cli
cli copied to clipboard
fn.exe is not signed, requires users to run in developer mode on windows
We don't sign fn.exe using a code signing cert - this means developers need to enable developer mode on recent versions of windows 10 in order to use fn natively.
I believe (but am not sure) that we could potentially sign exes as part of the build (assuming we can mange secrets etc) - https://stackoverflow.com/questions/18287960/signing-windows-application-on-linux-based-distros
For what it's worth, for Yarn we use osslsigncode
to sign the installer, using a code signing certificate purchased from DigiCert. I actually built a webapp called SecureSign (https://github.com/Daniel15/SecureSign) to handle signing the artifacts in a secure way, as I didn't want to directly expose the signing key to the build process. SecureSign takes the build artifact as input and returns a signed version as output.