buildby inspects desktop applications on macOS and Windows, then tells you whether each app is built with native technologies (Swift, Objective-C, Win32) or a cross-platform framework such as Electron, Flutter, Tauri, Qt, JVM, CEF, NW.js, React Native, wxWidgets, Unity, or .NET.
It also surfaces signature and notarization details for single-app inspection, including developer name, Team ID, signature status, Apple notarization on macOS, Authenticode status on Windows, and Hardened Runtime status.
- Fast file-system based detection with no admin privileges required.
- Single-app inspection, full installed-app scan, and per-stack filters.
- Signature and notarization metadata for macOS and Windows apps.
- npm package, GitHub Release artifact, and GitHub Packages publishing.
- Works as a small global CLI:
buildby <app name>.
| Inspect a single app | Scan all installed apps | Filter by tech stack |
|---|---|---|
 |
 |
 |
# Install from npm
npm i -g @wavever/buildby
# Clone and link globally
git clone https://github.com/wavever/buildby.git
cd buildby
npm install
npm link
# Or run directly
node bin/buildby.js <command>Previously published as
desktop-app-build-by. That name is now deprecated — please switch tonpm i -g @wavever/buildby. The CLI command staysbuildby. See CHANGELOG.md for details.
buildby wechat
buildby discord
buildby "visual studio code"
buildby "clash verge"Output example:
Discord
/Applications/Discord.app
CROSS-PLATFORM ⚡ Electron
Cross-platform desktop apps with web technologies (HTML/CSS/JS)
https://www.electronjs.org
Evidence:
• Electron Framework.framework
• app.asar
Bundle ID: com.hnc.Discord
Version: 0.0.335
Size: 375.4 MB
Signature & Notarization
Developer: Discord, Inc.
Team ID: 53Q6R32WPB
Signature: Signed
Notarization: Notarized
Hardened Runtime: ✓ Yes
The Signature & Notarization section is only printed for single-app inspection (
buildby <name>and--path).--alland--<stack>skip it so batch scans stay fast.
buildby --all
buildby -aScans all apps in /Applications (macOS) or Program Files (Windows) and groups them by tech stack with a distribution chart.
--scanis still supported as a legacy alias for--all.
Batch scans use a local analysis cache. If an app's version and main executable fingerprint have not changed, BuildBy reuses the previous result so repeated scans are nearly instant.
buildby --all --no-cache # Force a fresh analysisBuildBy creates a default JSON config file on first run, then reads it on later runs:
- macOS:
~/.buildby/config.json - Windows:
%APPDATA%\buildby\config.json - Linux/other:
$XDG_CONFIG_HOME/buildby/config.jsonor~/.config/buildby/config.json
You can also point to a custom config file with BUILDBY_CONFIG=/path/to/config.json; BuildBy will create that file with defaults if it does not exist.
{
"cache": true,
"excludeApps": [
"Xcode",
"com.apple.Safari",
"/Applications/VMware Fusion.app"
]
}cache: false disables the analysis cache by default. excludeApps removes matching apps from --all and per-stack scans; entries can be app names, Bundle IDs, or full paths. Single-app inspection still works for excluded apps.
BuildBy follows your terminal or system language by default. To show English output without changing system language:
LC_ALL=en_US.UTF-8 buildby -aYou can also create an alias:
alias buildby-en='LC_ALL=en_US.UTF-8 buildby'buildby -e # All Electron apps (--electron)
buildby -f # All Flutter apps (--flutter)
buildby -t # All Tauri apps (--tauri)
buildby -q # All Qt apps (--qt)
buildby -j # All JVM apps (--jvm)
buildby -c # All CEF apps (--cef)
buildby -d # All .NET / MAUI / WPF apps (--dotnet)
buildby -b # All Chromium apps (--chromium)
buildby -W # All NW.js apps (--nwjs)
buildby -r # All React Native apps (--reactnative)
buildby -w # All wxWidgets apps (--wxwidgets)
buildby -u # All Unity apps (--unity)
buildby -n # All native apps (--native)buildby --path /Applications/SomeApp.app
buildby --path "C:\Program Files\SomeApp"| Stack | Description | Detection Method |
|---|---|---|
| ⚡ Electron | Node.js + Chromium | Electron Framework.framework, app.asar |
| 🐦 Flutter | Google's UI toolkit | FlutterMacOS.framework, flutter_windows.dll |
| 🌐 CEF | Chromium Embedded Framework | Chromium Embedded Framework.framework, libcef.dll |
| 🦀 Tauri | Rust + system WebView | Binary strings + resources/ dir, WebView2Loader.dll |
| 🔷 Qt | C++ cross-platform | Qt*.framework, Qt5Core.dll / Qt6Core.dll |
| ☕ JVM | Java/Kotlin/Scala | jbr/, libjvm.dylib, .jar files |
| 🔵 .NET | Microsoft .NET / MAUI / WPF | MonoBundle/, coreclr.dll, .dll files |
| 🟩 NW.js | Node.js + Chromium (node-webkit) | nwjs Framework.framework, app.nw |
| ⚛️ React Native | Facebook's React for desktop | React.framework, hermes.dll |
| 🖥️ Native | Platform-native technologies | Fallback when no cross-platform signatures found |
| Platform | App Discovery | Detection |
|---|---|---|
| macOS | /Applications, ~/Applications |
Framework dirs, otool -L, plist metadata |
| Windows | Program Files, Program Files (x86), AppData/Local/Programs |
DLL files, directory structure |
Detection is purely file-system based — no admin privileges, no binary disassembly.
- Framework directory scan — check
Contents/Frameworks/for known framework bundles (Electron Framework, FlutterMacOS, Chromium Embedded Framework, Qt*.framework, etc.) - Resource file patterns — look for
app.asar,flutter_assets,app.nw, etc. - JVM detection — detect bundled JRE/JBR runtimes and
.jarfiles - Tauri detection — use
otool -L(macOS) to check for system WebKit linkage +resources/directory - Metadata extraction — parse
Info.plistfor bundle ID, version, and display name - Signature & notarization — invoke
codesign -dv+spctl --assesson macOS, or PowerShellGet-AuthenticodeSignatureon Windows, to surface developer / Team ID / publisher and Apple notarization or Authenticode trust status - Fallback — apps with no cross-platform signatures are classified as Native
Detection runs in priority order so the most distinctive signatures are checked first.
- Node.js >= 18
- macOS or Windows
- macOS:
otool,codesign,spctl(all bundled with Xcode Command Line Tools) - Windows:
powershellonPATH(for Authenticode signature reading)
MIT