电子应用通知。Notorized电子app不能在其他机器上打开

Question

目前，我正在使用electron-builder (“电子生成器”："^22.9.1")和electron-notorize (“电子-notorize”：^1.0.0)包为Mac开发电子应用程序。生成成功通过。使用检查应用程序签名和通知状态

pkgutil --check-signature /Path_to_App/My_App.app


   Package "XXXXXXX":
   Status: signed by a certificate trusted by macOS
   Certificate Chain:...

和

spctl -a -t exec -vvv /Path_to_App/My_App.app 

/Applications/XXXXXX.app: accepted
source=Notarized Developer ID
origin=Developer ID Application: XXXXXXXX

告知应用程序已签名并进行了公证。但当我在另一台机器上打开它时，我会弹出一条消息，说应用程序无法打开，因为开发人员无法验证。我在构建配置和plist文件中尝试了不同的选项，但仍然不能理解这个问题的原因。我在package.json中的构建配置

"build": {
    "appId": "com.XXXX.XX",
    "productName": "XXXXXXX",
    "afterSign": "electron/notarize.js",
    "extends": null,
    "buildDependenciesFromSource": true,
    "files": [
      "build/**/*"
    ],
    "directories": {
      "buildResources": "assets"
    },
    "mac": {
      "category": "public.app-category.productivity",
      "icon": "build/icon.icns",
      "hardenedRuntime": true,
      "gatekeeperAssess": false,
      "entitlements": "build/entitlements.mac.plist",
      "entitlementsInherit": "build/entitlements.mac.plist",
      "electronLanguages": [
        "en"
      ],
      "target": ["dmg"]
    },
    "dmg": {
      "sign": false
    },

和entitlements.mac.plist

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
  <dict>
    <!-- https://github.com/electron/electron-notarize#prerequisites -->
    <key>com.apple.security.cs.allow-jit</key>
    <true/>
    <key>com.apple.security.cs.allow-unsigned-executable-memory</key>
    <true/>
    <!-- https://github.com/electron-userland/electron-builder/issues/3940 -->
    <key>com.apple.security.cs.disable-library-validation</key>
    <true/>

    <key>com.apple.security.cs.allow-dyld-environment-variables</key>
    <true/>

    <key>com.apple.security.cs.disable-executable-page-protection</key>
    <true/>

    <key>com.apple.security.inherit</key>
    <true/>
    <key>com.apple.security.automation.apple-events</key>
    <true/>
    <key>com.apple.security.device.audio-input </key>
    <true/>
    <key>com.apple.security.device.camera</key>
    <true/>
    <key>com.apple.security.device.microphone</key>
    <true/>
    <key>com.apple.security.device.bluetooth</key>
    <true/>
  </dict>
</plist>

Answer 1

我通过执行以下操作使其正常工作：

在package.json内部，在“mac”下添加：

"asarUnpack": "**/*.node"

这将告诉构建器解压这些节点本机二进制文件，以便公证可以检查这些库。

在用于签名的权利文件中，删除：

<key>com.apple.security.cs.disable-library-validation</key> <true/>

然后，它应该像预期的那样工作。