Code52
Digitally Signed Binary
But since windows 10 is out it would be good to keep chocolatey up to date as people can use that as package manager now.
What is the benefit to sign it in this case? It's a small tool and a zip is available for download.
About the version on chocolatey, I plan to release a new one but there are still some important issue that I need to take care of before.
I'm not sure if it is my job to explain why would it be beneficial to sign a binary that is distributed through unsecure channels and which can act as a local webserver. The benefit would be improved securtiy and better interoperability with Applocker.
My question was misleading, I know the benefit of code signing but I never had the need for a small tool to be signed. A majority of small tools available on the web aren't signed. I don't use Applocker, is that require that the executables are signed?
And there is also the cost: a certificate isn't cheap, I can't spend 100$/year for every projects I work on.
The fact that it is a small tool doesn't make it any less prone to be tampered. You can use hash rules in applocker, but after every update one must revise those, while certificate rules are unaffected by updates. I understand your point, it's not a cheap feature, and surely not for people who doesn't mind semi-trusted sources and blindly click proceed on UAC warnings.
You've got a point and I think I found the lower price for code sign certificate for open source project at Certum.
So the code sign will happen but I can't say when.
I'm not a fan of strong naming. @urmajom You can always use Strongnamer: https://github.com/dsplaisted/strongnamer
I think that @urmajom was talking about code signing and not strong naming.
And I can't do strong naming on Pretzel.Logic since it can be used by ScriptCs scripts for plugins and I don't know how existing plugin will react to a strong name dll.