From 103e5e0ab87d7b42453dbe434b3f9fda542f9b12 Mon Sep 17 00:00:00 2001
From: Mikunj <mikunj@live.com.au>
Date: Wed, 23 Oct 2019 08:41:18 +1100
Subject: [PATCH] Added mac signing

---
 build/entitlements.mac.plist |  9 +++++++++
 build/entitlements.mas.plist |  1 +
 build/notarize.js            | 28 ++++++++++++++++++++++++++++
 package.json                 | 17 ++++++++---------
 4 files changed, 46 insertions(+), 9 deletions(-)
 create mode 100644 build/entitlements.mac.plist
 create mode 100644 build/notarize.js

diff --git a/build/entitlements.mac.plist b/build/entitlements.mac.plist
new file mode 100644
index 000000000..01d053be3
--- /dev/null
+++ b/build/entitlements.mac.plist
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+  <dict>
+    <!-- Mac distribution -->
+    <key>com.apple.security.cs.allow-unsigned-executable-memory</key>
+    <true/>
+  </dict>
+</plist>
diff --git a/build/entitlements.mas.plist b/build/entitlements.mas.plist
index 5bfb52be4..cc799ebf9 100644
--- a/build/entitlements.mas.plist
+++ b/build/entitlements.mas.plist
@@ -2,6 +2,7 @@
 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 <plist version="1.0">
   <dict>
+    <!-- Mac app store  -->
     <key>com.apple.security.app-sandbox</key>
     <true/>
     <key>com.apple.security.network.client</key>
diff --git a/build/notarize.js b/build/notarize.js
new file mode 100644
index 000000000..ca2ae95d3
--- /dev/null
+++ b/build/notarize.js
@@ -0,0 +1,28 @@
+const { notarize } = require("electron-notarize")
+
+/*
+ Pre-requisites: https://github.com/electron/electron-notarize#prerequisites
+    1. Generate an app specific password
+    2. Export SIGNING_APPLE_ID, SIGNING_APP_PASSWORD, SIGNING_TEAM_ID environment variables
+*/
+
+/*
+  Notarizing: https://kilianvalkhof.com/2019/electron/notarizing-your-electron-application/
+*/
+
+exports.default = async function notarizing (context) {
+    const { electronPlatformName, appOutDir } = context
+    if (electronPlatformName !== "darwin") {
+        return
+    }
+
+    const appName = context.packager.appInfo.productFilename
+
+    return notarize({
+        appBundleId: "com.loki-project.messenger-desktop",
+        appPath: `${appOutDir}/${appName}.app`,
+        appleId: process.env.SIGNING_APPLE_ID,
+        appleIdPassword: process.env.SIGNING_APP_PASSWORD,
+        ascProvider: process.env.SIGNING_TEAM_ID
+    })
+}
diff --git a/package.json b/package.json
index 4bc7aa434..03f2bea36 100644
--- a/package.json
+++ b/package.json
@@ -193,21 +193,20 @@
     "node": "10.13.0"
   },
   "build": {
-    "appId": "org.loki.messenger-desktop",
+    "appId": "com.loki-project.messenger-desktop",
+    "afterSign": "build/notarize.js",
     "mac": {
       "artifactName": "${name}-mac-${version}.${ext}",
       "category": "public.app-category.social-networking",
       "icon": "build/icons/mac/icon.icns",
-      "publish": [
-        {
-          "provider": "generic",
-          "url": "https://updates.signal.org/desktop"
-        }
-      ],
       "target": [
-        "zip"
+        "7z"
       ],
-      "bundleVersion": "1"
+      "bundleVersion": "1",
+      "hardenedRuntime": true,
+      "gatekeeperAssess": false,
+      "entitlements": "build/entitlements.mac.plist",
+      "entitlementsInherit": "build/entitlements.mac.plist"
     },
     "win": {
       "asarUnpack": "node_modules/spellchecker/vendor/hunspell_dictionaries",