It's caused by lookahead regex used in dash comment regex for inlining
PowerShell. This commit changes dash comment inlining.
- Change regex to one without lookahead.
- Add more test cases for inlining dash comment in tricky situations.
- Refactor makeInlineComment to be it's own function to easily test
other regex options.
- Document all regex alternatives.
- Remove redundant null check (`||`) with adding safe navigation
operator (`?`) to allow variable before check to be null instead of
throwing exception.
Change all GitHub URLs with forks so they survive if their maintainer
decides to remove them.
Fix dead URLs in:
- "Windows Push Notification Service" (#101)
- "Limit CPU usage during scans to minimum"
- "Disable NVIDIA telemetry"
Remove convention where Async suffix is added to functions that returns
a Promise. It was a habit from C#, but is not widely used in JavaScript
/ TypeScript world, also bloats the code. The code is more consistent
with third party dependencies/frameworks without the suffix.
The main goal is to highlight and exclude scripts that clears user data
(such as Chrome bookmarks) from standard recommendation, thus allowing
more granular and intentional user selection. Because scripts that are
recommended as "standard" should be non-breaking.
Standard: Recommend only clearing data that would not be noticable by
user. E.g. caches and logs.
Strict : Recommend clearing data that may be noticable by user, but
does not affect stored consciously data by user. E.g. cookies.
Do not recommend if data is stored consciously by user. E.g. favorites
/ bookmarks.
[General]
- Change wording from "Clear xx traces" to "Clean xx history" to make
it more clear and unify the naming with macOS scripts.
- More documentation both in code and both as more references.
[Chrome]
- Unrecommend deleting Chrome user profile.
- Document what each chrome clean-up script is doing in more detail.
[Internet Explorer]
- Document IE scripts better.
- For Cookie cleanup, add solutions for later Windows version.
- Unrecommend some from standard.
- Remove undocumented `Local Settings\Traces` folder.
- Take ownership before deleting Temporary Internet Files. Fixes
permission error.
- Remove `INetCookies\PrivacIE` script because it's undocumented and
we already have cleanup for its parent folder (`INetCookies`).
- Remove "%USERPROFILE%\Local Settings\Traces" due to lack of
documentation.
[Safari]
- Remove cleanup for undocumented traces folders `Safari\Traces`.
- Document with subcategories and references.
- Fix clearing all data not pointing to `localappdata`.
- Unrecomend clearing all data.
[Opera]
- Rename to "Clear all.." to show intent.
- Unrecommend as it removes everything.
Suppress errors:
- when deleting registry keys because the condition where key does
not exist is not really an error,
- when disabling a task that does not exist because absence of a task
when trying to disable it is still a positive condition for goal to
get rid of it,
- when stopping or starting a service because goal is to
disable/enable the service.
> Turn off SmartScreen App Install Control feature
- Add missing `/f` flag
> Remove "Scan with Windows Defender" option from context menu
- Add missing `/f` flag
- Remove redundant delete line in revert code
- Add missing whitespace before `/v` flag
- Instead of deleting with `/v ""`, use `/va` for explicit indent
> Disable Malicious Software Reporting tool diagnostic data
- Fix typo in revert scripts
> Turn off tamper protection
> Restrict threat history to administrators
Fix permission errors using TrustedInstaller session
> `Set-MpPreference` scripts
- Show warning when Set-MpPreference parameter is missing instead of an
error The reasons include:
- If the parameter is missing, functionality may be missing i.e.
there's nothing to disable
- In most cases different way of disabling registry is provided
- Error is not clear and too verbose and should be implemented in a
better way
- Add back "Limiting Defender definition updates" script due to being
able to handle if aparameter is missing
- Add documentation for command in its script
> Disable the Potentially Unwanted Application (PUA) feature
- Fix revert code disabling another functionality
> Disable bidirectional scanning of incoming
- Fix typo
> Disable Microsoft Defender Antivirus
- Correct wrong comment regarding deprecation
> Disable Windows Defender Security Center Service
- Fix disabling not working on Windows 11
Add new ways to disable Defender on Windows:
1. Disable through renaming required files
2. Disable using registry changes
3. Disable using TrustedInstaller user
Add support for running code as TrustedInstaller 🥳. It allows running
commands in OS-protected areas. It is written in PowerShell and it uses
PowerShell syntax like backticks that are inlined in special way. So the
commit extends inlining support and allows writing PowerShell using:
- Comments
- Here-strings
- Backticks
Add disabling of more Defender service
Improve documentation and categorization of services.
- Moves security improvements to its own action.
- Add more scripts and documentation for security improvements
- Move "Disable Spotlight indexing" out of wrong firewall category
- Add more documentation
It changes the way privacy.sexy escape double quotes inside batch
command when running PowerShell scripts as an argument to
PowerShell.exe. It uses more robust and stable way offering support for
wider use-cases.
Adds more scripts to:
- disable Windows Defender functions,
- remove it from the user interface,
- clean its scan history.
Improves the documentation:
- Adds more documentation reference URLs.
- Restructures scripts in a way to better document their behavior. All
Defender scripts are now under "Disable Windows Defender" and
"Privacy over security".
Changes recommendations, and simply recommends less:
- Defender cloud configurations are now only documented on "Strict"
mode.
- Watson event sending with "DisableGenericReports" is disabled due to
lack of documentation and depreciation.
This commit renames "smart screen" to "SmartScreen" which is the
official name from Microsoft.
