		@@ -0,1 +1,2 @@
		export { validateAuthorizationArgs } from './validate-args';
		export interface NotarizePasswordCredentials {
		@@ -2,0 +3,0 @@ appleId: string;

lib/index.js

		@@ -26,5 +26,9 @@ var __awaiter = (this && this.__awaiter) \|\| function (thisArg, _arguments, P, generator) {
		const helpers_1 = require("./helpers");
		const validate_args_1 = require("./validate-args");
		const d = debug('electron-notarize');
		function authorizationArgs(opts) {
		if ('appleId' in opts) {
		var validate_args_2 = require("./validate-args");
		exports.validateAuthorizationArgs = validate_args_2.validateAuthorizationArgs;
		function authorizationArgs(rawOpts) {
		const opts = validate_args_1.validateAuthorizationArgs(rawOpts);
		if (validate_args_1.isPasswordCredentials(opts)) {
		return ['-u', helpers_1.makeSecret(opts.appleId), '-p', helpers_1.makeSecret(opts.appleIdPassword)];
		@@ -31,0 +35,0 @@ }

package.json

		{
		"name": "electron-notarize",
		"version": "0.2.1",
		"version": "0.3.0",
		"description": "Notarize your Electron app",
		@@ -12,7 +12,7 @@ "main": "lib/index.js",
		"lint": "prettier --check \"src/*/.ts\"",
		"prepublish": "yarn build"
		"prepare": "yarn build",
		"test": "jest"
		},
		"files": [
		"lib",
		"README.md"
		"lib"
		],
		@@ -23,6 +23,8 @@ "devDependencies": {
		"@types/fs-extra": "^8.0.1",
		"@types/node": "^12.12.5",
		"electron": "^7.0.1",
		"@types/jest": "^25.1.4",
		"@types/node": "^13.7.7",
		"jest": "^25.1.0",
		"prettier": "^1.18.2",
		"semantic-release": "^15.13.18",
		"ts-jest": "^25.2.1",
		"typescript": "^3.6.4"
		@@ -29,0 +31,0 @@ },

README.md

		Electron Notarize
		-----------

		> Notarize your Electron apps seamlessly
		> Notarize your Electron apps seamlessly for macOS

		[![CircleCI status](https://circleci.com/gh/electron/electron-notarize.svg?style=svg)](https://circleci.com/gh/electron/electron-notarize)
		[![NPM package](https://img.shields.io/npm/v/electron-notarize)](https://npm.im/electron-notarize)

		## Installation
		@@ -10,3 +13,3 @@
		# npm
		npm i electron-notarize --save-dev
		npm install electron-notarize --save-dev

		@@ -19,3 +22,3 @@ # yarn

		From apple's docs, the definition of a "notarized app"
		From Apple's docs in XCode:

		@@ -26,5 +29,15 @@ > A notarized app is a macOS app that was uploaded to Apple for processing before it was distributed. When you export a notarized app from Xcode, it code signs the app with a Developer ID certificate and staples a ticket from Apple to the app. The ticket confirms that you previously uploaded the app to Apple.

		Basically Apple are going to make this a hard requirement soon, may as well get
		on the train early.
		Apple has made this a hard requirement as of 10.15 (Catalina).

		## Prerequisites

		For notarization, you need the following things:

		1. Xcode 10 or later installed on your Mac.
		2. An [Apple Developer](https://developer.apple.com/) account.
		3. [An app-specific password for your ADC account’s Apple ID](https://support.apple.com/HT204397).
		4. Your app may need to be signed with `hardened-runtime` and the following entitlements:
		1. `com.apple.security.cs.allow-jit`
		2. `com.apple.security.cs.allow-unsigned-executable-memory`

