When running the AdoptOpenJDK Java 8 builds on Windows, Symantec Endpoint Protection Download Insight identifies java.exe as a 'Security Risk' and pops up a Window claiming that it is
so this is how the code signing works, Microsoft now needs more than just codesigning to trust files (it also relies on quantity of downloads) Hopefully this will stop being an issue soon!
See https://github.com/AdoptOpenJDK/openjdk-build/issues/161 for a solution
Presumably that means that the number of downloads will start from zero for each new (e.g. nightly) build?
no it's actually about the number of times that certificate is found on Windows machines so in time it will be more trusted
With the latest build download I now just get one popup with a count of many times the 'risk' has occurred many popups which is much more manageable. Closing this issue.
Most helpful comment
With the latest build download I now just get one popup with a count of many times the 'risk' has occurred many popups which is much more manageable. Closing this issue.