This commit refactors configuration to use centrally defined Electron
entry file path to improve maintainability and reduce duplication.
- Replace the hardcoded file path in the `main` field of `package.json`
with a reference to the `ELECTRON_ENTRY` environment variable, managed
by `electron-vite`.
- Update `electron-vite` to version 1.0.28, enabling the use of
`ELECTRON_ENTRY` environment variable feature (details in
alex8088/electron-vite#270).
This commit improves the security, reliability, and robustness of
directory cleanup operations on Windows.
The focus is shifted from deleting entire directories to purging their
contents, addressing potential unintended side effects. Previously,
numerous directories were removed, which could destabilize system
behavior.
This improvement has crucial security implications. The prior approach
involved changing ownership and assigning permissions to the directory
itself, leading to an altered and potentially less secure OS security
posture.
Directory removal improvements include:
- Output user-friendly messages.
- Improved ownership and permission handling for file deletion.
- Explicit shared functions for enhanced reliability/security.
- Centralized way to delete glob (wildcard) patterns in Windows.
Notable script improvements:
- 'Clear Steam dumps, logs, and traces':
- Convert the script to a category to provide more granularity.
- Improve cache cleaning, ensuring the entire cache directory is
cleared, not just the log files.
- 'Clear "Temporary Internet Files" (browser cache)':
- Add more documentation.
- Grant necessary permissions to folders, fixing errors due to
lack of permissions before.
- 'Clear Windows Update Medic Service logs':
- Remove redundant permission grants, as they are unnecessary in
recent Windows versions.
- 'Clear Server-initiated Healing Events system logs',
'Clear Windows Update events logs':
- Merge due to identical functionalities.
- Add more documentation.
- 'Clear Defender scan (protection) history':
- Remove the execution with `TrustedInstallerPrivileges`, uniformly
using `grantPermissions` as with other scripts. This addresses the
false-positive alerts from Microsoft Defender, as discussed in #264.
- 'Clear "Temporary Internet Files" (browser cache)':
- Retain `INetCache` and `Temporary Internet Files` directories,
purging only their contents. This approach aims to resolve the issue
mentioned in #145, where the absence of these folders could prevent
Microsoft Office applications from launching.
This commit fixes the issue where the Microsoft Advertising app fails to
be removed using the standard script. The problem is due to Microsoft
Advertising SDK (`Microsoft.Advertising.Xaml`) acting as a framework
package. Such packages are automatically installed when a specific
application requires them, and they cannot be individually removed if
there are applications that depend on them. The only way to effectively
remove this library is by uninstalling the dependent applications.
Key findings:
- On Windows 11 22H2, the issue does not arise as the package does not
exist.
- On Windows 10 22H2, the user is prompted to delete dependent
applications, like MSN Weather and Mail And Calendar apps. Once these
apps are removed, the Microsoft Advertising app is automatically
removed.
Given the nuances and potential for confusion, this script is removed.
This means that the app will no longer be removed directly but will be
handled as part of the removal of its dependencies.
Fix the syntax error in the GitHub action script that was caused by
improper multi-line YAML notation. This correction ensures the action
can successfully parse and execute.
Optimize the tree view rendering during searches by enhancing the render
queue ordering. This update changes the rendering order to prioritize
visible nodes, leading to faster appearance of these nodes during
searches. The ordering logic now ignores the depth in the hierarchy and
instead focused on the node order. The collapsed check for the node
itself is removed, ensuring that visible collapsed parents are first
while their invisible children are rendered later.
This commit improves soft deletion of system apps. Before if the package
was missing, it failed to recover or delete system apps. Now, it works
even though if `Get-AppxPackage` returns null (i.e. package is
non-existing), so it can be executed even after a hard delete. This
allows safely introducing hard-delete of system apps (as discussed in
#260) with still keeping a robust soft-delete as complement.
Before, the script was dependent on `Get-AppxPackage.InstallLocation`,
however a system app can only be located in one of these folders:
- C:\Windows\SystemApps\{PackageFamilyName}
- C:\Windows\{ShortAppName}
To ensure resilience, this commit adjust the script to rename the files
within these directories if Get-AppxPackage fails, this provides a
fallback.
