node.js 通过允许将 JavaScript 文件注入 node 二进制文件来支持单个可执行应用的创建。在启动过程中，程序会检查是否注入了任何东西。如果找到脚本，它将执行其内容。否则 Node.js 会像往常一样运行。

¥Node.js supports the creation of single executable applications by allowing the injection of a JavaScript file into the node binary. During start up, the program checks if anything has been injected. If the script is found, it executes its contents. Otherwise Node.js operates as it normally does.

单个可执行应用功能仅支持运行单个嵌入式 CommonJS 文件。

¥The single executable application feature only supports running a single embedded CommonJS file.

可以使用任何可以将资源注入 node 二进制文件的工具将打包的 JavaScript 文件转换为单个可执行应用。

¥A bundled JavaScript file can be turned into a single executable application with any tool which can inject resources into the node binary.

以下是使用此类工具 postject 创建单个可执行应用的步骤：

¥Here are the steps for creating a single executable application using one such tool, postject:

创建一个 JavaScript 文件：

¥Create a JavaScript file:

$ echo 'console.log(`Hello, ${process.argv[2]}!`);' > hello.js

创建 node 可执行文件的副本并根据需要命名：

¥Create a copy of the node executable and name it according to your needs:
```
$ cp $(command -v node) hello 
```
删除二进制文件的签名：

¥Remove the signature of the binary:
- 在 macOS 上：
  
  ¥On macOS:
```
$ codesign --remove-signature hello 
```
- 在 Windows 上（可选）：
  
  ¥On Windows (optional):
signtool 可以从已安装的 Windows SDK 使用。如果跳过此步骤，请忽略来自 postject 的任何与签名相关的警告。

¥signtool can be used from the installed Windows SDK. If this step is skipped, ignore any signature-related warning from postject.
```
$ signtool remove /s hello 
```
通过使用以下选项运行 postject，将 JavaScript 文件注入到复制的二进制文件中：

¥Inject the JavaScript file into the copied binary by running postject with the following options:
- hello - 在步骤 2 中创建的 node 可执行文件副本的名称。
  
  ¥hello - The name of the copy of the node executable created in step 2.
- NODE_JS_CODE - 二进制文件中将存储 JavaScript 文件内容的资源/注释/部分的名称。
  
  ¥NODE_JS_CODE - The name of the resource / note / section in the binary where the contents of the JavaScript file will be stored.
- hello.js - 在步骤 1 中创建的 JavaScript 文件的名称。
  
  ¥hello.js - The name of the JavaScript file created in step 1.
- --sentinel-fuse NODE_JS_FUSE_fce680ab2cc467b6e072b8b5df1996b2 - Node.js 项目用来检测文件是否被注入的 fuse。
  
  ¥--sentinel-fuse NODE_JS_FUSE_fce680ab2cc467b6e072b8b5df1996b2 - The fuse used by the Node.js project to detect if a file has been injected.
- --macho-segment-name NODE_JS（仅在 macOS 上需要） - 二进制文件中将存储 JavaScript 文件内容的段的名称。
  
  ¥--macho-segment-name NODE_JS (only needed on macOS) - The name of the segment in the binary where the contents of the JavaScript file will be stored.
总而言之，这是每个平台所需的命令：

¥To summarize, here is the required command for each platform:
- 在 macOS 以外的系统上：
  
  ¥On systems other than macOS:
```
$ npx postject hello NODE_JS_CODE hello.js \
    --sentinel-fuse NODE_JS_FUSE_fce680ab2cc467b6e072b8b5df1996b2 
```
- 在 macOS 上：
  
  ¥On macOS:
```
$ npx postject hello NODE_JS_CODE hello.js \
    --sentinel-fuse NODE_JS_FUSE_fce680ab2cc467b6e072b8b5df1996b2 \
    --macho-segment-name NODE_JS 
```
签署二进制文件：

¥Sign the binary:
- 在 macOS 上：
  
  ¥On macOS:
```
$ codesign --sign - hello 
```
- 在 Windows 上（可选）：
  
  ¥On Windows (optional):
需要有证书才能工作。但是，未签名的二进制文件仍然可以运行。

¥A certificate needs to be present for this to work. However, the unsigned binary would still be runnable.
```
$ signtool sign /fd SHA256 hello 
```
运行二进制文件：

¥Run the binary:
```
$ ./hello world
Hello, world! 
```