From a3c5b41bb14e860ec2db2a171e3f6dd724e0f127 Mon Sep 17 00:00:00 2001
From: Eugene <inbox@null.page>
Date: Wed, 22 Jan 2025 23:44:36 +0100
Subject: [PATCH] electron builder fixes

---
 electron-builder.yml      |  3 ++-
 scripts/build-macos.mjs   |  4 +---
 scripts/build-windows.mjs | 40 ++++++++++++++++++++-------------------
 3 files changed, 24 insertions(+), 23 deletions(-)

diff --git a/electron-builder.yml b/electron-builder.yml
index 032e6a9c..8d8a1cd3 100644
--- a/electron-builder.yml
+++ b/electron-builder.yml
@@ -37,7 +37,8 @@ asarUnpack:
 win:
   icon: "./build/windows/icon.ico"
   artifactName: tabby-${version}-portable-${env.ARCH}.${ext}
-  rfc3161TimeStampServer: http://timestamp.sectigo.com
+  signtoolOptions:
+    rfc3161TimeStampServer: http://timestamp.sectigo.com
 nsis:
   oneClick: false
   artifactName: tabby-${version}-setup-${env.ARCH}.${ext}
diff --git a/scripts/build-macos.mjs b/scripts/build-macos.mjs
index 7ba93fc2..2cb3e0ad 100755
--- a/scripts/build-macos.mjs
+++ b/scripts/build-macos.mjs
@@ -28,9 +28,7 @@ builder({
         },
         mac: {
             identity: !process.env.CI || process.env.CSC_LINK ? undefined : null,
-            notarize: process.env.APPLE_TEAM_ID ? {
-                teamId: process.env.APPLE_TEAM_ID,
-            } : false,
+            notarize: !!process.env.APPLE_TEAM_ID,
         },
         npmRebuild: process.env.ARCH !== 'arm64',
         publish: process.env.KEYGEN_TOKEN ? [
diff --git a/scripts/build-windows.mjs b/scripts/build-windows.mjs
index a2e2f960..e77df4a9 100755
--- a/scripts/build-windows.mjs
+++ b/scripts/build-windows.mjs
@@ -28,27 +28,29 @@ builder({
         ] : undefined,
         forceCodeSigning: !!keypair,
         win: {
-            certificateSha1: process.env.SM_CODE_SIGNING_CERT_SHA1_HASH,
-            publisherName: process.env.SM_PUBLISHER_NAME,
-            signingHashAlgorithms: ['sha256'],
-            sign: keypair ? async function (configuration) {
-                console.log('Signing', configuration)
-                if (configuration.path) {
-                    try {
-                        const out = execSync(
-                            `smctl sign --keypair-alias=${keypair} --input "${String(configuration.path)}"`
-                        )
-                        if (out.toString().includes('FAILED')) {
-                            throw new Error(out.toString())
+            signtoolOptions: {
+                certificateSha1: process.env.SM_CODE_SIGNING_CERT_SHA1_HASH,
+                publisherName: process.env.SM_PUBLISHER_NAME,
+                signingHashAlgorithms: ['sha256'],
+                sign: keypair ? async function (configuration) {
+                    console.log('Signing', configuration)
+                    if (configuration.path) {
+                        try {
+                            const out = execSync(
+                                `smctl sign --keypair-alias=${keypair} --input "${String(configuration.path)}"`
+                            )
+                            if (out.toString().includes('FAILED')) {
+                                throw new Error(out.toString())
+                            }
+                            console.log(out.toString())
+                        } catch (e) {
+                            console.error(`Failed to sign ${configuration.path}`)
+                            console.error(e)
+                            process.exit(1)
                         }
-                        console.log(out.toString())
-                    } catch (e) {
-                        console.error(`Failed to sign ${configuration.path}`)
-                        console.error(e)
-                        process.exit(1)
                     }
-                }
-            } : undefined,
+                } : undefined,
+            },
         },
     },