- Add documentation about folders.
- Add more user-friendly logging.
- Continue uninstallation if single folder fails (remove throw).
- Continue uninstallation if renaming single file fails.
- Add handling of `Metadata` folder as suggested in #73.
This commit updates various dependencies to their latest versions.
Other changes include:
- Moved the following from `devDependencies` to `dependencies`:
- `electron-log`
- `electron-updater`
- Remove `npm` dependency.
- Code changes:
- Add type casting in several places to align with the latest
`typescript` version.
- Adopt to new return type of `setTimeout`.
- Dependencies not upgraded due to
`@vue/eslint-config-airbnb-with-typescript` not supporting
`@eslint-typescript` V6 (see vuejs/eslint-config-airbnb#58):
- `vue/eslint-config-typescript`
- `@typescript-eslint/eslint-plugin`
- `@typescript-eslint/parser`
- Enable video recording for cypress as it's disabled by default since
13.X.X.
- Use instruction format such as "do this, do that" to provide clear,
direct instructions. This format minimize confusion and is easy to
follow. They are specific and leave no room for interpretation,
stating precisely what needs to be done without ambiguity.
- Fix typos and grammar issues.
- Improve consistency in script and category names.
- Revise sentences for more natural English language flow.
- Change brand name casing to match official branding.
- Change title case (all words start capitalized) to sentence case.
- Prioritize consistency over variations.
- Add minor documentation to explain scripts where the names are not
clear.
- Add naming guidelines.
This commit fixes the CI/CD website release process which was failing
due to an incorrect working directory setting. The `working-directory`
is now correctly set within the action workflow, ensuring the `npm run
install-deps` command runs in project root directory where
`package.json` exists.
This commit prepares for #260, aiming for a hard delete of system apps,
and necessitating a more reliable app reversion method.
- Improve documentation:
- Add existence status for latest OS versions.
- Add command for quick future testing.
- Use archive links.
- Document categories.
- Add documentation to list of default apps to give context about why
the package is here.
- Fix wrong store URL for Cortana app.
- Unify documentation of excluded apps.
- Fix categorization:
- Categorize uninstallation of Windows store apps.
- Remove "Zune" category (flatten children apps) to be able to align
with latest branding.
- Categorize uninstallation of Candy Crush apps.
- Categorize uninstallation of OOBE apps.
- Rename:
- "Uninstall Windows store apps" to "Uninstall Windows apps" as these
apps are not necessarily store apps.
- "Xbox Game Bar Plugin appcache" to "Xbox Game Bar Plugin".
- "Groove Music" to "Windows Media Player".
- "Movies and TV" to "Movies & TV".
- "Your Phone" to "Phone Link".
- "Cred Dialog Host" to "Credentials Dialog Host".
- "Windows Voice Recorder" to "Windows Sound Recorder".
- "Remote Desktop" to "Microsoft Remote Desktop"
- "Microsoft To Do" to "Microsoft To Do: Lists, Tasks & Reminders".
- "People Hub app (People Experience Host)" to "People Hub app".
- "My Office" to "Microsoft 365 (Office)".
- "iHeartRadio" to "iHeart: Radio, Music, Podcasts".
- "Duolingo" to "Duolingo - Language Lessons".
- "Photoshop Express" to "Adobe Photoshop Express".
- "Spotify" to "Spotify - Music and Podcasts".
- "Windows Alarms and Clock" to "Windows Clock".
- "OOBE Network Captive Port" to "OOBE Network Captive Portal".
- "Secure Assessment Browser app (breaks Microsoft Intune/Graph)" to
"Take a Test app".
- "Windows 10 Family Safety / Parental Controls" > "Microsoft Family
Safety / Parental control".
