fixed removing onedrive does not clean start menu / quick access

refactorings
tweaks to disable webcam, speech and compatibility telemetry
2020-08-09 03:00:19 +01:00 · 2020-08-09 03:00:18 +01:00 · 2020-08-09 03:00:18 +01:00 · 2020-08-09 03:00:18 +01:00 · 2020-08-09 03:00:18 +01:00 · 2020-08-09 03:00:18 +01:00
126 changed files with 11144 additions and 4051 deletions
--- a/.dockerignore
+++ b/.dockerignore
@@ -0,0 +1,9 @@
 node_modules
 dist
 dist_electron
 .vs
 .vscode
 .github
 .git
 docs
 docker
--- a/.github/workflows/build-and-deploy.yaml
+++ b/.github/workflows/build-and-deploy.yaml
@@ -1,91 +0,0 @@
 name: Build & deploy
 on:
  push:
    branches:
    - master
 jobs:
  build-and-deploy:
    runs-on: ubuntu-18.04
    steps:
      -
        name: "Prepare: Checkout"
        uses: actions/checkout@v1
      -
        name: "Prepare: Create AWS user profile"
        run: >-
          bash "aws/scripts/configure/create-user-profile.sh" \
            --profile user \
            --access-key-id ${{secrets.AWS_DEPLOYMENT_USER_ACCESS_KEY_ID}} \
            --secret-access-key ${{secrets.AWS_DEPLOYMENT_USER_SECRET_ACCESS_KEY}} \
            --region us-east-1
      -
        name: "Infrastructure: Deploy IAM stack"
        run: >-
          bash "aws/scripts/deploy/deploy-stack.sh" \
            --template-file aws/iam-stack.yaml \
            --stack-name privacysexy-iam-stack \
            --capabilities CAPABILITY_IAM  \
            --region us-east-1 --role-arn ${{secrets.AWS_IAM_STACK_DEPLOYMENT_ROLE_ARN}} \
            --profile user --session ${{github.actor}}-${{github.event_name}}-${{github.sha}}
      -
        name: "Infrastructure: Deploy certificate stack"
        run: >-
          bash "aws/scripts/deploy/deploy-stack.sh" \
            --template-file aws/certificate-stack.yaml \
            --stack-name privacysexy-certificate-stack \
            --region us-east-1 \
            --role-arn ${{secrets.AWS_CERTIFICATE_STACK_DEPLOYMENT_ROLE_ARN}} \
            --profile user --session ${{github.actor}}-${{github.event_name}}-${{github.sha}}
      -
        name: "Infrastructure: Deploy DNS stack"
        run: >-
          bash "aws/scripts/deploy/deploy-stack.sh" \
            --template-file aws/dns-stack.yaml \
            --stack-name privacysexy-dns-stack \
            --region us-east-1 \
            --role-arn ${{secrets.AWS_DNS_STACK_DEPLOYMENT_ROLE_ARN}} \
            --profile user --session ${{github.actor}}-${{github.event_name}}-${{github.sha}}
      -
        name: "Infrastructure: Deploy web stack"
        run: >-
          bash "aws/scripts/deploy/deploy-stack.sh" \
            --template-file aws/web-stack.yaml \
            --stack-name privacysexy-web-stack \
            --region us-east-1 \
            --role-arn ${{secrets.AWS_WEB_STACK_DEPLOYMENT_ROLE_ARN}} \
            --profile user --session ${{github.actor}}-${{github.event_name}}-${{github.sha}}
      -
        name: "App: Setup node"
        uses: actions/setup-node@v1
        with:
          node-version: '11.x'
      -
        name: "App: Install dependencies"
        run: npm install
      -
        name: "App: Run tests"
        run: npm run test:unit
      - 
        name: "App: Build"
        run: npm run build
      -
        name: "App: Deploy to S3"
        run: >-
          bash "aws/scripts/deploy/deploy-to-s3.sh" \
            --folder dist \
            --web-stack-name privacysexy-web-stack --web-stack-s3-name-output-name S3BucketName \
            --storage-class ONEZONE_IA \
            --role-arn ${{secrets.AWS_S3_SITE_DEPLOYMENT_ROLE_ARN}} \
            --region us-east-1 \
            --profile user --session ${{github.actor}}-${{github.event_name}}-${{github.sha}}
      -
        name: "App: Invalidate CloudFront cache"
        run: >-
          bash "aws/scripts/deploy/invalidate-cloudfront-cache.sh" \
            --paths "/*" \
            --web-stack-name privacysexy-web-stack --web-stack-cloudfront-arn-output-name CloudFrontDistributionArn \
            --role-arn ${{secrets.AWS_CLOUDFRONT_SITE_DEPLOYMENT_ROLE_ARN}} \
            --region us-east-1 \
            --profile user --session ${{github.actor}}-${{github.event_name}}-${{github.sha}}
--- a/.github/workflows/bump-and-release.yaml
+++ b/.github/workflows/bump-and-release.yaml
@@ -0,0 +1,17 @@
 name: Bump & release
 on:
  push: # Ensure a new release is created for each new tag
    tags:
      - '[0-9]+.[0-9]+.[0-9]+'
 jobs:
  bump-version-and-release:
    if: github.event.base_ref == 'refs/heads/master'
    runs-on: ubuntu-latest
    steps:
      - uses: undergroundwires/bump-everywhere@master
        with:
          user: undergroundwires-bot
          release-token: ${{ secrets.BUMP_GITHUB_PAT }} # Does not trigger release pipeline if we use default token: https://github.community/t5/GitHub-Actions/Github-Action-trigger-on-release-not-working-if-releases-was/td-p/34559
                                                        # GitHub does not inject secrets if pipeline runs from fork or a fork is merged to main repo. 
--- a/.github/workflows/deploy-desktop.yaml
+++ b/.github/workflows/deploy-desktop.yaml
@@ -0,0 +1,32 @@
 name: Deploy desktop
 on:
 release:
   types: [created] # will be triggered when a NON-draft release is created and published.
 jobs:
  publish-desktop-app:
    name: ${{ matrix.os }}
    strategy:
      matrix:
        os: [macos, ubuntu, windows]
    runs-on: ${{ matrix.os }}-latest
    steps:
      - uses: actions/checkout@v2
        with:
          ref: master # otherwise it defaults to the version tag missing bump commit
          fetch-depth: 0 # fetch all history
      - name: Checkout to bump commit
        run: git checkout "$(git rev-list "${{ github.event.release.tag_name }}"..master | tail -1)"
      - name: Setup node
        uses: actions/setup-node@v1
        with:
          node-version: '14.x'
      - name: Install dependencies
        run: npm ci
      - name: Run tests
        run: npm run test:unit
      - name: Publish desktop app
        run: npm run electron:build -- -p always # https://nklayman.github.io/vue-cli-plugin-electron-builder/guide/recipes.html#upload-release-to-github
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
--- a/.github/workflows/deploy-site.yaml
+++ b/.github/workflows/deploy-site.yaml
@@ -0,0 +1,117 @@
 name: Deploy site
 on:
 release:
   types: [created] # will be triggered when a NON-draft release is created and published.
 jobs:
  aws-deploy: # see: https://github.com/undergroundwires/aws-static-site-with-cd
    runs-on: ubuntu-latest
    steps:
      -
        name: "Infrastructure: Checkout"
        uses: actions/checkout@v2
        with:
          path: aws
          repository: undergroundwires/aws-static-site-with-cd
      -
        name: "Infrastructure: Create AWS user profile & session name"
        run: >-
          bash "scripts/configure/create-user-profile.sh" \
            --profile user \
            --access-key-id ${{secrets.AWS_DEPLOYMENT_USER_ACCESS_KEY_ID}} \
            --secret-access-key ${{secrets.AWS_DEPLOYMENT_USER_SECRET_ACCESS_KEY}} \
            --region us-east-1 \
          && \
            echo "::set-env name=SESSION_NAME::${{github.actor}}-${{github.event_name}}-$(echo ${{github.sha}} | cut -c1-8)"
        working-directory: aws
      -
        name: "Infrastructure: Deploy IAM stack"
        run: >-
          bash "scripts/deploy/deploy-stack.sh" \
            --template-file stacks/iam-stack.yaml \
            --stack-name privacysexy-iam-stack \
            --capabilities CAPABILITY_IAM \
            --parameter-overrides "WebStackName=privacysexy-web-stack DnsStackName=privacysexy-dns-stack \
                                   CertificateStackName=privacysexy-cert-stack RootDomainName=privacy.sexy" \
            --region us-east-1 --role-arn ${{secrets.AWS_IAM_STACK_DEPLOYMENT_ROLE_ARN}} \
            --profile user --session ${{ env.SESSION_NAME }}
        working-directory: aws
      -
        name: "Infrastructure: Deploy DNS stack"
        run: >-
          bash "scripts/deploy/deploy-stack.sh" \
            --template-file stacks/dns-stack.yaml \
            --stack-name privacysexy-dns-stack \
            --parameter-overrides "RootDomainName=privacy.sexy" \
            --region us-east-1 \
            --role-arn ${{secrets.AWS_DNS_STACK_DEPLOYMENT_ROLE_ARN}} \
            --profile user --session ${{ env.SESSION_NAME }}
        working-directory: aws
      -
        name: "Infrastructure: Deploy certificate stack"
        run: >-
          bash "scripts/deploy/deploy-stack.sh" \
            --template-file stacks/certificate-stack.yaml \
            --stack-name privacysexy-cert-stack \
            --capabilities CAPABILITY_IAM \
            --parameter-overrides "IamStackName=privacysexy-iam-stack RootDomainName=privacy.sexy DnsStackName=privacysexy-dns-stack" \
            --region us-east-1 \
            --role-arn ${{secrets.AWS_CERTIFICATE_STACK_DEPLOYMENT_ROLE_ARN}} \
            --profile user --session ${{ env.SESSION_NAME }}
        working-directory: aws
      -
        name: "Infrastructure: Deploy web stack"
        run: >-
          bash "scripts/deploy/deploy-stack.sh" \
            --template-file stacks/web-stack.yaml \
            --stack-name privacysexy-web-stack \
            --parameter-overrides "CertificateStackName=privacysexy-cert-stack DnsStackName=privacysexy-dns-stack \
                                   RootDomainName=privacy.sexy UseDeepLinks=true" \
            --capabilities CAPABILITY_IAM \
            --region us-east-1 \
            --role-arn ${{secrets.AWS_WEB_STACK_DEPLOYMENT_ROLE_ARN}} \
            --profile user --session ${{ env.SESSION_NAME }}
        working-directory: aws
      -
        name: "App: Checkout"
        uses: actions/checkout@v2
        with:
          path: site
          ref: master # otherwise we don't get version bump commit
      -
        name: "App: Setup node"
        uses: actions/setup-node@v1
        with:
          node-version: '14.x'
      -
        name: "App: Install dependencies"
        run: npm ci
        working-directory: site
      -
        name: "App: Run tests"
        run: npm run test:unit
        working-directory: site
      - 
        name: "App: Build"
        run: npm run build
        working-directory: site
      -
        name: "App: Deploy to S3"
        run: >-
          bash "aws/scripts/deploy/deploy-to-s3.sh" \
            --folder site/dist \
            --web-stack-name privacysexy-web-stack --web-stack-s3-name-output-name S3BucketName \
            --storage-class ONEZONE_IA \
            --role-arn ${{secrets.AWS_S3_SITE_DEPLOYMENT_ROLE_ARN}} \
            --region us-east-1 \
            --profile user --session ${{ env.SESSION_NAME }}
      -
        name: "App: Invalidate CloudFront cache"
        run: >-
          bash "aws/scripts/deploy/invalidate-cloudfront-cache.sh" \
            --paths "/*" \
            --web-stack-name privacysexy-web-stack --web-stack-cloudfront-arn-output-name CloudFrontDistributionArn \
            --role-arn ${{secrets.AWS_CLOUDFRONT_SITE_DEPLOYMENT_ROLE_ARN}} \
            --region us-east-1 \
            --profile user --session ${{ env.SESSION_NAME }}
--- a/.github/workflows/quality-checks.yaml
+++ b/.github/workflows/quality-checks.yaml
@@ -0,0 +1,26 @@
 name: Quality checks
 on: push
 jobs:
  lint:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        lint-command:
          - npm run lint:vue
          - npm run lint:yaml
          - npm run lint:md
          - npm run lint:md:relative-urls
          - npm run lint:md:consistency
    steps:
      - name: Checkout
        uses: actions/checkout@v2
      - name: Setup node
        uses: actions/setup-node@v1
        with:
          node-version: 14.x
      - name: Install dependencies
        run: npm ci
      - name: Lint
        run: ${{ matrix.lint-command }}
--- a/.github/workflows/security-checks.yaml
+++ b/.github/workflows/security-checks.yaml
@@ -0,0 +1,22 @@
 name: Security checks
 on:
  push:
  schedule:
    - cron: '0 0 * * 0'
 jobs:
  npm-audit:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
        uses: actions/checkout@v2
      -
        name: Setup node
        uses: actions/setup-node@v1
        with:
          node-version: 14.x
      -
        name: NPM audit
        run: npm audit
--- a/.github/workflows/run-tests.yaml
+++ b/.github/workflows/run-tests.yaml
@@ -1,26 +1,22 @@
-name: Run tests
+name: Test
-on:
+on: push
  push:
    branches:
      - '*'
      - '!master'
 jobs:
-  build-and-deploy:
+  run-tests:
    runs-on: ubuntu-latest
    steps:
      -
        name: Checkout
-        uses: actions/checkout@v1
+        uses: actions/checkout@v2
      -
        name: Setup node
        uses: actions/setup-node@v1
        with:
-          node-version: '11.x'
+          node-version: '14.x'
      -
        name: Install dependencies
-        run: npm install
+        run: npm ci
      -
        name: Run tests
        run: npm run test:unit
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,6 @@
 node_modules
 /dist
 .vs
-.vscode
+.vscode
 #Electron-builder output
 /dist_electron
--- a/.markdownlint.json
+++ b/.markdownlint.json
@@ -0,0 +1,4 @@
 {
    "default": true,
    "MD013": false
 }
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,33 +1,162 @@
 # Changelog
- All notable changes to this project will be documented in this file.
