代码签名
Code signing is a security technology to certify that an app was created by you. You should sign your application so it does not trigger any operating system security warnings.
Both Windows and macOS prevent users from running unsigned applications. It is possible to distribute applications without codesigning them - but in order to run them, users need to go through multiple advanced and manual steps to run them.
如果你正在开发一款Electron应用,并打算将其打包发布,那你就应该为其添加代码签名。 The Electron ecosystem tooling makes codesigning your apps straightforward - this documentation explains how sign your apps on both Windows and macOS.
签名 & 认证 macOS 版本
Preparing macOS applications for release requires two steps: First, the app needs to be code signed. 然后,需要将该应用程序上传到Apple以进行称为 公证 的过程,其中自动化系统将进一步验证 您的应用程序是否未采取任何危害其用户的行为。
若要开始,请确保你满足签名要求并认证你的应用:
- 加入 Apple Developer Program(需要缴纳年费)
- Download and install Xcode - this requires a computer running macOS
- Generate, download, and install signing certificates
Electron 的生态系统有利于配置和自由,所以有多种方法让您的应用程序签名和公证。
使用 Electron Forge
如果你正在使用 Electron 最受欢迎的构建工具,创建你的应用程序签名 并经过公证仅需要对配置进行一些添加即可。 Forge 是官方的 Electron 工具的 集合,在hood下使用 @electron/packager
@electron/osx-sign
@electron/notarize
。
请参见 Electron Forge 文档中的 签署 macOS 应用程序 指南了解如何配置应用程序 详细说明。
使用 Electron Packager
如果你没有使用像 Forge 这样的集成构建流,你可能会使用 @electron/packager
,其中包括 @electron/osx-sign
和 @electron/notarize
。
If you're using Packager's API, you can pass in configuration that both signs and notarizes your application. If the example below does not meet your needs, please see @electron/osx-sign
and @electron/notarize
for the many possible configuration options.
const packager = require('@electron/packager')
packager({
dir: '/path/to/my/app',
osxSign: {},
osxNotarize: {
appleId: 'felix@felix.fun',
appleIdPassword: 'my-apple-id-password'
}
})