sudacode/SubMiner
1
0
Fork 0
mirror of https://github.com/ksyasuda/SubMiner.git synced 2026-03-20 12:11:28 -07:00
Code Issues Packages Projects Releases Wiki Activity
Files
20f53c0b70c06803bf1d6e5a4ee402b0ce9db12c
SubMiner/backlog/tasks/task-138 - Publish-unsigned-Windows-release-artifacts-and-add-local-unsigned-build-script.md
sudacode 48f10dbb03 chore(backlog): maintain task backlog and add changelog fragments 
- Move completed tasks (85, 117, 118, 155) to backlog/completed/
- Delete superseded task files (166 verification, 172 drilldown)
- Add stats dashboard milestone m-1
- Add new tasks (190, 194)
- Update task metadata across remaining backlog items
- Add changelog fragments for stats, mpv args, and subtitle filtering
2026-03-18 02:25:07 -07:00

2.8 KiB
Raw Blame History

id, title, status, assignee, created_date, updated_date, labels, dependencies, references, priority, ordinal
id title status assignee created_date updated_date labels dependencies references priority ordinal
TASK-138 Publish unsigned Windows release artifacts and add local unsigned build script Done
codex
2026-03-09 00:00 2026-03-18 05:28
release
windows
.github/workflows/release.yml
package.json
src/release-workflow.test.ts
high 45500

Description

Stop the tag-driven release workflow from depending on SignPath and publish unsigned Windows .exe and .zip artifacts directly. Add an explicit local build:win:unsigned script without changing the existing build:win command.

Acceptance Criteria

  • #1 Windows release CI builds unsigned artifacts without requiring SignPath secrets.
  • #2 The Windows release job uploads release/*.exe and release/*.zip directly as the windows artifact.
  • #3 The repo exposes a local build:win:unsigned script for explicit unsigned Windows packaging.
  • #4 Regression coverage fails if the workflow reintroduces SignPath submission or drops the unsigned script.

Implementation Plan

  1. Update workflow regression tests to assert unsigned Windows release behavior and the new local script.
  2. Patch package.json to add build:win:unsigned.
  3. Patch .github/workflows/release.yml to build unsigned Windows artifacts and upload them directly.
  4. Add the release changelog fragment and run focused verification.

Implementation Notes

Removed the Windows SignPath secret validation and submission steps from .github/workflows/release.yml. The Windows release job now runs bun run build:win:unsigned and uploads release/*.exe and release/*.zip directly as the windows artifact consumed by the release job.

Added scripts/build-win-unsigned.mjs plus the build:win:unsigned package script. The wrapper clears Windows code-signing environment variables and disables identity auto-discovery before invoking electron-builder, so release CI stays unsigned even if signing credentials are configured elsewhere.

Updated src/release-workflow.test.ts to assert the unsigned workflow contract and added the release changelog fragment in changes/unsigned-windows-release-builds.md.

Final Summary

Windows release CI now publishes unsigned artifacts directly and no longer depends on SignPath. Local developers also have an explicit bun run build:win:unsigned path for unsigned packaging without changing the existing build:win command.

Verification:

  • bun test src/release-workflow.test.ts
  • bun run typecheck
  • node --check scripts/build-win-unsigned.mjs
Reference in New Issue View Git Blame Copy Permalink