Merge branch 'develop' into feature/update-transitive-dependencies

Author: overheadhunter

docs/desktop/admin-config.md

@@ -57,6 +57,8 @@ The following property keys are supported.
 | `cryptomator.p12Path=[FilePath]`                              | The path to the device key.                                                                                                                                     |
 | `cryptomator.mountPointsDir=[DirPath]`                        | The directory where Cryptomator mounts vaults if no per-vault location has been set.                                                                             |
 | `cryptomator.disableUpdateCheck=[Boolean]`                    | Whether to disable automatic update checks (`true`) or allow them (`false`). Defaults to false.                                                                      |
+| `cryptomator.hub.allowedHosts=[UrlList]` | List of hosts that Cryptomator is allowed to connect to during Hub unlock. List entries are comma separated and each host url consists of `scheme:host:port` (`port` is optional). For example `https://hub1.example.com,https://hub2.example.com:4432` |
+| `cryptomator.hub.enableTrustOnFirstUse=[Boolean]`             | Whether Cryptomator shall ask the user to trust unknown Hub hosts (`true`) or disallow connection attempts (`false`). A Hub host is considered unknown unless it is well-known (`*.cryptomator.cloud`), listed in `cryptomator.hub.allowedHosts`, or has already been allowed by the user. Defaults to true |
 
 
 ## Substitutions {#substitutions}

docs/security/verify-installers.md

@@ -26,19 +26,25 @@ If shown, you can ignore the following warning:
 
 `gpg: WARNING: This key is not certified with a trusted signature!`
 
-## Windows (exe) {#windows}
+## Windows (exe, msi) {#windows}
 
 Our Windows installers are signed using a code signing certificate. You can verify the signature in five simple steps:
 
 <Image src="/img/security/verify-win-installer.png" srcset=" /img/security/verify-win-installer 1x, /img/security/verify-win-installer@2x.png 2x" alt="How to check the code signing certificate on Windows" width="1316" height="767" />
 
-1. Right click on the file and click on Properties.
-2. Select the Digital Signatures tab: It should show a signature by `Skymatic GmbH`.
-3. Click on Details.
+1. Right-click on the file and click on Properties.
+2. Select the Digital Signatures tab: It should show one or more signatures by `Skymatic GmbH` under Embedded Signatures.
+   - For releases since 1.18.0, the `exe` release artifact will have two signatures, and the `msi` release artifact will have one signature.
+3. Click on the first signature, and then click Details.
 4. Click on View Certificates.
-5. Click on Details. The serial number of our certificate should be:
-   - For releases since July 14, 2022: `d77e4f8b938f56ae265cd08e9193490c`
-   - For releases from July 3, 2019 to July 3, 2022: `63c45bff1a148d60ed2994d3a2639034`
+5. Click the Details tab. Different Cryptomator versions are signed with different certificates. The following list shows for each version the certificate serial number:
+   - Version 1.19.1: `33000852bd6c3a151ff92180ee0000000852bd`
+   - Version 1.19.0: `3300083c47651e1daeb99b00eb000000083c47`
+   - Version 1.18.1: `330007d28ad57305892a81cac600000007d28a`
+   - Version 1.18.0: `3300052c3561155e2baf361702000000052c35`
+   - Versions 1.6.11 to 1.17.1: `00d77e4f8b938f56ae265cd08e9193490c`
+   - Versions 1.4.12 to 1.6.10: `63c45bff1a148d60ed2994d3a2639034`
+   - Versions up to 1.4.11: `1a360f3933964c71f14e8754d94615d4`
 
 ## macOS (app) {#macos}