Increase performance by only notifying GUI about changes in selection
when there really is a change. It removes extra processing from all
event listeners that act on selection state change.
Rename service to its newer name. Mention breaking behavior in its name
and add more documentation.
Unrecommended from "Standard" pool because it breaks a lot of
functionality, but still recomended in "Stricts" because it's used to
identify personal information that leads to less privacy.
- Use function abstractions (such as map, reduce, filter etc.) over
for-of loops to gain benefits of having less side effects and easier
readability.
- Enable `downLevelIterations` for writing modern code with lazy evaluation.
- Refactor for of loops to named abstractions to clearly express their
intentions without needing to analyse the loop itself.
- Add missing cases for changes that had no tests.
It prevents Git from modifying files on checkout. By default, it
converts LF line-endings to CRLF on Windows which leads to inconsistency
and ESLint `linebreak-style` with `unix` (LF) value to fail.
It also solves failed builds in GitHub actions agents actions/checkout#135.
Major refactoring using ESLint with rules from AirBnb and Vue.
Enable most of the ESLint rules and do necessary linting in the code.
Also add more information for rules that are disabled to describe what
they are and why they are disabled.
Allow logging (`console.log`) in test files, and in development mode
(e.g. when working with `npm run serve`), but disable it when
environment is production (as pre-configured by Vue). Also add flag
(`--mode production`) in `lint:eslint` command so production linting is
executed earlier in lifecycle.
Disable rules that requires a separate work. Such as ESLint rules that
are broken in TypeScript: no-useless-constructor (eslint/eslint#14118)
and no-shadow (eslint/eslint#13014).
Upgrade to v5.x using `vue upgrade --next`.
Update `vue.config.js` to import and use `defineConfig`, because it
provides type safety and created by Vue CLI 5 as default.
Vue CLI 5.x upgrades from webpack 4 to 5. It causes some issues that this
commit attemps to fix:
1. Fail due to webpack resolving of Ace.
Third-party dependency (code editor) Ace uses legacy `file-loader`
for webpack resolving. It's not supported in webpack 5. So change it
with manual imports.
Refs: ajaxorg/ace-builds#211, ajaxorg/ace-builds#221.
2. Wehpack drops polyfilling node core modules (`path`, `fs`, etc.).
Webpack does not polyfill those modules by default anymore. This is
good because they did not need browser polyfilling as they are
used in desktop version only and resolved already by Electron.
To resolve errors (using webpack recommendations):
- Add typeof check around `process` variable.
- Tell webpack explicitly to ignore used node modules.
3. Fail due to legacy dependency of vue-cli-plugin-electron-builder.
This plugin is used for electron builds and development. It still
uses webpack 4 that leads to failed builds.
Downgrading `ts-loader` to latest version which has support for
`loader-utils` solves the problem (typestrong/ts-loader#1288).
Related issue: nklayman/vue-cli-plugin-electron-builder#1625
4. Compilation fails due to webpack loading of `fsevents` on macOS.
This happens only when running `vue-cli-service test:unit` command
(used in integration tests and unit tests). Other builds work fine.
Refs: yan-foto/electron-reload#71,
nklayman/vue-cli-plugin-electron-builder#712,
nklayman/vue-cli-plugin-electron-builder#1333
Run quality checks for every possible OS because behavior of linting
rules may change per OS (e.g. `linebreak-style` ESLint assertment varies
by Unix-like vs Windows).
Add a new check to ensure project can be built:
1. As both web and desktop applications.
Different jobs are used due to nonidentical environment/mode support.
Reference: nklayman/vue-cli-plugin-electron-builder#1627.
2. Targeting all possible modes.
The modes are configured using `--mode` but electron CLI checks
`NODE_ENV` so it's set as well.
Reference: nklayman/vue-cli-plugin-electron-builder#1626.
3. On and for different operating systems.
Fix typo "Run units" instead of "Run unit tests".
Link to specific GitHub actions page for workflow runs.
Update documentation to match new structure, and change nontransparent
icons from the diagram and consistently use imperative for actions.
Rename `release-site` , `release-git`, `release-desktop` to
`site-release` , `git-release` and `desktop-release` to not be Yoda.
TSLint deprecated and is being replaced by ESLint.
Add Vue CLI plugin (@vue/cli-plugin-eslint) using:
`vue add @vue/cli-plugin-eslint`. It also adds `.eslintrc.js` manually
for Cypress since Vue CLI for ESLint misses it (vuejs/vue-cli#6892).
Also rename `npm run lint:vue` to `npm run lint:eslint` for better
clarification.
This commit disables all rules that the current code is not compliant
with. This allows for enabling them gradually and separating commits
instead of mixing ESLint introduction with other code changes.
AirBnb is chosen as base configuration.
"Standard" is not chosen due to its poor defaults. It makes code cleaner
but harder to maintain:
- It converts interfaces to types which is harder to read.
- Removes semicolons that helps to eliminate some ambigious code.
"Airbnb" on the other hand helps for easier future changes and
maintinability:
- Includes more useful rules.
- Keeps the semicolons and interfaces.
- Enforces trailing commas that makes it easier to delete lines later on.
- Delete branches: standard, prettier.
Using more granular interfaces adds to expressiveness of the code.
Knowing what needs to mutate the state explicitly helps easier
understanding of the code and therefore increases the maintainability.
- Seperate test pipeline into E2E, integration and unit test pipelines.
- Improve documenetation for pipelines (ci-cd.md).
- Introduce naming convention for worklow files and names.
- Center badges with multiple files on README file.
Removing Cloud Experience Host has caused many unexpected issues
for users (see #99, #64, #67). It's now excluded from "Strict"
recommendation pool until a better warning mechanism is implemented.
- Fix test cases not running for desktop OS detection.
- Fixes application throwing error when user agent is undefined.
- Refactor by making os property optional in Environment to explicit
describe its potential undefined state.
- Add more script documentation in code and reference URLs.
- Unrecommend as "Standard" recommend as "Strict" due to lack of
documentation for its privacy intrusive behavior.
- Add mising WpnUserService for disabling it completely.
- Improve error messages with cause of the problem and suggested solution.
- Document:
* Disabling `WinDefend` breaks `Set-MpPreference` and Microsoft Store
(as reported in #104).
* Document services that `netsh advfirewall` depends on.
- Fix some bad whitespace character in documentation.
Refactor, unify and improve the logic to to start/stop and
enable/disable services, and also add more documentation.
Rework functions:
- Unify way of disabling Windows services using templating.
- Capitalize as `startupMode` (where startup is single word) everywhere.
- Use also text parameters (automatic, manual..) instead of numeric
values (2,3...) when providing parameters to any service disable
function.
Improve documentation:
- Add reference URLs about disabled services.
- Add more code documentation for querying status and allowed values.
Logic improvements include:
- Check if service is running before stopping/starting the service.
- Do not start the service it's not an Automatic service.
- Check whether service is already disabled.
- When reverting, start the service if it has Automatic startup. But
do not start the service it has different startup (e.g. manual).
Also starts the service even though start up is configured as
desired (before it quit before doing service start).
Improve outputs (logs):
- Remove false-positive error messages.
- When a service cannot be stopped/start; mention in output that the
service will be started/stopped after reboot.
- Show success message once service is enabled/disabled.
- Fix reboot messages when enabling/disabling services,
- Do not write stderr if service cannot be stopped/started as it's not
not the main goal of the function.
Add missing revert code for the ones missing them:
- Disable diagnostics telemetry
- Disable Windows Media Player Network Sharing Service
> Function: DisableServiceInRegistry
- Fix not exitting if service does not exist when reverting
- Show success message once service is enabled/disabled
- Fix double "Enabled.." messages
- Fix unintended registry addition
> Function: DisablePerUserService
- Change implementation to call DisableServiceInRegistry.
- Fix both services are skipped if one of them fails.
- Fix reverting a service sets wrong startup mode.
German edition of Windows returns German output for `schtasks.exe`
commands. So checking for "Running" fails immediately as reported #104.
Revert recent change from using `Get-ScheduledTask` and
`Unregister-ScheduledTask` to `schtasks.exe`. Also remove unused
`$powershellFile` variable.
