search

electron-userland / electron-builder

A complete solution to package and build a ready for distribution Electron app with “auto update” support out of the box
https://www.electron.build
MIT License
13.72k stars 1.74k forks source link

Error building app for MacOS: Failed to staple your application with code: 65 #7958

Closed MelvilQ closed 10 months ago

MelvilQ commented 11 months ago

I am trying to build, sign and notarize my electron application for MacOS, but it fails:

• electron-builder version=24.9.1 os=22.4.0 • loaded configuration file=package.json ("build" field) • packaging platform=darwin arch=x64 electron=28.0.0 appOutDir=dist/mac • signing file=dist/mac/xxx.app identityName=Apple Distribution: xxx GmbH & Co. KG (xxx) identityHash=CD372DD80E5878CA24D9FE8BD2BB124A2ED99799 provisioningProfile=build/Developer_ID.provisionprofile x Failed to staple your application with code: 65

My package.json looks like this:

{
  "name": "xxx",
  "version": "0.0.0-unset",
  "author": "xxx GmbH & Co. KG",
  "main": "./js/main.js",
  "build": {
    "appId": "de.xxx",
    "directories": {
      "buildResources": "build",
      "output": "dist"
    },
    "mac": {
      "appId": "de.xxx.mac",
      "category": "public.app-category.medical",
      "icon": "build/icon-1024.png",
      "hardenedRuntime": true,
      "gatekeeperAssess": false,
      "entitlements": "build/entitlements.mac.plist",
      "entitlementsInherit": "build/entitlements.mac.plist",
      "provisioningProfile": "build/Developer_ID.provisionprofile",
      "notarize": {
        "teamId": "xxx"
      }
    },
    "files": [
      "js/main.js",
      "www/**/*"
    ]
  },
  "scripts": {
    "build": "tsc && electron-builder",
    "start": "tsc && electron . --dev",
    "replace": "replace"
  },
  "description": "xxx Client",
  "devDependencies": {
    "electron": "^28.1.0",
    "electron-builder": "^24.9.1",
    "replace": "^1.2.2",
    "typescript": "^5.3.3"
  }
}

entitlements.mac-plist:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
  <dict>
    <key>com.apple.security.cs.allow-dyld-environment-variables</key>
    <true/>
    <key>com.apple.security.cs.disable-library-validation</key>
    <true/>
    <key>com.apple.security.cs.allow-jit</key>
    <true/>
    <key>com.apple.security.cs.allow-unsigned-executable-memory</key>
    <true/>
    <key>com.apple.security.cs.debugger</key>
    <true/>
    <key>com.apple.security.network.client</key>
    <true/>
    <key>com.apple.security.network.server</key>
    <true/>
    <key>com.apple.security.files.user-selected.read-only</key>
    <true/>
    <key>com.apple.security.inherit</key>
    <true/>
    <key>com.apple.security.automation.apple-events</key>
    <true/>
  </dict>
</plist>

I would say that my setup is pretty standard, so I expected it to work out of the box... but the notarization log is full of errors.

xcrun notarytool log:

{
  "logFormatVersion": 1,
  "jobId": "0319e105-1aa6-4796-8b97-b53eb4d75a35",
  "status": "Invalid",
  "statusSummary": "Archive contains critical validation errors",
  "statusCode": 4000,
  "archiveFilename": "xxx.zip",
  "uploadDate": "2023-12-28T09:03:43.951Z",
  "sha256": "e6539c2eca8497d73e3868881c2f2ead5fff4074fe30eb75bb7f3895b55164af",
  "ticketContents": null,
  "issues": [
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/MacOS/xxx",
      "message": "The signature of the binary is invalid.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087735&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936784091%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=0hMtHBDm4t8R9%2FlK4o8gbQvkt%2B6OpisbFSEp%2Basz4gA%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/MacOS/xxx",
      "message": "The signature does not include a secure timestamp.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087733&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936784091%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=599xrNFbBuGl5X5X%2F1GfeX4aGkJvz%2FTwfDjwYpojDpk%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/xxx Helper (GPU).app/Contents/MacOS/xxx Helper (GPU)",
      "message": "The signature of the binary is invalid.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087735&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936784091%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=0hMtHBDm4t8R9%2FlK4o8gbQvkt%2B6OpisbFSEp%2Basz4gA%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/xxx Helper (GPU).app/Contents/MacOS/xxx Helper (GPU)",
      "message": "The signature does not include a secure timestamp.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087733&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936784091%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=599xrNFbBuGl5X5X%2F1GfeX4aGkJvz%2FTwfDjwYpojDpk%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Electron Framework",
      "message": "The signature of the binary is invalid.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087735&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936784091%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=0hMtHBDm4t8R9%2FlK4o8gbQvkt%2B6OpisbFSEp%2Basz4gA%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Electron Framework",
      "message": "The signature does not include a secure timestamp.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087733&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936784091%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=599xrNFbBuGl5X5X%2F1GfeX4aGkJvz%2FTwfDjwYpojDpk%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Libraries/libEGL.dylib",
      "message": "The signature of the binary is invalid.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087735&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936784091%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=0hMtHBDm4t8R9%2FlK4o8gbQvkt%2B6OpisbFSEp%2Basz4gA%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Libraries/libEGL.dylib",
      "message": "The signature does not include a secure timestamp.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087733&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936784091%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=599xrNFbBuGl5X5X%2F1GfeX4aGkJvz%2FTwfDjwYpojDpk%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Libraries/libvk_swiftshader.dylib",
      "message": "The signature of the binary is invalid.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087735&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936784091%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=0hMtHBDm4t8R9%2FlK4o8gbQvkt%2B6OpisbFSEp%2Basz4gA%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Libraries/libvk_swiftshader.dylib",
      "message": "The signature does not include a secure timestamp.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087733&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936784091%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=599xrNFbBuGl5X5X%2F1GfeX4aGkJvz%2FTwfDjwYpojDpk%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Libraries/libGLESv2.dylib",
      "message": "The signature of the binary is invalid.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087735&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936784091%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=0hMtHBDm4t8R9%2FlK4o8gbQvkt%2B6OpisbFSEp%2Basz4gA%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Libraries/libGLESv2.dylib",
      "message": "The signature does not include a secure timestamp.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087733&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936784091%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=599xrNFbBuGl5X5X%2F1GfeX4aGkJvz%2FTwfDjwYpojDpk%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Libraries/libffmpeg.dylib",
      "message": "The signature of the binary is invalid.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087735&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936784091%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=0hMtHBDm4t8R9%2FlK4o8gbQvkt%2B6OpisbFSEp%2Basz4gA%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Libraries/libffmpeg.dylib",
      "message": "The signature does not include a secure timestamp.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087733&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936784091%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=599xrNFbBuGl5X5X%2F1GfeX4aGkJvz%2FTwfDjwYpojDpk%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Helpers/chrome_crashpad_handler",
      "message": "The signature of the binary is invalid.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087735&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936784091%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=0hMtHBDm4t8R9%2FlK4o8gbQvkt%2B6OpisbFSEp%2Basz4gA%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/Electron Framework.framework/Versions/A/Helpers/chrome_crashpad_handler",
      "message": "The signature does not include a secure timestamp.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087733&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936784091%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=599xrNFbBuGl5X5X%2F1GfeX4aGkJvz%2FTwfDjwYpojDpk%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/ReactiveObjC.framework/Versions/A/ReactiveObjC",
      "message": "The signature of the binary is invalid.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087735&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936784091%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=0hMtHBDm4t8R9%2FlK4o8gbQvkt%2B6OpisbFSEp%2Basz4gA%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/ReactiveObjC.framework/Versions/A/ReactiveObjC",
      "message": "The signature does not include a secure timestamp.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087733&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936784091%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=599xrNFbBuGl5X5X%2F1GfeX4aGkJvz%2FTwfDjwYpojDpk%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/Squirrel.framework/Versions/A/Squirrel",
      "message": "The signature of the binary is invalid.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087735&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936784091%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=0hMtHBDm4t8R9%2FlK4o8gbQvkt%2B6OpisbFSEp%2Basz4gA%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/Squirrel.framework/Versions/A/Squirrel",
      "message": "The signature does not include a secure timestamp.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087733&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936784091%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=599xrNFbBuGl5X5X%2F1GfeX4aGkJvz%2FTwfDjwYpojDpk%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/Squirrel.framework/Versions/A/Resources/ShipIt",
      "message": "The signature of the binary is invalid.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087735&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936940337%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=nz1qnhOYTGPoQ5j8cTr5w%2F%2BVOEggcSyoNDtfJnCRQmg%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/Squirrel.framework/Versions/A/Resources/ShipIt",
      "message": "The signature does not include a secure timestamp.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087733&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936940337%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=6mTqI2bJAGQEdwEhZDF501a3yyoeKIrflK%2BH3%2Fk5Ods%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/Mantle.framework/Versions/A/Mantle",
      "message": "The signature of the binary is invalid.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087735&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936940337%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=nz1qnhOYTGPoQ5j8cTr5w%2F%2BVOEggcSyoNDtfJnCRQmg%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/Mantle.framework/Versions/A/Mantle",
      "message": "The signature does not include a secure timestamp.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087733&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936940337%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=6mTqI2bJAGQEdwEhZDF501a3yyoeKIrflK%2BH3%2Fk5Ods%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/xxx Helper (Renderer).app/Contents/MacOS/xxx Helper (Renderer)",
      "message": "The signature of the binary is invalid.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087735&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936940337%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=nz1qnhOYTGPoQ5j8cTr5w%2F%2BVOEggcSyoNDtfJnCRQmg%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/xxx Helper (Renderer).app/Contents/MacOS/xxx Helper (Renderer)",
      "message": "The signature does not include a secure timestamp.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087733&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936940337%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=6mTqI2bJAGQEdwEhZDF501a3yyoeKIrflK%2BH3%2Fk5Ods%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/xxx Helper (Plugin).app/Contents/MacOS/xxx Helper (Plugin)",
      "message": "The signature of the binary is invalid.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087735&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936940337%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=nz1qnhOYTGPoQ5j8cTr5w%2F%2BVOEggcSyoNDtfJnCRQmg%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/xxx Helper (Plugin).app/Contents/MacOS/xxx Helper (Plugin)",
      "message": "The signature does not include a secure timestamp.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087733&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936940337%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=6mTqI2bJAGQEdwEhZDF501a3yyoeKIrflK%2BH3%2Fk5Ods%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/xxx Helper.app/Contents/MacOS/xxx Helper",
      "message": "The signature of the binary is invalid.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087735&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936940337%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=nz1qnhOYTGPoQ5j8cTr5w%2F%2BVOEggcSyoNDtfJnCRQmg%3D&reserved=0",
      "architecture": "x86_64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "xxx.zip/xxx.app/Contents/Frameworks/xxx Helper.app/Contents/MacOS/xxx Helper",
      "message": "The signature does not include a secure timestamp.",
      "docUrl": "https://deu01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdeveloper.apple.com%2Fdocumentation%2Fsecurity%2Fnotarizing_macos_software_before_distribution%2Fresolving_common_notarization_issues%233087733&data=05%7C02%7Cpatrick.pauli%40xxx.de%7Cac463b0042044ef7625608dc0788024c%7C8f02824a6a2a420f9987dd06480e4b1d%7C1%7C0%7C638393527936940337%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=6mTqI2bJAGQEdwEhZDF501a3yyoeKIrflK%2BH3%2Fk5Ods%3D&reserved=0",
      "architecture": "x86_64"
    }
  ]
}

It looks like the code signing does not work as intended but there is no error during the signing process. I am using a certificate of type Developer_ID for code signing.

Any idea what else I could check to get it working?

steven-fernandez commented 11 months ago

Does your Mac use mac intel or apple silicon? Just a thought.

MelvilQ commented 11 months ago

CPU: 3.1 GHz Quad-Core Intel Core i7 macOS: Ventura 13.3.1 (a) Xcode: 14.3.1 (14E300c)

MelvilQ commented 11 months ago

I tried to add 

"target": {
    "target": "default",
    "arch": [
        "x64",
        "arm64"
    ]
},

and also

"target": {
    "target": "default",
    "arch": "universal"
},

to the config in package.json, but it didn't change anything.

mmaietta commented 10 months ago

This is unrelated to electron-builder code. Either open a debugging ticket with electron/osx-sign package or potentially debug your certificates further. I'm unable to assist with that though as it's very finicky of a process

timeowilliams commented 1 month ago

@MelvilQ - having the same issue.

OS: Mac M1 Pro (Sonoma 14.5)


{
  "logFormatVersion": 1,
  "jobId": "841950b2-52da-4cbb-b5b6-d9aacefa2d70",
  "status": "Invalid",
  "statusSummary": "Archive contains critical validation errors",
  "statusCode": 4000,
  "archiveFilename": "Deep Focus.zip",
  "uploadDate": "2024-10-17T23:26:50.540Z",
  "sha256": "2c3772f545523403b7f63e563001359bc3115213cbe748d3a222d9dfe0f1de2e",
  "ticketContents": null,
  "issues": [
    {
      "severity": "error",
      "code": null,
      "path": "Deep Focus.zip/Deep Focus.app/Contents/MacOS/Deep Focus",
      "message": "The signature of the binary is invalid.",
      "docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087735",
      "architecture": "arm64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "Deep Focus.zip/Deep Focus.app/Contents/Frameworks/Electron Framework.framework/Electron Framework",
      "message": "The signature of the binary is invalid.",
      "docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087735",
      "architecture": "arm64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "Deep Focus.zip/Deep Focus.app/Contents/Frameworks/ReactiveObjC.framework/ReactiveObjC",
      "message": "The signature of the binary is invalid.",
      "docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087735",
      "architecture": "arm64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "Deep Focus.zip/Deep Focus.app/Contents/Frameworks/Squirrel.framework/Squirrel",
      "message": "The signature of the binary is invalid.",
      "docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087735",
      "architecture": "arm64"
    },
    {
      "severity": "error",
      "code": null,
      "path": "Deep Focus.zip/Deep Focus.app/Contents/Frameworks/Mantle.framework/Mantle",
      "message": "The signature of the binary is invalid.",
      "docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087735",
      "architecture": "arm64"
    }
  ]
}