From 965a06c10bafb5ba07455ea068107a7221ce0ff0 Mon Sep 17 00:00:00 2001
From: philip meholm <philip@nimtech.no>
Date: Sat, 15 Jun 2024 23:40:39 +0200
Subject: [PATCH 1/3] updated readme to include cert notice

---
 README.md | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 893b1123a..ff64a1e54 100644
--- a/README.md
+++ b/README.md
@@ -6,6 +6,8 @@
 
 > 📦🔐 Pester is now signed. `-SkipPublisherCheck` should no longer be used to install from PowerShell Gallery on Windows 10.
 
+> 📦🔐 If you upgrade to 5.6.0 you will get a "certificate changed" error if you dont skip publisher check. This is related to a new module certificate. [more info here](#regarding-certificate-for-different-versions).
+
 > 👩👨 We are looking for contributors! All issues labeled [help wanted](https://github.com/pester/Pester/labels/help%20wanted) are up for grabs. They further split up into [good first issue](https://github.com/pester/Pester/labels/good%20first%20issue) that are issues I hope are easy to solve. [Bad first issue](https://github.com/pester/Pester/labels/bad%20first%20issue) where I expect the implementation to be problematic or needs to be proposed and discussed beforehand. And the rest which is somewhere in the middle. If you decide to pick up an issue please comment in the issue thread so others don't waste their time working on the same issue as you.
 > There is also [contributor's guide](https://pester.dev/docs/contributing/introduction) that will hopefully help you.
 
@@ -77,6 +79,26 @@ Install-Module -Name Pester -Force
 
 Not running Windows 10 or facing problems? See the [full installation and update guide](https://pester.dev/docs/introduction/installation).
 
+## Regarding Certificate for different versions
+
+with 5.6.0 the certificate used for deplyment has changed. this will give you a error when updating.
+below are a list of the used certificates you can expect to be used when importing the module (going back to 2016)
+
+Version|Authority|Thumbprint
+---|---|---
+5.6.0++|CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1, O="DigiCert, Inc.", C=US|2FCC9148EC2C9AB951C6F9654C0D2ED16AF27738
+5.2.0 - 5.5.0|CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US|C7B0582906E5205B8399D92991694A614D0C0B22
+4.10.0 - 5.1.1|CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US|7B9157664392D633EDA2C0248605C1C868EBDE43
+4.4.3 - 4.9.0|CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US|CC1168BAFCDA3B1A5E532DA87E80A4DD69BCAEB1
+3.0.3 - 4.4.2|No Certificate Found|No Certificate Found
+3.4.0|CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US |71F53A26BB1625E466727183409A30D03D7923DF
+
+in all cases in exeption to version 3.4.0, the Authenticode issuer for certificate should be `CN=Jakub Jareš, O=Jakub Jareš, L=Praha, C=CZ`.
+
+3.4.0 is a special case as this is the version signed my microsoft and deployed to w10.
+
+to fix any issue when using a module that have changed certificate is to append `-SkipPublisherCheck` to the install command.
+
 ## Features
 
 ### Test runner
@@ -174,7 +196,6 @@ Pester is sponsored by [Octopus Deploy](https://octopus.com).
 
 As well as all the great folks on [OpenCollective](https://opencollective.com/pester) and [GitHub](https://github.com/users/nohwnd/sponsorship#sponsors).
 
-
 ## Contributors
 
 ### Code Contributors

From c85f0baaf57f69178f71e1ad66c1788bba9f026a Mon Sep 17 00:00:00 2001
From: philip meholm <philip@nimtech.no>
Date: Sat, 15 Jun 2024 23:45:21 +0200
Subject: [PATCH 2/3] fix formatting on table

---
 README.md | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index ff64a1e54..66590f74b 100644
--- a/README.md
+++ b/README.md
@@ -86,12 +86,12 @@ below are a list of the used certificates you can expect to be used when importi
 
 Version|Authority|Thumbprint
 ---|---|---
-5.6.0++|CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1, O="DigiCert, Inc.", C=US|2FCC9148EC2C9AB951C6F9654C0D2ED16AF27738
-5.2.0 - 5.5.0|CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US|C7B0582906E5205B8399D92991694A614D0C0B22
-4.10.0 - 5.1.1|CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US|7B9157664392D633EDA2C0248605C1C868EBDE43
-4.4.3 - 4.9.0|CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US|CC1168BAFCDA3B1A5E532DA87E80A4DD69BCAEB1
+5.6.0++|`CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1, O="DigiCert, Inc.", C=US`|`2FCC9148EC2C9AB951C6F9654C0D2ED16AF27738`
+5.2.0 - 5.5.0|`CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US`|`C7B0582906E5205B8399D92991694A614D0C0B22`
+4.10.0 - 5.1.1|`CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US`|`7B9157664392D633EDA2C0248605C1C868EBDE43`
+4.4.3 - 4.9.0|`CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US`|`CC1168BAFCDA3B1A5E532DA87E80A4DD69BCAEB1`
 3.0.3 - 4.4.2|No Certificate Found|No Certificate Found
-3.4.0|CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US |71F53A26BB1625E466727183409A30D03D7923DF
+3.4.0|`CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US`|`71F53A26BB1625E466727183409A30D03D7923DF`
 
 in all cases in exeption to version 3.4.0, the Authenticode issuer for certificate should be `CN=Jakub Jareš, O=Jakub Jareš, L=Praha, C=CZ`.
 

From 4226a14579c6933af127147738f3dc7369c42248 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jakub=20Jare=C5=A1?= <me@jakubjares.com>
Date: Tue, 18 Jun 2024 09:24:50 +0200
Subject: [PATCH 3/3] Apply suggestions from code review

---
 README.md | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index 66590f74b..446cc113c 100644
--- a/README.md
+++ b/README.md
@@ -6,7 +6,7 @@
 
 > 📦🔐 Pester is now signed. `-SkipPublisherCheck` should no longer be used to install from PowerShell Gallery on Windows 10.
 
-> 📦🔐 If you upgrade to 5.6.0 you will get a "certificate changed" error if you dont skip publisher check. This is related to a new module certificate. [more info here](#regarding-certificate-for-different-versions).
+> 📦🔐 Upgrading to 5.6.0 will show a "certificate changed" error, this is because a change in Root Certificate, and you have to specify `-SkipPublisherCheck` to update. [More info below.](#560-certificate-error).
 
 > 👩👨 We are looking for contributors! All issues labeled [help wanted](https://github.com/pester/Pester/labels/help%20wanted) are up for grabs. They further split up into [good first issue](https://github.com/pester/Pester/labels/good%20first%20issue) that are issues I hope are easy to solve. [Bad first issue](https://github.com/pester/Pester/labels/bad%20first%20issue) where I expect the implementation to be problematic or needs to be proposed and discussed beforehand. And the rest which is somewhere in the middle. If you decide to pick up an issue please comment in the issue thread so others don't waste their time working on the same issue as you.
 > There is also [contributor's guide](https://pester.dev/docs/contributing/introduction) that will hopefully help you.
@@ -81,8 +81,8 @@ Not running Windows 10 or facing problems? See the [full installation and update
 
 ## Regarding Certificate for different versions
 
-with 5.6.0 the certificate used for deplyment has changed. this will give you a error when updating.
-below are a list of the used certificates you can expect to be used when importing the module (going back to 2016)
+The certificate used for signing the code has changed in 5.6.0. Error is shown when updating the module.
+Below is the list of the certificates you can expect to be used when importing the module (going back to 2016)
 
 Version|Authority|Thumbprint
 ---|---|---
@@ -93,11 +93,9 @@ Version|Authority|Thumbprint
 3.0.3 - 4.4.2|No Certificate Found|No Certificate Found
 3.4.0|`CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US`|`71F53A26BB1625E466727183409A30D03D7923DF`
 
-in all cases in exeption to version 3.4.0, the Authenticode issuer for certificate should be `CN=Jakub Jareš, O=Jakub Jareš, L=Praha, C=CZ`.
+In all cases, except for version 3.4.0 that was signed directly by Microsoft, the Authenticode issuer for certificate is `CN=Jakub Jareš, O=Jakub Jareš, L=Praha, C=CZ`.
 
-3.4.0 is a special case as this is the version signed my microsoft and deployed to w10.
-
-to fix any issue when using a module that have changed certificate is to append `-SkipPublisherCheck` to the install command.
+To successfully update the module when certificate changed, you need to provide `-SkipPublisherCheck` to the `Install-Module` command.
 
 ## Features