feat: update signtool.exe to10.0.22621.2428 #546
Conversation
this version supports the /dlib and /dxml arguments required for azure signing.
dopry
force-pushed
the
feat/update-signtool
branch
from
f7950ac to
dff4567
Compare
There was a problem hiding this comment.
Unfortunately we can't accept exe modifications from non-maintainers as we have no way to truly verify origin or authenticity.
@electron/wg-ecosystem can someone look into updating these?
@dopry Can you outline / raise an issue with exactly why you can't use the @electron/windows-sign options to solve this on your side of the build pipeline?
|
They're all signed binaries from MS you can check the signatures and checksums. As I said in the op, the new sign library simply fails when passing the arguments required for azure trusted signing and doesn't yield a meaningful error. I can't get details now, getting my kids ready for school .. but are you sure deferring signing to a whole new lib that only gets called when some options are set is a better solution than simply updating the signtool that is shipped here? |
this version supports the /dlib and /dxml arguments required for azure signing.
I appreciate the integration of windows-sign, but it's failing when called via makerSquirrel and I'm not really getting useful errors out of it. here is an updated signtool that might make it possible for me to sign without subbing out vie the substituted sea signtool.exe from windows-sign...