Sign the app before producing the .zip file

2016-03-21 22:43:17 -07:00
parent 590dc99c51
commit 20d5d5d60d
1 changed files with 41 additions and 32 deletions
--- a/bin/package.js
+++ b/bin/package.js
@@ -180,29 +180,41 @@ function buildDarwin (cb) {
    infoPlist.NSHumanReadableCopyright = config.APP_COPYRIGHT

    fs.writeFileSync(infoPlistPath, plist.build(infoPlist))
+
+    // Copy torrent file icon into app bundle
    cp.execSync(`cp ${config.APP_FILE_ICON + '.icns'} ${resourcesPath}`)

-    var zipPath = path.join(buildPath[0], BUILD_NAME + '.zip')
-    cp.execSync(`zip -r -y ${zipPath} ${appPath}`)
-
+    if (process.platform === 'darwin') {
      /*
-     * Signing OS X apps for distribution outside the App Store requires:
+       * Sign the app with Apple Developer ID certificate. We sign the app for 2 reasons:
+       *   - So the auto-updater (Squirrrel.Mac) can check that app updates are signed by
+       *     the same author as the current version.
+       *   - So users will not a see a warning about the app coming from an "Unidentified
+       *     Developer" when they open it for the first time (OS X Gatekeeper).
       *
+       * To sign an OS X app for distribution outside the App Store, the following are
+       * required:
       *   - Xcode
       *   - Xcode Command Line Tools (xcode-select --install)
       *   - Membership in the Apple Developer Program
       */
-    if (process.platform === 'darwin') {
      var signOpts = {
        app: appPath,
        platform: 'darwin',
        verbose: true
      }

-      var dmgPath = path.join(buildPath[0], BUILD_NAME + '.dmg')
+      sign(signOpts, function (err) {
+        if (err) return cb(err)
+
+        // Create .zip file (used by the auto-updater)
+        var zipPath = path.join(buildPath[0], BUILD_NAME + '.zip')
+        cp.execSync(`zip -r -y ${zipPath} ${appPath}`)
+
+        // Create a .dmg (OS X disk image) file, for easy user installation.
        var dmgOpts = {
          basepath: config.ROOT_PATH,
-        target: dmgPath,
+          target: path.join(buildPath[0], BUILD_NAME + '.dmg'),
          specification: {
            title: config.APP_NAME,
            icon: config.APP_ICON + '.icns',
@@ -221,9 +233,6 @@ function buildDarwin (cb) {
          }
        }

-      sign(signOpts, function (err) {
-        if (err) return cb(err)
-
        var dmg = appDmg(dmgOpts)
        dmg.on('error', cb)
        dmg.on('progress', function (info) {