Bump @electron/packager from 18.4.4 to 19.0.0

[dependabot]

Bumps @electron/packager from 18.4.4 to 19.0.0.

Release notes

Sourced from @​electron/packager's releases.

v19.0.0

19.0.0 (2025-10-15)

Electron Packager 19 introduces many breaking changes in an effort to modernize the codebase.

BREAKING CHANGES

Node.js 22

This package now requires Node.js >=12.22.0.

ESM

This package is now ESM-only.

[!NOTE] CommonJS projects can still consume this module via the require(esm) feature added to Node 22.

asar is enabled by default

By default, the asar option is now set to unpack native node modules.

const opts = {
  asar: {
    unpack: '**/{.**,**}/**/*.node'
  }
}

[!NOTE] This is equivalent to the behaviour out of the box with any Electron Forge v7 template.

[!NOTE] In Electron Packager 19, this is also equivalent to asar: true.

derefSymlinks is enabled by default

This was incorrectly documented in most previous versions of Electron Packager. See electron/packager#1818.

Hooks are promisified and take in a single object argument

Electron Packager's various lifecycle hooks have changed their shape in two ways:

• Hook arguments are now properties on a single JavaScript object rather than individual positional args.
• The done callback arg was removed in favour of making hooks asynchronous.

For a trivial example:

// Electron Packager 18
const opts = {
</tr></table> 

... (truncated)

Commits

• 0c9235b feat!: force v19 release (#1847)
• fdf0278 chore: bump brace-expansion from 1.1.11 to 1.1.12 (#1846)
• 9dd89db ci: allow canary.yml to be called manually (#1845)
• 640ee9b fix: use file paths for dynamic imports (#1844)
• 999a2a7 fix: allow tmpdir to be true (#1842)
• 6e69e2d feat!: enable asar by default (#1841)
• 623a49c feat!: promisify hooks (#1832)
• b7cf4e8 ci: fix setup-node in canary workflow (#1840)
• 2f4d007 chore: upgrade to Yarn v4 (#1835)
• 74aba83 chore: ignore fixtures from socket while making them uninstallable (#1839)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #9.