{"_id":"@electron/notarize","_rev":"217137","name":"@electron/notarize","description":"Notarize your Electron app","dist-tags":{"latest":"1.2.3"},"maintainers":[{"name":"electron-cfa","email":""}],"time":{"modified":"2023-03-24T09:13:46.000Z","created":"2022-10-20T23:19:43.483Z","1.2.3":"2022-10-20T23:22:39.937Z","0.0.0":"2022-10-20T23:19:43.483Z"},"users":{},"author":{"name":"Samuel Attard"},"repository":{"type":"git","url":"git+https://github.com/electron/notarize.git"},"versions":{"1.2.3":{"name":"@electron/notarize","version":"1.2.3","description":"Notarize your Electron app","main":"lib/index.js","typings":"lib/index.d.ts","author":{"name":"Samuel Attard"},"license":"MIT","homepage":"https://github.com/electron/notarize#readme","repository":{"type":"git","url":"git+https://github.com/electron/notarize.git"},"bugs":{"url":"https://github.com/electron/notarize/issues"},"scripts":{"build":"tsc","lint":"prettier --check \"src/**/*.ts\"","prepare":"yarn build","test":"jest"},"engines":{"node":">= 10.0.0"},"devDependencies":{"@continuous-auth/semantic-release-npm":"^2.0.0","@types/debug":"^4.1.5","@types/fs-extra":"^9.0.1","@types/jest":"^25.1.4","@types/node":"^13.7.7","jest":"^25.1.0","prettier":"^1.18.2","ts-jest":"^25.2.1","typescript":"^3.6.4"},"dependencies":{"debug":"^4.1.1","fs-extra":"^9.0.1"},"gitHead":"3dd7a88864e1576d4c43bad972c99f5ce806c000","_id":"@electron/notarize@1.2.3","_nodeVersion":"18.11.0","_npmVersion":"6.14.6","dist":{"shasum":"38056a629e5a0b5fd56c975c4828c0f74285b644","size":12615,"noattachment":false,"key":"/@electron/notarize/-/@electron/notarize-1.2.3.tgz","tarball":"http://name.csiicloud.com:7001/@electron/notarize/download/@electron/notarize-1.2.3.tgz"},"_npmUser":{"name":"electron-cfa","email":"info+cfa-npm@electronjs.org"},"directories":{},"maintainers":[{"name":"electron-cfa","email":""}],"_npmOperationalInternal":{"host":"s3://npm-registry-packages","tmp":"tmp/notarize_1.2.3_1666308159766_0.6620284516824779"},"_hasShrinkwrap":false,"_cnpmcore_publish_time":"2022-10-20T23:23:15.672Z","publish_time":1666308159937,"_cnpm_publish_time":1666308159937},"0.0.0":{"name":"@electron/notarize","version":"0.0.0","_id":"@electron/notarize@0.0.0","_nodeVersion":"14.19.1","_npmVersion":"6.14.16","dist":{"shasum":"fc34c43d3e620bfb7c87b4ddd5a609b4129927a9","size":155,"noattachment":false,"key":"/@electron/notarize/-/@electron/notarize-0.0.0.tgz","tarball":"http://name.csiicloud.com:7001/@electron/notarize/download/@electron/notarize-0.0.0.tgz"},"_npmUser":{"name":"electronhq","email":"electron@github.com"},"directories":{},"maintainers":[{"name":"electron-cfa","email":""}],"_npmOperationalInternal":{"host":"s3://npm-registry-packages","tmp":"tmp/notarize_0.0.0_1666307983315_0.6855440737489071"},"_hasShrinkwrap":false,"_cnpmcore_publish_time":"2022-10-20T23:19:57.672Z","publish_time":1666307983483,"_cnpm_publish_time":1666307983483}},"readme":"Electron Notarize\n-----------\n\n> Notarize your Electron apps seamlessly for macOS\n\n[![CircleCI status](https://circleci.com/gh/electron/notarize.svg?style=shield)](https://circleci.com/gh/electron/notarize)\n[![NPM package](https://img.shields.io/npm/v/@electron/notarize)](https://npm.im/@electron/notarize)\n\n## Installation\n\n```bash\n# npm\nnpm install @electron/notarize --save-dev\n\n# yarn\nyarn add @electron/notarize --dev\n```\n\n## What is app \"notarization\"?\n\nFrom Apple's docs in XCode:\n\n> A notarized app is a macOS app that was uploaded to Apple for processing before it was distributed. When you export a notarized app from Xcode, it code signs the app with a Developer ID certificate and staples a ticket from Apple to the app. The ticket confirms that you previously uploaded the app to Apple.\n\n> On macOS 10.14 and later, the user can launch notarized apps when Gatekeeper is enabled. When the user first launches a notarized app, Gatekeeper looks for the app’s ticket online. If the user is offline, Gatekeeper looks for the ticket that was stapled to the app.\n\nApple has made this a hard requirement as of 10.15 (Catalina).\n\n## Prerequisites\n\nFor notarization, you need the following things:\n\n1. Xcode 10 or later installed on your Mac.\n2. An [Apple Developer](https://developer.apple.com/) account.\n3. [An app-specific password for your ADC account’s Apple ID](https://support.apple.com/HT204397).\n4. Your app may need to be signed with `hardened-runtime`, including the following entitlement:\n    1. `com.apple.security.cs.allow-jit`\n\n  If you are using Electron 11 or below, you must add the `com.apple.security.cs.allow-unsigned-executable-memory` entitlement too.\n  When using version 12+, this entitlement should not be applied as it increases your app's attack surface.