+## 0.6.0 (2020-07-26)
-## [Unreleased]
+* fixed dead links in documentation | [commit](https://github.com/undergroundwires/privacy.sexy/commit/25ce236a7737decaf2eb9b8c29a4c4f34d43f770)
 * runs tests on each push on the repository | [commit](https://github.com/undergroundwires/privacy.sexy/commit/73c426844a0330718a9ab7de12b61ca05e853323)
 * code area now shows "how" before "why" | [commit](https://github.com/undergroundwires/privacy.sexy/commit/4ff4b52202b1c5dbfe2b80580bbe7d93132ab05c)
 * support for desktop versions #20 | [commit](https://github.com/undergroundwires/privacy.sexy/commit/5a27f9d86c96be88bb52aa69a84a7e057ac072be)
 * reworked on footer & removed github icon | [commit](https://github.com/undergroundwires/privacy.sexy/commit/8ab062454db1d8504fb2df4fbb39a7002bafeb09)
 * updated dependencies to latest | [commit](https://github.com/undergroundwires/privacy.sexy/commit/c335ab33ff612a19af1278bdcc88a14779e8bb91)
 * updated documentation | [commit](https://github.com/undergroundwires/privacy.sexy/commit/81dfbbef7a8786751fa7693010c80561c5ac6bce)
-## [0.3.0] - 2020-01-09
+[compare](https://github.com/undergroundwires/privacy.sexy/compare/0.5.0...0.6.0)
- Added support for grouping
+## 0.5.0 (2020-07-19)
 - Added some meta tags
 - Added "Disable NVIDIA telemetry" script
 - Added legacy browser compatibility for fonts & changed main font
-## [0.2.0] - 2020-01-06
+* added ability to revert (#21) | [commit](https://github.com/undergroundwires/privacy.sexy/commit/9c063d59defa6297c64f50b49403e8bd10620de9)
 * search placeholder shows total scripts | [commit](https://github.com/undergroundwires/privacy.sexy/commit/1d5225de07186f853f4cf7aedd4998f5d00c107a)
 * do not collapse card when on "Search" and "Select" | [commit](https://github.com/undergroundwires/privacy.sexy/commit/dd7e1416b4df54bf71b719d4654db88769dc0994)
 * opening a card scrolls to its content div | [commit](https://github.com/undergroundwires/privacy.sexy/commit/31d2067f076c3159483baec49975617dddbd158d)
 * all cards in same line now have same height | [commit](https://github.com/undergroundwires/privacy.sexy/commit/a9f9e9044385d9aed3b5551fc6c6823e813fd1e5)
 * patched loadash vulnerability (#18) | [commit](https://github.com/undergroundwires/privacy.sexy/commit/92a7118d1c5013312772e075b9ee5a79c93710b8)
- Fixed typo in generated code.
+[compare](https://github.com/undergroundwires/privacy.sexy/compare/0.4.10...0.5.0)
 - Better URL validation for documentation links in `application.yaml`.
 - Slightly faster parsing of `application.yaml`
 - Styled no JS error that's shown when JavaScript is disabled.
 - The default selection is now *None* & instruction text is shown in code box when nothing is selected.
 - Added hyphen lines when rendering of long function names
 - Changed subtitle: added version as footer instead.
-## [0.1.0] - 2019-12-31
+## 0.4.10 (2020-07-15)
- Initial release
+* fixed script errors & added tests | [commit](https://github.com/undergroundwires/privacy.sexy/commit/9e722ddfb3825fb29d6298025baaaa033120d017)
-## All releases
+[compare](https://github.com/undergroundwires/privacy.sexy/compare/0.4.9...0.4.10)
- [Unreleased] : https://github.com/undergroundwires/privacy.sexy/compare/v0.3.0...HEAD
+## 0.4.9 (2020-07-14)
- [v0.3.0] : https://github.com/undergroundwires/privacy.sexy/compare/v0.2.0...v0.3.0
+
- [v0.2.0] : https://github.com/undergroundwires/privacy.sexy/compare/v0.1.0...v0.2.0
+* disable office telemetry Disassembler0/Win10-Initial-Setup-Script#288 | [commit](https://github.com/undergroundwires/privacy.sexy/commit/53cf595e1726ee3de79137fd566978fd512d218f)
- [v0.1.0] : https://github.com/undergroundwires/privacy.sexy/releases/tag/v0.1.0
+* updated to may 2020 update | [commit](https://github.com/undergroundwires/privacy.sexy/commit/909c44d72a4a602ee8f27d06b6ec706c1e432ce1)
 * simplified docker builds | [commit](https://github.com/undergroundwires/privacy.sexy/commit/f27a2871d74e5117fc029be82caef12246e10879)
 [compare](https://github.com/undergroundwires/privacy.sexy/compare/0.4.8...0.4.9)
 ## 0.4.8 (2020-07-11)
 * added more scripts #16 (#17) | [commit](https://github.com/undergroundwires/privacy.sexy/commit/d8552c62ffea13ce62abce836c7dd4980eef6bb9)
 * stopping services before disabling #16 | [commit](https://github.com/undergroundwires/privacy.sexy/commit/628c16eb952495f5b3f6d794161b355f4b08b819)
 * can disable features, capabilities & remove onedrive #16 | [commit](https://github.com/undergroundwires/privacy.sexy/commit/30efbcc621eb83dd5a9c1e66b8f1f5350eb95006)
 * updated one more typo (#19) | [commit](https://github.com/undergroundwires/privacy.sexy/commit/d7a1325c0b7665ce712dc411965d00fc1d6fa384)
 * more tweaks #16 | [commit](https://github.com/undergroundwires/privacy.sexy/commit/2c4eb78c3f156cb0d033977cffbe7464697680f5)
 [compare](https://github.com/undergroundwires/privacy.sexy/compare/0.4.7...0.4.8)
 ## 0.4.7 (2020-06-30)
 * removed HKU tweak as all HKU's are changed #10 | [commit](https://github.com/undergroundwires/privacy.sexy/commit/c937af8ee7da9aa95131e56abf7bf24800390fe6)
 * Fixed types + script in "Clear Windows log files" (#15) | [commit](https://github.com/undergroundwires/privacy.sexy/commit/461a4f122b342369db5cc08c5e30961c64e68cdd)
 [compare](https://github.com/undergroundwires/privacy.sexy/compare/0.4.6...0.4.7)
 ## 0.4.6 (2020-06-16)
 * Fixed Some More Issues (#12) | [commit](https://github.com/undergroundwires/privacy.sexy/commit/52d5713a99422cdf900aba819e49e998abac33cc)
 * removed failing continuous deployment #14 | [commit](https://github.com/undergroundwires/privacy.sexy/commit/583c5660d6ac934b845a044e013357aa91f61c15)
 * Updated Some Tweaks (#11) | [commit](https://github.com/undergroundwires/privacy.sexy/commit/0fc18459cde57684f00764815062f838f932aed5)
 * Updated Some More Tweaks (#13) | [commit](https://github.com/undergroundwires/privacy.sexy/commit/019b838925e963b7ec052ac76c6faf5650b9eb67)
 [compare](https://github.com/undergroundwires/privacy.sexy/compare/0.4.5...0.4.6)
 ## 0.4.5 (2020-06-13)
 [compare](https://github.com/undergroundwires/privacy.sexy/compare/0.4.4...0.4.5)
 ## 0.4.4 (2020-05-24)
 * fixed close card button not being visible & cleanup | [commit](https://github.com/undergroundwires/privacy.sexy/commit/0d2efe5b05aa965458b78b8fa43754ce2f4fe11b)
 * new footer with privacy policy | [commit](https://github.com/undergroundwires/privacy.sexy/commit/e2ab124fb799f56ada3570fdc911361cb803e889)
 * one command to lint everything "npm run lint" | [commit](https://github.com/undergroundwires/privacy.sexy/commit/bb98d20637cbf1d524ebb2973e308773006e3153)
 * fix "group by" overflows on smaller screens | [commit](https://github.com/undergroundwires/privacy.sexy/commit/c668a97950a1cb7c8bf2a7fd8a72d1101e65e8ce)
 * clicking outside of a card closes it | [commit](https://github.com/undergroundwires/privacy.sexy/commit/aab8f21a8d8dbed54798af581e6e1ad9e86a4be1)
 [compare](https://github.com/undergroundwires/privacy.sexy/compare/0.4.3...0.4.4)
 ## 0.4.3 (2020-05-23)
 * removed redundant documentation | [commit](https://github.com/undergroundwires/privacy.sexy/commit/749a140eb8dba09cb67fec2f8dec937e66e3cff5)
 * fixed broke link | [commit](https://github.com/undergroundwires/privacy.sexy/commit/97b7e03233d9718a8df30cb01ce06ca9489a0295)
 * simplified heading | [commit](https://github.com/undergroundwires/privacy.sexy/commit/226074c5342f7463c06fcff1457d352ca30295a3)
 * reading version from package.json instead of version file #5 | [commit](https://github.com/undergroundwires/privacy.sexy/commit/691f989682179016ddcbf55a05cded29155288c9)
 * automatically increases patch number #5 | [commit](https://github.com/undergroundwires/privacy.sexy/commit/3e3bc07576f7c7e74e3e11fc7d197cbb9a9fb8c0)
 * using deployment operations from aws-static-site-with-cd | [commit](https://github.com/undergroundwires/privacy.sexy/commit/997be7113f676888892ffa35566d9ebb58a3e9ea)
 * automated using bump-everywhere + more quality checks (#8) | [commit](https://github.com/undergroundwires/privacy.sexy/commit/4a91e8ccd8a707bc6bea34ee28cff7fa4f66ee2f)
 [compare](https://github.com/undergroundwires/privacy.sexy/compare/0.4.2...0.4.3)
 ## 0.4.2 (2020-02-29)
 * added missing semicolon for masking | [commit](https://github.com/undergroundwires/privacy.sexy/commit/e63ac4ae67da68243a525af149ff30e5d485b641)
 * set font on input | [commit](https://github.com/undergroundwires/privacy.sexy/commit/0c39a06be5e4b0a2031ad5e9f5220dd669afee53)
 * shortened all HKEY paths | [commit](https://github.com/undergroundwires/privacy.sexy/commit/802b36bdd8dcc1f0a2853fe7da2ea2fccd69a88c)
 [compare](https://github.com/undergroundwires/privacy.sexy/compare/0.4.1...0.4.2)
 ## 0.4.1 (2020-01-11)
 * fixed search bug | [commit](https://github.com/undergroundwires/privacy.sexy/commit/31364bdfec503af09ffbb58044a17dfb833fc8d9)
 * hide grouping while searching | [commit](https://github.com/undergroundwires/privacy.sexy/commit/92f1a36bcb1e1fe7c90efe8ccd3ede55991e9d9c)
 * 👀🔍  showing search queries | [commit](https://github.com/undergroundwires/privacy.sexy/commit/97a7747933d2b515cc03ab8243e6a8ae702ef16a)
 * more efficient queries with single lowercase | [commit](https://github.com/undergroundwires/privacy.sexy/commit/19813b691746d98670823025c460480400e34b6e)
 * using right 🔍 input type | [commit](https://github.com/undergroundwires/privacy.sexy/commit/0ce354ea0956391ad3f37b252daac1127bfc601a)
 [compare](https://github.com/undergroundwires/privacy.sexy/compare/0.4.0...0.4.1)
 ## 0.4.0 (2020-01-11)
 * 🔍 support for search | [commit](https://github.com/undergroundwires/privacy.sexy/commit/89862b2775703257b9dc2e19fbebde2c0d0fbda0)
 * more scripts & better organized | [commit](https://github.com/undergroundwires/privacy.sexy/commit/95baf3175b0d2c7df516f7893a96346b94ac8eca)
 * refactorings | [commit](https://github.com/undergroundwires/privacy.sexy/commit/e3f82e069e305f6d94eab335470c8e7b44295dd6)