		## API
		@@ -37,3 +50,3 @@
		* `appPath` String - The absolute path to your `.app` file
		* `ascProvider` String (optional) - Your [Team Short Name](https://forums.developer.apple.com/thread/113798). This is necessary if you are part of multiple teams, you can find it out by running `iTMSTransporter -m provider -u APPLE_DEV_ACCOUNT -p APP_PASSWORD`
		* `ascProvider` String (optional) - Your [Team Short Name](#notes-on-your-team-short-name).
		* There are two methods available: user name with password:
		@@ -46,15 +59,4 @@ * `appleId` String - The username of your apple developer account

		#### Prerequisites
		## Safety when using `appleIdPassword`

		For notarization, you need the following things:

		1. Xcode 10 or later installed on your Mac.
		2. An [Apple Developer](https://developer.apple.com/) account.
		3. [An app-specific password for your ADC account’s Apple ID](https://support.apple.com/HT204397).
		4. Your app may need to be signed with hardened-runtime and the following entitlements:
		1. com.apple.security.cs.allow-jit
		1. com.apple.security.cs.allow-unsigned-executable-memory

		#### Safety when using `appleIdPassword`

		1. Never hard code your password into your packaging scripts, use an environment
		@@ -65,9 +67,9 @@ variable at a minimum.

		```js
		```javascript
		const password = `@keychain:"Application Loader: ${appleId}"`;
		```

		Another option is that you can add a new keychain item using either the Keychain Access app or from the command line using the `security` utility:
		Another option is that you can add a new keychain item using either the Keychain Access app or from the command line using the `security` utility:

		```shell
		```bash
		security add-generic-password -a "AC_USERNAME" -w <app_specific_password> -s "AC_PASSWORD"
		@@ -77,20 +79,37 @@ ```

		```js
		```javascript
		const password = `@keychain:AC_PASSWORD`;
		```

		#### Notes on JWT authentication
		## Notes on JWT authentication

		You can obtain an API key from [Appstore Connect](https://appstoreconnect.apple.com/access/api). Create a key with _App Manager_ access. Note down the Issuer ID and download the `.p8` file. This file is your Api key and comes with the name of `AuthKey_<api_key>.p8`. This is the string you have to supply when calling `notarize`.
		You can obtain an API key from [Appstore Connect](https://appstoreconnect.apple.com/access/api). Create a key with _App Manager_ access. Note down the Issuer ID and download the `.p8` file. This file is your API key and comes with the name of `AuthKey_<api_key>.p8`. This is the string you have to supply when calling `notarize`.

		Based on the `ApiKey` `altool` will look in the following places for that file:
		`./private_keys`, `~/private_keys`, `~/.private_keys` and `~/.appstoreconnect/private_keys`.
		Based on the `ApiKey`, `altool` will look in the following places for that file:

		#### Example Usage
		* `./private_keys`
		* `~/private_keys`
		* `~/.private_keys`
		* `~/.appstoreconnect/private_keys`

		```js
		## Notes on your Team Short Name

		If you are a member of multiple teams or organizations, you have to tell Apple on behalf of which organization you're uploading. To find your [team's short name](https://forums.developer.apple.com/thread/113798)), you can ask `iTMSTransporter`, which is part of the now deprecated `Application Loader` as well as the newer [`Transporter`](https://apps.apple.com/us/app/transporter/id1450874784?mt=12).

		With `Transporter` installed, run:
		```sh
		/Applications/Transporter.app/Contents/itms/bin/iTMSTransporter -m provider -u APPLE_DEV_ACCOUNT -p APP_PASSWORD
		```

		Alternatively, with older versions of Xcode, run:
		```sh
		/Applications/Xcode.app/Contents/Applications/Application Loader.app/Contents/itms/bin/iTMSTransporter -m provider -u APPLE_DEV_ACCOUNT -p APP_PASSWORD
		```
		## Example Usage

		```javascript
		import { notarize } from 'electron-notarize';

		async function packageTask () {
		// Package your app here, and code side with hardened runtime
		// Package your app here, and code sign with hardened runtime
		await notarize({
		@@ -97,0 +116,0 @@ appBundleId,

lib/index.js.map

Sorry, the diff of this file is not supported yet

electron-notarize - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics