Replies: 3 comments
-
|
I'd be happy to roll properly signed releases. Money is not an issue, if I need to go and buy a certificate I can do that. What I need and might not have time for is writing up a GitHub Action that will automate the process as part of building the binaries. If anyone were to make a PR for that, I'd definitely merge it!
|
Beta Was this translation helpful? Give feedback.
0 replies
-
|
Thanks for looking at this. I have to admit making this a Github action is a curveball as I've always done it from my desktop on major releases. I've come across this and I'll look into what I can do: https://github.com/marketplace/actions/code-sign-a-file-with-pfx-certificate |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
I've submitted #328 to help out with this. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Let me start by saying, I know this is painful. I only just went through acquiring an authenticode key for my own recent project.
I'm having all sorts of hell running age.exe in a locked down environment. Two different products also flag the just released 1.0 as malware on virustotal:
https://www.virustotal.com/gui/file/64f3d6bf7bdb3305b179b61bc72319af1e33995c26a85276ba0811917a1d4390/detection
I would be happy to donate to fund this.
I have created an EDR configuration to allow list this executable in the meantime, which I believe will assist in training MS' AI.
Beta Was this translation helpful? Give feedback.
All reactions