- Fix reverting "Disable SQM OS key".
- Fix applying "Disable Visual Studio Code data collection" scripts.
- Fix reverting "Do not show recently used files in Quick Access".
- Add unit tests for automatically checking similar issues in future.
- Refactor to use `Set-MpPreference` in a function instead.
- Better support for both Windows and Windows 11 with platform-specific
logic, due to poor `Remove-MpPreference` used in Windows 10:
* Use `Remove-MpPreference` on Windows 11, but switch to
`Set-MpPreference` for some edge cases using a flag.
* Use `Set-MpPreference` on Windows 10 by default, and use
`Remove-MpPreference` for only small amount of cases where it is
supported.
- Set default value instead of `Remove-MpPreference` on Windows 10 when
it does not work as expected.
- Improve error messages when:
* Command name (cmdlet) is not supported
* Command parameter is not support
* Failing due to Defender service not working
* Argument is not supported (e.g. for 'Broad')
- Skip if a parameter or argument is not supported instead of failing.
- Set OS defaults when using `Set-MpPreference` when `Remove-MpPreference`
does not set the OS defaults.
- Skip setting the setting if it already is as desired.
- Remove redundant scripts in "Disable remediation actions" setting
`LowThreatDefaultAction`, `ModerateThreatDefaultAction`,
`HighThreatDefaultAction` and `SevereThreatDefaultAction`. As they are
all controlled by and limited to value of `UnknownThreatDefaultAction`.
- Fix registry policies not matching cmdlet behavior:
> CheckForSignaturesBeforeRunningScan
> SignatureUpdateCatchupInterval
- Fix reverting registry policies (`reg delete` command and error
output):
> Disable Malicious Software Reporting tool diagnostic data
> Turn off block at first sight
- Fix DisableCatchupQuickScan MpPreference command being in wrong
category by moving it to its right category and adding its correct
equivalent.
- Add more documentation.
- Use `main.scss` instead of importing components individually. This
improves productivity without compilation errors due to missing
imports and allows for easier future file/folder changes and
refactorings inside `./styles`.
- Use partials with underscored naming. Because it documents that the
files should not be individually imported.
- Introduce `third-party-extensions` folder to group styles that
overwrites third party components.
- Refactor variable names from generic to specific.
- Use Sass modules (`@use` and `@forward`) over depreciated `@import`
syntax.
- Separate font assets from Sass files (`styles/`). Create `assets/`
folder that will contain both.
- Create `_globals.css` for global styling of common element instead of
using `App.vue`.
Change behavior of registry reverting from adding default value to
removing value that overrides. It then leaves the system in cleaner
state, removes "managed by your organization" warning, and makes the
scripts more future-proof providing compatibility with Microsoft patches
updating the defaults. This is implemented by using `reg delete` over
`reg add` and `Remove-MpPreference` over `Set-MpPreference`.
> Disable Windows Defender Scheduled Scan task
Surpress the error when reverting the script as the task may not exist
in some Windows versions.
> Limit catch-up security intelligence (signature) updates
Change to "Disable" instead of "Limit", and bring back its revert code.
Fix reverting of following scripts setting non-default values:
> Turn off Windows Defender SpyNet reporting
> Disable checking for signatures before scan
> Limit CPU usage during idle scans to minumum
> Disable scanning when not idle
> Disable scanning on mapped network drives on full-scan
Fix following scripts setting unexpected behavior:
> Disable running scheduled auto-remediation
> Limit CPU usage during idle scans to minumum
> Disable randomizing scheduled task times
> Disable creating system restore point on a daily basis
Add more documentation for MpPreference module:
- Add more reference URLs
- Add status query as documentation
- Add information regarding default values
- Describe meaning of enumeration values
- Document commands not doing expected in Windows 11
- Fix errors (stderr stream) not being logged.
- Use `schtasks /delete` instead of `Unregister-ScheduledTask` as
PowerShell command sometimes fail for existing tasks.
- Refactor to use `-TaskName` to explicit describe parameter, and use
linebreaks for `Register-ScheduledTask` call with many parameters.
It's caused by lookahead regex used in dash comment regex for inlining
PowerShell. This commit changes dash comment inlining.
- Change regex to one without lookahead.
- Add more test cases for inlining dash comment in tricky situations.
- Refactor makeInlineComment to be it's own function to easily test
other regex options.
- Document all regex alternatives.
- Remove redundant null check (`||`) with adding safe navigation
operator (`?`) to allow variable before check to be null instead of
throwing exception.
Change all GitHub URLs with forks so they survive if their maintainer
decides to remove them.
Fix dead URLs in:
- "Windows Push Notification Service" (#101)
- "Limit CPU usage during scans to minimum"
- "Disable NVIDIA telemetry"
Remove convention where Async suffix is added to functions that returns
a Promise. It was a habit from C#, but is not widely used in JavaScript
/ TypeScript world, also bloats the code. The code is more consistent
with third party dependencies/frameworks without the suffix.
Implement following redirects over `fetch` supporting cookies.
`node-fetch` does not support sending cookies during redirect. However,
this is needed to not end-up in a redirect loop for a sign-in callback.
Fix integration tests failing due to redirects and 403 errors:
- Many redirects from `answers.microsoft.com` was throwing: throwing
`FetchError: maximum redirect reached` error. It was caused by not
having cookies when following redirects therefore having an infinite
sign-in callback for the webpage.
- Fixes integration tests failing due to additional referer header being
sent by the application. It adds support for making exceptions to
additional header sending through a list of regexes.
Add in-depth documentation for URL status checking.
The main goal is to highlight and exclude scripts that clears user data
(such as Chrome bookmarks) from standard recommendation, thus allowing
more granular and intentional user selection. Because scripts that are
recommended as "standard" should be non-breaking.
Standard: Recommend only clearing data that would not be noticable by
user. E.g. caches and logs.
Strict : Recommend clearing data that may be noticable by user, but
does not affect stored consciously data by user. E.g. cookies.
Do not recommend if data is stored consciously by user. E.g. favorites
/ bookmarks.
[General]
- Change wording from "Clear xx traces" to "Clean xx history" to make
it more clear and unify the naming with macOS scripts.
- More documentation both in code and both as more references.
[Chrome]
- Unrecommend deleting Chrome user profile.
- Document what each chrome clean-up script is doing in more detail.
[Internet Explorer]
- Document IE scripts better.
- For Cookie cleanup, add solutions for later Windows version.
- Unrecommend some from standard.
- Remove undocumented `Local Settings\Traces` folder.
- Take ownership before deleting Temporary Internet Files. Fixes
permission error.
- Remove `INetCookies\PrivacIE` script because it's undocumented and
we already have cleanup for its parent folder (`INetCookies`).
- Remove "%USERPROFILE%\Local Settings\Traces" due to lack of
documentation.
[Safari]
- Remove cleanup for undocumented traces folders `Safari\Traces`.
- Document with subcategories and references.
- Fix clearing all data not pointing to `localappdata`.
- Unrecomend clearing all data.
[Opera]
- Rename to "Clear all.." to show intent.
- Unrecommend as it removes everything.
- Bump dependencies to latest.
- Remove unused inversify dependency.
- Lock sass-loader to a version that's compatible to 10. Because later
versions (>=11) require Webpack v5 while Vue CLI v4 uses Webpack v4.
- Changes slashes as division to `math.div` as it's depreciated by SASS
https://sass-lang.com/documentation/breaking-changes/slash
Suppress errors:
- when deleting registry keys because the condition where key does
not exist is not really an error,
- when disabling a task that does not exist because absence of a task
when trying to disable it is still a positive condition for goal to
get rid of it,
- when stopping or starting a service because goal is to
disable/enable the service.
> Turn off SmartScreen App Install Control feature
- Add missing `/f` flag
> Remove "Scan with Windows Defender" option from context menu
- Add missing `/f` flag
- Remove redundant delete line in revert code
- Add missing whitespace before `/v` flag
- Instead of deleting with `/v ""`, use `/va` for explicit indent
> Disable Malicious Software Reporting tool diagnostic data
- Fix typo in revert scripts
> Turn off tamper protection
> Restrict threat history to administrators
Fix permission errors using TrustedInstaller session
> `Set-MpPreference` scripts
- Show warning when Set-MpPreference parameter is missing instead of an
error The reasons include:
- If the parameter is missing, functionality may be missing i.e.
there's nothing to disable
- In most cases different way of disabling registry is provided
- Error is not clear and too verbose and should be implemented in a
better way
- Add back "Limiting Defender definition updates" script due to being
able to handle if aparameter is missing
- Add documentation for command in its script
> Disable the Potentially Unwanted Application (PUA) feature
- Fix revert code disabling another functionality
> Disable bidirectional scanning of incoming
- Fix typo
> Disable Microsoft Defender Antivirus
- Correct wrong comment regarding deprecation
> Disable Windows Defender Security Center Service
- Fix disabling not working on Windows 11
Add new ways to disable Defender on Windows:
1. Disable through renaming required files
2. Disable using registry changes
3. Disable using TrustedInstaller user
Add support for running code as TrustedInstaller 🥳. It allows running
commands in OS-protected areas. It is written in PowerShell and it uses
PowerShell syntax like backticks that are inlined in special way. So the
commit extends inlining support and allows writing PowerShell using:
- Comments
- Here-strings
- Backticks
Add disabling of more Defender service
Improve documentation and categorization of services.
- Moves security improvements to its own action.
- Add more scripts and documentation for security improvements
- Move "Disable Spotlight indexing" out of wrong firewall category
- Add more documentation
It changes the way privacy.sexy escape double quotes inside batch
command when running PowerShell scripts as an argument to
PowerShell.exe. It uses more robust and stable way offering support for
wider use-cases.
Adds more scripts to:
- disable Windows Defender functions,
- remove it from the user interface,
- clean its scan history.
Improves the documentation:
- Adds more documentation reference URLs.
- Restructures scripts in a way to better document their behavior. All
Defender scripts are now under "Disable Windows Defender" and
"Privacy over security".
Changes recommendations, and simply recommends less:
- Defender cloud configurations are now only documented on "Strict"
mode.
- Watson event sending with "DisableGenericReports" is disabled due to
lack of documentation and depreciation.
For fully automatic macOS updates, electron-updater requires:
1. Distributing macOS file as .zip (electron-userland/electron-builder#2199)
2. Code signing for the application
privacy.sexy as of today lacks both the distribution and code signing.
This commit introduces auto-updates through automatically checking for
updates, downloading them but requiring user to drag application icons
to Applications by opening dmg file.
This commit also fixes:
1. Progress state in update progress bar not being shown.
2. Downloading updates were being triggered even though it was not
desired as downloads are being handled using different based on OS and
user choice.
In the end it refactors the code for handling updates of two different
kinds, and making message dialog use enums for results instead of
response integers as well as setting default and cancel button behavior.
Refactorings make behaviors more explicit and extends the control.
1. Renames color names in palette. Using names such as "primary" and
"secondary" that are in consistent with designs such as material,
bootstrap and metro UI palettes. It adds `color-` prefix on color
variables in line with Vue Design System.
2. Introduces necessary changes to follow the system color system
everywhere without using any other color:
- It changes tooltip background from black to darker primary
colors.
- It overrides unset styles from tree component
- It ensures footer has same color as top menu.
3. Removes opacity CSS changes to have better control on choices. To
achieve that:
- It introduces new "light" variants of main colors
- It switches to colors with different variants (e.g. in Dialogs it
uses primary color as button as it has variants that can be
activated on hover meanwhile on-surface color is single).
4. Styles a tags (anchor elements) globally for consistency
Integration tests may depend on third parties and can fail from time to
time. In some situations failing tests can be acceptable to go forward
with deployments. They should not be a requirement that blocks
deployments. They may lead to unintended lack of distributed packages as
seen in #90.
This commit renames "smart screen" to "SmartScreen" which is the
official name from Microsoft.
It categorizes scripts to document the behavior in a more clear way. It
adds structured depth. It moves all SmartScreen scripts under Defender,
as it's now part of Defender offering since latest branding.
In addition, the commit adds more documentation and more scripts such as
disabling SmartScreen for Edge.
