4

目前我正在使用 electron-builder ("electron-builder": "^22.9.1") 和 electron-notorize ("electron-notorize": ^1.0.0) 包对 Mac 的电子应用程序进行认证。构建成功通过。检查应用程序签名和通知状态

pkgutil --check-signature /Path_to_App/My_App.app


   Package "XXXXXXX":
   Status: signed by a certificate trusted by macOS
   Certificate Chain:...


spctl -a -t exec -vvv /Path_to_App/My_App.app 

/Applications/XXXXXX.app: accepted
source=Notarized Developer ID
origin=Developer ID Application: XXXXXXXX

告诉应用程序已签名并经过公证。但是当我在另一台机器上打开它时,我会弹出一条消息,指出应用程序无法打开,因为无法验证开发人员。我在构建配置和 plist 文件中尝试了不同的选项,但仍然无法理解此问题的原因。我在 package.json 中的构建配置

"build": {
    "appId": "com.XXXX.XX",
    "productName": "XXXXXXX",
    "afterSign": "electron/notarize.js",
    "extends": null,
    "buildDependenciesFromSource": true,
    "files": [
      "build/**/*"
    ],
    "directories": {
      "buildResources": "assets"
    },
    "mac": {
      "category": "public.app-category.productivity",
      "icon": "build/icon.icns",
      "hardenedRuntime": true,
      "gatekeeperAssess": false,
      "entitlements": "build/entitlements.mac.plist",
      "entitlementsInherit": "build/entitlements.mac.plist",
      "electronLanguages": [
        "en"
      ],
      "target": ["dmg"]
    },
    "dmg": {
      "sign": false
    },

和 entitlements.mac.plist

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
  <dict>
    <!-- https://github.com/electron/electron-notarize#prerequisites -->
    <key>com.apple.security.cs.allow-jit</key>
    <true/>
    <key>com.apple.security.cs.allow-unsigned-executable-memory</key>
    <true/>
    <!-- https://github.com/electron-userland/electron-builder/issues/3940 -->
    <key>com.apple.security.cs.disable-library-validation</key>
    <true/>

    <key>com.apple.security.cs.allow-dyld-environment-variables</key>
    <true/>

    <key>com.apple.security.cs.disable-executable-page-protection</key>
    <true/>

    <key>com.apple.security.inherit</key>
    <true/>
    <key>com.apple.security.automation.apple-events</key>
    <true/>
    <key>com.apple.security.device.audio-input </key>
    <true/>
    <key>com.apple.security.device.camera</key>
    <true/>
    <key>com.apple.security.device.microphone</key>
    <true/>
    <key>com.apple.security.device.bluetooth</key>
    <true/>
  </dict>
</plist>
4

1 回答 1

1

我通过以下方式让它工作:

在 package.json 中,在“mac”下添加:

"asarUnpack": "**/*.node"

这将告诉构建器解压缩这些节点本机二进制文件,以便公证可以检查这些库。

在用于签名的权利文件中,删除:

<key>com.apple.security.cs.disable-library-validation</key> <true/>

然后,它应该按预期工作。

于 2021-05-31T14:45:15.950 回答