DelphiLintClient-1.0.0-Alexandria.bpl is not a signed executable

[JonRobertson]

Prerequisites

• [X] This bug is in DelphiLint, not SonarDelphi, SonarQube, or my Delphi code.
• [X] This bug has not already been reported.

Delphi IDE version

Delphi 11 Version 28.0.48361.3236

DelphiLint version

1.0.0

SonarDelphi version

None

SonarQube version

No response

Issue description

After installing DelphiLint, launch Delphi. An error occurs on my workstation. Due to company policy, DelphiLintClient-1.0.0-Alexandria.bpl cannot be loaded because it is not trusted (signed). I signed the BPL with our Authenticode certificate as a workaround. I suspect the BPL would have loaded if it was signed with a Self Signed Code Signing Certificate, even if Windows warned me and I had to allow the BPL to load (in the dialog that asks if I trust the publisher).

Steps to reproduce

Install DelphiLint Launch Delphi

Minimal Delphi code exhibiting the issue

No response

[fourls]

Unfortunately, we're not planning to start signing our build artifacts - a self-signed certificate is rarely any better than no certificate, and as a FOSS project we're not going to pay for a certificate from a central authority.

I'm glad to hear that you managed to work around this problem. If your company does not want you to load unsigned libraries, the long-term solution is to compile the project yourself.