Code Signing Policy

Since version 2.2.0, Windows and macOS installers of Kando are code-signed to ensure their authenticity and integrity.

Thank you!

A huge thanks to SignPath.io for providing the code signing infrastructure and to the SignPath Foundation for providing a free code signing certificate for the Windows installers!

Code Signing Process

Every code contribution to Kando is verified via GitHub’s code review and branch protection mechanisms. Only members of the Kando’s Code Review Team are allowed to approve pull requests and merge them into the main branch.

When a new version of Kando is released, two code signing requests are automatically created on SignPath.io: One for the x64 Windows installer and one for the ARM64 Windows installer. Currently, only @Schneegans is authorized to approve code signing requests for Kando.

Privacy Policy

Kando will not transfer any information to other networked systems except for the following cases:

• On startup, Kando will check for updates by sending a request to api.github.com. This can be disabled in the settings.
• On the first start after installation, Kando will download some spell checking dictionaries from redirector.gvt1.com. This is a “feature” of the underlying Electron framework and cannot easily be disabled. See this discussion for more details.