You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
build: enable Azure Artifact Signing for Windows installers
Sign EXE and MSI via electron-builder's win.azureSignOptions, authorized by
OIDC federated credentials between GitHub Actions and Azure. The federated
credential is scoped to the release-candidate workflow's environment, so
the human-gated environment approval and the Azure auth are layered.
AppX is excluded via signExts: the Microsoft Store re-signs during
certification with a Store-issued publisher cert, and matching its CN at
build time isn't feasible.
The wrapper appends --c.win.signExecutable=false when --mode=dev, so PR-time
CI and local dev builds skip signing without needing Azure auth.
Removes the legacy WIN_CSC_LINK / WIN_CSC_KEY_PASSWORD flow.
0 commit comments