 * more margin for the scripts | [commit](https://github.com/undergroundwires/privacy.sexy/commit/5ea46ecbf52236953d19f09a8eade08b83e6cd34)
 [compare](https://github.com/undergroundwires/privacy.sexy/compare/0.3.0...0.4.0)
 ## 0.3.0 (2020-01-09)
 * added description & more descriptive title | [commit](https://github.com/undergroundwires/privacy.sexy/commit/99576340b648550149871e2c0fe0b0d8c2dd0d7c)
 * allow robots | [commit](https://github.com/undergroundwires/privacy.sexy/commit/eee0e785ec2c5e6bed53d21b4126a57773e35dba)
 * removed unused references | [commit](https://github.com/undergroundwires/privacy.sexy/commit/cfd888f3afc5c260a0a4a73f2843b86b9f1df2cd)
 * 🚫 disable NVIDIA telemetry | [commit](https://github.com/undergroundwires/privacy.sexy/commit/ab28f4ed8538d51e1777c86302a63a0cd9c3cb2a)
 * backwards compatibility for fonts | [commit](https://github.com/undergroundwires/privacy.sexy/commit/4bc13e11926a6df77079646499e799742153b4ab)
 * added back meta needed for responsiveness | [commit](https://github.com/undergroundwires/privacy.sexy/commit/ed872ef3d9f6c92afc0ce0d06998c60463a8b4e8)
 * fancy-font is renamed to main and now used | [commit](https://github.com/undergroundwires/privacy.sexy/commit/6825001c61426194dc363b96b57a321241f3ba57)
 * added support for grouping | [commit](https://github.com/undergroundwires/privacy.sexy/commit/ec6b3c54072a77bb4305da1c234db6c649218b88)
 * less hyphens as it looks better on mobile | [commit](https://github.com/undergroundwires/privacy.sexy/commit/e0b080af69157f46ba12e2c25e794f5384671b51)
 [compare](https://github.com/undergroundwires/privacy.sexy/compare/0.2.0...0.3.0)
 ## 0.2.0 (2020-01-06)
 * added GitHub Actions badge for build & deploy | [commit](https://github.com/undergroundwires/privacy.sexy/commit/a229aca68a92bbcd8e8176ac1dd25ce03509e074)
 * more badges 📛🏆📜 | [commit](https://github.com/undergroundwires/privacy.sexy/commit/090e8319091044e53484ba8338510f6fb7c3cb80)
 * typo fixes + whitespace refactorings | [commit](https://github.com/undergroundwires/privacy.sexy/commit/e99f210c9dcf61a21e445e2a331384b6066f2c98)
 * switched content information to "why" section | [commit](https://github.com/undergroundwires/privacy.sexy/commit/beb3c8339f83a224ca66ad8a911a9265ffe7c9c0)
 * fixed contribution URL | [commit](https://github.com/undergroundwires/privacy.sexy/commit/7b4277d7706ccf6ba7e4b7b01aa46f8e3852cfc6)
 * fixed wrong relation + lighter style | [commit](https://github.com/undergroundwires/privacy.sexy/commit/8d05b03c9f3c9fc015be6615da8c283809712065)
 * better URL validation | [commit](https://github.com/undergroundwires/privacy.sexy/commit/aff463dd64fecff92a786fcba88621dff6b1cf73)
 * refactoring to new function | [commit](https://github.com/undergroundwires/privacy.sexy/commit/c646c102730481c3f4648eb714dc0a84ce35b13c)
 * optimized find queries & refactorings | [commit](https://github.com/undergroundwires/privacy.sexy/commit/d38f6cd6a8b33e11df854c7abea05974dc04d4ce)
 * 🎨  styled no JS error | [commit](https://github.com/undergroundwires/privacy.sexy/commit/c359f1d89c6874b3cc94154b993e33f58bd32268)
 * simplified finding duplicates | [commit](https://github.com/undergroundwires/privacy.sexy/commit/57037aaefcc0e80f0f4719cea89568490a731028)
 * fixed maintainability badge URL | [commit](https://github.com/undergroundwires/privacy.sexy/commit/aaea47e7d15fe41dea26968db0107a0c53d108f3)
 * fixed wrong line dumps | [commit](https://github.com/undergroundwires/privacy.sexy/commit/5ccc7c59528885ae7729197df3dfa00f924a2b3f)
 * refactorings in parsing | [commit](https://github.com/undergroundwires/privacy.sexy/commit/2aa3742e30646bf1d1f3779419d161c3fb6c4808)
 * using free function | [commit](https://github.com/undergroundwires/privacy.sexy/commit/20020af7c1d8de13948d8761fd4e7f0affb2badb)
 * default selection is now none | [commit](https://github.com/undergroundwires/privacy.sexy/commit/3140cc663b86394d543de90228aa53e6a304d8d9)
 * added hyphen lines for longer names | [commit](https://github.com/undergroundwires/privacy.sexy/commit/cced601d686d550f4225018e5311b7433efbb5ae)
 * more descriptive subtitle | [commit](https://github.com/undergroundwires/privacy.sexy/commit/2cf9214b14d9720f747a71b3864ba7a28acf0ff4)
 * added footer with version | [commit](https://github.com/undergroundwires/privacy.sexy/commit/10a34fae2f1a219ec52db0c74edb39b46ebd8abc)
 * using font variables | [commit](https://github.com/undergroundwires/privacy.sexy/commit/60e6348dc8d53f1e81ebdb2ec0e1962aac1e9842)
 * code-gen refactorings | [commit](https://github.com/undergroundwires/privacy.sexy/commit/246e753ddc9dc8bf630e538663584bf3423cc749)
 * added text when nothing is chosen | [commit](https://github.com/undergroundwires/privacy.sexy/commit/a7da75d4428090423b692ce45423f5bd300d8442)
 [compare](https://github.com/undergroundwires/privacy.sexy/compare/0.1.0...0.2.0)
 ## 0.1.0 (2019-12-31)
 Initial release | [commits](https://github.com/undergroundwires/privacy.sexy/commit/4e7f244190c6ffbf7b20443e3e69cf2402c4268a)
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -0,0 +1,45 @@
 # Contributing
 - Love your input! Contributing to this project should be as easy and transparent as possible, whether it's:
  - Reporting a bug
  - Discussing the current state of the code
  - Submitting a fix
  - Proposing new features
  - Becoming a maintainer
 ## Pull Request Process
 - [GitHub flow](https://guides.github.com/introduction/flow/index.html) is used
 - Your pull requests are actively welcomed.
 - The steps:
  1. Fork the repo and create your branch from master.
  2. If you've added code that should be tested, add tests.
  3. If you've changed APIs, update the documentation.
  4. Ensure the test suite passes.
  5. Make sure your code lints.
  6. Issue that pull request!
 - 🙏 DO
  - Document your changes in the pull request
 - ❗ DON'T
  - Do not update the versions, current version is only [set by the maintainer](./img/gitops.png) and updated automatically by [bump-everywhere](https://github.com/undergroundwires/bump-everywhere)
 ## Guidelines
 ### Extend scripts
 - Create a [pull request](#Pull-Request-Process) for [application.yaml](./src/application/application.yaml)
 - 🙏 For any new script, try to add `revertCode` that'll revert the changes caused by the script.
 - See [typings](./src/application/application.yaml.d.ts) for documentation as code.
 ### Handle the state in presentation layer
 - There are two types of components:
  - **Stateless**, extends `Vue`
  - **Stateful**, extends [`StatefulVue`](./src/presentation/StatefulVue.ts)
    - The source of truth for the state lies in application layer (`./src/application/`) and must be updated from the views if they're mutating the state
    - They mutate or/and reacts to changes in [application state](src/application/State/ApplicationState.ts).
    - You can react by getting the state and listening to it and update the view accordingly in [`mounted()`](https://vuejs.org/v2/api/#mounted) method.
 ## License
 By contributing, you agree that your contributions will be licensed under its GNU General Public License v3.0.
--- a/12
+++ b/12
@@ -1,20 +1,12 @@
-# +-+-+-+-+-+ +-+-+-+-+-+
+# Build
 # |B|u|i|l|d| |S|t|a|g|e|
 # +-+-+-+-+-+ +-+-+-+-+-+
 FROM node:lts-alpine as build-stage
 WORKDIR /app
 COPY package*.json ./
 RUN npm install
 COPY . .
 RUN npm run build
 # For testing purposes, it's easy to run http-server on lts-alpine such as continuing from here:
 #       RUN npm install -g http-server
 #       EXPOSE 8080
 #       CMD [ "http-server", "dist" ]
-# +-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+
+# Production stage
 # |P|r|o|d|u|c|t|i|o|n| |S|t|a|g|e|
 # +-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+
 FROM nginx:stable-alpine as production-stage
 COPY --from=build-stage /app/dist /usr/share/nginx/html
 EXPOSE 80
--- a/README.md
+++ b/README.md
@@ -1,126 +1,87 @@
 # privacy.sexy
-![Build & deploy status](https://github.com/undergroundwires/privacy.sexy/workflows/Build%20&%20deploy/badge.svg)
+> Enforce privacy & security best-practices on Windows, because privacy is sexy 🍑🍆
-![Vulnerabilities](https://snyk.io/test/github/undergroundwires/privacy.sexy/badge.svg)
+
-[![contributions welcome](https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat)](https://github.com/undergroundwires/privacy.sexy/issues)
+[![contributions welcome](https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat)](./CONTRIBUTING.md)
 [![Language grade: JavaScript](https://img.shields.io/lgtm/grade/javascript/g/undergroundwires/privacy.sexy.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/undergroundwires/privacy.sexy/context:javascript)
 [![Maintainability](https://api.codeclimate.com/v1/badges/3a70b7ef602e2264342c/maintainability)](https://codeclimate.com/github/undergroundwires/privacy.sexy/maintainability)
 [![Tests status](https://github.com/undergroundwires/privacy.sexy/workflows/Test/badge.svg)](https://github.com/undergroundwires/privacy.sexy/actions)
 [![Quality checks status](https://github.com/undergroundwires/privacy.sexy/workflows/Quality%20checks/badge.svg)](https://github.com/undergroundwires/privacy.sexy/actions)
 [![Security checks status](https://github.com/undergroundwires/privacy.sexy/workflows/Security%20checks/badge.svg)](https://github.com/undergroundwires/privacy.sexy/actions)
 [![Bump & release status](https://github.com/undergroundwires/privacy.sexy/workflows/Bump%20&%20release/badge.svg)](https://github.com/undergroundwires/privacy.sexy/actions)
 [![Deploy status](https://github.com/undergroundwires/privacy.sexy/workflows/Build%20&%20deploy/badge.svg)](https://github.com/undergroundwires/privacy.sexy/actions)
 [![Auto-versioned by bump-everywhere](https://github.com/undergroundwires/bump-everywhere/blob/master/badge.svg?raw=true)](https://github.com/undergroundwires/bump-everywhere)
-Web tool to generate scripts for enforcing privacy & security best-practices such as stopping data collection of Windows and different softwares on it.
+## Get started
 > because privacy is sexy 🍑🍆
-[https://privacy.sexy](https://privacy.sexy)
+- Online version: [https://privacy.sexy](https://privacy.sexy)
  - or download latest desktop version for [Windows](https://github.com/undergroundwires/privacy.sexy/releases/download/0.6.0/privacy.sexy-Setup-0.6.0.exe), [Linux](https://github.com/undergroundwires/privacy.sexy/releases/download/0.6.0/privacy.sexy-0.6.0.AppImage), [macOS](https://github.com/undergroundwires/privacy.sexy/releases/download/0.6.0/privacy.sexy-0.6.0.dmg)
-## Why privacy.sexy
+![privacy.sexy application](img/app.png)
- You don't need to run any compiled software on your system, just run the generated scripts.
+## Why
- It's open source, both application & infrastructure is 100% transparent
+
-  - Fully automated C/CD pipeline to AWS for provisioning serverless infrastructure using GitHub actions.
+- You don't need to run any compiled software that has access to your system, just run the generated scripts.
 - Have full visibility into what the tweaks do as you enable them.
 - Ability to revert applied scripts
 - Easily extendable
 - Everything is open-sourced including both application and infrastructure
  - Fully automated CI/CD pipeline using GitHub actions
    - to AWS for provisioning serverless infrastructure
    - for building and sharing the desktop applications
 ## Extend scripts
-Fork it & add more scripts in `src/application/application.yml` and send a pull request 👌
+- Fork it & add more scripts in [application.yaml](src/application/application.yaml) and send a pull request 👌
 - 📖 More: [extend scripts | CONTRIBUTING.md](./CONTRIBUTING.md#extend-scripts)
 ## Commands
- Setup and run
+- Project setup: `npm install`
-  - For development:
+- Testing
-    - `npm install` to project setup.
+  - Run unit tests: `npm run test:unit`
-    - `npm run serve` to compile & hot-reload for development.
+  - Lint: `npm run lint`
-  - Production (using Docker):
+- **Desktop app**
-    - Build `docker build -t undergroundwires/privacy.sexy .`
+  - Development: `npm run electron:serve`
-    - Run `docker run -it -p 8080:8080 --rm --name privacy.sexy-1 undergroundwires/privacy.sexy`
+  - Production: `npm run electron:build` to build an executable
- Prepare for production: `npm run build`
+- **Webpage**
- Run tests: `npm run test:unit`
+  - Development: `npm run serve` to compile & hot-reload for development.
- Lint and fix files: `npm run lint`
+  - Production: `npm run build` to prepare files for distribution.
  - Or run using Docker:
    1. Build: `docker build -t undergroundwires/privacy.sexy:0.6.0 .`
    2. Run: `docker run -it -p 8080:80 --rm --name privacy.sexy-0.6.0 undergroundwires/privacy.sexy:0.6.0`
 ## Architecture
 ### Application
- Powered by **TypeScript** + **Vue.js** 💪
+- Powered by **TypeScript**, **Vue.js** and **Electron** 💪
  - and driven by **Domain-driven design**, **Event-driven architecture**, **Data-driven programming** concepts.
 - Application uses highly decoupled models & services in different DDD layers.
  - **Domain layer** is where the application is modelled with validation logic.
  - **Presentation Layer**
-    - Consists of Vue.js components & UI stuff.
+    - Consists of Vue.js components and other UI-related code.
    - Desktop application is created using [Electron](https://www.electronjs.org/).
    - Event driven as in components simply listens to events from the state and act accordingly.
  - **Application Layer**
    - Keeps the application state
      - The [state](src/application/State/ApplicationState.ts) is a mutable singleton & event producer.
-    - The application is defined & controlled in a [single YAML file](`\application\application.yaml`) (see [Data-driven programming](https://en.wikipedia.org/wiki/Data-driven_programming))
+    - The application is defined & controlled in a [single YAML file](src/application/application.yaml) (see [Data-driven programming](https://en.wikipedia.org/wiki/Data-driven_programming))
-![DDD + vue.js](docs/app-ddd.png)
+![DDD + vue.js](img/app-ddd.png)
 ### AWS Infrastructure
- The application runs in AWS 100% serverless and automatically provisioned using [CloudFormation files](/aws) and GitHub Actions.
+[![AWS solution](img/aws-solution.png)](https://github.com/undergroundwires/aws-static-site-with-cd)
 - Maximum security & automation and minimum AWS costs were the highest priorities of the design.
-![AWS solution](docs/aws-solution.png)
+- It uses infrastructure from the following repository: [aws-static-site-with-cd](https://github.com/undergroundwires/aws-static-site-with-cd)
  - Runs on AWS 100% serverless and automatically provisioned using [GitHub Actions](.github/workflows/).
  - Maximum security & automation and minimum AWS costs are the highest priorities of the design.
 #### GitOps: CI/CD to AWS
 - CI/CD is fully automated for this repo using different GIT events & GitHub actions.
  - Versioning, tagging, creation of `CHANGELOG.md` and releasing is automated using [bump-everywhere](https://github.com/undergroundwires/bump-everywhere) action
 - Everything that's merged in the master goes directly to production.
  - Deploy infrastructure ► Deploy web application ► Invalidate CloudFront Cache
 - See more at [build-and-deploy.yaml](.GitHub/workflows/build-and-deploy.yaml)
-![CI/CD to AWS with GitHub Actions](docs/ci-cd.png)
+[![CI/CD to AWS with GitHub Actions](img/gitops.png)](.github/workflows/)
 ##### CloudFormation
 ![CloudFormation design](docs/aws-cloudformation.png)
 - AWS infrastructure is defined as code with following files:
  - `iam-stack`: Creates & updates the deployment user.
    - Everything in IAM layer is fine-grained using least privileges principle.
    - Each deployment step has its own temporary credentials with own permissions.
  - `certificate-stack.yaml`
    - It'll generate SSL certification for the root domain and www subdomain.
    - ❗ It [must](https://aws.amazon.com/premiumsupport/knowledge-center/cloudfront-invalid-viewer-certificate/) be deployed in `us-east-1` to be able to be used by CloudFront by `web-stack`.
    - It uses CustomResource and a lambda instead of native `AWS::CertificateManager::Certificate` because:
      - Problem:
        - AWS variant waits until a certificate is validated.
        - There's no way to automate validation without workaround.
      - Solution:
        - Deploy a lambda that deploys the certificate (so we don't wait until certificate is validated)
        - Get DNS records to be used in validation & export it to be used later.
  - `web-stack.yaml`: It'll deploy S3 bucket and CloudFront in front of it.
  - `dns-stack.yaml`: It'll deploy Route53 hosted zone
    - Each time Route53 hosted zone is re-created it's required to update the DNS records in the domain registrar. See *Configure your domain registrar*.
 - I use cross stacks instead of single stack or nested stacks because:
  - Easier to test & maintain & smaller files and different lifecycles for different areas.
  - It allows to deploy web bucket in different region than others as other stacks are global (`us-east-1`) resources.
 ##### Initial deployment
 - ❗ Prerequisite: A registered domain name for website.
 1. **Configure build agent (GitHub actions)**
   - Deploy manually `iam-stack.yaml` with stack name `privacysexy-iam-stack` (to follow the convention)
     - It'll give you deploy user. Go to console &  generate secret id + key (Security credentials => Create access key) for the user [IAM users](https://console.aws.amazon.com/iam/home#/users).
       - 🚶 Deploy secrets:
         - Add secret id & key in GitHub Secrets.
           - `AWS_DEPLOYMENT_USER_ACCESS_KEY_ID`, `AWS_DEPLOYMENT_USER_SECRET_ACCESS_KEY`
         - Add more secrets given from Outputs section of the CloudFormation stack.
     - Run GitHub actions to deploy rest of the application.
       - It'll run `certificate-stack.yaml` and then `iam-stack.yaml`.
 2. **Configure your domain registrar**
   - ❗ **Web stack will fail** after DNS stack because you need to validate your domain.
   - 🚶 Go to your domain registrar and change name servers to NS values
     - `dns-stack.yaml` outputs those in CloudFormation stack.
     - You can alternatively find those in [Route53](https://console.aws.amazon.com/route53/home#hosted-zones)
   - When nameservers of your domain updated, the certification will get validated automatically, you can then delete the failed stack in CloudFormation & re-run the GitHub actions.
 ## Thank you for the awesome projects 🍺
 - [Vue.js](https://vuejs.org/) the only big JavaScript framework that's not backed by companies that make money off your data.
 - [liquor-tree](https://GitHub.com/amsik/liquor-tree) for the awesome & super extensible tree component.
 - [Ace](https://ace.c9.io/) for code box.
 - [FileSaver.js](https://GitHub.com/eligrey/FileSaver.js) for save file dialog.
 - [chai](https://GitHub.com/chaijs/chai) & [mocha](https://GitHub.com/mochajs/mocha) for making testing fun.
 - [js-yaml-loader](https://GitHub.com/wwilsman/js-yaml-loader) for ahead of time loading `application.yml`
 - [v-tooltip](https://GitHub.com/Akryum/v-tooltip) takes seconds to have a tooltip, exactly what I needed.
--- a/aws.drawio
+++ b/aws.drawio
@@ -1 +0,0 @@
 <mxfile host="www.draw.io" modified="2019-12-27T14:40:11.720Z" agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" etag="6t_Q0ZRAKXZ_lLm1WdcF" version="12.4.3" type="device" pages="1"><diagram id="pFg2tUHn5hOZkmQyf_J4" name="Page-1">7Vvtd6I4F/9r+lEOEMLLR23rzJzdme3qPLMvXzwUomaLxA2x1f3rnwSIEoIWFdqd3bXnKLmEJNz7u69Jb8DtavuBhuvlZxKj5MY24+0NuLux7SAA/FsQdgXBD8yCsKA4LkjWgTDFf6GSKLttcIwypSMjJGF4rRIjkqYoYgotpJS8qN3mJFFnXYcLpBGmUZjo1F9wzJblW0DzQP+I8GIpZ7bM8s4qlJ1LQrYMY/JSIYH7G3BLCWHF1Wp7ixLBO8mX4rnxkbv7hVGUsjYPfB19Hf0+Wf6+DcbR9Mtksvm2hANYjPIcJpvyhe/IKsQpp03QAmeMhrRcPttJnqwJThmi9898ZsFe6waM9m9n8kYcZksUl40lWyWyE6PkCd2ShFBOSUnKBxzNcZJI0o0NoCn+OD0JH1HyQDLMMEn5vQiJSfmNZ0QZ5hL6sdbhkTBGVpUOwwQvxA1G1pxKNizBKZ9dAkVMEpZd9oPz91iL11xtFwLPBpnPcYSMDNFn/psZVHJlVpL4M7okSuGIhaBthVRK5gMiK8Tojncp79qeXzxSqgmQ+H85gA66BWlZwRu0S6iXMF/sRz4ggV+UYDgDGJatIUPDASWbNN7L+WWJGZquQ8GSuxfOPFX2e0xYNZmXMFCxwYEQe8GjaXbDXslNyd1A564r9bTKXuCYffEXvM5fiUW8yo1UlZvNEH9VM3KdGoXR0yKXXYXb8/zDu+STDbN1RUdkY463QoKjcj13S8aEFR4KTtjjKE5tA3M7PMccFdSI+Iz2OA5ZyH8EPeO/4Sr8i6SD8CUbZAylEU4ENTea4y/8xrRQqtmUT4m55s0ist7NZsNfprPbhGxijkvfWKeLDjAxMA1gBpWP76kgcW0dJIGOEUm7BiJ/bp/idPL8FMApjNFk+8N6+/NA18CcBWNK+DvXsdJo3ea8Z0XG/G8s5h9x0xZjpNwLHHg3tiv37jDlAxX4SQkVHNBM9RCYI9iku3s0KZ7gQsOt2eiKHog3LIMGy5btkiuN2K3bd45Ehxv1jGxohD5FYj0j3iyu1F6R4P485343RslXrZJrAg1w0i1UASdpnQNON0lTTjJHm+gJdY841xwC4J2HONvzLMv91yAuA90gDToq0mDgGa7zvmDTI0+JM/OBJDjadQu45mDzCJ7Kzn87KB0JvHV4rQsOdgIexwlU8EDdTEHfkAMr0WkH0VMjeFwNPBOODsRJcnH/uca3NFRUcH8GOzJXAKjmyrGC97VVnh6JCXHw+DTMQfc5THlErCfKjcjrW+4NYgRGdFjvbFWsdmbrsPVgcHvKfHZhTmquCDiNrggYsCHUBj0J2NcEfJ/OCYc9z07cRMR7j1y67kJcffz69WGqiRrFCyS1S5gEsiBpmNwfqCM1Wz70+ZEIkeai+wMxtit1NtwwogqW85zufq02fhODGVA277bl4EVrV209IIo5rwRY7k4m1YW6n+BVmZawkC4Qe11pBGNO4oKiJGT4Wa23NUm4fPRBOMFKFO2qlRPoBgb0LMf2i29PHbB4vXKMarWsNqzt2IbFAed5rmfbZmB558xSMEebJcfm/tUvh6ulB08TFOdeKXsPZBZOTtZH7avg5baEl/028OKiNZQigQoDD14GL+Aq8PIDeHrcngEli0//smpUil4GOxTSgYhyko1YnyALfzSukAZm0GHdybUMT5U2MC3dATZUI72+wmlbz/xVbq4pfg6jnZGhrZ6XfWcGRkK7amFO7Y30bWGAr+ZXPN9SXIt7oQfbF7nLce2gBp++bYqjgSqf63vyUKdw8aqHclvip5SXaXCnUD5zLaQsqxdI2Y5v+JWBaoUB4LYC2JDScFfptt6j4piC1HZvHLuG12LE2tNyeDKfZ6gfhOtpA0/1GE43ZMPfx4zROiG6vbw+Edhi9qsM7vl1JQ3grUMWIBoyCejUgrbVAHCuBlhWYCuyHgTXKcQbgECPxT9gttw8fv8BlPlqAEUiJi8tUxj88SqkT4NFzoAuYya3VhFym6sGPQVNz2vPu/92v8tcb/fTty+TzAzmA0uT+08UL/KjE8MoQpmwAJ9i/s6YvUkt+9azgDX+59WyKUkOpScNMg3AOn7IwndUhwVB220Qx+kJRXri9TG8JEK6JCaqHtnh6o0jxVdUoGXmH9FrQ5/3hzgajXtnNaXjOnfCf0DLUVMrv5N4qn46B/r2ZQEUcLiP24dh/FsZ1gXtykjnBlB8veryPbdNACXPSfhNHO3UsTbKWk8fhkkizvMJcYbxu6QRHUK+IYa6APID0zDBlTGS3CSGgeF7PAfJt0UDUxW7C4Im5J6rAC6oQd6EhgUq9bVeFMDR9NdvowD9Y1zfx3wz69+XKQc6ro/j/xSubUv11t2kxrC2twi9GuTaIhlaavbrgnbllXOxq53daGe8Zf4kz3H2j2V9k3TyXmb6WLLbV6xyXBF62I/oagcCng5FeisWNns53RL+L0M6eN6ldtIleNq6/cLcdQ4fLZEOLoQPdKChhtqOC7jN5jmV5zqO67mB86YIatjDeAU95xxYF42HkPGENc0pttn2GPujz1l1QNFVCSw0a9Jr2DgKGmogltnBGeVmruvVr32U/kI5f/tU4b3a/la506UKnwTapQ7gEOFAt7YRuPfWV2q5452y7bB+jKa1zgNvf8xvd5jJdDzXCuR3K6V/yxjb1l3Lp+FnTuAOhmro/K8w17owF8Zxfiaw2TZ2Yu4CDW+O/p87jfW6vqq+tqdBphrQlkKtVtM6s3DmSQunVPOOV/C6Co1bm8YTHa+Ibq6SoYxtNYvwgfumtSZfDmDWlF80Ofma6s/9CEVRk4bWFXmF4zhPfpqiEtVltghM3jHWsM/XPHHaZv9vsIXZP/wvMbj/Pw==</diagram></mxfile>
--- a/aws/certificate-stack.yaml
+++ b/aws/certificate-stack.yaml
@@ -1,211 +0,0 @@
 AWSTemplateFormatVersion: '2010-09-09'
 Description: Creates certificate for the root + www subdomain. !! It must be deployed in us-east-1 to be able to be used by CloudFront.
 Parameters:
  RootDomainName:
    Type: String
    Default: privacy.sexy
    Description: The root DNS name of the website e.g. privacy.sexy
    AllowedPattern: (?!-)[a-zA-Z0-9-.]{1,63}(?<!-)
    ConstraintDescription: Must be a valid root domain name
  IamStackName:
    Type: String
    Default: privacysexy-iam-stack
    Description: Name of the IAM stack.
 Resources:
  # The lambda workaround exists to be able to automate certificate deployment.
  # Problem:
  #   Normally AWS AWS::CertificateManager::Certificate waits until a certificate is validated
  #   And there's no way to get validation DNS records from it to validate it.
  # Solution:
  #   Deploy a lambda that deploys the certificate (so we don't wait until certificate is validated)
  #   Get DNS records to be used in validation & export it to be used later.
  AcmCertificateForHostedZone:
    Type: Custom::VerifiableCertificate #A Can use AWS::CloudFormation::CustomResource or Custom::String
    Properties:
      ServiceToken: !GetAtt ResolveCertificateLambda.Arn
      # Lambda gets the following data:
      RootDomainName: !Ref RootDomainName # Lambda will create both for root and www.root
      Tags:
        -
          Key: Name
          Value: !Ref RootDomainName
        -
          Key: Application
          Value: privacy.sexy
  ResolveCertificateLambda:
    Type: AWS::Lambda::Function
    Properties:
      Description: Deploys certificate for root domain name + www and returns immediately arn + verification records.
      Role:
        Fn::ImportValue: !Join [':', [!Ref IamStackName, ResolveCertificateLambdaRoleArn]]
      FunctionName: !Sub ${AWS::StackName}-cert-resolver-lambda # StackName- required for role to function
      Handler: index.handler
      Runtime: nodejs12.x
      Timeout: 30
      Tags: 
        -
          Key: Application
          Value: privacy.sexy
      Code:
        # Inline script is not the best way. Some variables are named shortly to not exceed the limit 4096 but it's the cheapest way (no s3 file)
        ZipFile: >
          'use strict';
          const aws = require('aws-sdk');
          const acm = new aws.ACM();
          const log = (t) => console.log(t);
          exports.handler = async (event, context) => {
            log(`Request recieved:\n${JSON.stringify(event)}`);
            const userData = event.ResourceProperties;
            const rootDomain = userData.RootDomainName;
            let data = null;
            try {
              switch(event.RequestType) {
                case 'Create':
                  data = await handleCreateAsync(rootDomain, userData.Tags);
                  break;
                case 'Update':
                  data = await handleUpdateAsync();
                  break;
                case 'Delete':
                  data = await handleDeleteAsync(rootDomain);
                  break;
              }
              await sendResponseAsync(event, context, 'SUCCESS', data);
            } catch(error) {
              await sendResponseAsync(event, context, 'ERROR', {
                title: `Failed to ${event.RequestType}, see error`,
                error: error
              });
            }
          }
          async function handleCreateAsync(rootDomain, tags) {
            const { CertificateArn } = await acm.requestCertificate({
              DomainName: rootDomain,
              SubjectAlternativeNames: [`www.${rootDomain}`],
              Tags: tags,
              ValidationMethod: 'DNS',
            }).promise();
            log(`Cert requested:${CertificateArn}`);
            const waitAsync = (ms) => new Promise(resolve => setTimeout(resolve, ms));
            const maxAttempts = 10;
            let options = undefined;
            for (let attempt = 0; attempt < maxAttempts && !options; attempt++) {
              await waitAsync(2000);
              const { Certificate } = await acm.describeCertificate({ CertificateArn }).promise();
              if(Certificate.DomainValidationOptions.filter((o) => o.ResourceRecord).length === 2) {
                options = Certificate.DomainValidationOptions;
              }
            }
            if(!options) {
              throw new Error(`No records after ${maxAttempts} attempts.`);
            }
            return getResponseData(options, CertificateArn, rootDomain);
          }
          async function handleDeleteAsync(rootDomain) {
            const certs = await acm.listCertificates({}).promise();
            const cert = certs.CertificateSummaryList.find((cert) => cert.DomainName === rootDomain);
            if (cert) {
              await acm.deleteCertificate({ CertificateArn: cert.CertificateArn }).promise();
              log(`Deleted ${cert.CertificateArn}`);
            } else {
              log('Cannot find'); // Do not fail, delete can be called when e.g. CF fails before creating cert
            }
            return null;
          }
          async function handleUpdateAsync() {
            throw new Error(`Not yet implemented update`);
          }
          function getResponseData(options, arn, rootDomain) {
            const findRecord = (url) => options.find(option => option.DomainName === url).ResourceRecord;
            const root = findRecord(rootDomain);
            const www = findRecord(`www.${rootDomain}`);
            const data = {
                CertificateArn: arn,
                RootVerificationRecordName: root.Name,
                RootVerificationRecordValue: root.Value,
                WwwVerificationRecordName: www.Name,
                WwwVerificationRecordValue: www.Value,
            };
            return data;
          }
          /* cfn-response can't async / await :( */
          async function sendResponseAsync(event, context, responseStatus, responseData, physicalResourceId) {
            return new Promise((s, f) => {
              var b = JSON.stringify({
                        Status: responseStatus,
                        Reason: `See the details in CloudWatch Log Stream: ${context.logStreamName}`,
                        PhysicalResourceId: physicalResourceId || context.logStreamName,
                        StackId: event.StackId,
                        RequestId: event.RequestId,
                        LogicalResourceId: event.LogicalResourceId,
                        Data: responseData
              });
              log(`Response body:\n${b}`);
              var u = require("url").parse(event.ResponseURL);
              var r = require("https").request(
                {
                  hostname: u.hostname,
                  port: 443,
                  path: u.path,
                  method: "PUT",
                  headers: {
                    "content-type": "",
                    "content-length": b.length
                  }
                }, (p) => {
                  log(`Status code: ${p.statusCode}`);
                  log(`Status message: ${p.statusMessage}`);
                  s(context.done());
                });
              r.on("error", (e) => {
                log(`request failed: ${e}`);
                f(context.done(e));
              });
              r.write(b);
              r.end();
            });
          }
 Outputs:
  CertificateArn:
    Description: The Amazon Resource Name (ARN) of an AWS Certificate Manager (ACM) certificate.
    Value: !GetAtt AcmCertificateForHostedZone.CertificateArn
    Export:
      Name: !Join [':', [ !Ref 'AWS::StackName', CertificateArn ]]
  RootVerificationRecordName:
    Description: Name for root domain CNAME verification record
    Value: !GetAtt AcmCertificateForHostedZone.RootVerificationRecordName
    Export:
      Name: !Join [':', [ !Ref 'AWS::StackName', RootVerificationRecordName ]]
  RootVerificationRecordValue:
    Description: Value for root domain name CNAME verification record
    Value: !GetAtt AcmCertificateForHostedZone.RootVerificationRecordValue
    Export:
      Name: !Join [':', [ !Ref 'AWS::StackName', RootVerificationRecordValue ]]
  WwwVerificationRecordName:
    Description: Name for www domain name CNAME verification record
    Value: !GetAtt AcmCertificateForHostedZone.WwwVerificationRecordName
    Export:
      Name: !Join [':', [ !Ref 'AWS::StackName', WwwVerificationRecordName ]]
  WwwVerificationRecordValue:
    Description: Value for www domain name CNAME verification record
    Value: !GetAtt AcmCertificateForHostedZone.WwwVerificationRecordValue
    Export:
      Name: !Join [':', [ !Ref 'AWS::StackName', WwwVerificationRecordValue ]]
--- a/aws/dns-stack.yaml
+++ b/aws/dns-stack.yaml
@@ -1,61 +0,0 @@
 AWSTemplateFormatVersion: '2010-09-09'
 Description: Creates hosted zone & sets up records for the CloudFront URL.
 Parameters:
  RootDomainName:
    Type: String
    Default: privacy.sexy
    Description: The root DNS name of the website e.g. privacy.sexy
    AllowedPattern: (?!-)[a-zA-Z0-9-.]{1,63}(?<!-)
    ConstraintDescription: Must be a valid root domain name
  CertificateStackName:
    Type: String
    Default: privacysexy-certificate-stack
    Description: Name of the certificate stack.
