Update Azure Trusted Signing configuration.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2025-10-23 03:31:56 +00:00 · 2025-03-13 13:23:09 -07:00
parent 13b4d2037a
commit a9313f4756
2 changed files with 10 additions and 25 deletions
--- a/package.json
+++ b/package.json
@@ -121,11 +121,16 @@
        }
      ],
      "icon": "build/icon.ico",
-      "publisherName": "Kandra Labs, Inc.",
-      "sign": "./scripts/win-sign.js",
-      "signingHashAlgorithms": [
-        "sha256"
-      ]
+      "signtoolOptions": {
+        "publisherName": "Kandra Labs, Inc."
+      },
+      "azureSignOptions": {
+        "endpoint": "https://eus.codesigning.azure.net/",
+        "codeSigningAccountName": "kandralabs",
+        "certificateProfileName": "kandralabs",
+        "timestampRfc3161": "http://timestamp.acs.microsoft.com",
+        "timestampDigest": "SHA256"
+      }
    },
    "msi": {
      "artifactName": "${productName}-${version}-${arch}.${ext}"
--- a/scripts/win-sign.js
+++ b/scripts/win-sign.js
@@ -1,20 +0,0 @@
-"use strict";
-
-const childProcess = require("node:child_process");
-const {promisify} = require("node:util");
-
-const exec = promisify(childProcess.exec);
-
-exports.default = async ({path, hash}) => {
-  await exec(
-    `powershell.exe Invoke-TrustedSigning \
-Endpoint https://eus.codesigning.azure.net/ \
-CodeSigningAccountName kandralabs \
-CertificateProfileName kandralabs \
-Files '${path}' \
-FileDigest '${hash}' \
-TimestampRfc3161 http://timestamp.acs.microsoft.com \
-TimestampDigest '${hash}'`,
-    {stdio: "inherit"},
-  );
-};