Exe for windows is not digitally signed

[ahugeix]

Our antivirus system detects git-flow.exe as a possible ransomware and blocks its execution.
This is because the EXE is not digitally signed.

Is it possible to sign the Windows EXE?

[alexrinass]

Thanks for reporting this! We recently reduced the binary size by stripping debug symbols, which is a known trigger for heuristic-based antivirus detections on unsigned Windows executables.

We're looking into signing the Windows builds. We don't plan to revert the size optimization, so code signing is the right path forward here. We're currently evaluating our options and hope to have this resolved in a future release.

If anyone has experience with affordable code signing solutions — especially ones that work well for open-source projects and CI pipelines — we'd love to hear your recommendations!