v1.5.1 — Windows signing, CA cert trust, and CI hardening

Overview

v1.5.1 is a patch release focused on the Windows air-gapped deployment story: Authenticode signing is now wired through the release pipeline, the self-signed CA certificate can be imported without Administrator rights, and the import is fully silent. Two CI bugs introduced in v1.5.0 (a bad cargo cyclonedx flag and a missing Windows test job) are also fixed.

What's Changed

New Features

• Authenticode signing, SLSA provenance, and dist commit: The release workflow now signs oxide-sloc.exe with the committed self-signed certificate, attaches SLSA provenance, and commits the signed binary to dist/ — a plain git pull is all a Windows air-gapped machine needs to get the signed binary without any Rust toolchain extraction.
• Self-signed Authenticode cert + generator: A self-signed code-signing certificate and companion generation script are committed to certs/ so Windows builds are immediately Authenticode-signable without waiting for a commercial CA.
• CA cert trust — no Admin required: install.sh detects the CA certificate in certs/ and offers to import it into the current-user store via certutil -addstore -user, requiring no Administrator elevation.
• Windows test job: A windows-latest job is added to the CI matrix, running cargo test --workspace on Windows and closing the coverage gap for signing-related code.

Bug Fixes

• Silent CA cert import: The CA certificate is now imported without a native Windows security prompt — the previous behaviour interrupted unattended installs.
• cargo-cyclonedx flag: Corrected an invalid flag passed to cargo cyclonedx in release.yml that caused SBOM generation to fail; build.rs is reformatted to pass the rustfmt CI gate.

Full Changelog

v1.5.0...v1.5.1