We are using electron-packager to assist with signing and notarizing. Our app includes a few native modules, including pty.node (from https://www.npmjs.com/package/node-pty).
We notice that electron-packager intentionally scrubs the binaries array we pass in [1]. As a result, pty.node is not signed, and thus macOS refuses to load it, for quarantined apps.
What is the suggested strategy here? Do we have to avoid using electron-packager's sign+notarize capability, and instead use those two facilities manually?
I guess we could ignore opts.binaries because electron-osx-sign should discover this files by default. However, if anyone really encounters such issue where binaries are not addressed automatically, they could file it under electron-osx-sign... We should be able to resolve it then.
Does this mean that electron-osx-sign needs to be updated to scan for .node binaries in all of node_modules? And, what, sign all of them? It seems awfully simpler to let me specify the binary node modules I need to be signed... but for some reason electron-packager does not let me do this.
Hello,
We are using electron-packager to assist with signing and notarizing. Our app includes a few native modules, including
pty.node
(from https://www.npmjs.com/package/node-pty).We notice that electron-packager intentionally scrubs the
binaries
array we pass in [1]. As a result,pty.node
is not signed, and thus macOS refuses to load it, for quarantined apps.What is the suggested strategy here? Do we have to avoid using electron-packager's sign+notarize capability, and instead use those two facilities manually?
[1] https://github.com/electron/electron-packager/pull/459 To be honest, I don't understand the reasoning behind this; e.g.
Does this mean that electron-osx-sign needs to be updated to scan for
.node
binaries in all ofnode_modules
? And, what, sign all of them? It seems awfully simpler to let me specify the binary node modules I need to be signed... but for some reason electron-packager does not let me do this.