From 811cda4ef57a67dc04cf789ecc151244402ee707 Mon Sep 17 00:00:00 2001
From: Eugene <inbox@null.page>
Date: Wed, 22 Apr 2026 18:31:58 -0700
Subject: [PATCH] Update build.yml

---
 .github/workflows/build.yml | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 07285d6b..8c33f099 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -319,12 +319,6 @@ jobs:
       with:
         fetch-depth: 0
 
-    - name: Code signing with Software Trust Manager
-      uses: digicert/ssm-code-signing@v1.1.1
-      if: github.event_name == 'push' && (startsWith(github.ref, 'refs/tags'))
-      env:
-        FORCE_DOWNLOAD_TOOLS: 'true'
-
     - name: Installing Node
       uses: actions/setup-node@v4.4.0
       with:
@@ -358,6 +352,15 @@ jobs:
         echo "SM_CLIENT_CERT_FILE=$SM_CLIENT_CERT_FILE" >> "$GITHUB_ENV"
       shell: bash
 
+    - name: Setup Software Trust Manager
+      uses: digicert/code-signing-software-trust-action@v1.0.0
+      if: github.event_name == 'push' && (startsWith(github.ref, 'refs/tags'))
+      env:
+        SM_HOST: ${{ vars.SM_HOST }}
+        SM_API_KEY: ${{ secrets.SM_API_KEY }}
+        SM_CLIENT_CERT_FILE: ${{ env.SM_CLIENT_CERT_FILE }}
+        SM_CLIENT_CERT_PASSWORD: ${{ secrets.SM_CLIENT_CERT_PASSWORD }}
+
     - name: Build and sign packages
       if: github.event_name == 'push' && (startsWith(github.ref, 'refs/tags'))
       shell: powershell