[Kwpolska]

"Windows To Go" is the official name for a former Windows feature.

Writing a Batch script of any length, let alone 3085 lines, is completely insane with PowerShell being part of the default install.

[maccard]

I write tools for video game studios occasionally. You can’t double click a ps1 script and have it run, and you need to change the execution policy for powershell scripts to run. Those two hurdles for non technical people mean that we still write batch scripts

[TiredOfLife]

But you can run .ps1 from .bat that you doubleclick.

[kachapopopow]

That still has the same issue. Powershell will refuse to run scripts that are not signed by default.

[andy81]

You can use the -ExecutionPolicy argument to get around that.

It's not a security boundary, just something to stop users accidentally opening an email attachment like they will with bat/vbs.

[ffsm8]

Which is pointless if it's only for powershell.... But hey, security theater is kinda the MO of Microsoft if you think about rotating password policies which have a maximum password length etc

[naikrovek]

Sign the powershell script. It’s not that large of a hurdle to get a code signing cert, though it certainly isn’t trivial.

[lll-o-lll]

Code signing certs must have the key HSM’d these days. It’s a big hurdle.

[gloosx]

You have to go through a humilating process to get it as well as pay few hundred $$$ to one of MS street vendors.

[naikrovek]

you have to prove who you are, yes. I don't know what you mean in the 2nd half of the sentence.

[maccard]

If you are writing a bat wrapper, you might as well write the wrapper in c# at that point (which I do for anything that requires a condition or a loop)

[naikrovek]

The threshold you’ve chosen is crazy low, for me.

A condition or a loop? You’re writing everything in C# then. Everything worth writing, anyway.

[maccard]

Pretty much, yep. The batch file is just for pre providing arguments and checking awkward error codes from robocopy