\n\n## API\n\n### Method: `notarize(opts): Promise<void>`\n\n* `options` Object\n  * `tool` String - The notarization tool to use, default is `legacy`.  Can be `legacy` or `notarytool`. `notarytool` is substantially (10x) faster.\n  * `appPath` String - The absolute path to your `.app` file\n  * There are different options for each tool: Legacy\n    * `appBundleId` String - The app bundle identifier your Electron app is using.  E.g. `com.github.electron`\n    * `ascProvider` String (optional) - Your [Team Short Name](#notes-on-your-team-short-name).\n    * There are two authentication methods available: user name with password:\n      * `appleId` String - The username of your apple developer account\n      * `appleIdPassword` String - The [app-specific password](https://support.apple.com/HT204397) (not your Apple ID password).\n    * ... or apiKey with apiIssuer:\n      * `appleApiKey` String - Required for JWT authentication. See Note on JWT authentication below.\n      * `appleApiIssuer` String - Issuer ID. Required if `appleApiKey` is specified.\n  * ... or Notary Tool\n    * There are three authentication methods available: user name with password:\n      * `appleId` String - The username of your apple developer account\n      * `appleIdPassword` String - The [app-specific password](https://support.apple.com/HT204397) (not your Apple ID password).\n      * `teamId` String - The team ID you want to notarize under.\n    * ... or apiKey with apiIssuer:\n      * `appleApiKey` String - Required for JWT authentication. See Note on JWT authentication below.\n      * `appleApiKeyId` String - Required for JWT authentication. See Note on JWT authentication below.\n      * `appleApiIssuer` String - Issuer ID. Required if `appleApiKey` is specified.\n    * ... or keychain with keychainProfile:\n      * `keychain` String - The name of the keychain or path to the keychain you stored notarization credentials in.\n      * `keychainProfile` String - The name of the profile you provided when storing notarization credentials.\n\n## Safety when using `appleIdPassword`\n\n1. Never hard code your password into your packaging scripts, use an environment\nvariable at a minimum.\n2. It is possible to provide a keychain reference instead of your actual password (assuming that you have already logged into\nthe Application Loader from Xcode).  For example:\n\n```javascript\nconst password = `@keychain:\"Application Loader: ${appleId}\"`;\n```\n\nAnother option is that you can add a new keychain item using either the Keychain Access app or from the command line using the `security` utility:\n\n```bash\nsecurity add-generic-password -a \"AC_USERNAME\" -w <app_specific_password> -s \"AC_PASSWORD\"\n```\nwhere `AC_USERNAME` should be replaced with your Apple ID, and then in your code you can use:\n\n```javascript\nconst password = `@keychain:AC_PASSWORD`;\n```\n\n## Notes on JWT authentication\n\nYou can obtain an API key from [Appstore Connect](https://appstoreconnect.apple.com/access/api). Create a key with _App Manager_ access. Note down the Issuer ID and download the `.p8` file. This file is your API key and comes with the name of `AuthKey_<api_key>.p8`. This is the string you have to supply when calling `notarize`.\n\nBased on the `ApiKey`, `altool` will look in the following places for that file:\n\n* `./private_keys`\n* `~/private_keys`\n* `~/.private_keys`\n* `~/.appstoreconnect/private_keys`\n\n## Notes on your Team Short Name\n\nIf you are a member of multiple teams or organizations, you have to tell Apple on behalf of which organization you're uploading. To find your [team's short name](https://forums.developer.apple.com/thread/113798)), you can ask `iTMSTransporter`, which is part of the now deprecated `Application Loader` as well as the newer [`Transporter`](https://apps.apple.com/us/app/transporter/id1450874784?mt=12).\n\nWith `Transporter` installed, run:\n```sh\n/Applications/Transporter.app/Contents/itms/bin/iTMSTransporter -m provider -u APPLE_DEV_ACCOUNT -p APP_PASSWORD\n```\n\nAlternatively, with older versions of Xcode, run:\n```sh\n/Applications/Xcode.app/Contents/Applications/Application Loader.app/Contents/itms/bin/iTMSTransporter -m provider -u APPLE_DEV_ACCOUNT -p APP_PASSWORD\n```\n## Example Usage\n\n```javascript\nimport { notarize } from '@electron/notarize';\n\nasync function packageTask () {\n  // Package your app here, and code sign with hardened runtime\n  await notarize({\n    appBundleId,\n    appPath,\n    appleId,\n    appleIdPassword,\n    ascProvider, // This parameter is optional\n  });\n}\n```\n","_attachments":{},"homepage":"https://github.com/electron/notarize#readme","bugs":{"url":"https://github.com/electron/notarize/issues"},"license":"MIT"}