chore: update sign script

package.json

@@ -36,7 +36,7 @@
     "package:edge": "npm run package -- --filename={name}-{version}-edge.zip",
     "package:all": "npm run postbuild:firefox && npm run package:firefox && npm run postbuild:chrome && npm run package:chrome && npm run package:edge",
     "package:source": "zip -r -FS distract_me_not-source.zip * .rescriptsrc.js .env.development .env.test -x build\\* node_modules\\* old\\* old-src\\* web-ext-artifacts\\* screenshots\\* *.zip",
-    "sign": "npx web-ext-submit --source-dir=build --channel=unlisted --api-key=$AMO_JWT_ISSUER --api-secret=$AMO_JWT_SECRET",
+    "sign": "node ./sign-addon.js",
     "test": "rescripts test --verbose",
     "test:all": "npm test -- --watchAll --testMatch \"**/src/**/*.test.{js,jsx}\"",
     "eject": "react-scripts eject"
@@ -65,6 +65,7 @@
   "devDependencies": {
     "@rescripts/cli": "0.0.16",
     "@types/jest": "^27.4.0",
+    "sign-addon": "^3.11.0",
     "web-ext": "^6.7.0"
   }
 }

sign-addon.js

@@ -0,0 +1,66 @@
+// @source: https://github.com/mozilla/sign-addon
+
+const { signAddon } = require('sign-addon');
+const fs = require('fs');
+
+const manifestJson = fs.readFileSync('public/manifest.firefox.json');
+const manifest = JSON.parse(manifestJson);
+
+signAddon({
+  // Required arguments:
+
+  xpiPath: `distract_me_not-${manifest.version}.zip`,
+  version: manifest.version,
+  apiKey: process.env.AMO_JWT_ISSUER,
+  apiSecret: process.env.AMO_JWT_SECRET,
+
+  // Optional arguments:
+
+  // The explicit extension ID.
+  // WebExtensions do not require an ID.
+  // See the notes below about dealing with IDs.
+  id: manifest.browser_specific_settings.gecko.id,
+  // The release channel (listed or unlisted).
+  // Ignored for new add-ons, which are always unlisted.
+  // Default: most recently used channel.
+  channel: 'unlisted',
+  // Save downloaded files to this directory.
+  // Default: current working directory.
+  //downloadDir: undefined,
+  // Number of milliseconds to wait before aborting the request.
+  // Default: 15 minutes.
+  //timeout: undefined,
+  // Optional proxy to use for all API requests,
+  // such as "http://yourproxy:6000"
+  // Read this for details on how proxy requests work:
+  // https://github.com/request/request#proxies
+  //apiProxy: undefined,
+  // Optional object to pass to request() for additional configuration.
+  // Some properties such as 'url' cannot be defined here.
+  // Available options:
+  // https://github.com/request/request#requestoptions-callback
+  //apiRequestConfig: undefined,
+  // Optional override to the number of seconds until the JWT token for
+  // the API request expires. This must match the expiration time that
+  // the API server accepts.
+  //apiJwtExpiresIn: undefined,
+  // Optional override to the URL prefix of the signing API.
+  // The production instance of the API will be used by default.
+  apiUrlPrefix: 'https://addons.mozilla.org/api/v4',
+})
+.then(function (result) {
+  if (result.success) {
+    console.log('The following signed files were downloaded:');
+    console.log(result.downloadedFiles);
+    console.log('Your extension ID is:');
+    console.log(result.id);
+  } else {
+    console.error('Your add-on could not be signed!');
+    console.error('Error code: ' + result.errorCode);
+    console.error('Details: ' + result.errorDetails);
+  }
+  console.log(result.success ? 'SUCCESS' : 'FAIL');
+})
+.catch(function (error) {
+  console.error('Signing error:', error);
+});