Seeing warning for altool deprecation.

[nsrCodes]

I was getting the usual error while trying to build my app (as documented in #33)
But this time it had the extra warning of:

Warning: altool has been deprecated for notarization and starting in late 2023 will no longer be supported by the Apple notary service. You should start using notarytool to notarize your software. (-1030)

Just wanted to bring this into the attention of the maintainers.

P.S. would be willing to contribute if possible. Meanwhile this issue can be used to track more info about this.

[nickcernis]

notarize() defaults to altool ('legacy'), but it seems you can already configure it to use notarytool instead via options.tool:

notarize/README.md

Lines 44 to 62 in 295c39d

	### Method: `notarize(opts): Promise<void>`
	* `options` Object
	* `tool` String - The notarization tool to use, default is `legacy`. Can be `legacy` or `notarytool`. `notarytool` is substantially (10x) faster.
	* `appPath` String - The absolute path to your `.app` file
	* There are different options for each tool: Legacy
	* `appBundleId` String - The app bundle identifier your Electron app is using. E.g. `com.github.electron`
	* `ascProvider` String (optional) - Your [Team Short Name](#notes-on-your-team-short-name).
	* There are two authentication methods available: user name with password:
	* `appleId` String - The username of your apple developer account
	* `appleIdPassword` String - The [app-specific password](https://support.apple.com/HT204397) (not your Apple ID password).
	* ... or apiKey with apiIssuer:
	* `appleApiKey` String - Required for JWT authentication. See Note on JWT authentication below.
	* `appleApiIssuer` String - Issuer ID. Required if `appleApiKey` is specified.
	* ... or Notary Tool
	* There are three authentication methods available: user name with password:
	* `appleId` String - The username of your apple developer account
	* `appleIdPassword` String - The [app-specific password](https://support.apple.com/HT204397) (not your Apple ID password).
	* `teamId` String - The team ID you want to notarize under.

Apple published more about altool deprecation here: https://developer.apple.com/news/?id=y5mjxqmn

[philjones88]

Following as Apple sent out emails today around the deprecation of altool...

We’re reaching out because you recently used the altool command-line utility to notarize your macOS software with Apple. As announced last year at WWDC22, if you’re still using altool with the Apple notary service, you should transition to the notarytool command-line utility as soon as possible. Notarizing software with altool was deprecated in Xcode 13, and the Apple notary service will no longer accept uploads from altool as of November 1, 2023. Existing notarized software will continue to function properly.

For information on notarizing your apps, read TechNote TN3147: Migrating to the latest notarization tool.

If you have any questions, contact us.

Apple Developer Relations

Will test overriding default of legacy altool...

[thegnuu]

@philjones88 I switched from the deprecated electron-notarize to this and made a quick test.

CloudKit query for [...] failed due to "Record not found".
Could not find base64 encoded ticket in response [...]
The staple and validate action failed! Error 65.

I used the appleId/appleIdPassword authentication in my test.
Not sure what to do in this case and I have not found any useful information online, but maybe someone can point me in the right direction :)

But I realized that it is not working with legacy as well - unfortunately, I have no time to look at it in more detail right now since I have to publish a new version, so I will just switch back to electron-notarize for now. I will have a look at it as soon as I have some time.

Edit: I just realized that it seems locally my development identity is used, my issue might be related to this since I usually just build versions on our CI.

[thegnuu]

Quick follow-up, I just realized that electron-builder uses this plugin internally, so I removed my custom code and set up electron-builder to use the notarytool settings of this package and everything worked perfectly!

[MarshallOfSound]

Will take a while to propagate around the ecosystem (a lot of packages depend on this one).

But two PRs that should help:

• fix: add warning for using legacy altool #140 very loud warning if you're using the legacy system
• feat: use notarytool by default #141 semver major bump to default to the notarytool system

[MarshallOfSound]

Closing due to #141

[LaurentGENTY]

I have a particular question regarding the utilization of new tools: I'm currently employing electron-updater to facilitate the automatic updating of my application. I have undergone notarization for my previous version using the legacy method, whereas the new version has been notarized using notarytool. I am concerned whether the update process will proceed smoothly despite the divergence in notarization methods. Unfortunately, I am unable to conduct a test since I exclusively engage in notarizing my application in the production environment.

[thegnuu]

@LaurentGENTY I had the same issue a few weeks ago so i just "yoloed" an update in the middle of the night knowing that my app is usually not used at this time and everything worked without any issues. I use electron-builder to notarize (it uses this package) and electron-updater as well - so I guess there should not be any issues.

[LaurentGENTY]

Thank you! I believe the auto-update shouldn't encounter issues, considering that its functionality relies on certificates rather than the specific method of notarization 👍🏽

[Bansi23]

I faced same issue If anyone has idea about that please help us.

CloudKit query for [...] failed due to "Record not found". Could not find base64 encoded ticket in response [...] The staple and validate action failed! Error 65.

xcode : 14.3
All electron version is latest.