成功公证了我的 osx 电子应用程序,但现在的问题是 Apple ID 和应用程序特定密码位于 package.json 中。我当然不想在那里对它们进行硬编码以进行分发,但是我可以使用 .env 文件中的环境变量来替换它们,或者如何在 package.json 文件中将它们保密?
I looked into dotenv and cross-env but I didn't see how the env variables could be used in a package.json file.
App was built using electron forge.
Structure (taken from the electron-forge docs) that I use:
{
"name": "my-app",
"version": "0.0.1",
"config": {
"forge": {
"packagerConfig": {
"osxSign": {
"identity": "Developer ID Application: Felix Rieseberg (LT94ZKYDCJ)",
"hardened-runtime": true,
"entitlements": "entitlements.plist",
"entitlements-inherit": "entitlements.plist",
"signature-flags": "library"
},
"osxNotarize": {
"appleId": …code-signing electron-forge electron-packager electron-notarize