fn.exe is not signed, requires users to run in developer mode on windows

[zootalures]

We don't sign fn.exe using a code signing cert - this means developers need to enable developer mode on recent versions of windows 10 in order to use fn natively.

I believe (but am not sure) that we could potentially sign exes as part of the build (assuming we can mange secrets etc) - https://stackoverflow.com/questions/18287960/signing-windows-application-on-linux-based-distros

[Daniel15]

For what it's worth, for Yarn we use osslsigncode to sign the installer, using a code signing certificate purchased from DigiCert. I actually built a webapp called SecureSign (https://github.com/Daniel15/SecureSign) to handle signing the artifacts in a secure way, as I didn't want to directly expose the signing key to the build process. SecureSign takes the build artifact as input and returns a signed version as output.