- "People / People Bar App on taskbar (People Experience Host)" > "My
People"
- "MSN News" > "Microsoft News"
- "Minecraft for Windows 10" > "Minecraft for Windows"
- "Snip & Sketch" > "Snipping Tool"
- "Bio enrollment" > "Hello setup UI"
- Fix package names for:
- `AdobeSystemIncorporated.AdobePhotoshop` >
`AdobeSystemsIncorporated.AdobePhotoshopExpress`
Fix `Clear (Reset) Network Data Usage` trying to delete other files from
Windows system directory.
Changes:
- Precisely target the deletion of `C:\System32\sru\SRUDB.dat`.
- Improve documentation.
- Handle explicitly and better if `DPS` service is missing.
- Rename script from `Clear (Reset) Network Data Usage` to `Clear System
Resource Usage Monitor (SRUM) data` for clearer representation.
- Migrate script from batchfile to PowerShell for better
maintainability and readability.
- Add user-friendly output messages.
- Improve script logic to avoid unnecessary service start/stop when the
file doesn't exist.
The commit adds a new a UI component that's enabled in development mode.
This component, initially, provides a button that wen clicked, logs all
the script and category names to the console. It helps revising names
used throughout the application.
By having this component in a conditionally rendered component, it's
excluded from the production builds.
- Move removal of `SecHealthUI` app to "Privacy over security" category.
- Emphasize disruptive behavior in the script name.
- Add comprehensive documentation
- Add script to remove Edge shortcuts upon uninstallation.
- Unify OneDrive shortcut removal logic with Edge's, introducing revert
feature to the OneDrive removal script.
- Add more extensive documentation.
- Rename "Delete OneDrive shortcuts" to "Remove OneDrive shortcuts" to
have consistent naming.
This commit introduces scripts for cleaning up file and URL associations
related to Microsoft Edge, enhancing the uninstallation process. The
changes adress the issues detailed in #64, improving system reliability,
integrity and security by preventing lingering associations.
Changes include:
- Introduce scripts to clear Edge browser file and URL associations.
- Provide extensive documentation for related scripts.
- Ensure thorough cleanup of URL, file, OpenWith menu, and toast
associations.
- Recommend removing Microsoft Edge (Legacy) Dev Tools Client app on
Strict to align with other Edge legacy removal recommendations.
- Replace obsolete "Firefox First party isolation" with "Firefox state
partitioning".
- Add comprehensive documentation for the new scripts.
- Introduce enabling dynamic First-Party Isolation (dFPI)
- Disable deprecated First-Party Isolation (FPI) to avoid conflicts with
dFPI.
- Add script to enable Firefox network partitioning to cover
functionality of older FPI script.
This commit enhances the robustness of setting VSCode configurations,
ensuring consistent and reliable operation even in edge cases, such as
when the settings file is empty. This commit also uniforms behavior of
Linux and Windows modification of VSCode settings.
On Windows:
- Move parameters to on top of scripts to be able to easily test the
scripts using PowerShell without compiling.
- Add a check to exit the script with an error message if the attempt to
parse the JSON content fails.
- Omit the `OutString` cmdlet from the pipeline in the script for
converting JSON file content to a PowerShell object. `Out-String` is
unnecessary in this context because `Get-Content` already outputs the
file content as a string array, which `ConvertFrom-Json` effectively.
Additionally, using `Out-String` could potentially introduce issues by
concatenating file content into a single string, causing
`ConvertFrom-Json` to fail when processing pretty-printed JSON. By
removing `Out-String`, the script is streamlined and potential errors
are avoided.
- Add logic to handle empty settings file. Add an additional check for
empty settings file, if the file is empty, the script writes a default
empty JSON object (`{}`) to the file. The operation is logged to
ensure transparency, notifying the user of the action taken. This
change removes fails due to empty setting files.
- When reverting, do not fail if the setting file is missing because it
means that default settings are already in-place.
- When reverting, show informative message if the key does not exist or
does not have the value set by privacy.sexy and do not take any
further action.
- If the desired value is already set, show a message for it and skip
updating the setting file.
On Linux:
- Handles empty `settings.json` similarly to Windows.
- Add more user friendly error if JSON file cannot be parsed.
This commit improve cleanup of temporary directories on Windows,
addressing issues #176 and #89.
