create notarized MacOS release #138
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Add this suggestion to a batch that can be applied as a single commit. This suggestion is invalid because no changes were made to the code. Suggestions cannot be applied while the pull request is closed. Suggestions cannot be applied while viewing a subset of changes. Only one suggestion per line can be applied in a batch. Add this suggestion to a batch that can be applied as a single commit. Applying suggestions on deleted lines is not supported. You must change the existing code in this line in order to create a valid suggestion. Outdated suggestions cannot be applied. This suggestion has been applied or marked resolved. Suggestions cannot be applied from pending reviews. Suggestions cannot be applied on multi-line comments. Suggestions cannot be applied while the pull request is queued to merge. Suggestion cannot be applied right now. Please check back later.
This pull request introduces significant updates to the build and release workflows, focusing on macOS notarization, code signing, and artifact handling. It also includes changes to the
package.jsonconfiguration and dependencies to support these enhancements. Below is a summary of the most important changes grouped by theme.Build and Release Workflow Enhancements:
.github/workflows/build_release.yml, including keychain management, certificate import, and artifact uploading.environment: "deepnest-test") in the workflow.MacOS Notarization:
_build/entitlements.mac.plistto define macOS app entitlements, such as allowing JIT and read/write access to user-selected files.helper_scripts/sign_mac.jsfor macOS app notarization using@electron/notarize.Package Configuration Updates:
package.jsonto include macOS-specific build targets (dmg,zip,pkg) and enable hardened runtime, entitlements, notarization, and language settings.build-dist:mac,build-dist:mac-signed) and updated dependencies to support macOS notarization and signing. [1] [2]Artifact Handling:
.github/workflows/build_release.yml, including dynamic artifact discovery and GitHub CLI-based uploads.These changes collectively improve the macOS build process, ensure compliance with Apple's notarization requirements, and streamline artifact management.