Add known issues section to README; document Windows Defender flaggin… #59

Workflow file for this run

	name: Build and Release

	on:
	push:
	branches: [main]
	tags: ["v*"]
	pull_request:
	branches: [main]

	jobs:
	build:
	runs-on: windows-latest
	strategy:
	matrix:
	arch: [x64, Win32, ARM64]

	steps:
	- uses: actions/checkout@v4

	- name: Install NSIS
	run: choco install nsis -y

	- name: Configure CMake
	run: cmake -B build-${{ matrix.arch }} -A ${{ matrix.arch }} -DCMAKE_BUILD_TYPE=Release

	- name: Build
	run: cmake --build build-${{ matrix.arch }} --config Release

	- name: Package (NSIS)
	run: cpack --config build-${{ matrix.arch }}/CPackConfig.cmake -C Release

	- name: Require signing on tagged release builds
	if: startsWith(github.ref, 'refs/tags/v')
	shell: powershell
	env:
	WINDOWS_SIGNING_CERT: ${{ secrets.WINDOWS_SIGNING_CERT }}
	WINDOWS_SIGNING_PASSWORD: ${{ secrets.WINDOWS_SIGNING_PASSWORD }}
	run: \|
	if (-not $env:WINDOWS_SIGNING_CERT -or -not $env:WINDOWS_SIGNING_PASSWORD) {
	Write-Error "Missing signing secrets WINDOWS_SIGNING_CERT or WINDOWS_SIGNING_PASSWORD"
	exit 1
	}

	- name: Sign binaries
	shell: powershell
	env:
	WINDOWS_SIGNING_CERT: ${{ secrets.WINDOWS_SIGNING_CERT }}
	WINDOWS_SIGNING_PASSWORD: ${{ secrets.WINDOWS_SIGNING_PASSWORD }}
	run: \|
	if (-not $env:WINDOWS_SIGNING_CERT -or -not $env:WINDOWS_SIGNING_PASSWORD) {
	Write-Host "Signing skipped: signing secrets are not configured for this run"
	exit 0
	}
	[IO.File]::WriteAllBytes('codesign.pfx', [Convert]::FromBase64String($env:WINDOWS_SIGNING_CERT))
	$signtool = (Get-Command signtool -ErrorAction SilentlyContinue).Source
	if (-not $signtool) {
	Write-Error "signtool not found on runner"
	exit 1
	}
	$targets = @("build-${{ matrix.arch }}/Release/legacy-notepad.exe")
	$targets += (Get-ChildItem "build-${{ matrix.arch }}/legacy-notepad-*.exe" -ErrorAction SilentlyContinue \| ForEach-Object { $_.FullName })
	foreach ($target in $targets) {
	& $signtool sign /fd SHA256 /td SHA256 /tr http://timestamp.digicert.com /f codesign.pfx /p "$env:WINDOWS_SIGNING_PASSWORD" "$target"
	}
	Remove-Item codesign.pfx -Force

	- name: Generate SHA256 checksums
	shell: powershell
	run: \|
	$targets = @("build-${{ matrix.arch }}/Release/legacy-notepad.exe")
	$targets += (Get-ChildItem "build-${{ matrix.arch }}/legacy-notepad-*.exe" -ErrorAction SilentlyContinue \| ForEach-Object { $_.FullName })
	$checksumFile = "build-${{ matrix.arch }}/SHA256SUMS.txt"
	if (Test-Path $checksumFile) { Remove-Item $checksumFile -Force }
	foreach ($target in $targets) {
	if (Test-Path $target) {
	$hash = (Get-FileHash $target -Algorithm SHA256).Hash.ToLower()
	"$hash *$(Split-Path $target -Leaf)" \| Out-File -FilePath $checksumFile -Append -Encoding ascii
	}
	}

	- name: Upload Artifact
	uses: actions/upload-artifact@v4
	with:
	name: legacy-notepad-${{ matrix.arch }}
	path: \|
	build-${{ matrix.arch }}/Release/legacy-notepad.exe
	build-${{ matrix.arch }}/legacy-notepad-*.exe
	build-${{ matrix.arch }}/SHA256SUMS.txt

	release:
	needs: build
	if: startsWith(github.ref, 'refs/tags/v')
	runs-on: ubuntu-latest
	steps:
	- name: Download Artifacts
	uses: actions/download-artifact@v4
	with:
	path: artifacts

	- name: Create Release
	uses: softprops/action-gh-release@v1
	with:
	files: \|
	artifacts/legacy-notepad-x64/legacy-notepad.exe
	artifacts/legacy-notepad-x64/legacy-notepad-*.exe
	artifacts/legacy-notepad-x64/SHA256SUMS.txt
	artifacts/legacy-notepad-Win32/legacy-notepad.exe
	artifacts/legacy-notepad-Win32/legacy-notepad-*.exe
	artifacts/legacy-notepad-Win32/SHA256SUMS.txt
	artifacts/legacy-notepad-ARM64/legacy-notepad.exe
	artifacts/legacy-notepad-ARM64/legacy-notepad-*.exe
	artifacts/legacy-notepad-ARM64/SHA256SUMS.txt
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add known issues section to README; document Windows Defender flaggin… #59

Workflow file

Add known issues section to README; document Windows Defender flaggin… #59

Uh oh!

Workflow file for this run