PySolFC icon indicating copy to clipboard operation
PySolFC copied to clipboard
verified publisher icon shlomif

Code Signing

Open joeraz opened this issue 5 months ago • 2 comments

Regarding the recurring issue with the antivirus false positives, I've realized there's only one way to truly resolve it: code signing. Having a signed app would reduce the chances of those false positives, but getting a code signing certificate requires a paid subscription. As this is an open source project with zero budget, that is not practical (and frankly, feels like a scam).

I've recently learned about SignPath, who are willing to offer code signing certificates for open source projects (https://about.signpath.io/product/open-source). I've reached out and confirmed they're free, though the terms and conditions (at https://github.com/SignPath/Website-old/blob/v2/src/drafts/oss_policy.md) suggest we might need to make some logistics/organizational changes to the project to do this.

joeraz avatar Jul 14 '25 02:07 joeraz

Strange enough, with the release of v3.4.0, Avast no longer flagged the Windows installers as malware. ..but with v3.4.1, the warning returned! Subtle compiling differences perhaps?

THEtomaso avatar Sep 14 '25 14:09 THEtomaso

The challenge is that they typically mark the versions as false positives when reported. The newer versions aren't always covered by the same detection.

joeraz avatar Sep 16 '25 03:09 joeraz