Skip to content

tcballard/LocalWrap

BranchesTags

Repository files navigation

LocalWrap

License: MIT Node Electron

A secure desktop wrapper for localhost development servers. LocalWrap gives you a small, retro Windows‑95‑styled desktop app to start, stop, and open multiple local dev servers — no terminal juggling required.

Features

  • Multi‑server management — start/stop/restart servers on any port (1000–65535) from a single window.
  • One‑click open — launch any running server in your browser.
  • System tray integration — minimize to the tray and keep servers running in the background.
  • Secure by default — Content‑Security‑Policy headers (Helmet), rate limiting, input validation, and Electron context isolation with no Node integration in the renderer.
  • Cross‑platform — Windows, macOS, and Linux.

Download

Grab a prebuilt installer for your platform from the Releases page:

Platform File
Windows .exe installer (NSIS)
macOS .dmg
Linux .AppImage

Note: the installers are not code‑signed yet, so Windows SmartScreen and macOS Gatekeeper will warn about an "unknown developer." On Windows choose More info → Run anyway; on macOS right‑click the app and choose Open the first time.

Requirements (to build/run from source)

  • Node.js 18 or newer
  • npm 9 or newer

Install from source

git clone https://github.com/tcballard/LocalWrap.git
cd LocalWrap
npm install

Run

npm start          # launch the app
npm run dev        # launch with dev flag

# launch bound to a specific default port
npm run start:3000
npm run start:8080
npm run dev:3001

Build distributables

Packaged with electron-builder:

npm run dist        # current platform, no publish
npm run dist:mac    # macOS .dmg
npm run dist:win    # Windows NSIS installer
npm run dist:linux  # Linux AppImage

Output is written to dist/.

Test

npm test            # run the Jest suite
npm run test:watch  # watch mode
npm run test:coverage

Security

LocalWrap is built defensively:

  • Helmet sets a strict Content‑Security‑Policy and other hardening headers.
  • express-rate-limit caps requests (100 per 15 minutes) to the local control API.
  • validator sanitizes and validates user‑supplied ports and URLs.
  • The Electron renderer runs with contextIsolation enabled and nodeIntegration disabled; the preload script exposes no privileged IPC.

Found a vulnerability? Please see SECURITY.md.

Contributing

Contributions are welcome — see CONTRIBUTING.md.

License

MIT © Tom Ballard

About

Secure, open-source desktop app to start, stop, and open multiple localhost dev servers from a single window. Built with Electron + Express. Windows · macOS · Linux.

Topics

electron desktop-app productivity open-source opensource dev-server developer-tools electron-app localhost local-first

Resources

Readme

License

MIT license

Contributing

Contributing

Security policy

Security policy
Activity

Stars

4 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases 2

2.1.0 Latest
Jun 2, 2026
+ 1 release

Packages

 
 
 

Contributors

Languages