Changes include:
- Fix side-effects caused by this script by clearing the contents of
directories rather than deleting the directories themselves.
- Add the removal of Prefetch directory contents, which stores temporary
files and can enhance privacy and free up disk space when cleared.
- Remove the command `del /f /q %localappdata%\Temp\*` due to its
redundancy.
- Improve the granularity and documentation of cleanup scripts, and
moving the `Clear temporary Windows files` category up in the hierarchy
for better structure and clarity.
Co-authored-by: iam-py-test <84232764+iam-py-test@users.noreply.github.com>
- Add "Further Installation Options" section.
- Move releases page reference to the new section to keep Get Started
simple.
Co-authored-by: MrEddX <101912712+Zliced13@users.noreply.github.com>
This commit incorporates Static Analysis Security Testing (SAST) using
CodeQL. This integration will enforce consistent security assessments
with every change and on a predetermined schedule.
This commit also involves a restructure of security checks. The existing
security-checks workflow is renamed to better reflect its functionality
related to dependency audits.
These changes will enhance the project's resilience against potential
vulnerabilities in both the codebase and third-party dependencies.
Changes include:
- Remove older LGTM badge that's replaced by SAST checks.
- Rename `checks.security.yaml` to `checks.security.dependencies.yaml`,
reinforcing the focus on dependency audits.
- Update `README.md`, ensuring the clear representation of security
check statuses, including new SAST integration.
- Add new `SECURITY.md`, establishing the protocol for reporting
vulnerabilities and outlining the project's commitment to robust
security testing.
- Enhance `docs/tests.md` with detailed information on the newly
integrated security checks.
- Add reference to SECURITY.md in README.md.
This commit improves multiple aspects of Docker builds:
- Enable artifact output validation for Dockerfile.
- Correct the path references in Dockerfile for the distribution
directory.
- Add Dockerfile specific indentation rules to `.editorconfig`.
- Use `npm run install-deps` for dependency installation, enhancing
build reliability.
- Add automation script `verify-web-server-status.js` to verify running
web server on given URL.
- Introduce automated build verification for Dockerfile:
- On macOS, install Docker with colima as the container runtime
because default agents do not include Docker and Docker runtime is
not installed due to licensing issues (see actions/runner-images#17).
- On Windows, there's no Linux container support (actions/runner#904,
actions/runner-images#1143), so keep the checks for macOS and Ubuntu
only.
The tree view rendering performance is optimized by improving the node
render queue ordering. The node rendering order is modified based on the
expansion state and the depth in the hierarchy, leading to faster
rendering of visible nodes. This optimization is applied when the tree
nodes are not expanded to improve the rendering speed.
This new ordering ensures that nodes are rendered more efficiently,
prioritizing nodes that are collapsed and are at a higher level in the
hierarchy.
This commit fixes an issue where the check state of categories was lost
when toggling between card and tree views. This is solved by immediately
emitting node state changes for all nodes. This ensures consistent view
transitions without any loss of node state information.
Furthermore, this commit includes added unit tests for the modified code
sections.
This commit fixes issues with download URLs of desktop application
artifacts on README.md
- Corrected typo in Linux AppImage link
- Updated older version links to the newest release
Co-authored-by: MrEddX <66828538+MrEddX@users.noreply.github.com>
- Modify script to run as `TrustedInstaller`, resolving access right
problems discussed in #246.
- Change script name for better alignment with its functionality.
- Improve script description for clarity and detailed documentation.
- Add non-intrusive way to disable delivery optimization. This new
script do not introduce side-effects caused by disabling Delivery
Optimization service.
- Recomend delivery optimization service (`DoSvc`) only on Strict
mode, removing it from Standard recommendation.
- Categorize delivery optimization disabling under one category.
- Move disabling delivery optimization to "Disable OS collection" >
"Disable Windows Update data collection".
- Add more documentation.
- Fix script failing when multiple installations of Edge is found.
- Fix Edge not being able to be uninstalled due in newer Edge versions.
- Add documentation
- Add missing revert script
- Introduce a new UI component for tooltips.
