fix: untangle macOS release notarization from NativePHP build #122
Description
Summary
The signed macOS release workflow is failing after the desktop build step in the post-merge release run:
What is happening
Both macOS matrix jobs successfully produce a signed .app bundle, but the workflow fails in Locate macOS build outputs because no .dmg artifact is present.
The logs show that php artisan native:build mac ... is still invoking NativePHP/Electron's built-in afterSign notarization hook during the build itself. That hook is failing with an Apple network/notary error (NSURLErrorDomain Code=-1009) before the workflow reaches its own explicit notarization steps.
At the same time, the workflow already intends to:
- verify the signed
.app - notarize and staple the app bundle
- notarize and staple the DMG
So the current workflow is effectively trying to notarize in two different places.
Fix direction
- stop NativePHP's
afterSignhook from notarizing inside the build job - let the build step focus on producing signed artifacts
- notarize the app bundle explicitly in the workflow after artifact discovery
- keep the explicit DMG notarization/stapling flow in the workflow
- improve failure visibility around artifact discovery if the build output shape changes again