From 9a34650cb0882eb385a9e32c1e2efa2cc0e387b5 Mon Sep 17 00:00:00 2001 From: Oskar Nyberg Date: Wed, 24 Apr 2024 15:00:49 +0200 Subject: [PATCH] Fix notarization issues after upgrading electron-builder to 24.13.3 To fix issues with electron-builder and @electron/notarize this commit: * Replaces old notarization code with built-in solution in electron-builder * Moves notarization of pkg to build.sh --- build.sh | 12 ++++++++++++ gui/package-lock.json | 1 - gui/package.json | 1 - gui/tasks/distribution.js | 22 +--------------------- 4 files changed, 13 insertions(+), 23 deletions(-) diff --git a/build.sh b/build.sh index 75a62755fbcf..1329c2cf5ca6 100755 --- a/build.sh +++ b/build.sh @@ -354,6 +354,18 @@ if [[ "$SIGN" == "true" && "$(uname -s)" == "MINGW"* ]]; then done fi +# notarize installer on macOS +if [[ "$NOTARIZE" == "true" && "$(uname -s)" == "Darwin" ]]; then + log_info "Notarizing pkg" + xcrun notarytool submit dist/*"$PRODUCT_VERSION"*.pkg \ + --keychain "$NOTARIZE_KEYCHAIN" \ + --keychain-profile "$NOTARIZE_KEYCHAIN_PROFILE" \ + --wait + + log_info "Stapling pkg" + xcrun stapler staple dist/*"$PRODUCT_VERSION"*.pkg +fi + log_success "**********************************" log_success "" log_success " The build finished successfully! " diff --git a/gui/package-lock.json b/gui/package-lock.json index 47d1447d57dd..dc8686cd428c 100644 --- a/gui/package-lock.json +++ b/gui/package-lock.json @@ -25,7 +25,6 @@ "styled-components": "^6.1.0" }, "devDependencies": { - "@electron/notarize": "^2.1.0", "@playwright/test": "^1.41.1", "@types/chai": "^4.3.3", "@types/chai-as-promised": "^7.1.5", diff --git a/gui/package.json b/gui/package.json index 92093b842ddb..75892af5ce32 100644 --- a/gui/package.json +++ b/gui/package.json @@ -31,7 +31,6 @@ "nseventmonitor": "^1.0.4" }, "devDependencies": { - "@electron/notarize": "^2.1.0", "@playwright/test": "^1.41.1", "@types/chai": "^4.3.3", "@types/chai-as-promised": "^7.1.5", diff --git a/gui/tasks/distribution.js b/gui/tasks/distribution.js index 99c8fb87efb1..83f1936b422d 100644 --- a/gui/tasks/distribution.js +++ b/gui/tasks/distribution.js @@ -2,7 +2,6 @@ const path = require('path'); const fs = require('fs'); const builder = require('electron-builder'); const { Arch } = require('electron-builder'); -const { notarize } = require('@electron/notarize'); const { execFileSync } = require('child_process'); const noCompression = process.argv.includes('--no-compression'); @@ -88,6 +87,7 @@ const config = { artifactName: 'MullvadVPN-${version}.${ext}', category: 'public.app-category.tools', icon: distAssets('icon-macos.icns'), + notarize: shouldNotarize, extendInfo: { LSUIElement: true, NSUserNotificationAlertStyle: 'banner', @@ -314,11 +314,6 @@ function packMac() { return Promise.resolve(); }, afterAllArtifactBuild: async (buildResult) => { - if (shouldNotarize) { - // buildResult.artifactPaths[0] contains the path to the pkg. - await notarizeMac(buildResult.artifactPaths[0]); - } - // Remove the folder that contains the unpacked app. Electron builder cleans up some of // these directories and it's changed between versions without a mention in the changelog. for (const dir of appOutDirs) { @@ -330,26 +325,11 @@ function packMac() { afterSign: (context) => { const appOutDir = context.appOutDir; appOutDirs.push(appOutDir); - - if (shouldNotarize) { - const appName = context.packager.appInfo.productFilename; - return notarizeMac(path.join(appOutDir, `${appName}.app`)); - } }, }, }); } -function notarizeMac(notarizePath) { - console.log('Notarizing ' + notarizePath); - return notarize({ - appBundleId: config.appId, - appPath: notarizePath, - keychain: process.env.NOTARIZE_KEYCHAIN, - keychainProfile: process.env.NOTARIZE_KEYCHAIN_PROFILE, - }); -} - function packLinux() { if (noCompression) { config.rpm.fpm.unshift('--rpm-compression', 'none');