Sign binaries #29
Comments
|
First step would be to have a secure signing key on the CI server. I'm not sure our current "secrets" infrastructure is fit for that kind of purpose, so I'd start by reviewing that. |
ghost
transferred this issue from another repository
|
Turns out to be quite important for the installer itself, or we get Windows defender being upset. |
6 tasks
|
Our Windows installer is now signed. If we decide to sign other things (signing Maven artifacts is already tracked as part of the work towards publishing to Maven central), let’s open separate issues for that. |
hsenag
pushed a commit
to hsenag/daml
that referenced
this issue
Sep 13, 2019
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
For general security reasons it would be nice to sign all binaries we produce for a release, including the installer. No need to do it immediately, but in the medium term.
CC @shaul-da
The text was updated successfully, but these errors were encountered: