[FEAT]: Digitally Sign copilot executable gh-copilot.exe
thisisevilevil opened this issue · comments
Describe the need
the executable gh-copilot.exe should be digitally signed, as we otherwise have to whitelist each new gh-copilot.exe on the hash level with technologies like AppLocker or WDAC.
Impact: It can cause user frustration, since there is bound to be a delay in getting the hash whitelisted by IT in AppLocker policies, and until it's whitelisted, the user will not be able to launch copilot.
It's more or less the same issues as with this one: https://github.com/orgs/community/discussions/36665
@thisisevilevil : firstly — love your handle; secondly — this was discussed early on and is something the GitHub CLI and Desktop does, too.
That is to say I think it makes sense to bring up to the team for discussion and prioritization. 👍