From 0d24b78d43ce12f74f5bc073478688c7ad814034 Mon Sep 17 00:00:00 2001 From: Mike Maietta Date: Mon, 9 Sep 2024 13:17:34 -0700 Subject: [PATCH] cleanup --- .../src/codeSign/windowsCodeSign.ts | 54 +++++++++---------- .../app-builder-lib/src/options/winOptions.ts | 18 +++---- 2 files changed, 35 insertions(+), 37 deletions(-) diff --git a/packages/app-builder-lib/src/codeSign/windowsCodeSign.ts b/packages/app-builder-lib/src/codeSign/windowsCodeSign.ts index c57b3a6b3d1..0ef7569052c 100644 --- a/packages/app-builder-lib/src/codeSign/windowsCodeSign.ts +++ b/packages/app-builder-lib/src/codeSign/windowsCodeSign.ts @@ -60,28 +60,23 @@ export async function sign(options: WindowsSignOptions, packager: WinPackager): } log.info(null, "signing with signtool.exe") - const message = "deprecated field. Please move to win.signtoolOptions." - if (options.options.certificateFile) { - log.info({ field: "certificateFile" }, message) - } - if (options.options.certificatePassword) { - log.info({ field: "certificatePassword" }, message) - } - if (options.options.certificateSha1) { - log.info({ field: "certificateSha1" }, message) - } - if (options.options.certificateSubjectName) { - log.info({ field: "certificateSubjectName" }, message) - } - if (options.options.additionalCertificateFile) { - log.info({ field: "additionalCertificateFile" }, message) - } - if (options.options.rfc3161TimeStampServer) { - log.info({ field: "rfc3161TimeStampServer" }, message) - } - if (options.options.timeStampServer) { - log.info({ field: "timeStampServer" }, message) - } + const deprecatedFields = { + sign: options.options.sign, + signDlls: options.options.signDlls, + signingHashAlgorithms: options.options.signingHashAlgorithms, + certificateFile: options.options.certificateFile, + certificatePassword: options.options.certificatePassword, + certificateSha1: options.options.certificateSha1, + certificateSubjectName: options.options.certificateSubjectName, + additionalCertificateFile: options.options.additionalCertificateFile, + rfc3161TimeStampServer: options.options.rfc3161TimeStampServer, + timeStampServer: options.options.timeStampServer, + } + Object.entries(deprecatedFields).forEach((field, value) => { + if (value) { + log.info({ field }, `deprecated field. Please move to win.signtoolOptions.${field}`) + } + }) return signUsingSigntool(options, packager) } @@ -187,8 +182,8 @@ export interface CertificateFromStoreInfo { } export async function getCertificateFromStoreInfo(options: WindowsConfiguration, vm: VmManager): Promise { - const certificateSubjectName = options.signtoolOptions?.certificateSubjectName - const certificateSha1 = options.signtoolOptions?.certificateSha1 ? options.signtoolOptions?.certificateSha1.toUpperCase() : options.signtoolOptions?.certificateSha1 + const certificateSubjectName = chooseNotNull(options.signtoolOptions?.certificateSubjectName, options.certificateSubjectName) + const certificateSha1 = chooseNotNull(options.signtoolOptions?.certificateSha1, options.certificateSha1)?.toUpperCase() const ps = await getPSCmd(vm) const rawResult = await vm.exec(ps, [ @@ -278,11 +273,13 @@ function computeSignToolArgs(options: WindowsSignTaskConfiguration, isWin: boole const args = isWin ? ["sign"] : ["-in", inputFile, "-out", outputPath] if (process.env.ELECTRON_BUILDER_OFFLINE !== "true") { - const timestampingServiceUrl = options.options.signtoolOptions?.timeStampServer || "http://timestamp.digicert.com" + const timestampingServiceUrl = chooseNotNull(options.options.signtoolOptions?.timeStampServer, options.options.timeStampServer) || "http://timestamp.digicert.com" if (isWin) { args.push( options.isNest || options.hash === "sha256" ? "/tr" : "/t", - options.isNest || options.hash === "sha256" ? options.options.signtoolOptions?.rfc3161TimeStampServer || "http://timestamp.digicert.com" : timestampingServiceUrl + options.isNest || options.hash === "sha256" + ? chooseNotNull(options.options.signtoolOptions?.rfc3161TimeStampServer, options.options.rfc3161TimeStampServer) || "http://timestamp.digicert.com" + : timestampingServiceUrl ) } else { args.push("-t", timestampingServiceUrl) @@ -336,8 +333,9 @@ function computeSignToolArgs(options: WindowsSignTaskConfiguration, isWin: boole args.push(isWin ? "/p" : "-pass", password) } - if (options.options.signtoolOptions?.additionalCertificateFile) { - args.push(isWin ? "/ac" : "-ac", vm.toVmFile(options.options.signtoolOptions?.additionalCertificateFile)) + const additionalCert = chooseNotNull(options.options.signtoolOptions?.additionalCertificateFile, options.options.additionalCertificateFile) + if (additionalCert) { + args.push(isWin ? "/ac" : "-ac", vm.toVmFile(additionalCert)) } const httpsProxyFromEnv = process.env.HTTPS_PROXY diff --git a/packages/app-builder-lib/src/options/winOptions.ts b/packages/app-builder-lib/src/options/winOptions.ts index 8d0f4320018..1793accc747 100644 --- a/packages/app-builder-lib/src/options/winOptions.ts +++ b/packages/app-builder-lib/src/options/winOptions.ts @@ -25,51 +25,51 @@ export interface WindowsConfiguration extends PlatformSpecificBuildOptions { /** * Array of signing algorithms used. For AppX `sha256` is always used. - * @deprecated Please use win.signtoolSigning.signingHashAlgorithms + * @deprecated Please use win.signtoolOptions.signingHashAlgorithms */ readonly signingHashAlgorithms?: Array<"sha1" | "sha256"> | null /** * The custom function (or path to file or module id) to sign Windows executables - * @deprecated Please use win.signtoolSigning.sign + * @deprecated Please use win.signtoolOptions.sign */ readonly sign?: CustomWindowsSign | string | null /** * The path to the *.pfx certificate you want to sign with. Please use it only if you cannot use env variable `CSC_LINK` (`WIN_CSC_LINK`) for some reason. * Please see [Code Signing](/code-signing). - * @deprecated Please use win.signtoolSigning.certificateFile + * @deprecated Please use win.signtoolOptions.certificateFile */ readonly certificateFile?: string | null /** * The password to the certificate provided in `certificateFile`. Please use it only if you cannot use env variable `CSC_KEY_PASSWORD` (`WIN_CSC_KEY_PASSWORD`) for some reason. * Please see [Code Signing](/code-signing). - * @deprecated Please use win.signtoolSigning.certificatePassword + * @deprecated Please use win.signtoolOptions.certificatePassword */ readonly certificatePassword?: string | null /** * The name of the subject of the signing certificate, which is often labeled with the field name `issued to`. Required only for EV Code Signing and works only on Windows (or on macOS if [Parallels Desktop](https://www.parallels.com/products/desktop/) Windows 10 virtual machines exits). - * @deprecated Please use win.signtoolSigning.certificateSubjectName + * @deprecated Please use win.signtoolOptions.certificateSubjectName */ readonly certificateSubjectName?: string | null /** * The SHA1 hash of the signing certificate. The SHA1 hash is commonly specified when multiple certificates satisfy the criteria specified by the remaining switches. Works only on Windows (or on macOS if [Parallels Desktop](https://www.parallels.com/products/desktop/) Windows 10 virtual machines exits). - * @deprecated Please use win.signtoolSigning.certificateSha1 + * @deprecated Please use win.signtoolOptions.certificateSha1 */ readonly certificateSha1?: string | null /** * The path to an additional certificate file you want to add to the signature block. - * @deprecated Please use win.signtoolSigning.additionalCertificateFile + * @deprecated Please use win.signtoolOptions.additionalCertificateFile */ readonly additionalCertificateFile?: string | null /** * The URL of the RFC 3161 time stamp server. * @default http://timestamp.digicert.com - * @deprecated Please use win.signtoolSigning.rfc3161TimeStampServer + * @deprecated Please use win.signtoolOptions.rfc3161TimeStampServer */ readonly rfc3161TimeStampServer?: string | null /** * The URL of the time stamp server. * @default http://timestamp.digicert.com - * @deprecated Please use win.signtoolSigning.timeStampServer + * @deprecated Please use win.signtoolOptions.timeStampServer */ readonly timeStampServer?: string | null