[PROPOSAL] [CCI] Update developer's guide regarding Windows script execution policy

[Wielmany]

What are you proposing?

Currently the Developer's Guide solution to Windows not letting you running scripts on client PCs is to set the policy to Unrestricted. Running the yarn install script should be possible even with the execution policy set to RemoteSigned, and this will also prevent users from opening themselves up to potential malicious unsigned scripts that they can run.
Alternatively, we could add the line about reverting the security policy back to restricted after installing yarn package.

[wbeckler]

Have you tested it? And is it possible to modify the windows integration test to run in RemoteSigned mode?

[Wielmany]

I did test that yarn runs in RemoteSigned mode, yes

The tests already run with RemoteSigned execution policy:

In contrast - if the execution police is undefined (in this case it's the same as Restricted) it's blocked

[ilikmeister]

Although, unrestricted will anyways warn the user when a script has been downloaded from the internet. So, in my book, there aren't any issues with it.

[Wielmany]

My concern was, how many people will read the warning instead of just clicking through (and since everything works fine with remoteSigned i think switching to it instead wouldn't hurt). Current PR also scopes the changes to the local user, so you don't need to have admin rights to run the policy change/script

[ilikmeister]

Oh, that makes sense