- Fix tooltip arrow misalignment issues in code download/execution
instructions dialogs.
Reasons for dropping `v-tooltip` dependency:
- Lack of support for Vue 3.0, which blocks migration to Vue 3.0 (see
#230).
- Inability to render HTML content that's required for privacy.sexy.
- Inefficient, adding an extra 162.48 KB to the production bundle for
web distribution (tested using `npm run build -- --mode production`).
Advantages of adopting `floating-ui` (Floating UI):
- Compatibility across multiple Vue versions including 2.0, 2.7, and 3.0.
- Reduced boilerplate resulting in cleaner, more maintainable code.
- Efficient position recalculations without reinventing the wheel.
This commit adds missing vertical margin paragraphs that appear after
lists. It also changes vertical margin gap to match the font size along
with refactoring that makes paragraph gap modification easier to
understand.
This commit fixes compiler bug where it fails when optional values are
compiled into absent values in nested calls.
- Throw exception with more context for easier future debugging.
- Add better validation of argument values for nested calls.
- Refactor `FunctionCallCompiler` for better clarity and modularize it
to make it more maintainable and testable.
- Refactor related interface to not have `I` prefix, and
function/variable names for better clarity.
Context:
Discovered this issue while attempting to call
`RunInlineCodeAsTrustedInstaller` which in turn invokes `RunPowerShell`
for issue #246. This led to the realization that despite parameters
flagged as optional, the nested argument compilation didn't support
them.
- Add script to disable `WaaSMedicSvc` service (#252)
- Refine script granularity for more precise control.
- Introduce detailed documentation for the category and associated
scripts.
- Fix `ScheduledInstallTime` being set to `3` which schedules updates to
install at 3 AM.
- Fix `ScheduledInstallDay` is being set to `0` which schedules daily
update installation.
- Fix `NoAutoUpdate` being set to `0` (enable) instead of `1` (disable).
- Add disabling of missing `wuauserv` service.
- Add parent category for disabling Windows update services for better
organization.
- Move disabling Windows Spotlight from Standard to Strict
recommendation due to unexpected behavior for some users (#65).
- Enhance documentation.
- Correct revert code to ensure return to the default OS state.
Key highlights:
- Written from scratch to cater specifically to privacy.sexy's
needs and requirements.
- The visual look mimics the previous component with minimal changes,
but its internal code is completely rewritten.
- Lays groundwork for future functionalities like the "expand all"
button a flat view mode as discussed in #158.
- Facilitates the transition to Vue 3 by omitting the Vue 2.0 dependent
`liquour-tree` as part of #230.
Improvements and features:
- Caching for quicker node queries.
- Gradual rendering of nodes that introduces a noticable boost in
performance, particularly during search/filtering.
- `TreeView` solely governs the check states of branch nodes.
Changes:
- Keyboard interactions now alter the background color to highlight the
focused item. Previously, it was changing the color of the text.
- Better state management with clear separation of concerns:
- `TreeView` exclusively manages indeterminate states.
- `TreeView` solely governs the check states of branch nodes.
- Introduce transaction pattern to update state in batches to minimize
amount of events handled.
- Improve keyboard focus, style background instead of foreground. Use
hover/touch color on keyboard focus.
- `SelectableTree` has been removed. Instead, `TreeView` is now directly
integrated with `ScriptsTree`.
- `ScriptsTree` has been refactored to incorporate hooks for clearer
code and separation of duties.
- Adopt Vue-idiomatic bindings instead of keeping a reference of the
tree component.
- Simplify and change filter event management.
- Abandon global styles in favor of class-scoped styles.
- Use global mixins with descriptive names to clarify indended
functionality.
This commit addresses occasional pipeline failures caused by transient
network errors during dependency installation with `npm ci`. It
centralizes the logic for installing npm dependencies and introduces a
retry mechanism.
The new approach will attempt `npm ci` up to 5 times with a 5-second
interval between each attempt, thereby increasing the resilience of
CI/CD pipelines.
This commit adds a new script `npm-install.js` with `npm run
install-deps` command to centralize npm dependency installation process
throughout the project. Separate testing of scripts to a separate
workflow.
