christarnowski/Code for "Making notarization work on macOs for Electron apps built with Electron Builder"

## Code for "Making notarization work on macOs for Electron apps built with Electron Builder"
See https://christarnowski.com/making-notarization-work-on-macos-for-electron-apps-built-with-electron-builder for more information.

## entitlements.mac.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
  <dict>
    <!-- https://github.com/electron/electron-notarize#prerequisites -->
    <key>com.apple.security.cs.allow-jit</key>
    <true/>
    <key>com.apple.security.cs.allow-unsigned-executable-memory</key>
    <true/>
    <key>com.apple.security.cs.allow-dyld-environment-variables</key>
    <true/>
    <!-- https://github.com/electron-userland/electron-builder/issues/3940 -->
    <key>com.apple.security.cs.disable-library-validation</key>
    <true/>
  </dict>
</plist>

## notarize.js
const {notarize} = require("electron-notarize");

exports.default = async function notarizing(context) {
  const {electronPlatformName, appOutDir} = context;

  if (electronPlatformName !== "darwin") {
    return;
  }

  const appName = context.packager.appInfo.productFilename;

  return await notarize({
    appBundleId: process.env.APP_BUNDLE_ID,
    appPath: `${appOutDir}/${appName}.app`,
    appleId: process.env.APPLE_ID,
    appleIdPassword: process.env.APPLE_ID_PASSWORD,
  });
};

## patch-electron-notarize.ts
import {FileContentsTransformer, replaceFileContents} from "./common";

const ELECTRON_NOTARIZE_INDEX_PATH = "build/node_modules/electron-notarize/lib/index.js";

async function main() {
  const transformer: FileContentsTransformer = (content: string) => {
    return content.replace(
        "spawn('zip', ['-r', '-y', zipPath, path.basename(opts.appPath)]",
        "spawn('ditto', ['-c', '-k', '--sequesterRsrc', '--keepParent', path.basename(opts.appPath), zipPath]"
    );
  };

  await replaceFileContents(ELECTRON_NOTARIZE_INDEX_PATH, transformer);
}

// noinspection JSIgnoredPromiseFromCall
main();

## patcher-commons.ts
import {promises as fsp} from "fs";

export type FileContentsTransformer = (content: string) => string;

export async function replaceFileContents(path: string, transformer: FileContentsTransformer) {
  let fh: fsp.FileHandle | null = null;
  let content: string = "";

  try {
    fh = await fsp.open(path, "r");

    if (fh) {
      content = (await fh.readFile()).toString();
    }
  } finally {
    if (fh) {
      await fh.close();
    }
  }

  try {
    fh = await fsp.open(path, "w");

    if (fh) {
      await fh.writeFile(transformer(content));
    }
  } finally {
    if (fh) {
      await fh.close();
    }
  }
}
	<?xml version="1.0" encoding="UTF-8"?>
	<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
	<plist version="1.0">
	<dict>
	<!-- https://github.com/electron/electron-notarize#prerequisites -->
	<key>com.apple.security.cs.allow-jit</key>
	<true/>
	<key>com.apple.security.cs.allow-unsigned-executable-memory</key>
	<true/>
	<key>com.apple.security.cs.allow-dyld-environment-variables</key>
	<true/>
	<!-- https://github.com/electron-userland/electron-builder/issues/3940 -->
	<key>com.apple.security.cs.disable-library-validation</key>
	<true/>
	</dict>
	</plist>
	const {notarize} = require("electron-notarize");

	exports.default = async function notarizing(context) {
	const {electronPlatformName, appOutDir} = context;

	if (electronPlatformName !== "darwin") {
	return;
	}

	const appName = context.packager.appInfo.productFilename;

	return await notarize({
	appBundleId: process.env.APP_BUNDLE_ID,
	appPath: `${appOutDir}/${appName}.app`,
	appleId: process.env.APPLE_ID,
	appleIdPassword: process.env.APPLE_ID_PASSWORD,
	});
	};
	import {FileContentsTransformer, replaceFileContents} from "./common";

	const ELECTRON_NOTARIZE_INDEX_PATH = "build/node_modules/electron-notarize/lib/index.js";

	async function main() {
	const transformer: FileContentsTransformer = (content: string) => {
	return content.replace(
	"spawn('zip', ['-r', '-y', zipPath, path.basename(opts.appPath)]",
	"spawn('ditto', ['-c', '-k', '--sequesterRsrc', '--keepParent', path.basename(opts.appPath), zipPath]"
	);
	};

	await replaceFileContents(ELECTRON_NOTARIZE_INDEX_PATH, transformer);
	}

	// noinspection JSIgnoredPromiseFromCall
	main();
	import {promises as fsp} from "fs";

	export type FileContentsTransformer = (content: string) => string;

	export async function replaceFileContents(path: string, transformer: FileContentsTransformer) {
	let fh: fsp.FileHandle \| null = null;
	let content: string = "";

	try {
	fh = await fsp.open(path, "r");

	if (fh) {
	content = (await fh.readFile()).toString();
	}
	} finally {
	if (fh) {
	await fh.close();
	}
	}

	try {
	fh = await fsp.open(path, "w");

	if (fh) {
	await fh.writeFile(transformer(content));
	}
	} finally {
	if (fh) {
	await fh.close();
	}
	}
	}