wiiznokes
commented
1 month ago Thanks for your donation! Your my first for info.
Technically speaking, adding signing for windows should not be to complicated, as cargo packager support is out of the box. Just need to add the corresponding fields in the [package.metadata.packager.windows] section of Cargo.toml.
And I have experience in signing Android app in github actions.
but
Windows is the only platform i know of that force you to buy a certificate. I don't really like this way of doing things. I would have preferred an organization that gives free certificates in return for the identity of the developer. Same level of security imo.
After looking a little, the prices for a certificate, in addition to being a subscription, are quite expensive. But maybe you have an idea of an affordable certificate ? In any case, i don't intent to spend my money on this, but of course, if you tell me a certificate to buy, and you agree to funding it, i will be happy to support it :+1:
It would be really good to pick up a code signing cert and sign your releases. It would help move users over from closed-source alternatives and help increase trust and reduce friction for installs.
If you need more funding to acquire a code cert and assistance in deploying it, let me know.