It categorizes scripts to document the behavior in a more clear way. It
adds structured depth. It moves all SmartScreen scripts under Defender,
as it's now part of Defender offering since latest branding.
In addition, the commit adds more documentation and more scripts such as
disabling SmartScreen for Edge.
It allow pipes to be used in nested functions. Before, pipes were added
to a variable before variable content was evaluated/compiled by
another function. This commit ensures that the commits are evaluted in
expected order.
The issue is solved by stopping precompiling functions. It makes code
less complex. It adds to compile time of the script file but nothing
noticable and something optimizable.
The problem was that the call trees we're not executed in expected
order. E.g. let's say we have functionA that outputs something like
"Hello {{ $name| pipe }}", and we have function B calling with "name:
dear {{ $firstName}}", and at last we have a script that's calling
function B with "firstName: undergroundwires". Before, expressions were
evaluated directly, meaning that function A would become:
"Hello Dear {{ $firstName}}", as you see the pipe in function A
is lost here after being applied to function B and not reaching
$firstTime input value. Parsing expressions in the end allows for pipes
etc. to not get lost.
The commit also does necessary name refactorings and folder refactorings
to reflect logical changes. `FunctionCompiler` is renamed to
`SharedFunctionsParser` as precompiling is removed and it just simply
parses now. `/FunctionCall/` is moved to `/Function/Call`.
Finally, it improves documentation and adds more tests.
Some services in Windows have random characters appended to them. This
commit fixes the scripts that has been trying to disable them but
failing in newer Windows versions where they become per-user.
This commit introduces two pipes: `inlinePowerShell`,
`escapeDoubleQuotes`. The types when used together allows writing adding
clean and real PowerShell scripts as they are (without inlinining or
escaping them), removing the need to have hard-coded inlining/escaping.
It enables writing better PowerShell, makes it easier to maintain and
extend PowerShell scripts. Also allows writing more stable code with
less "unseen" bugs due to manual escaping/inlining. This commit
naturally reveals and fixes double quotes not being escaped in "Empty
trash bin" script.
This is solved by unifying the use of RunPowerShell function by all
scripts using PowerShell. The function inlines and escapes the scripts
as compile time to be send them to PowerShell.exe as an argument and
then invokes PowerShell.exe with generated ugly code.
The goal is to be able to modify values of variables used in templates.
It enables future functionality such as escaping, inlining etc.
It adds support applying predefined pipes to variables. Pipes
can be applied to variable substitution in with and parameter
substitution expressions. They work in similar way to piping in Unix
where each pipe applied to the compiled result of pipe before.
It adds support for using pipes in `with` and parameter substitution
expressions. It also refactors how their regex is build to reuse more of
the logic by abstracting regex building into a new class.
Finally, it separates and extends documentation for templating.
Allows optionally rendering content if an argument is given. The
expression is designed to be used with `optional` parameters.
Goal is to allow using `RunPowerShell` function on every function that
consists of PowerShell code. Before this commit, they were all required
to provide revertCode, or none of them could be able to have it. It
would not work because some scripts can be reverted, meanwhile some are
one-way scripts that cannot be reverted (such as cleaning scripts). In
this case a way to optionally render revertCode was required. `with`
expression give each callee script ability to turn off `revertCode` if
not needed, therefore enables using `RunPowerShell` everywhere.
This commit also improves error message for script code for better
debugging and refactors parser tests for more code reuse. It also adds
more tests to parameter substitution, and renames some tests of both
expressions for consistency.
This commit allows for parameters that does not require any arguments to
be provided in function calls. It changes collection syntax where
parameters are list of objects instead of primitive strings. A
parameter has now 'name' and 'optional' properties. 'name' is required
and used in same way as older strings as parameter definitions.
'Optional' property is optional, 'false' is the default behavior if
undefined. It also adds additional validation to restrict parameter
names to alphanumeric strings to have a clear syntax in expressions.
It fixes x64 / x86 conditions in "Do not show recently used files in Quick Access" script. Wow6432Node only exists in x64 systems for x86 application data which is also consumed by explorer.exe. So it should only be edited in x64 systems. The rest of the registry settings ("ShowRecent" and default "DelegateFolders") applies to both x64 and x86 systems.
This commit:
- Fixes broken URLs using archive.org or other references.
- Replaces tenforums.com URLs with better documentation as they tend to return HTTP status code 403 to tests and also are low quality source.
- Changes all insecure http sources to https alternatives
- Adds integration tests to check for broken URLs
- There's logic implemented for having a delay inbetween when sending requests to same domains, however it's not used as the sources can respond to totally parallelized requests.
- Run test pipeline weekly to get notified about broken URls without commits
Reverting any single of the scripts from standard recommendation pool
shows "Standard" selection as selected which is wrong. This commit fixes
it, refactors selection handling in a separate class and it also adds
missing tests. It removes UserSelection.totalSelected propertty in favor of using
UserSelection.selectedScripts.length to provide unified way of accessing
the information.
Alias would remove unnecessary repetitions and less relative paths make changes easier when moving around files. This commit cleans also up some relative paths ('../../../') by using the alias and orders imports. It updates both path alias in tsconfig and module alias in Vue CLI's bundler (vuejs/vue-cli#2398).
- refactor array equality check and add tests
- remove OperatingSystem.Unknown causing extra logic, return undefined instead
- refactor enum validation to share same logic
- refactor scripting language factories to share same logic
- refactor too many args in runCodeAsync
- refactor ScriptCode constructor to reduce complexity
- fix writing useless write to member object since another property write always override it
