fix(ci): switch to built-in electron-builder notarization

- Remove custom afterSign hook (scripts/notarize.js)
- Enable built-in notarization with "notarize": true
- Use APPLE_ID_PASSWORD env var for electron-builder
- Restore full build (dmg + zip) to test blockmap

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
sanasol
2026-02-03 03:00:30 +01:00
parent ee4909cc72
commit 5cf9fa3af4
2 changed files with 6 additions and 5 deletions

View File

@@ -44,11 +44,11 @@ jobs:
# Code signing
CSC_LINK: ${{ secrets.CSC_LINK }}
CSC_KEY_PASSWORD: ${{ secrets.CSC_KEY_PASSWORD }}
# Notarization
# Notarization (built-in electron-builder)
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_APP_SPECIFIC_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }}
APPLE_ID_PASSWORD: ${{ secrets.APPLE_APP_SPECIFIC_PASSWORD }}
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
run: npx electron-builder --mac --universal --publish never --config.mac.target=dmg
run: npx electron-builder --mac --universal --publish never
- name: List built artifacts
run: ls -la dist/
@@ -58,6 +58,8 @@ jobs:
name: macos-builds
path: |
dist/*.dmg
dist/*.zip
dist/*.blockmap
dist/latest-mac.yml
build-linux:

View File

@@ -140,9 +140,8 @@
"forceCodeSigning": true,
"strictVerify": true,
"type": "distribution",
"notarize": false
"notarize": true
},
"afterSign": "scripts/notarize.js",
"nsis": {
"oneClick": false,
"allowToChangeInstallationDirectory": true,