 Resources:
  DNSHostedZone:
    Type: AWS::Route53::HostedZone
    Properties:
      Name: !Ref RootDomainName
      HostedZoneConfig:
        Comment: !Join ['', ['Hosted zone for ', !Ref RootDomainName]]
      HostedZoneTags:
        -
          Key: Application
          Value: privacy.sexy
  CertificateValidationDNSRecords:
    Type: AWS::Route53::RecordSetGroup
    Properties: 
      HostedZoneId: !Ref DNSHostedZone
      RecordSets:
        -
          Name: 
            Fn::ImportValue: !Join [':', [!Ref CertificateStackName, RootVerificationRecordName]]
          Type: 'CNAME'
          TTL: '60'
          ResourceRecords:
            - Fn::ImportValue: !Join [':', [!Ref CertificateStackName, RootVerificationRecordValue]]
        -
          Name: 
            Fn::ImportValue: !Join [':', [!Ref CertificateStackName, WwwVerificationRecordName]]
          Type: 'CNAME'
          TTL: '60'
          ResourceRecords:
            - Fn::ImportValue: !Join [':', [!Ref CertificateStackName, WwwVerificationRecordValue]]
 Outputs:
  DNSHostedZoneNameServers:
    Description: Name servers to update in domain registrar.
    Value: !Join ['           ', !GetAtt DNSHostedZone.NameServers]
  DNSHostedZoneId:
    Description: The ID of the hosted zone that you want to create the record in.
    Value: !Ref DNSHostedZone
    Export:
      Name: !Join [':', [ !Ref 'AWS::StackName', DNSHostedZoneId ]]
--- a/aws/iam-stack.yaml
+++ b/aws/iam-stack.yaml
@@ -1,496 +0,0 @@
 AWSTemplateFormatVersion: '2010-09-09'
 Description: |-
  > Deploys the identity management for the deployment
 # Granulatiy cheatsheet: https://iam.cloudonaut.io/
 Parameters:
    WebStackName:
      Type: String
      Default: privacysexy-web-stack
      Description: Name of the web stack.
    DnsStackName:
      Type: String
      Default: privacysexy-dns-stack
      Description: Name of the DNS stack.
    CertificateStackName:
      Type: String
      Default: privacysexy-certificate-stack
      Description: Name of the IAM stack.
 Resources:
  # -----------------------------
  # ------ User & Group ---------
  # -----------------------------
  DeploymentGroup:
    Type: AWS::IAM::Group
    Properties: 
      # GroupName: No hardcoded naming because of easier CloudFormation management
      ManagedPolicyArns:
        - !Ref AllowValidateTemplatePolicy
  DeploymentUser:
    Type: AWS::IAM::User
    Properties:
    #   # UserName: No hardcoded naming because of easier CloudFormation management
    #   # Policies: Assing policies on group level
      Tags:
        -
          Key: Application
          Value: privacy.sexy
  AddDeploymentUserToDeploymentGroup:
    Type: AWS::IAM::UserToGroupAddition
    Properties:
      GroupName: !Ref DeploymentGroup
      Users:
        - !Ref DeploymentUser
  # -----------------------------
  # ----------- Roles -----------
  # -----------------------------
  IamStackDeployRole:
    Type: AWS::IAM::Role
    Properties:
      Description: Allows to deploy IAM stack
      AssumeRolePolicyDocument:
        Statement:
          -
            Effect: Allow
            Principal:
              AWS: !GetAtt DeploymentUser.Arn
            Action: sts:AssumeRole
      Tags:
        -
          Key: Application
          Value: privacy.sexy
      ManagedPolicyArns: 
        - !Ref CloudFormationDeployPolicy
        - !Ref PolicyDeployPolicy
        - !Ref IamStackDeployPolicy
  CertificateStackDeployRole:
    Type: AWS::IAM::Role
    Properties:
      Description: Allows to deploy certificate stack
      AssumeRolePolicyDocument:
        Statement:
          -
            Effect: Allow
            Principal:
              AWS: !GetAtt DeploymentUser.Arn
            Action: sts:AssumeRole
      Tags:
        -
          Key: Application
          Value: privacy.sexy
      ManagedPolicyArns: 
        - !Ref CloudFormationDeployPolicy
        - !Ref LambdaBackedCustomResourceDeployPolicy
  DnsStackDeployRole:
    Type: AWS::IAM::Role
    Properties:
      Description: Allows to deploy DNS stack
      AssumeRolePolicyDocument:
        Statement:
          -
            Effect: Allow
            Principal:
              AWS: !GetAtt DeploymentUser.Arn
            Action: sts:AssumeRole
      Tags:
        -
          Key: Application
          Value: privacy.sexy
      ManagedPolicyArns: 
        - !Ref CloudFormationDeployPolicy
        - !Ref DnsStackDeployPolicy
  WebStackDeployRole:
    Type: AWS::IAM::Role
    Properties:
      Description: Allows to deploy web stack
      AssumeRolePolicyDocument:
        Statement:
          -
            Effect: Allow
            Principal:
              AWS: !GetAtt DeploymentUser.Arn
            Action: sts:AssumeRole
      Tags:
        -
          Key: Application
          Value: privacy.sexy
      ManagedPolicyArns: 
        - !Ref CloudFormationDeployPolicy
        - !Ref WebStackDeployPolicy
  S3SiteDeployRole:
      Type: 'AWS::IAM::Role'
      Properties:
        Description: "Allows to deploy website to S3"
        AssumeRolePolicyDocument:
          Statement:
            -
              Effect: Allow
              Principal:
                AWS: !GetAtt DeploymentUser.Arn
              Action: sts:AssumeRole
        Tags:
          -
            Key: Application
            Value: privacy.sexy
        ManagedPolicyArns:
          - !Ref S3SiteDeployPolicy
          - !Ref StackExportReaderPolicy
  CloudFrontSiteDeployRole:
      Type: 'AWS::IAM::Role'
      Properties:
        Description: "Allows to informs to CloudFront to renew its cache from S3"
        AssumeRolePolicyDocument:
          Statement:
            -
              Effect: Allow
              Principal:
                AWS: !GetAtt DeploymentUser.Arn
              Action: sts:AssumeRole
        Tags:
          -
            Key: Application
            Value: privacy.sexy
        ManagedPolicyArns:
          - !Ref CloudFrontInvalidationPolicy
          - !Ref StackExportReaderPolicy
  ResolveCertificateLambdaRole: # See certificate stack
    Type: AWS::IAM::Role
    Properties:
      Description: Allow deployment of certificates
      AssumeRolePolicyDocument:
        Statement:
          -
            Effect: Allow
            Principal:
              Service: lambda.amazonaws.com
            Action: sts:AssumeRole
      ManagedPolicyArns:
        - arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
        - !Ref CertificateDeployPolicy
  # --------------------------------
  # ----------- Policies -----------
  # --------------------------------
  AllowValidateTemplatePolicy:
    Type: AWS::IAM::ManagedPolicy
    Properties:
      Description: "No read & writes to resources, reveals just basic CloudFormation API to be used for validating templates"
      # ManagedPolicyName: No hardcoded naming because of easier CloudFormation management
      PolicyDocument:
        Version: 2012-10-17
        Statement:
          -
            Sid: AllowCloudFormationTemplateValidation
            Effect: Allow
            Action:
              - cloudformation:ValidateTemplate
            Resource: '*'
  CloudFormationDeployPolicy:
    Type: AWS::IAM::ManagedPolicy
    Properties:
      Description: "Allows deploying CloudFormation using CLI command 'aws cloudformation deploy' (with change sets)"
      # ManagedPolicyName: No hardcoded naming because of easier CloudFormation management
      PolicyDocument:
        Version: 2012-10-17
        Statement:
          -
            Sid: AllowCloudFormationStackOperations
            Effect: Allow
            Action:
              - cloudformation:GetTemplateSummary
              - cloudformation:DescribeStacks
              - cloudformation:CreateChangeSet
              - cloudformation:ExecuteChangeSet
              - cloudformation:DescribeChangeSet
            Resource:
              - !Sub arn:aws:cloudformation:*:${AWS::AccountId}:stack/${WebStackName}/*
              - !Sub arn:aws:cloudformation:*:${AWS::AccountId}:stack/${DnsStackName}/*
              - !Sub arn:aws:cloudformation:*:${AWS::AccountId}:stack/${AWS::StackName}/*
              - !Sub arn:aws:cloudformation:*:${AWS::AccountId}:stack/${CertificateStackName}/*
  IamStackDeployPolicy:
    Type: AWS::IAM::ManagedPolicy
    Properties:
      Description: Allows deploying IAM CloudFormation stack.
      # ManagedPolicyName: No hardcoded naming because of easier CloudFormation management
      PolicyDocument:
        Version: 2012-10-17
        Statement:
          -
            Sid: AllowUserArnExport
            Effect: Allow
            Action:
              - iam:GetUser
            Resource:
              - !GetAtt DeploymentUser.Arn
          -
            Sid: AllowTagging
            Effect: Allow
            Action:
              - iam:TagResource
            Resource:
              - !Sub arn:aws:cloudformation::${AWS::AccountId}:stack/${AWS::StackName}/*
              - !GetAtt DeploymentUser.Arn
          -
            Sid: AllowRoleDeployment
            Effect: Allow
            Action:
              - iam:CreateRole
            Resource:
              - !Sub arn:aws:iam::${AWS::AccountId}:role/${AWS::StackName}-*
  LambdaBackedCustomResourceDeployPolicy:
    Type: AWS::IAM::ManagedPolicy
    Properties:
      Description: Allows deploying a lambda-backed custom resource.
      # ManagedPolicyName: # ManagedPolicyName: No hardcoded naming because of easier CloudFormation management
      PolicyDocument:
        Version: 2012-10-17
        Statement:
          -
            Sid: AllowLambdaDeployment
            Effect: Allow
            Action:
              - lambda:GetFunction
              - lambda:DeleteFunction
              - lambda:CreateFunction
              - lambda:GetFunctionConfiguration
              - lambda:InvokeFunction
            Resource:
              - !Sub arn:aws:lambda:*:${AWS::AccountId}:function:${CertificateStackName}*
          -
            Sid: AllowPassingLambdaRole
            Effect: Allow
            Action:
              - iam:PassRole
            Resource:
              - !GetAtt ResolveCertificateLambdaRole.Arn
  CertificateDeployPolicy:
    Type: AWS::IAM::ManagedPolicy
    Properties:
      Description: Allows deploying certifications stack.
      # ManagedPolicyName: # ManagedPolicyName: No hardcoded naming because of easier CloudFormation management
      PolicyDocument:
        Version: 2012-10-17
        Statement:
          -
            Sid: AllowCertificateDeployment
            Effect: Allow
            Action:
              - acm:RequestCertificate
              - acm:DescribeCertificate
              - acm:DeleteCertificate
              - acm:AddTagsToCertificate
              - acm:ListCertificates
            Resource: '*' # Certificate Manager does not support resource level IAM
  PolicyDeployPolicy:
    Type: AWS::IAM::ManagedPolicy
    Properties:
      Description: Allows deployment of policies
      # ManagedPolicyName: Commented out because CloudFormation requires to rename when replacing custom-named resource
      PolicyDocument:
        Version: 2012-10-17
        Statement:
          -
            Sid: AllowPolicyUpdates
            Effect: Allow
            Action:
              - iam:ListPolicyVersions
              - iam:CreatePolicyVersion
              - iam:DeletePolicyVersion
              - iam:CreatePolicy 
              - iam:DeletePolicy 
              - iam:GetPolicy
            Resource:
              - !Sub arn:aws:iam::${AWS::AccountId}:policy/${AWS::StackName}-* # when ManagedPolicyName is not given policies get name like StackName-*
          -
            Sid: AllowPoliciesOnRoles
            Effect: Allow
            Action:
              - iam:AttachRolePolicy
              - iam:DetachRolePolicy
              - iam:GetRole
            Resource:
              - !Sub arn:aws:iam::${AWS::AccountId}:role/${AWS::StackName}-*
          - 
            Sid: AllowPolicyAssigmentToGroup
            Effect: Allow
            Action:
              - iam:AttachGroupPolicy
              - iam:DetachGroupPolicy
            Resource:
              - !GetAtt DeploymentGroup.Arn
          - 
            Sid: AllowGettingGroupInformation
            Effect: Allow
            Action:
              - iam:GetGroup
            Resource: !Sub arn:aws:iam::${AWS::AccountId}:group/${DeploymentGroup}
  DnsStackDeployPolicy:
    Type: AWS::IAM::ManagedPolicy
    Properties:
      Description: Allows deployment of DNS stack
      PolicyDocument:
        Version: 2012-10-17
        Statement:
          -
            Sid: AllowHostedZoneDeployment
            Effect: Allow
            Action:
              - route53:CreateHostedZone
              - route53:ListQueryLoggingConfigs
              - route53:DeleteHostedZone
              - route53:GetChange
              - route53:ChangeTagsForResource
              - route53:GetHostedZone
              - route53:ChangeResourceRecordSets
            Resource: '*' # Does not support resource-level permissions https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/access-control-overview.html#access-control-manage-access-intro-resource-policies
  WebStackDeployPolicy:
    # We need a role to run s3:PutBucketPolicy, IAM users cannot run it. See https://stackoverflow.com/a/48551383 
    Type: AWS::IAM::ManagedPolicy
    Properties:
      Description: Allows deployment of web stack
      PolicyDocument:
        Version: 2012-10-17
        Statement:
          -
            Sid: AllowCloudFrontOAIDeployment
            Effect: Allow
            Action:
              - cloudfront:GetCloudFrontOriginAccessIdentity
              - cloudfront:CreateCloudFrontOriginAccessIdentity
              - cloudfront:GetCloudFrontOriginAccessIdentityConfig
              - cloudfront:DeleteCloudFrontOriginAccessIdentity
            Resource: '*' # Does not support resource-level permissions https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cf-api-permissions-ref.html
          -
            Sid: AllowCloudFrontDistributionDeployment
            Effect: Allow
            Action:
              - cloudfront:CreateDistribution
              - cloudfront:DeleteDistribution
              - cloudfront:UpdateDistribution
              - cloudfront:GetDistribution
              - cloudfront:TagResource
              - cloudfront:UpdateCloudFrontOriginAccessIdentity
            Resource: !Sub arn:aws:cloudfront::${AWS::AccountId}:*
          -
            Sid: AllowS3BucketPolicyAccess
            Effect: Allow
            Action:
              - s3:CreateBucket
              - s3:DeleteBucket
              - s3:PutBucketWebsite
              - s3:DeleteBucketPolicy
              - s3:PutBucketPolicy
              - s3:GetBucketPolicy
            Resource: !Sub arn:aws:s3:::${WebStackName}*
          -
            Sid: AllowRecordDeploymentToRoute53
            Effect: Allow
            Action:
              - route53:GetHostedZone
              - route53:ChangeResourceRecordSets
              - route53:GetChange
              - route53:ListResourceRecordSets
            Resource: '*' # Does not support resource-level permissions https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/access-control-overview.html#access-control-manage-access-intro-resource-policies
  S3SiteDeployPolicy:
    Type: AWS::IAM::ManagedPolicy
    Properties:
      Description: Allows listing buckets to be able to list objects in a bucket
      # ManagedPolicyName: Commented out because CloudFormation requires to rename when replacing custom-named resources
      PolicyDocument:
        Version: 2012-10-17
        Statement:
          -
            Sid: AllowListingObjects
            Effect: Allow
            Action:
              - s3:ListBucket # To allow ListObjectsV2
            Resource: !Sub arn:aws:s3:::${WebStackName}*
          -
            Sid: AllowUpdatingObjects
            Effect: Allow
            Action:
              - s3:PutObject
              - s3:DeleteObject
            Resource: !Sub arn:aws:s3:::${WebStackName}*/*
  CloudFrontInvalidationPolicy:
    Type: AWS::IAM::ManagedPolicy
    Properties:
      Description: Allows creating invalidations on CloudFront
      # ManagedPolicyName: Commented out because CloudFormation requires to rename when replacing custom-named resource
      PolicyDocument:
        Version: 2012-10-17
        Statement:
          -
            Sid: AllowCloudFrontInvalidations
            Effect: Allow
            Action:
              - cloudfront:CreateInvalidation
            Resource: "*" # Does not support resource-level permissions https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cf-api-permissions-ref.html
  StackExportReaderPolicy:
    Type: AWS::IAM::ManagedPolicy
    Properties:
      Description: Allows creating invalidations on CloudFront
      # ManagedPolicyName: Commented out because CloudFormation requires to rename when replacing custom-named resource
      PolicyDocument:
        Version: 2012-10-17
        Statement:
          -
            Sid: AllowGettingBucketName
            Effect: Allow
            Action:
              - cloudformation:DescribeStacks
            Resource: !Sub arn:aws:cloudformation:*:${AWS::AccountId}:stack/${WebStackName}/*
 Outputs:
  ResolveCertificateLambdaRoleArn: 
    Description: The Amazon Resource Name (ARN) of the lambda for deploying certificates.
    Value: !GetAtt ResolveCertificateLambdaRole.Arn
    Export:
      Name: !Join [ ':', [ !Ref 'AWS::StackName', ResolveCertificateLambdaRoleArn ] ]
  CertificateStackDeployRoleArn: 
    Description: "GitHub secret: AWS_CERTIFICATE_STACK_DEPLOYMENT_ROLE_ARN"
    Value: !GetAtt CertificateStackDeployRole.Arn
  DnsStackDeployRoleArn: 
    Description: "GitHub secret: AWS_DNS_STACK_DEPLOYMENT_ROLE_ARN"
    Value: !GetAtt DnsStackDeployRole.Arn
  IamStackDeployRoleArn: 
    Description: "GitHub secret: AWS_IAM_STACK_DEPLOYMENT_ROLE_ARN"
    Value: !GetAtt IamStackDeployRole.Arn
  WebStackDeployRoleArn: 
    Description: "GitHub secret: AWS_WEB_STACK_DEPLOYMENT_ROLE_ARN"
    Value: !GetAtt WebStackDeployRole.Arn
  S3SiteDeployRoleArn: 
    Description: "GitHub secret: AWS_S3_SITE_DEPLOYMENT_ROLE_ARN"
    Value: !GetAtt S3SiteDeployRole.Arn
  CloudFrontSiteDeployRoleArn: 
    Description: "GitHub secret: AWS_CLOUDFRONT_SITE_DEPLOYMENT_ROLE_ARN"
    Value: !GetAtt CloudFrontSiteDeployRole.Arn
--- a/aws/scripts/configure/create-role-profile.sh
+++ b/aws/scripts/configure/create-role-profile.sh
@@ -1,36 +0,0 @@
 #!/bin/bash
 # Parse parameters
 while [[ "$#" -gt 0 ]]; do case $1 in
  --user-profile) USER_PROFILE="$2"; shift;;
  --role-profile) ROLE_PROFILE="$2"; shift;;
  --role-arn) ROLE_ARN="$2"; shift;;
  --session) SESSION="$2";shift;;
  --region) REGION="$2";shift;;
  *) echo "Unknown parameter passed: $1"; exit 1;;
 esac; shift; done
 # Verify parameters
 if [ -z "$USER_PROFILE" ]; then echo "User profile name is not set."; exit 1; fi;
 if [ -z "$ROLE_PROFILE" ]; then echo "Role profile name is not set."; exit 1; fi;
 if [ -z "$ROLE_ARN" ]; then echo "Role ARN is not set"; exit 1; fi;
 if [ -z "$SESSION" ]; then echo "Session name is not set."; exit 1; fi;
 if [ -z "$REGION" ]; then echo "Region is not set."; exit 1; fi;
 creds=$(aws sts assume-role --role-arn $ROLE_ARN --role-session-name $SESSION --profile $USER_PROFILE)
 aws_access_key_id=$(echo $creds | jq -r '.Credentials.AccessKeyId')
 echo ::add-mask::$aws_access_key_id
 aws_secret_access_key=$(echo $creds | jq -r '.Credentials.SecretAccessKey')
 echo ::add-mask::$aws_secret_access_key
 aws_session_token=$(echo $creds | jq -r '.Credentials.SessionToken')
 echo ::add-mask::$aws_session_token
 aws configure --profile $ROLE_PROFILE set aws_access_key_id $aws_access_key_id
 aws configure --profile $ROLE_PROFILE set aws_secret_access_key $aws_secret_access_key
 aws configure --profile $ROLE_PROFILE set aws_session_token $aws_session_token
 aws configure --profile $ROLE_PROFILE set region $REGION
 echo Profile $ROLE_PROFILE is created
 bash "${BASH_SOURCE%/*}/mask-identity.sh" --profile $ROLE_PROFILE
--- a/aws/scripts/configure/create-user-profile.sh
+++ b/aws/scripts/configure/create-user-profile.sh
@@ -1,25 +0,0 @@
 #!/bin/bash
 # Parse parameters
 while [[ "$#" -gt 0 ]]; do case $1 in
  --profile) PROFILE="$2"; shift;;
  --access-key-id) ACCESS_KEY_ID="$2"; shift;;
  --secret-access-key) SECRET_ACCESS_KEY="$2"; shift;;
  --region) REGION="$2";shift;;
  *) echo "Unknown parameter passed: $1"; exit 1;;
 esac; shift; done
 # Verify parameters
 if [ -z "$PROFILE" ]; then echo "Profile name is not set."; exit 1; fi;
 echo $PROFILE
 if [ -z "$ACCESS_KEY_ID" ]; then echo "Access key ID is not set"; exit 1; fi;
 if [ -z "$SECRET_ACCESS_KEY" ]; then echo "Secret access key is not set."; exit 1; fi;
 if [ -z "$REGION" ]; then echo "Region is not set."; exit 1; fi;
 aws configure --profile $PROFILE set aws_access_key_id $ACCESS_KEY_ID
 aws configure --profile $PROFILE set aws_secret_access_key $SECRET_ACCESS_KEY
 aws configure --profile $PROFILE set region $REGION
 echo Profile $PROFILE is created
 bash "${BASH_SOURCE%/*}/mask-identity.sh" --profile $PROFILE
--- a/aws/scripts/configure/mask-identity.sh
+++ b/aws/scripts/configure/mask-identity.sh
@@ -1,17 +0,0 @@
 #!/bin/bash
 # Parse parameters
 while [[ "$#" -gt 0 ]]; do case $1 in
  --profile) PROFILE="$2";shift;;
  *) echo "Unknown parameter passed: $1"; exit 1;;
 esac; shift; done
 # Verify parameters
 if [ -z "$PROFILE" ]; then echo "Profile name is not set."; exit 1; fi;
