Feature suggestion: Provide Natively packaged version

[MuXiu1997]

I found when using the Bitwarden CLI that they provide a natively packaged version of

This got me thinking that sometimes, maybe on some machines, I don't want to install node and npm, but would like to have a tool like zx to help me execute scripts easily

So, it's helpful to provide a natively packaged version

Additional context:

Native Executable

We provide natively packaged versions of the CLI for each platform which have no requirements on installing the Node.js runtime. You can obtain these from the downloads section in the documentation.

[antonmedv]

Yes, this is easy to do. Will do it

[antongolub]

+1
@antonmedv, just fyi, this is how we solved a similar case via pkg: https://github.com/qiwi/buildstamp/tree/master/packages/bin

vercel/pkg#1291 :(

[MuXiu1997]

+1 @antonmedv, just fyi, this is how we solved a similar case via pkg: https://github.com/qiwi/buildstamp/tree/master/packages/bin

Yea~~, Bitwarden CLI also uses pkg

[antonmedv]

I think it will not be a feature of zx.

[ejdaly]

@antonmedv - I did some work on this a few weeks back, and have pushed a standalone / natively packaged build here:

https://github.com/ejdaly/zx

There are minimal changes to the existing code (it's mostly addition of some devDependencies, and a new build script; I've documented the changes in the code, and here: https://github.com/ejdaly/zx#fork-notes)

The standalone build is feature-complete with the standard version (and passes all existing test cases).

It is based on v4.3.0 however, but I'd be happy to attempt update to v5+ to see how that goes...

If this is a feature you would consider as part of the main zx project - I'm happy to work with you to get this added. If not, that's fine too of course.

Aside: I've also added a few other features to that branch (things I was interested in trying: dynamic import & REPL). I'm not suggesting here that those features be added to main repo (I see there are separate issues here for them; and I'll comment there...)

[antonmedv]

Nice work! But I'm not thinking to add executable bins to zx right now. The first build process was error-prone and I completely removed it in v5. The second is security concerns.

[ejdaly]

Sure, no problem at all. The build process is documented now in my fork - so people can follow that (or use the binaries directly..) if they have that use case...

Out of interest, what security concerns would you see? Just the idea of running an unsigned / unverified binary?

[antonmedv]

Yes, this and npm security checks now works really well. In case of a binary no one will be checking it for security holes.

[MuXiu1997]

@antonmedv
Is it possible to make the binary version available in github's Releases only, without adding it to npm?
pkg also seems to be supporting ES Modules soon

• RFC: pkg 6.0 vercel/pkg#1655

[antongolub]

1. It requires to build n binaries: for x86_64/arm, win/mac/linux
2. each binary size will be ~90Mb+

[MuXiu1997]

Yes, but zx is so good that I'm not the only one who wishes it had a single file version that worked straight out of the box and didn't require node to be installed