I am tryin to use JEnv on windows 10. But I got the following error.
C:\dev_tools\JEnv\src\jenv.ps1 is not digitally signed. You cannot run this script on the current system.
I tried run Set-ExecutionPolicy with different options but always got error about Set-ExecutionPolicy : Windows PowerShell updated your execution policy successfully, but the setting is overridden by a policy defined at a more specific scope. The Get-ExecutionPolicy -List print the following result
Scope ExecutionPolicy
----- ---------------
MachinePolicy AllSigned
UserPolicy Undefined
Process Bypass
CurrentUser RemoteSigned
LocalMachine Unrestricted
I guess I can't do anything, since I can't edit any group policy
Unfortunately, if your machine's script execution policy is controlled via GPOs (Group Policy Objects), you can NOT override it ad hoc - neither with
Set-ExecutionPolicy-Scope Process Bypass -Forcenor by passing-ExecutionPolicy Bypassto the PowerShell CLI (powershell.exefor Windows PowerShell,pwshfor PowerShell (Core) 7+).To change the effective policy to suit your needs therefore requires modifying the relevant GPO.
Since it is the machine-level GPO in your case that enforces that all scripts be signed, you'll need administrative privileges to change it.
Get-ExecutionPolicy-Listlists the policies in order of precedence: The first policy that isn'tUndefinedis the effective one.MachinePolicyandUserPolicyare listed asUndefinedthat the ad hoc overrides listed at the top are possible; you'll then also be able to change the policy for your account persistently, withSetExecutionPolicy -Scope CurrentUser RemoteSigned, for instance.If you cannot change the GPO-based policy to suit your needs, you can try the following - limited - workaround, based on reading your script file's content into memory with
Get-Content, parsing it into a script block, and executing it via&, the call operator:If your script needs to modify the current session, such as setting environment variables, you must execute it in-session:
CAVEAT: If your script terminates with
exit, the above will exit the current session as a whole, because that's what executingexitoutside of a script file does.The workaround is to call via a child process, as shown next, but that invariably prevents the code from modifying the caller's session.
If your script doesn't need to modify the current session, the following avoids the
exitproblem, by executing the code in a child process, via a PowerShell CLI call, but comes with additional limitations (beyond just the performance penalty):Limitations:
Fundamentally, in both cases:
This will only work if your script:
.ps1,.psm1) and/or formatting and type-extension files (.psm1xml).Also, executing your script's code not via a file means that its code won't be able to reflect on its file-based identity; notably, the automatic
$PSScriptRootvariable and the automatic$PSCommandPathvariable will have no values.Additionally, when calling via the PowerShell CLI (child process):
If arguments are to be passed to the script's code, they must be passed via the
-argsCLI parameter,,-separated, and they are invariably treated as positional arguments (in other words: you cannot pass named arguments this way).[1]Calling via a child process invariably entails limited data-type fidelity - which may or not may a problem. See this answer for details.
[1] A workaround is possible, but cumbersome; something along the lines of:
powershell { & ([scriptblock]::Create((Get-Content -Raw C:\dev_tools\JEnv\src\jenv.ps1))) -FooParam $args[0] -BarParam $args[1] } -args foo, bar