feat: add macOS code signing and notarization support

- Add entitlements.mac.plist for hardened runtime - Add notarize.js post-sign hook for Apple notarization - Update package.json with signing config and @electron/notarize dep - Update GitHub Actions workflow with signing secrets Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-26 14:01:48 -03:00 · 2026-01-28 14:48:40 +01:00
parent 79456e43a6
commit e8105cb30e
4 changed files with 69 additions and 1 deletions
--- a/package.json
+++ b/package.json
@@ -45,6 +45,7 @@
  },
  "license": "MIT",
  "devDependencies": {
+    "@electron/notarize": "^2.5.0",
    "electron": "^40.0.0",
    "electron-builder": "^26.4.0"
  },
@@ -131,8 +132,13 @@
        }
      ],
      "icon": "build/icon.icns",
-      "category": "public.app-category.games"
+      "category": "public.app-category.games",
+      "hardenedRuntime": true,
+      "gatekeeperAssess": false,
+      "entitlements": "build/entitlements.mac.plist",
+      "entitlementsInherit": "build/entitlements.mac.plist"
    },
+    "afterSign": "scripts/notarize.js",
    "nsis": {
      "oneClick": false,
      "allowToChangeInstallationDirectory": true,