uninstaller needs to be signed too

the nsis uninstaller is very handy, but it does not appears as trusted to the user.

we need to sign the uninstaller too as part of the release process

changed milestone to %RiseupVPN 0.20.4

added Doing label

after feedback from @meskio, probably the best way to do this is to run the nsis installer in two separate steps: build first the uninstaller, sign it, and then add it as a payload to the 2nd run.

added windows label

changed title from riseupvpn: uninstaller needs to be signed too to uninstaller needs to be signed too

aha https://nsis.sourceforge.io/Signing_an_Uninstaller

mentioned in merge request !94 (closed)

i'm adding this to the installer scripts, and it's slightly convoluted, because you need to have wine installed (when you define a flag, you get a installer.exe that you then need to execute to produce the uninstaller). I was tempted to add wine 32bits to the docker image, but I think growing it 600Mb is too much.

I'd rather go the route of doing the 2-stages but doing the wine step in the host machine.

I also think I'd leave a flag for producing a non-signed uninstaller for the CI.

latest commits on !94 (closed) implement 2 stages inside the docker image, plus signing of the uninstaller and the installer (a one-step still need to be added so that the CI can produce a bundle).

removed Doing label

mentioned in issue #255 (closed)

closed