Keep the Deliverable in Mind


I had just finished running a quick test on a new Analyzer release. We had released a new version recently, and during the installation, Microsoft Defender SmartScreen (part of Windows) did not love our new installer. It warned you that the setup program wasn’t to be fully trusted.

Yikes.

I won’t go into the details, but we had to purchase and configure a higher-security code signing certificate and create a new installer that used it. It was a bit of an ordeal to figure out what to order and how to get it configured correctly, and I immersed myself in those activities.

I tested the fixed installer and verified that Microsoft Defender SmartScreen had no complaints with the new certificate. No more warning message. I let the developer know the test had passed, and she asked whether this would be a private or public release.  

I had to think about it for a minute before remembering: the whole purpose of fixing the certificate is that our latest release has this scary warning.

So, yes, it had to be a public release. Because it took me a minute to answer, it’s clear to me that I had lost sight of the purpose of the work. I had worked on fixing the issue while not keeping in mind the end result, the deliverable. I had not asked myself periodically, “Why does doing this matter?”

Keeping the deliverable in mind when working on an activity or project is vital for at least three reasons.

  1. You’ll get there faster. Distractions are easier to say ‘no’ to when the deliverable is front-of-mind.
  2. You’ll end up closer to the target. It’s hard to end up in an unintended place when you remind yourself daily of your destination.
  3. You might realize it’s not worth doing now. Suppose you have a hard time coming up with a deliverable, output, or purpose of the activity. If it won’t matter to anyone or anything, isn’t it taking up a more deserving activity’s time slot?

It’s essential for teams that everyone has the same definition of the deliverable; they need to be on the same page.

Concerning the certificate and code signing: even though it’s a huge pain, it’s an excellent thing. You want to have a high level of trust when installing anything on your computer. We want you to feel confident that the installer you’re running came from us.

Be Safe!

,

2 responses to “Keep the Deliverable in Mind”

  1. We went through the Vericode third party attestation process last year at a client’s request. It was not fun but it made our product better (more secure) and made our client happy!

Leave a Reply