You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Would be good for the VBS script to be digitally signed like the Powershell scripts
Is your feature request related to a problem?
The invisible.vbs script isn't signed and so is blocked by AppLocker/WDAC policies requiring scripts to be signed (eg. error below from AppLocker).
> Event 8007 %OSDRIVE%\PROGRAMDATA\WINGET-AUTOUPDATE\INVISIBLE.VBS was prevented from running.
Would be good to sign these like the powershell scripts to avoid hash based rules which will break with any changes.
Additional information
Raised this initially (mistakenly) on the Winget-AutoUpdate project as I hadn't realised the signing of the powershell scripts came through this project (I've installed via the Store App - not sure if that's what signs the scripts?).
Sounds like there's a plan to workaround using any VBS at all (Romanitho#465, Romanitho#496), but if there's an interim change that could be made to sign the VBS script that'd be awesome!
Appreciate we can workaround this with hash rules, signing ourselves, etc. just wanted to flag it...
The text was updated successfully, but these errors were encountered:
Hey, thank you for your comment. I am also implementing a workaround for VBS aswell (it is already in the code) but have not put it in the releases yet since it would require me to implement different architectures (to avoid folder SYSWOW6432 redirection)
But I will put some more energy in it to get it done if now someone asks about it :).
The request
Would be good for the VBS script to be digitally signed like the Powershell scripts
Is your feature request related to a problem?
Additional information
Raised this initially (mistakenly) on the Winget-AutoUpdate project as I hadn't realised the signing of the powershell scripts came through this project (I've installed via the Store App - not sure if that's what signs the scripts?).
Sounds like there's a plan to workaround using any VBS at all (Romanitho#465, Romanitho#496), but if there's an interim change that could be made to sign the VBS script that'd be awesome!
Appreciate we can workaround this with hash rules, signing ourselves, etc. just wanted to flag it...
The text was updated successfully, but these errors were encountered: