This commit improves soft deletion of system apps. Before if the package
was missing, it failed to recover or delete system apps. Now, it works
even though if `Get-AppxPackage` returns null (i.e. package is
non-existing), so it can be executed even after a hard delete. This
allows safely introducing hard-delete of system apps (as discussed in
#260) with still keeping a robust soft-delete as complement.
Before, the script was dependent on `Get-AppxPackage.InstallLocation`,
however a system app can only be located in one of these folders:
- C:\Windows\SystemApps\{PackageFamilyName}
- C:\Windows\{ShortAppName}
To ensure resilience, this commit adjust the script to rename the files
within these directories if Get-AppxPackage fails, this provides a
fallback.
- Add documentation about folders.
- Add more user-friendly logging.
- Continue uninstallation if single folder fails (remove throw).
- Continue uninstallation if renaming single file fails.
- Add handling of `Metadata` folder as suggested in #73.
This commit updates various dependencies to their latest versions.
Other changes include:
- Moved the following from `devDependencies` to `dependencies`:
- `electron-log`
- `electron-updater`
- Remove `npm` dependency.
- Code changes:
- Add type casting in several places to align with the latest
`typescript` version.
- Adopt to new return type of `setTimeout`.
- Dependencies not upgraded due to
`@vue/eslint-config-airbnb-with-typescript` not supporting
`@eslint-typescript` V6 (see vuejs/eslint-config-airbnb#58):
- `vue/eslint-config-typescript`
- `@typescript-eslint/eslint-plugin`
- `@typescript-eslint/parser`
- Enable video recording for cypress as it's disabled by default since
13.X.X.
- Use instruction format such as "do this, do that" to provide clear,
direct instructions. This format minimize confusion and is easy to
follow. They are specific and leave no room for interpretation,
stating precisely what needs to be done without ambiguity.
- Fix typos and grammar issues.
- Improve consistency in script and category names.
- Revise sentences for more natural English language flow.
- Change brand name casing to match official branding.
- Change title case (all words start capitalized) to sentence case.
- Prioritize consistency over variations.
- Add minor documentation to explain scripts where the names are not
clear.
- Add naming guidelines.
This commit fixes the CI/CD website release process which was failing
due to an incorrect working directory setting. The `working-directory`
is now correctly set within the action workflow, ensuring the `npm run
install-deps` command runs in project root directory where
`package.json` exists.
This commit prepares for #260, aiming for a hard delete of system apps,
and necessitating a more reliable app reversion method.
- Improve documentation:
- Add existence status for latest OS versions.
- Add command for quick future testing.
- Use archive links.
- Document categories.
- Add documentation to list of default apps to give context about why
the package is here.
- Fix wrong store URL for Cortana app.
- Unify documentation of excluded apps.
- Fix categorization:
- Categorize uninstallation of Windows store apps.
- Remove "Zune" category (flatten children apps) to be able to align
with latest branding.
- Categorize uninstallation of Candy Crush apps.
- Categorize uninstallation of OOBE apps.
- Rename:
- "Uninstall Windows store apps" to "Uninstall Windows apps" as these
apps are not necessarily store apps.
- "Xbox Game Bar Plugin appcache" to "Xbox Game Bar Plugin".
- "Groove Music" to "Windows Media Player".
- "Movies and TV" to "Movies & TV".
- "Your Phone" to "Phone Link".
- "Cred Dialog Host" to "Credentials Dialog Host".
- "Windows Voice Recorder" to "Windows Sound Recorder".
- "Remote Desktop" to "Microsoft Remote Desktop"
- "Microsoft To Do" to "Microsoft To Do: Lists, Tasks & Reminders".
- "People Hub app (People Experience Host)" to "People Hub app".
- "My Office" to "Microsoft 365 (Office)".
- "iHeartRadio" to "iHeart: Radio, Music, Podcasts".
- "Duolingo" to "Duolingo - Language Lessons".
- "Photoshop Express" to "Adobe Photoshop Express".
- "Spotify" to "Spotify - Music and Podcasts".
- "Windows Alarms and Clock" to "Windows Clock".
- "OOBE Network Captive Port" to "OOBE Network Captive Portal".
- "Secure Assessment Browser app (breaks Microsoft Intune/Graph)" to
"Take a Test app".
- "Windows 10 Family Safety / Parental Controls" > "Microsoft Family
Safety / Parental control".
- "People / People Bar App on taskbar (People Experience Host)" > "My
People"
- "MSN News" > "Microsoft News"
- "Minecraft for Windows 10" > "Minecraft for Windows"
- "Snip & Sketch" > "Snipping Tool"
- "Bio enrollment" > "Hello setup UI"
- Fix package names for:
- `AdobeSystemIncorporated.AdobePhotoshop` >
`AdobeSystemsIncorporated.AdobePhotoshopExpress`
Fix `Clear (Reset) Network Data Usage` trying to delete other files from
Windows system directory.
Changes:
- Precisely target the deletion of `C:\System32\sru\SRUDB.dat`.
- Improve documentation.
- Handle explicitly and better if `DPS` service is missing.
- Rename script from `Clear (Reset) Network Data Usage` to `Clear System
Resource Usage Monitor (SRUM) data` for clearer representation.
- Migrate script from batchfile to PowerShell for better
maintainability and readability.
- Add user-friendly output messages.
- Improve script logic to avoid unnecessary service start/stop when the
file doesn't exist.
The commit adds a new a UI component that's enabled in development mode.
This component, initially, provides a button that wen clicked, logs all
the script and category names to the console. It helps revising names
used throughout the application.
By having this component in a conditionally rendered component, it's
excluded from the production builds.
- Move removal of `SecHealthUI` app to "Privacy over security" category.
- Emphasize disruptive behavior in the script name.
- Add comprehensive documentation
- Add script to remove Edge shortcuts upon uninstallation.
- Unify OneDrive shortcut removal logic with Edge's, introducing revert
feature to the OneDrive removal script.
- Add more extensive documentation.
- Rename "Delete OneDrive shortcuts" to "Remove OneDrive shortcuts" to
have consistent naming.
This commit introduces scripts for cleaning up file and URL associations
related to Microsoft Edge, enhancing the uninstallation process. The
changes adress the issues detailed in #64, improving system reliability,
integrity and security by preventing lingering associations.
Changes include:
- Introduce scripts to clear Edge browser file and URL associations.
- Provide extensive documentation for related scripts.
- Ensure thorough cleanup of URL, file, OpenWith menu, and toast
associations.
- Recommend removing Microsoft Edge (Legacy) Dev Tools Client app on
Strict to align with other Edge legacy removal recommendations.
- Replace obsolete "Firefox First party isolation" with "Firefox state
partitioning".
- Add comprehensive documentation for the new scripts.
- Introduce enabling dynamic First-Party Isolation (dFPI)
- Disable deprecated First-Party Isolation (FPI) to avoid conflicts with
dFPI.
- Add script to enable Firefox network partitioning to cover
functionality of older FPI script.
This commit enhances the robustness of setting VSCode configurations,
ensuring consistent and reliable operation even in edge cases, such as
when the settings file is empty. This commit also uniforms behavior of
Linux and Windows modification of VSCode settings.
On Windows:
- Move parameters to on top of scripts to be able to easily test the
scripts using PowerShell without compiling.
- Add a check to exit the script with an error message if the attempt to
parse the JSON content fails.
- Omit the `OutString` cmdlet from the pipeline in the script for
converting JSON file content to a PowerShell object. `Out-String` is
unnecessary in this context because `Get-Content` already outputs the
file content as a string array, which `ConvertFrom-Json` effectively.
Additionally, using `Out-String` could potentially introduce issues by
concatenating file content into a single string, causing
`ConvertFrom-Json` to fail when processing pretty-printed JSON. By
removing `Out-String`, the script is streamlined and potential errors
are avoided.
- Add logic to handle empty settings file. Add an additional check for
empty settings file, if the file is empty, the script writes a default
empty JSON object (`{}`) to the file. The operation is logged to
ensure transparency, notifying the user of the action taken. This
change removes fails due to empty setting files.
- When reverting, do not fail if the setting file is missing because it
means that default settings are already in-place.
- When reverting, show informative message if the key does not exist or
does not have the value set by privacy.sexy and do not take any
further action.
- If the desired value is already set, show a message for it and skip
updating the setting file.
On Linux:
- Handles empty `settings.json` similarly to Windows.
- Add more user friendly error if JSON file cannot be parsed.
This commit improve cleanup of temporary directories on Windows,
addressing issues #176 and #89.
Changes include:
- Fix side-effects caused by this script by clearing the contents of
directories rather than deleting the directories themselves.
- Add the removal of Prefetch directory contents, which stores temporary
files and can enhance privacy and free up disk space when cleared.
- Remove the command `del /f /q %localappdata%\Temp\*` due to its
redundancy.
- Improve the granularity and documentation of cleanup scripts, and
moving the `Clear temporary Windows files` category up in the hierarchy
for better structure and clarity.
Co-authored-by: iam-py-test <84232764+iam-py-test@users.noreply.github.com>
- Add "Further Installation Options" section.
- Move releases page reference to the new section to keep Get Started
simple.
Co-authored-by: MrEddX <101912712+Zliced13@users.noreply.github.com>
This commit incorporates Static Analysis Security Testing (SAST) using
CodeQL. This integration will enforce consistent security assessments
with every change and on a predetermined schedule.
This commit also involves a restructure of security checks. The existing
security-checks workflow is renamed to better reflect its functionality
related to dependency audits.
These changes will enhance the project's resilience against potential
vulnerabilities in both the codebase and third-party dependencies.
Changes include:
- Remove older LGTM badge that's replaced by SAST checks.
- Rename `checks.security.yaml` to `checks.security.dependencies.yaml`,
reinforcing the focus on dependency audits.
- Update `README.md`, ensuring the clear representation of security
check statuses, including new SAST integration.
- Add new `SECURITY.md`, establishing the protocol for reporting
vulnerabilities and outlining the project's commitment to robust
security testing.
- Enhance `docs/tests.md` with detailed information on the newly
integrated security checks.
- Add reference to SECURITY.md in README.md.
This commit improves multiple aspects of Docker builds:
- Enable artifact output validation for Dockerfile.
- Correct the path references in Dockerfile for the distribution
directory.
- Add Dockerfile specific indentation rules to `.editorconfig`.
- Use `npm run install-deps` for dependency installation, enhancing
build reliability.
- Add automation script `verify-web-server-status.js` to verify running
web server on given URL.
- Introduce automated build verification for Dockerfile:
- On macOS, install Docker with colima as the container runtime
because default agents do not include Docker and Docker runtime is
not installed due to licensing issues (see actions/runner-images#17).
- On Windows, there's no Linux container support (actions/runner#904,
actions/runner-images#1143), so keep the checks for macOS and Ubuntu
only.
The tree view rendering performance is optimized by improving the node
render queue ordering. The node rendering order is modified based on the
expansion state and the depth in the hierarchy, leading to faster
rendering of visible nodes. This optimization is applied when the tree
nodes are not expanded to improve the rendering speed.
This new ordering ensures that nodes are rendered more efficiently,
prioritizing nodes that are collapsed and are at a higher level in the
hierarchy.
This commit fixes an issue where the check state of categories was lost
when toggling between card and tree views. This is solved by immediately
emitting node state changes for all nodes. This ensures consistent view
transitions without any loss of node state information.
Furthermore, this commit includes added unit tests for the modified code
sections.
This commit fixes issues with download URLs of desktop application
artifacts on README.md
- Corrected typo in Linux AppImage link
- Updated older version links to the newest release
Co-authored-by: MrEddX <66828538+MrEddX@users.noreply.github.com>
- Modify script to run as `TrustedInstaller`, resolving access right
problems discussed in #246.
- Change script name for better alignment with its functionality.
- Improve script description for clarity and detailed documentation.
- Add non-intrusive way to disable delivery optimization. This new
script do not introduce side-effects caused by disabling Delivery
Optimization service.
- Recomend delivery optimization service (`DoSvc`) only on Strict
mode, removing it from Standard recommendation.
- Categorize delivery optimization disabling under one category.
- Move disabling delivery optimization to "Disable OS collection" >
"Disable Windows Update data collection".
- Add more documentation.
- Fix script failing when multiple installations of Edge is found.
- Fix Edge not being able to be uninstalled due in newer Edge versions.
- Add documentation
- Add missing revert script
- Introduce a new UI component for tooltips.
- Fix tooltip arrow misalignment issues in code download/execution
instructions dialogs.
Reasons for dropping `v-tooltip` dependency:
- Lack of support for Vue 3.0, which blocks migration to Vue 3.0 (see
#230).
- Inability to render HTML content that's required for privacy.sexy.
- Inefficient, adding an extra 162.48 KB to the production bundle for
web distribution (tested using `npm run build -- --mode production`).
Advantages of adopting `floating-ui` (Floating UI):
- Compatibility across multiple Vue versions including 2.0, 2.7, and 3.0.
- Reduced boilerplate resulting in cleaner, more maintainable code.
- Efficient position recalculations without reinventing the wheel.
This commit adds missing vertical margin paragraphs that appear after
lists. It also changes vertical margin gap to match the font size along
with refactoring that makes paragraph gap modification easier to
understand.
This commit fixes compiler bug where it fails when optional values are
compiled into absent values in nested calls.
- Throw exception with more context for easier future debugging.
- Add better validation of argument values for nested calls.
- Refactor `FunctionCallCompiler` for better clarity and modularize it
to make it more maintainable and testable.
- Refactor related interface to not have `I` prefix, and
function/variable names for better clarity.
Context:
Discovered this issue while attempting to call
`RunInlineCodeAsTrustedInstaller` which in turn invokes `RunPowerShell`
for issue #246. This led to the realization that despite parameters
flagged as optional, the nested argument compilation didn't support
them.
- Add script to disable `WaaSMedicSvc` service (#252)
- Refine script granularity for more precise control.
- Introduce detailed documentation for the category and associated
scripts.
- Fix `ScheduledInstallTime` being set to `3` which schedules updates to
install at 3 AM.
- Fix `ScheduledInstallDay` is being set to `0` which schedules daily
update installation.
- Fix `NoAutoUpdate` being set to `0` (enable) instead of `1` (disable).
- Add disabling of missing `wuauserv` service.
- Add parent category for disabling Windows update services for better
organization.
- Move disabling Windows Spotlight from Standard to Strict
recommendation due to unexpected behavior for some users (#65).
- Enhance documentation.
- Correct revert code to ensure return to the default OS state.
Key highlights:
- Written from scratch to cater specifically to privacy.sexy's
needs and requirements.
- The visual look mimics the previous component with minimal changes,
but its internal code is completely rewritten.
- Lays groundwork for future functionalities like the "expand all"
button a flat view mode as discussed in #158.
- Facilitates the transition to Vue 3 by omitting the Vue 2.0 dependent
`liquour-tree` as part of #230.
Improvements and features:
- Caching for quicker node queries.
- Gradual rendering of nodes that introduces a noticable boost in
performance, particularly during search/filtering.
- `TreeView` solely governs the check states of branch nodes.
Changes:
- Keyboard interactions now alter the background color to highlight the
focused item. Previously, it was changing the color of the text.
- Better state management with clear separation of concerns:
- `TreeView` exclusively manages indeterminate states.
- `TreeView` solely governs the check states of branch nodes.
- Introduce transaction pattern to update state in batches to minimize
amount of events handled.
- Improve keyboard focus, style background instead of foreground. Use
hover/touch color on keyboard focus.
- `SelectableTree` has been removed. Instead, `TreeView` is now directly
integrated with `ScriptsTree`.
- `ScriptsTree` has been refactored to incorporate hooks for clearer
code and separation of duties.
- Adopt Vue-idiomatic bindings instead of keeping a reference of the
tree component.
- Simplify and change filter event management.
- Abandon global styles in favor of class-scoped styles.
- Use global mixins with descriptive names to clarify indended
functionality.
This commit addresses occasional pipeline failures caused by transient
network errors during dependency installation with `npm ci`. It
centralizes the logic for installing npm dependencies and introduces a
retry mechanism.
The new approach will attempt `npm ci` up to 5 times with a 5-second
interval between each attempt, thereby increasing the resilience of
CI/CD pipelines.
This commit adds a new script `npm-install.js` with `npm run
install-deps` command to centralize npm dependency installation process
throughout the project. Separate testing of scripts to a separate
workflow.
It removes unused `install` dependency from `package.json`.
This commit makes the build process more robust, simplifies
configurations and reduce the risk of incomplete or erroneous
deployments.
- Centralize output directory definitions by introducing
`dist-dirs.json`.
- Add `verify-build-artifacts` utility to ensure correct build outputs
and `print-dist-dir` to determine distribution directory.
- Add steps in CI/CD pipeline to verify build artifacts.
- Migrate Electron Builder config from YAML to CJS for capability to
read JSON.
- Fix `release-site.yaml` failing due to pointing to wrong distribution
directory, change it to use `print-dist-dir`.
- Improve `check-desktop-runtime-errors` to verify build artifacts for
more reliable builds. Ensure tests fail and succeed reliably.
- Update `.gitignore` and configure ESLint to use it to define and
ignore build artifact directories from one place, remove
`.eslintignore` that does not add anything after this change.
- Keep `"main"` field in `package.json` as `electron-vite` depends on it
(alex8088/electron-vite#270).
- Improve documentation
This commit simplifies event handling, providing a unified and robust
way to handle event lifecycling. This way, it fixes events not being
unsubscribed when state is changed.
Introduce a new function in `EventSubscriptionCollection` to remove
existing events and adding new events. This provides an easier to use
API, which leads to code that's easier to understand. It also prevents
potential bugs that may occur due to forgetting to call both functions.
It fixes `TheScriptsMenu` not unregistering events on state change.
Other improvements include:
- Include a getter to get total amount of registered subcriptions.
This helps in unit testing.
- Have nullish checks to prevent potential errors further down the
execution.
- Use array instead of rest parameters to increase readability and
simplify tests.
Ensure `SliderHandler` stops resizes on unmount, unsubscribing from all
events and resetting state to default.
Update `injectionKeys` to do imports as types to avoid circular
dependencies. Simplify importing `injectionKeys` to enable and strict
typings for iterating injection keys.
Add tests covering new behavior.
- Move external URL checks to its own module under `tests/`. This
separates them from integration test, addressing long runs and
frequent failures that led to ignoring test results.
- Move `check-desktop-runtime-errors` to `tests/checks` to keep all
test-related checks into one directory.
- Replace `ts-node` with `vite` for running
`check-desktop-runtime-errors` to maintain a consistent execution
environment across checks.
- Implement a timeout for each fetch call.
- Be nice to external sources, wait 5 seconds before sending another
request to an URL under same domain. This solves rate-limiting issues.
- Instead of running test on every push/pull request, run them only
weekly.
- Do not run tests on each commit/PR but only scheduled (weekly) to
minimize noise.
- Fix URLs are not captured correctly inside backticks or parenthesis.
- Fix the naming convention in Electron output to align with previous
artifact naming to not break external/internal URLs.
- In desktop execution tests, make artifact locator logic stricter to
test regression.
Test improvements:
- Capture titles for all macOS windows, not just the frontmost.
- Incorporate missing application log files.
- Improve log clarity with enriched context.
- Improve application termination on macOS by reducing grace period.
- Ensure complete application termination on macOS.
- Validate Vue application loading through an initial log.
- Support ignoring environment-specific `stderr` errors.
- Do not fail the test if working directory cannot be deleted.
- Use retry pattern when installing dependencies due to network errors.
Refactorings:
- Migrate the test code to TypeScript.
- Replace deprecated `rmdir` with `rm` for error-resistant directory
removal.
- Improve sanity checking by shifting from App.vue to Vue bootstrapper.
- Centralize environment variable management with `EnvironmentVariables`
construct.
- Rename infrastructure/Environment to RuntimeEnvironment for clarity.
- Isolate WindowVariables and SystemOperations from RuntimeEnvironment.
- Inject logging via preloader.
- Correct mislabeled RuntimeSanity tests.
Configuration:
- Introduce `npm run check:desktop` for simplified execution.
- Omit `console.log` override due to `nodeIntegration` restrictions and
reveal logging functionality using context-bridging.
Manage Firefox preferences through `user.js` instead of `prefs.js`.
Because of Mozilla's recommendation against direct `prefs.js` edits to
avoid potential profile corruption. Instead, the `user.js` file, if
present, overrides the settings in `prefs.js` at application startup.
Change AddFirefoxPrefs function to update `user.js` and manage
creation/deletion of this file:
1. Handle file creation if `user.js` does not exist.
2. Deletes file if `user.js` becomes empty after reverting settings.
Other changes:
- Improve log messages
- Minimal refactorings
Enable `contextIsolation` in Electron to securely expose a limited set
of Node.js APIs to the renderer process. It:
1. Isolates renderer and main process contexts. It ensures that the
powerful main process functions aren't directly accessible from
renderer process(es), adding a security boundary.
2. Mitigates remote exploitation risks. By isolating contexts, potential
malicious code injections in the renderer can't directly reach and
compromise the main process.
3. Reduces attack surface.
4. Protect against prototype pollution: It prevents tampering of
JavaScript object prototypes in one context from affecting another
context, improving app reliability and security.
Supporting changes include:
- Extract environment and system operations classes to the infrastructure
layer. This removes node dependencies from core domain and application
code.
- Introduce `ISystemOperations` to encapsulate OS interactions. Use it
from `CodeRunner` to isolate node API usage.
- Add a preloader script to inject validated environment variables into
renderer context. This keeps Electron integration details
encapsulated.
- Add new sanity check to fail fast on issues with preloader injected
variables.
- Improve test coverage of runtime sanity checks and environment
components. Move validation logic into separate classes for Single
Responsibility.
- Improve absent value test case generation.
- Fix a bug (introduced in 1b9be8fe) preventing the tree view from being
visible during a search.
- Fix a minor bug where the scripts view does not render based on the
initial filter.
- Add Vue component tests for `TheScriptView` to prevent regressions.
- Refactor `isSearching` in `TheScriptView` to simplify its logic.
