The certificate used to sign executables for Sourcetree has expired:

Thumbprint: f87e1c76e95f759b4747d0b92bd2a7caecc3c45e

The executables do not appear to have a Timestamp associated. As a result, the signing has now expired.

My organisation uses application restriction policy whitelisting - only allowing specific executables to launch; a common configuration in enterprise environments. We are in the process of having to create individual hash-based rules to allow the executables to run in the short-term.

Can the next release of Sourcetree please be signed with a renewed certificate, and have the files include a timestamp.