build: windows signing should include timestamps
Previously the build artifacts did not include a signed timestamp, so when the certificate expired the validation of the artifact would fail. Now we sign against a timestamp server such that the artifact will always be valid regardless of the disposition of the certificate. Closes #7360 and #7059.
This commit is contained in:
Родитель
f68a116c3c
Коммит
a9d22247ad
|
@ -136,7 +136,8 @@ if errorlevel 1 goto exit
|
|||
@rem Skip signing if the `nosign` option was specified.
|
||||
if defined nosign goto licensertf
|
||||
|
||||
signtool sign /a Release\node.exe
|
||||
signtool sign /a /d "Node.js" /t http://timestamp.globalsign.com/scripts/timestamp.dll Release\node.exe
|
||||
if errorlevel 1 echo Failed to sign exe&goto exit
|
||||
|
||||
:licensertf
|
||||
@rem Skip license.rtf generation if not requested.
|
||||
|
@ -159,7 +160,8 @@ msbuild "%~dp0tools\msvs\msi\nodemsi.sln" /m /t:Clean,Build /p:Configuration=%co
|
|||
if errorlevel 1 goto exit
|
||||
|
||||
if defined nosign goto run
|
||||
signtool sign /a Release\node-v%NODE_VERSION%-%msiplatform%.msi
|
||||
signtool sign /a /d "Node.js" /t http://timestamp.globalsign.com/scripts/timestamp.dll Release\node-v%NODE_VERSION%-%msiplatform%.msi
|
||||
if errorlevel 1 echo Failed to sign msi&goto exit
|
||||
|
||||
:run
|
||||
@rem Run tests if requested.
|
||||
|
|
Загрузка…
Ссылка в новой задаче