From a034706f59e596d4c77e6341681fbf0d7fb60407 Mon Sep 17 00:00:00 2001
From: develar <develar@gmail.com>
Date: Fri, 11 Nov 2016 08:42:20 +0100
Subject: [PATCH] fix: App rejected when Mac Developer certificate is in
 keychain

Closes https://github.com/electron-userland/electron-builder/issues/890
---
 README.md                       | 5 +++++
 bin/electron-osx-sign-usage.txt | 4 ++++
 bin/electron-osx-sign.js        | 6 ++++--
 index.d.ts                      | 1 +
 package.json                    | 2 +-
 sign.js                         | 2 +-
 6 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index 5932805..61d665e 100644
--- a/README.md
+++ b/README.md
@@ -150,6 +150,11 @@ Default to system default keychain.
 Regex or function that signals ignoring a file before signing.
 Default to `undefined`.
 
+`gatekeeper-assess` - *Boolean*
+
+Flag to enable Gatekeeper assessment after signing the app. Disabling it is useful for signing with self-signed certificates.
+Gatekeeper assessment is enabled by default.
+
 `platform` - *String*
 
 Build platform of Electron.
diff --git a/bin/electron-osx-sign-usage.txt b/bin/electron-osx-sign-usage.txt
index 47fc434..074995e 100644
--- a/bin/electron-osx-sign-usage.txt
+++ b/bin/electron-osx-sign-usage.txt
@@ -35,6 +35,10 @@ DESCRIPTION
     The keychain name.
     Default to system default keychain.
 
+  --gatekeeper-assess, --no-gatekeeper-assess
+    Flag to enable Gatekeeper assessment after signing the app. Disabling it is useful for signing with self-signed certificates.
+    Gatekeeper assessment is enabled by default.
+
   --platform=platform
     Build platform of Electron.
     Allowed values: ``darwin'', ``mas''.
diff --git a/bin/electron-osx-sign.js b/bin/electron-osx-sign.js
index 13e7c5a..30a7980 100755
--- a/bin/electron-osx-sign.js
+++ b/bin/electron-osx-sign.js
@@ -6,11 +6,13 @@ var args = require('minimist')(process.argv.slice(2), {
   'boolean': [
     'help',
     'pre-auto-entitlements',
-    'pre-embed-provisioning-profile'
+    'pre-embed-provisioning-profile',
+    'gatekeeper-assess'
   ],
   'default': {
     'pre-auto-entitlements': true,
-    'pre-embed-provisioning-profile': true
+    'pre-embed-provisioning-profile': true,
+    'gatekeeper-assess': true
   }
 })
 var usage = fs.readFileSync(path.join(__dirname, 'electron-osx-sign-usage.txt')).toString()
diff --git a/index.d.ts b/index.d.ts
index cf4445c..ed4fc2f 100644
--- a/index.d.ts
+++ b/index.d.ts
@@ -11,6 +11,7 @@ declare module "electron-macos-sign" {
     binaries?: string[];
     entitlements?: string;
     'entitlements-inherit'?: string;
+    'gatekeeper-check'?: boolean;
   }
 
   export function sign(opts: SignOptions, callback: (error: Error) => void): void;
diff --git a/package.json b/package.json
index 3c70b6b..8559983 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "electron-macos-sign",
-  "version": "1.2.1",
+  "version": "1.2.3",
   "description": "Codesign Electron macOS apps",
   "main": "index.js",
   "files": ["bin", "*.js", "*.d.ts", "*.plist"],
diff --git a/sign.js b/sign.js
index 8753d7f..1d23196 100644
--- a/sign.js
+++ b/sign.js
@@ -92,7 +92,7 @@ function verifySignApplicationAsync (opts) {
   ])
 
   // Additionally test Gatekeeper acceptance for darwin platform
-  if (opts.platform === 'darwin') {
+  if (opts.platform === 'darwin' && opts['gatekeeper-assess'] !== false) {
     promise = promise
       .then(function () {
         debuglog('Verifying Gatekeeper acceptance for darwin platform...')