UNPKG

electron-installer-codesign

Version:

Sign your electron apps on OSX.

github.com/mongodb-js/electron-installer-codesign

mongodb-js/electron-installer-codesign

110 lines (96 loc) 3 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
/* eslint no-console:0 */ var fs = require('fs'); var path = require('path'); var del = require('del'); var run = require('electron-installer-run'); var async = require('async'); var chalk = require('chalk'); var figures = require('figures'); var sign = require('electron-osx-sign'); var debug = require('debug')('electron-installer-codesign'); function checkAppExists(opts, fn) { debug('checking appPath `%s` exists...', opts.appPath); fs.exists(opts.appPath, function(exists) { if (!exists) { debug('appPath `%s` does not exist!', opts.appPath); return fn(new Error(opts.appPath + ' does not exist.')); } debug('appPath exists'); fn(); }); } // Clean up ".cstemp" files from previous attempts function cleanup(opts, fn) { debug('running cleanup'); del([opts.appPath + '/*.cstemp']).then(function() { fn(); }); } function runCodesign(src, opts, fn) { var entitlementsFile = opts.entitlements || path.resolve(__dirname, 'entitlements.xml'); sign({ app: src, hardenedRuntime: true, identity: opts.identity, 'gatekeeper-assess': false, entitlements: entitlementsFile, 'entitlements-inherit': entitlementsFile, 'entitlements-loginheler': entitlementsFile }, function(err) { if (err) { fn(new Error('codesign failed ' + path.basename(src) + ': ' + err.message)); return; } fn(null, src); }); } /** * @param {String} commonName * @param {Function} fn - Callback. */ function isIdentityAvailable(commonName, fn) { run('certtool', ['y'], function(err, output) { if (err) { debug('Failed to list certificates.'); fn(null, false); return; } if (output.indexOf(commonName) === -1) { debug('Signing identity `%s` not detected.', commonName); fn(null, false); return; } debug('The signing identity `%s` is available!', commonName); fn(null, true); }); } module.exports = function(opts, done) { async.series([ checkAppExists.bind(null, opts), cleanup.bind(null, opts), runCodesign.bind(null, opts.appPath, opts) ], done); }; module.exports.isIdentityAvailable = isIdentityAvailable; module.exports.codesign = runCodesign; module.exports.printWarning = function() { console.error(chalk.yellow.bold(figures.warning), ' User confusion ahead!'); console.error(chalk.gray( ' The default preferences for OSX Gatekeeper will not', 'allow users to run unsigned applications.')); console.error(chalk.gray( ' However, we\'re going to continue building', 'the app and an installer because you\'re most likely')); console.error(chalk.gray( ' a developer trying to test', 'the app\'s installation process.')); console.error(chalk.gray( ' For more information on OSX Gatekeeper and how to change your', 'system preferences to run unsigned applications,')); console.error(chalk.gray(' please see', 'https://support.apple.com/en-us/HT202491')); };