Merge branch 'main' into jonluca/main

.circleci/config.yml

@@ -1,29 +1,34 @@
 version: 2.1
+
 orbs:
   cfa: continuousauth/[email protected]
-jobs:
-  test:
-    docker:
-      - image: cimg/node:18.11.0
-    steps:
-      - checkout
-      - restore_cache:
-          key: dependency-cache-{{ checksum "yarn.lock" }}
-      - run: yarn --frozen-lockfile
-      - save_cache:
-          key: dependency-cache-{{ checksum "yarn.lock" }}
-          paths:
-            - ./node_modules
-      - run: yarn lint
-      - run: yarn test
+  node: electronjs/[email protected]
+
 workflows:
   test_and_release:
-    # release when tests are successful
+    # Run the test jobs first, then the release only when all the test jobs are successful
     jobs:
-      - test
+      - node/test:
+          executor: node/macos
+          name: test-mac-<< matrix.node-version >>
+          override-ci-command: yarn install --frozen-lockfile --ignore-engines
+          test-steps:
+            - run: yarn lint
+            - run: yarn test
+          use-test-steps: true
+          matrix:
+            alias: test-mac
+            parameters:
+              node-version:
+                - 20.5.0
+                - 18.17.0
+                - 16.20.1
+                - 14.21.3
+                # - 12.22.12
+                # - 10.24.1
       - cfa/release:
           requires:
-            - test
+            - test-mac
           filters:
             branches:
               only:

.github/workflows/add-to-project.yml

@@ -0,0 +1,29 @@
+name: Add to Ecosystem WG Project
+
+on:
+  issues:
+    types:
+      - opened
+  pull_request_target:
+    types:
+      - opened
+
+permissions: {}
+
+jobs:
+  add-to-project:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Generate GitHub App token
+        uses: electron/github-app-auth-action@384fd19694fe7b6dcc9a684746c6976ad78228ae # v1.1.1
+        id: generate-token
+        with:
+          creds: ${{ secrets.ECOSYSTEM_ISSUE_TRIAGE_GH_APP_CREDS }}
+          org: electron
+      - name: Add to Project
+        uses: dsanders11/project-actions/add-item@3a81985616963f32fae17d1d1b406c631f3201a1 # v1.1.0
+        with:
+          field: Opened
+          field-value: ${{ github.event.pull_request.created_at || github.event.issue.created_at }}
+          project-number: 89
+          token: ${{ steps.generate-token.outputs.token }}

README.md

@@ -52,9 +52,9 @@ For notarization, you need the following things:
       * `appleIdPassword` String - The [app-specific password](https://support.apple.com/HT204397) (not your Apple ID password).
       * `teamId` String - The team ID you want to notarize under.
     * ... or apiKey with apiIssuer:
-      * `appleApiKey` String - Required for JWT authentication. See Note on JWT authentication below.
-      * `appleApiKeyId` String - Required for JWT authentication. See Note on JWT authentication below.
-      * `appleApiIssuer` String - Issuer ID. Required if `appleApiKey` is specified.
+      * `appleApiKey` String - Absolute path to the `.p8` file containing the key. Required for JWT authentication. See Note on JWT authentication below.
+      * `appleApiKeyId` String - App Store Connect API key ID, for example, `T9GPZ92M7K`. Required for JWT authentication. See Note on JWT authentication below.
+      * `appleApiIssuer` String - Your App Store Connect API key issuer, for example, `c055ca8c-e5a8-4836-b61d-aa5794eeb3f4`. Required if `appleApiKey` is specified.
     * ... or keychain with keychainProfile:
       * `keychain` String - The name of the keychain or path to the keychain you stored notarization credentials in.
       * `keychainProfile` String - The name of the profile you provided when storing notarization credentials.
@@ -92,15 +92,17 @@ const password = `@keychain:AC_PASSWORD`;
 
 ## Notes on JWT authentication
 
-You can obtain an API key from [Appstore Connect](https://appstoreconnect.apple.com/access/api). Create a key with _App Manager_ access. Note down the Issuer ID and download the `.p8` file. This file is your API key and comes with the name of `AuthKey_<api_key>.p8`. This is the string you have to supply when calling `notarize`.
+You can obtain an API key from [Appstore Connect](https://appstoreconnect.apple.com/access/api). Create a key with _App Manager_ access. Note down the Issuer ID and download the `.p8` file. This file is your API key and comes with the name of `AuthKey_<appleApiKeyId>.p8`. This is the string you have to supply when calling `notarize`.
 
-Based on the `ApiKey`, `altool` will look in the following places for that file:
+Based on the `ApiKey`, the legacy `altool` will look in the following places for that file:
 
 * `./private_keys`
 * `~/private_keys`
 * `~/.private_keys`
 * `~/.appstoreconnect/private_keys`
 
+`notarytool` will not look for the key, and you must instead provide its path as the `appleApiKey` argument.
+
 ## Notes on your Team Short Name
 
 If you are a member of multiple teams or organizations, you have to tell Apple on behalf of which organization you're uploading. To find your [team's short name](https://forums.developer.apple.com/thread/113798)), you can ask `iTMSTransporter`, which is part of the now deprecated `Application Loader` as well as the newer [`Transporter`](https://apps.apple.com/us/app/transporter/id1450874784?mt=12).
@@ -117,7 +119,11 @@ Alternatively, with older versions of Xcode, run:
 
 ## Notes on your teamId
 
-If you use the new Notary Tool method you will need to set the `teamId` option. To get this ID, go to your [Apple Developer Account](https://developer.apple.com/account), then click on "Membership details", and there you will find your Team ID. This link should get you there directly: https://developer.apple.com/account#MembershipDetailsCard
+If you use the new Notary Tool method with `appleId`/`appleIdPassword` you will need to set the `teamId` option. To get this ID, go to your [Apple Developer Account](https://developer.apple.com/account), then click on "Membership details", and there you will find your Team ID. This link should get you there directly: https://developer.apple.com/account#MembershipDetailsCard
+
+## Debug
+
+[`debug`](https://www.npmjs.com/package/debug) is used to display logs and messages. You can use `export DEBUG=electron-notarize*` to log additional debug information from this module.
 
 ## Example Usage