mirror of
https://github.com/actualbudget/actual.git
synced 2026-07-10 20:42:31 -05:00
Closed
opened 2026-02-28 20:43:57 -06:00 by GiteaMirror
·
0 comments
No Branch/Tag Specified
master
enforce-append-only-migrations-ci
delay-initial-sync-until-loaded
jfdoming/mobile-app-build
claude/error-codes-worker-boundary-26i5uu
jfdoming/api-tokens-part-1
jfdoming/api-tokens-part-2
jfdoming/api-tokens-part-3
jfdoming/mobile-app-updates
ai/simplify-categories-get-api
api-browser-custom-data-dir
claude/budget-version-migration-compat-151jlr
claude/worker-error-serialization-9iqtl7
claude/react-table-library-research-afx83z
claude/issue-8401-regression-test-9nw9l3
jfdoming/mobile-app-foundation-part-1
jfdoming/mobile-app-scaffold
release
ai-fix-cleanup-def-8290
claude/relaxed-shannon-jusywa
claude/fervent-keller-s6f2fq
claude/determined-feynman-st1y9z
claude/wizardly-einstein-vi2wce
claude/sweet-albattani-7nseio
feat/bank-sync-per-budget-file
claude/affectionate-cannon-y0kc82
claude/dependabot-findings-m9pgmb
claude/mac-app-ios-publish-zjs1lz
claude/vigilant-tesla-aiiyos
depot-migrate-secrets-1781296330308
claude/quirky-cerf-v5qck7
claude/animation-removal-alternative-2etfh1
claude/netlify-preview-comments-consolidate-9XPYa
osc/7391-error-boundaries-reports
claude/pensive-dijkstra-7DYui
claude/server-app-version-mismatch-HTCGv
claude/pr-8027-review-feedback-mELuO
claude/zealous-wozniak-e5pO0
claude/intelligent-heisenberg-BSHJq
claude/translation-download-refactor-jFRsO
claude/mobile-performance-ideas-G9PAO
claude/github-issue-7988-5A5ly
blacksmith-migration-ff70d2d
claude/great-mayer-KRvOk
claude/react-native-ios-compilation-fcJh5
claude/serene-goldberg-58xv0
claude/kind-euler-LVG3K
release-automation/edge-nightly
7710-bundle-migrations
claude/fix-docker-build-error-WMfed
claude/llm-compatible-release-notes-t20Nr
7710-tests-tdd
cursor/transaction-table-rewrite-f077
claude/plan-ci-secure-context-OtEe1
claude/fix-issue-7667-DPXi3
cursor/resolve-pr-7449-ee11
claude/fix-typescript-build-error-JPtZ5
copilot/add-repository-configs-to-packages
worktree-compressed-drifting-ritchie
claude/api-consumer-verification-kfz1K
pr-7454
claude/fix-issue-7410-LLLQ4
revert-7281-generate-icons
react-query-useSchedules
copilot/sub-pr-6140
package-upgrades
v26.7.0
v26.6.0
v26.5.2
v26.5.1
v26.5.0
v26.4.0
v26.3.0
v26.2.1
v26.2.0
v26.1.0
v25.12.0
v25.11.0
v25.10.0
v25.9.0
v25.8.0
v25.7.1
v25.7.0
v25.6.1
v25.6.0
v25.5.0
v25.4.0
v25.3.1
v25.3.0
v25.2.1
v25.2.0
v25.1.0
v24.12.0
v24.11.0
v24.10.1
v24.10.0
v24.9.0
v24.8.0
v24.7.0
v24.6.0
v24.5.0
v24.4.0
v24.3.0
v24.2.0
v24.1.0
v23.12.0
v23.11.0
v23.10.0
v23.9.0
v23.8.1
v23.8.0
v23.7.2
v23.7.1
v23.7.0
v23.6.0
v23.5.0
v23.4.2
v23.4.1
v23.4.0
v23.3.2
v23.3.0
v23.2.9
v23.2.5
v23.1.12
v22.12.9
Labels
Clear labels
AI generated
API
bank sync
budgeting
bug
can’t replicate
dependencies
docker
documentation
electron
experimental feature
feature
feedback
goal templates
good first issue
help wanted
importers
maintenance
needs info
needs testing
needs triage
needs votes
openid
payees
pull-request
regression
reports
responsive
rules
schedules
server
✨ merged
split transactions
tech debt
tech-support
theme
transaction import
transaction reconciliation
transactions
translations
upstream
user interface
✅ approved
wontfix
Mirrored from GitHub Pull Request
No Label
pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
No Assignees
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: github-starred/actual#3594
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
📋 Pull Request Information
Original PR: https://github.com/actualbudget/actual/pull/1209
Author: @Shazib
Created: 6/27/2023
Status: ❌ Closed
Base:
master← Head:codesigning-windows📝 Commits (7)
7d9cbd8Attempt to add codesigning to windows electron53e3877Merge branch 'actualbudget:master' into master5efbe3cBump electron package version to match6893e4fAdd Release Notes669b41cMerge branch 'actualbudget:master' into master6d3c6b5Merge branch 'actualbudget:master' into master39e2459fRename 1191.md to 1209.md📊 Changes
3 files changed (+25 additions, -3 deletions)
View changed files
📝
.github/workflows/build.yml(+18 -2)📝
packages/desktop-electron/package.json(+1 -1)➕
upcoming-release-notes/1209.md(+6 -0)📄 Description
Sorry I accidentally closed the PR so opening again.
Changes Made
Adding code-signing to windows builds.
This is all handled by electron-builder so all we need to do is supply it with the certificate details. There are two new github org secrets that need to be set before it will work. I am just using a locally generated certificate for now.
The new secrets are WIN_CERT_BASE64 and WIN_CERT_PASS
I will remove the
workflow_dispatch:before this PR is merged, its just there for testing atm.Slightly related, the version number in
desktop-electron/package.jsonis out of sync, so whatever process updates this perhaps needs a review.Getting a Certificate
Option 1: Generate our own certificate.
Option 2: Purchase a Certificate
Steps:
One thing i'm a little unclear about is how we would tranfer the certificate from the seller to the HSM, given they won't just send you the file. I have seen this but I can't test it without actually buying a cert. Azure is partnered with digicert etc for eliminating this issue but the certificates from them are much more expensive.
I am currently deploying an azure keyvault to try it out and will report back...There is also an AWS HSM.
In terms of financing this, I have not seen any links for donating etc, but would be happy to contribute.
Windows Store
I think none of the above is needed if we publish directly to the microsoft store, as they re-sign things with a microsoft certificate, we just have to sign with a cert, that we upload to our MS Developer account so they can verify who submitted the app.
I can't test this thoroughly because whilst I have a MS Dev account you need to provide a url to a website, a url to the exe, a privacy policy, etc, so I dont have a good 'test' app to run through the process.
I can try actually deploying the current actualbudget there if people want.
This does have the caveat that people downloading directly from the github release won't get the 'officially' signed version.
🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.