emozilla 060c4f64a8 fix(desktop): signAndEditExecutable=false to skip signtool path entirely ... After reading app-builder-lib/winPackager.js line 216 + 231 directly: signAndEditExecutable is the ACTUAL hardcoded gate that short-circuits both signApp() (which signs Hermes.exe + every shouldSignFile match including bundled prebuilds) AND createTransformerForExtraFiles(). None of signtoolOptions.sign / sign:null / sign:<custom-fn> gate the winCodeSign download — that happens before they're consulted. What we lose: rcedit also runs through signAndEditResources, so disabling this drops PE metadata (file properties showing 'Hermes' / 'Nous Research' / file description). Cost is real but bounded: * Hermes.exe filename, icon, asar contents, app identity intact * Task Manager shows 'Hermes.exe' (the filename) not 'Hermes' (PE description) — minor downgrade * Start menu, taskbar, window title all work normally * SmartScreen will warn once (unsigned, same as before) When the cert lands, flip signAndEditExecutable back to default true, both signing AND rcedit return, PE metadata is restored. Removes the no-op sign function (build-noop-sign.cjs) since signAndEditExecutable=false prevents signtool from being invoked at all — the custom hook never gets called either.		2026-05-28 13:14:23 -04:00
..
bootstrap-installer	fix(installer): bump bootstrap-installer.log to capture stage transitions + every install.ps1 line	2026-05-28 10:48:43 -04:00
dashboard	Merge origin/main into bb/gui	2026-05-27 21:22:14 -05:00
desktop	fix(desktop): signAndEditExecutable=false to skip signtool path entirely	2026-05-28 13:14:23 -04:00
shared	feat: move dashboard to apps/ so we can share ws proto	2026-05-02 13:38:49 -05:00