Solution to start crash of MAS / MAS dev packaged by electronic builder

Time:2020-10-12

If an electronic application is to be published to the app store, it needs to be packaged with electronic Builder (the target must be MAS) and then uploaded to the app store connect after being signed. Before uploading, the application needs to support sandbox, but after signing, if the com.apple.security If. App sandbox is true, the application will crash when it starts. The crash code is:
EXC_BAD_ACCESS (Code Signature Invalid)

See issues:
https://github.com/electron-u…
https://github.com/electron-u…

The reason is the dependency package of electron builderapp-builderThe error of plist file is generated as a binary file. Someone has submitted fix code, but the author does not publish the compilation results to NPM; app builder is go code, corresponding to the app builder bin package of NPM, which can be manually cloned and replaced with node after compilation_ In modules / APP builder bin, the author has compiled and uploaded to NPM, which can be run bynpm i @replace5/app-builder-binThen replace the contents of @ replace5 / APP builder bin / into app builder bin (do not replace package.json ), the package is successful

MAS application cannot be opened locally. To verify the packaging of MAS, you need to add MAS dev in target, and then confirm that MAS dev will not crash after it is opened

In addition, MAS does not support it app.requestSingleInstanceLock Yes, we can process.mas To determine whether it is MAS version

Package configuration attached:
electron-builder.js:

module.exports = {
    productName: "XXXXX",
    appId: "xxxx",
    directories: {buildResources: "assets/icons", output: "build"},
    publish: [{provider: "generic", url: "-"}],
    mac: {
        category: "public.app-category.productivity",
        target: ["mas-dev", "mas"],
        icon: "assets/icons/icon.icns",
        extendInfo: {
            Electronteamid: "your teamid",
        },
        gatekeeperAssess: false,
        hardenedRuntime: true,
    },
    dmg: {
        sign: false,
    },
    mas: {
        hardenedRuntime: false,
        Identity: "your app certificate, the name after the colon of 3rd party MAC developer application",
        entitlements: "./build-config/mas/entitlements.mas.plist",
        entitlementsInherit: "./build-config/mas/entitlements.mas.inherit.plist",
        provisioningProfile: "./build-config/mas/xxxx.provisionprofile",
    },
    masDev: {
        hardenedRuntime: false,
        Identity: "your personal developer certificate, the name after the MAC developer colon.",
        entitlements: "./build-config/mas/entitlements.mas.plist",
        entitlementsInherit: "./build-config/mas/entitlements.mas.inherit.plist",
        provisioningProfile: "./build-config/mas/xxxx.provisionprofile",
    }
}

entitlements.mas.plist:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.application-groups</key>
<array>
< string > your teamid. Your appid < / String\
</array>
<key>com.apple.security.network.client</key>
<true/>
<key\>com.apple.security.network.server</key>
<true/>
<key>com.apple.security.files.user-selected.read-write</key>
<true/>
<key>com.apple.security.cs.allow-jit</key>
<true/>
<key>com.apple.security.cs.allow-unsigned-executable-memory<key>
<true/>
<key>com.apple.security.cs.allow-dyld-environment-variables</key>
<true/>
<key>com.apple.security.cs.disable-library-validation</key>
<true/>
</dict>
</plist>

entitlements.mas.inherit.plist:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.inherit</key>
<true/>
</dict>
</plist>

The provision profile file is generated and exported to the apple developer backgroundhttps://developer.apple.com/account/resources/profiles/list

The certificate file needs to have:

  • 3rd Party Mac Developer Application
  • 3rd Party Mac Developer Installer
  • Developer ID Application
  • Mac Developer

The certificate file also needs to be generated in Apple developer background and imported into “Keychain access”