Disable code signing as we don't have a valid certificate anymore

jozefizso · jozefizso · commit 77ddee103c1b · 2024-02-16T22:15:34.000+01:00
Starting June 1, 2023 CA/Browser Forum requires private keys for code signing certificates to be stored
on hardware certified as FIPS 140 Level 2, Common Criteria EAL 4+, or equivalent.

This prohibits open source developers from obtaining certificates to sign code in GitHub Actions.
diff --git a/.github/Get-BuildInfo.ps1 b/.github/Get-BuildInfo.ps1
@@ -31,7 +31,8 @@ $app_version_suffix = "preview${env:GITHUB_RUN_NUMBER}"
 
 if ($configuration -ieq 'release') {
   if ($event_name -notlike 'pull_request') {
-    $sign_binaries = 'true'
+    # temporary disabled as we don't have a valid certificate
+    $sign_binaries = 'false'
   }
 
   if ($ref -like 'refs/tags/v*') {

Original file line number	Diff line number	Diff line change
`@@ -31,7 +31,8 @@ $app_version_suffix = "preview${env:GITHUB_RUN_NUMBER}"`
`31`	`31`
`32`	`32`	`if ($configuration -ieq 'release') {`
`33`	`33`	`if ($event_name -notlike 'pull_request') {`
`34`		`- $sign_binaries = 'true'`
	`34`	`+ # temporary disabled as we don't have a valid certificate`
	`35`	`+ $sign_binaries = 'false'`
`35`	`36`	`}`
`36`	`37`
`37`	`38`	`if ($ref -like 'refs/tags/v*') {`