It removes unused `install` dependency from `package.json`.
This commit makes the build process more robust, simplifies
configurations and reduce the risk of incomplete or erroneous
deployments.
- Centralize output directory definitions by introducing
`dist-dirs.json`.
- Add `verify-build-artifacts` utility to ensure correct build outputs
and `print-dist-dir` to determine distribution directory.
- Add steps in CI/CD pipeline to verify build artifacts.
- Migrate Electron Builder config from YAML to CJS for capability to
read JSON.
- Fix `release-site.yaml` failing due to pointing to wrong distribution
directory, change it to use `print-dist-dir`.
- Improve `check-desktop-runtime-errors` to verify build artifacts for
more reliable builds. Ensure tests fail and succeed reliably.
- Update `.gitignore` and configure ESLint to use it to define and
ignore build artifact directories from one place, remove
`.eslintignore` that does not add anything after this change.
- Keep `"main"` field in `package.json` as `electron-vite` depends on it
(alex8088/electron-vite#270).
- Improve documentation
This commit simplifies event handling, providing a unified and robust
way to handle event lifecycling. This way, it fixes events not being
unsubscribed when state is changed.
Introduce a new function in `EventSubscriptionCollection` to remove
existing events and adding new events. This provides an easier to use
API, which leads to code that's easier to understand. It also prevents
potential bugs that may occur due to forgetting to call both functions.
It fixes `TheScriptsMenu` not unregistering events on state change.
Other improvements include:
- Include a getter to get total amount of registered subcriptions.
This helps in unit testing.
- Have nullish checks to prevent potential errors further down the
execution.
- Use array instead of rest parameters to increase readability and
simplify tests.
Ensure `SliderHandler` stops resizes on unmount, unsubscribing from all
events and resetting state to default.
Update `injectionKeys` to do imports as types to avoid circular
dependencies. Simplify importing `injectionKeys` to enable and strict
typings for iterating injection keys.
Add tests covering new behavior.
- Move external URL checks to its own module under `tests/`. This
separates them from integration test, addressing long runs and
frequent failures that led to ignoring test results.
- Move `check-desktop-runtime-errors` to `tests/checks` to keep all
test-related checks into one directory.
- Replace `ts-node` with `vite` for running
`check-desktop-runtime-errors` to maintain a consistent execution
environment across checks.
- Implement a timeout for each fetch call.
- Be nice to external sources, wait 5 seconds before sending another
request to an URL under same domain. This solves rate-limiting issues.
- Instead of running test on every push/pull request, run them only
weekly.
- Do not run tests on each commit/PR but only scheduled (weekly) to
minimize noise.
- Fix URLs are not captured correctly inside backticks or parenthesis.
- Fix the naming convention in Electron output to align with previous
artifact naming to not break external/internal URLs.
- In desktop execution tests, make artifact locator logic stricter to
test regression.
Test improvements:
- Capture titles for all macOS windows, not just the frontmost.
- Incorporate missing application log files.
- Improve log clarity with enriched context.
- Improve application termination on macOS by reducing grace period.
- Ensure complete application termination on macOS.
- Validate Vue application loading through an initial log.
- Support ignoring environment-specific `stderr` errors.
- Do not fail the test if working directory cannot be deleted.
- Use retry pattern when installing dependencies due to network errors.
Refactorings:
- Migrate the test code to TypeScript.
- Replace deprecated `rmdir` with `rm` for error-resistant directory
removal.
- Improve sanity checking by shifting from App.vue to Vue bootstrapper.
- Centralize environment variable management with `EnvironmentVariables`
construct.
- Rename infrastructure/Environment to RuntimeEnvironment for clarity.
- Isolate WindowVariables and SystemOperations from RuntimeEnvironment.
- Inject logging via preloader.
- Correct mislabeled RuntimeSanity tests.
Configuration:
- Introduce `npm run check:desktop` for simplified execution.
- Omit `console.log` override due to `nodeIntegration` restrictions and
reveal logging functionality using context-bridging.
