electron应用如果要发布到app store需要使用electron-builder打包（target需为mas）并经过签名后方可上传到app store connect，上传之前应用需要支持sandbox，但是签名后如果设置com.apple.security.app-sandbox为true则会导致应用启动时崩溃，崩溃代码为:
EXC_BAD_ACCESS (Code Signature Invalid)

详见issues:
https://github.com/electron-u...
https://github.com/electron-u...

原因时electron-builder的依赖包app-builder将plist文件错误的生成为二进制文件，已有人提交fix代码，但作者并为将编译结果发布到npm内；app-builder为go代码，对应npm的app-builder-bin包，可手动clone源码，编译后替换到node_modules/app-builder-bin内，笔者已编译好并上传到npm内，可通过运行npm i @replace5/app-builder-bin,然后将@replace5/app-builder-bin/的内容替换到app-builder-bin内(不要替换package.json)，即可打包成功

mas应用是无法在本地打开的，要验证mas的打包，需要在target内添加mas-dev，确认mas-dev打开后不会崩溃后即可

另外mas是不支持app.requestSingleInstanceLock的，可以通过process.mas来判断是否为mas版本

附上打包配置：
electron-builder.js:

module.exports = {
    productName: "XXXXX",
    appId: "xxxx",
    directories: {buildResources: "assets/icons", output: "build"},
    publish: [{provider: "generic", url: "-"}],
    mac: {
        category: "public.app-category.productivity",
        target: ["mas-dev", "mas"],
        icon: "assets/icons/icon.icns",
        extendInfo: {
            ElectronTeamID: "你的TeamID",
        },
        gatekeeperAssess: false,
        hardenedRuntime: true,
    },
    dmg: {
        sign: false,
    },
    mas: {
        hardenedRuntime: false,
        identity: "你的app证书，3rd Party Mac Developer Application冒号后面的名称",
        entitlements: "./build-config/mas/entitlements.mas.plist",
        entitlementsInherit: "./build-config/mas/entitlements.mas.inherit.plist",
        provisioningProfile: "./build-config/mas/xxxx.provisionprofile",
    },
    masDev: {
        hardenedRuntime: false,
        identity: "你的个人开发者证书, Mac Developer冒号后面的名称",
        entitlements: "./build-config/mas/entitlements.mas.plist",
        entitlementsInherit: "./build-config/mas/entitlements.mas.inherit.plist",
        provisioningProfile: "./build-config/mas/xxxx.provisionprofile",
    }
}

entitlements.mas.plist:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.application-groups</key>
<array>
<string>你的TeamId.你的appId</string\
</array>
<key>com.apple.security.network.client</key>
<true/>
<key\>com.apple.security.network.server</key>
<true/>
<key>com.apple.security.files.user-selected.read-write</key>
<true/>
<key>com.apple.security.cs.allow-jit</key>
<true/>
<key>com.apple.security.cs.allow-unsigned-executable-memory<key>
<true/>
<key>com.apple.security.cs.allow-dyld-environment-variables</key>
<true/>
<key>com.apple.security.cs.disable-library-validation</key>
<true/>
</dict>
</plist>

entitlements.mas.inherit.plist:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.inherit</key>
<true/>
</dict>
</plist>

provisionprofile文件去到苹果开发者后台生成并导出https://developer.apple.com/account/resources/profiles/list

证书文件需要有：

• 3rd Party Mac Developer Application
• 3rd Party Mac Developer Installer
• Developer ID Application
• Mac Developer

证书文件也需去苹果开发者后台生成并导入到“钥匙串访问”中