 aws_identity=$(aws sts get-caller-identity --profile $PROFILE)
 echo ::add-mask::$(echo $aws_identity | jq -r '.Account')
 echo ::add-mask::$(echo $aws_identity | jq -r '.UserId')
 echo ::add-mask::$(echo $aws_identity | jq -r '.Arn')
 echo Credentials are masked
--- a/aws/scripts/deploy/deploy-stack.sh
+++ b/aws/scripts/deploy/deploy-stack.sh
@@ -1,43 +0,0 @@
 #!/bin/bash
 # Parse parameters
 while [[ "$#" -gt 0 ]]; do case $1 in
  --template-file) TEMPLATE_FILE="$2"; shift;;
  --stack-name) STACK_NAME="$2"; shift;;
  --profile) PROFILE="$2"; shift;;
  --capabilities) CAPABILITY_IAM="$2"; shift;;
  --role-arn) ROLE_ARN="$2";shift;;
  --session) SESSION="$2";shift;;
  --region) REGION="$2";shift;;
  *) echo "Unknown parameter passed: $1"; exit 1;;
 esac; shift; done
 # Verify parameters
 if [ -z "$TEMPLATE_FILE" ]; then echo "Template file is not set."; exit 1; fi;
 if [ -z "$STACK_NAME" ]; then echo "Template file is not set."; exit 1; fi;
 if [ -z "$PROFILE" ]; then echo "Profile is not set."; exit 1; fi;
 if [ -z "$ROLE_ARN" ]; then echo "Role ARN is not set."; exit 1; fi;
 if [ -z "$SESSION" ]; then echo "Role session is not set."; exit 1; fi;
 echo Validating stack "$STACK_NAME"
 aws cloudformation validate-template \
    --template-body file://$TEMPLATE_FILE \
    --profile $PROFILE
 ROLE_PROFILE=$STACK_NAME
 echo Assuming role
 bash "${BASH_SOURCE%/*}/../configure/create-role-profile.sh" \
    --role-profile $ROLE_PROFILE --user-profile $PROFILE \
    --role-arn $ROLE_ARN \
    --session $SESSION \
    --region $REGION
 echo Deploying stack "$TEMPLATE_FILE"
 aws cloudformation deploy \
    --template-file $TEMPLATE_FILE \
    --stack-name $STACK_NAME \
    ${CAPABILITY_IAM:+ --capabilities $CAPABILITY_IAM} \
    --no-fail-on-empty-changeset \
    --profile $ROLE_PROFILE
--- a/aws/scripts/deploy/deploy-to-s3.sh
+++ b/aws/scripts/deploy/deploy-to-s3.sh
@@ -1,47 +0,0 @@
 #!/bin/bash
 # Parse parameters
 while [[ "$#" -gt 0 ]]; do case $1 in
  --folder) FOLDER="$2"; shift;;
  --web-stack-name) WEB_STACK_NAME="$2"; shift;;
  --web-stack-s3-name-output-name) WEB_STACK_S3_NAME_OUTPUT_NAME="$2"; shift;;
  --storage-class) STORAGE_CLASS="$2"; shift;;
  --profile) PROFILE="$2"; shift;;
  --role-arn) ROLE_ARN="$2";shift;;
  --session) SESSION="$2";shift;;
  --region) REGION="$2";shift;;
  *) echo "Unknown parameter passed: $1"; exit 1;;
 esac; shift; done
 # Verify parameters
 if [ -z "$FOLDER" ]; then echo "Folder is not set."; exit 1; fi;
 if [ -z "$PROFILE" ]; then echo "Profile is not set."; exit 1; fi;
 if [ -z "$ROLE_ARN" ]; then echo "Role ARN is not set."; exit 1; fi;
 if [ -z "$SESSION" ]; then echo "Role session is not set."; exit 1; fi;
 if [ -z "$WEB_STACK_NAME" ]; then echo "Web stack name is not set."; exit 1; fi;
 if [ -z "$WEB_STACK_S3_NAME_OUTPUT_NAME" ]; then echo "S3 name output name is not set."; exit 1; fi;
 if [ -z "$STORAGE_CLASS" ]; then echo "S3 object storage class is not set."; exit 1; fi;
 echo Assuming role
 ROLE_PROFILE=deploy-s3
 bash "${BASH_SOURCE%/*}/../configure/create-role-profile.sh" \
    --role-profile $ROLE_PROFILE --user-profile $PROFILE \
    --role-arn $ROLE_ARN \
    --session $SESSION \
    --region $REGION
 echo Getting S3 bucket name from stack "$WEB_STACK_NAME" with output "$WEB_STACK_S3_NAME_OUTPUT_NAME"
 S3_BUCKET_NAME=$(aws cloudformation describe-stacks \
            --stack-name $WEB_STACK_NAME \
            --query "Stacks[0].Outputs[?OutputKey=='$WEB_STACK_S3_NAME_OUTPUT_NAME'].OutputValue" \
            --output text \
            --profile $ROLE_PROFILE)
 if [ -z "$S3_BUCKET_NAME" ]; then echo "Could not read S3 bucket name"; exit 1; fi;
 echo ::add-mask::$S3_BUCKET_NAME # Just being extra cautious
 echo Syncing folder to S3
 aws s3 sync $FOLDER s3://$S3_BUCKET_NAME \
    --storage-class $STORAGE_CLASS  \
    --no-progress --follow-symlinks --delete \
    --profile $ROLE_PROFILE
--- a/aws/scripts/deploy/invalidate-cloudfront-cache.sh
+++ b/aws/scripts/deploy/invalidate-cloudfront-cache.sh
@@ -1,45 +0,0 @@
 #!/bin/bash
 # Parse parameters
 while [[ "$#" -gt 0 ]]; do case $1 in
  --paths) PATHS="$2"; shift;;
  --web-stack-name) WEB_STACK_NAME="$2"; shift;;
  --web-stack-cloudfront-arn-output-name) WEB_STACK_CLOUDFRONT_ARN_OUTPUT_NAME="$2"; shift;;
  --profile) PROFILE="$2"; shift;;
  --role-arn) ROLE_ARN="$2";shift;;
  --session) SESSION="$2";shift;;
  --region) REGION="$2";shift;;
  *) echo "Unknown parameter passed: $1"; exit 1;;
 esac; shift; done
 # Verify parameters
 if [ -z "$PATHS" ]; then echo "Paths is not set."; exit 1; fi;
 if [ -z "$PROFILE" ]; then echo "Profile is not set."; exit 1; fi;
 if [ -z "$ROLE_ARN" ]; then echo "Role ARN is not set."; exit 1; fi;
 if [ -z "$SESSION" ]; then echo "Role session is not set."; exit 1; fi;
 if [ -z "$WEB_STACK_NAME" ]; then echo "Web stack name is not set."; exit 1; fi;
 if [ -z "$WEB_STACK_CLOUDFRONT_ARN_OUTPUT_NAME" ]; then echo "CloudFront ARN output name is not set."; exit 1; fi;
 echo Assuming role
 ROLE_PROFILE=invalidate-cloudfront
 bash "${BASH_SOURCE%/*}/../configure/create-role-profile.sh" \
    --role-profile $ROLE_PROFILE --user-profile $PROFILE \
    --role-arn $ROLE_ARN \
    --session $SESSION \
    --region $REGION
 echo Getting CloudFront ARN from stack "$WEB_STACK_NAME" with output "$WEB_STACK_CLOUDFRONT_ARN_OUTPUT_NAME"
 CLOUDFRONT_ARN=$(aws cloudformation describe-stacks \
            --stack-name $WEB_STACK_NAME \
            --query "Stacks[0].Outputs[?OutputKey=='$WEB_STACK_CLOUDFRONT_ARN_OUTPUT_NAME'].OutputValue" \
            --output text \
            --profile $ROLE_PROFILE)
 if [ -z "$CLOUDFRONT_ARN" ]; then echo "Could not read CloudFront ARN"; exit 1; fi;
 echo :add-mask::$CLOUDFRONT_ARN
 echo Syncing folder to S3
 aws cloudfront create-invalidation \
    --paths $PATHS \
    --distribution-id $CLOUDFRONT_ARN \
    --profile $ROLE_PROFILE
--- a/aws/web-stack.yaml
+++ b/aws/web-stack.yaml
@@ -1,138 +0,0 @@
 AWSTemplateFormatVersion: '2010-09-09'
 Description: |-
  > Creates an S3 bucket configured for hosting a static webpage.
  > Creates CloudFront distribution that has access to read the S3 bucket.
 Parameters:
  RootDomainName:
    Type: String
    Default: privacy.sexy
    Description: The root DNS name of the website e.g. privacy.sexy
    AllowedPattern: (?!-)[a-zA-Z0-9-.]{1,63}(?<!-)
    ConstraintDescription: Must be a valid root domain name
  CertificateStackName:
    Type: String
    Default: privacysexy-certificate-stack
    Description: Name of the certificate stack.
  DnsStackName:
    Type: String
    Default: privacysexy-dns-stack
    Description: Name of the certificate stack.
  PriceClass:
    Type: String
    Description: The CloudFront distribution price class
    Default: 'PriceClass_100'
    AllowedValues:
      - 'PriceClass_100'
      - 'PriceClass_200'
      - 'PriceClass_All'
 Resources:
  S3Bucket:
    Type: AWS::S3::Bucket
    Properties:
      BucketName: !Sub ${AWS::StackName}-${RootDomainName} # Must have stack name for IAM to allow
      WebsiteConfiguration:
        IndexDocument: index.html
      Tags:
        -
          Key: Application
          Value: privacy.sexy    
  S3BucketPolicy:
    Type: AWS::S3::BucketPolicy
    Properties:
      Bucket: !Ref S3Bucket
      PolicyDocument: # Only used for CloudFront as it's the only way, otherwise use IAM roles in IAM stack.
        Statement:
          -
            Sid: AllowCloudFrontRead
            Action: s3:GetObject
            Effect: Allow
            Principal:
                CanonicalUser: !GetAtt CloudFrontOriginAccessIdentity.S3CanonicalUserId
            Resource: !Join ['', ['arn:aws:s3:::', !Ref S3Bucket, /*]]
  CloudFrontOriginAccessIdentity:
    Type: AWS::CloudFront::CloudFrontOriginAccessIdentity
    Properties:
      CloudFrontOriginAccessIdentityConfig:
        Comment: !Sub 'CloudFront OAI for ${S3Bucket}'
  CloudFrontDistribution:
    Type: AWS::CloudFront::Distribution
    Properties:
      DistributionConfig:
        Comment: Cloudfront Distribution pointing to S3 bucket
        Origins:
          -
            DomainName: !GetAtt S3Bucket.DomainName
            Id: S3Origin
            S3OriginConfig:
                OriginAccessIdentity: !Sub "origin-access-identity/cloudfront/${CloudFrontOriginAccessIdentity}"
        Enabled: true
        HttpVersion: 'http2'
        DefaultRootObject: index.html
        Aliases:
          - !Ref RootDomainName
          - !Sub 'www.${RootDomainName}'
        DefaultCacheBehavior:
          AllowedMethods:
            - GET
            - HEAD
          Compress: true
          TargetOriginId: S3Origin
          ForwardedValues:
            QueryString: true
            Cookies:
              Forward: none
          ViewerProtocolPolicy: redirect-to-https
        PriceClass: !Ref PriceClass
        ViewerCertificate:
          AcmCertificateArn:
            # Certificate must be validated before it can be used here
            Fn::ImportValue: !Join [':', [!Ref CertificateStackName, CertificateArn]]
          SslSupportMethod: sni-only
          MinimumProtocolVersion: TLSv1.1_2016
      Tags:
        -
          Key: Application
          Value: privacy.sexy
  CloudFrontDNSRecords:
    Type: AWS::Route53::RecordSetGroup
    Properties: 
      HostedZoneId:
        Fn::ImportValue: !Join [':', [!Ref DnsStackName, DNSHostedZoneId]]
      RecordSets:
        -
          Name: !Ref RootDomainName
          Type: A         
          AliasTarget: 
            DNSName: !GetAtt CloudFrontDistribution.DomainName
            EvaluateTargetHealth: false
            HostedZoneId: Z2FDTNDATAQYW2 # Static CloudFront distribution zone https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-aliastarget.html#cfn-route53-aliastarget-hostedzoneid
        -
          Name: !Join ['', ['www.', !Ref RootDomainName]]
          Type: A
          AliasTarget: 
            DNSName: !GetAtt CloudFrontDistribution.DomainName
            EvaluateTargetHealth: false
            HostedZoneId: Z2FDTNDATAQYW2 # Static CloudFront distribution zone https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-aliastarget.html#cfn-route53-aliastarget-hostedzoneid
 Outputs:
  CloudFrontDistributionArn:  # Used by deployment script to be able to deploy to right S3 bucket
    Description: Tthe Amazon Resource Name (ARN) of the CloudFront distribution.
    Value: !Ref CloudFrontDistribution
  S3BucketName: # Used by deployment script to be able to deploy to right S3 bucket
    Description: Name of the S3 bucket.
    Value: !Ref S3Bucket
--- a/docs/aws-cloudformation.drawio
+++ b/docs/aws-cloudformation.drawio
--- a/docs/aws-cloudformation.png
+++ b/docs/aws-cloudformation.png
--- a/docs/ci-cd.drawio
+++ b/docs/ci-cd.drawio
@@ -1 +0,0 @@
 <mxfile host="www.draw.io" modified="2019-12-30T13:07:22.931Z" agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" etag="vfXOAJJrIONaUEloGBPR" version="12.4.7" type="device"><diagram id="ymF_tBZ9P2_Wfw9L8arg" name="Page-1">5Vpbb9s2FP41AbYHC7zp9hjHdVqsGwpkQNu9FIxEy2xlUaWo2N6v36FEOZLlXNw6S7IpQUwd3j9+/M4hnTN6sdpcal4uf1epyM8ISjdndHZGSOQT+GsN29YwIRFqLZmWaWvDt4Yr+bdwxq5YLVNRDQoapXIjy6ExUUUhEjOwca3VelhsofJhryXPxMhwlfB8bP0oU7Ps5oVu7W+FzJZdzxi5nBXvCjtDteSpWvdM9M0ZvdBKmTa12lyI3ILX4dLWm9+RuxuYFoV5TAWx2swv/wy+49kff33Kok8f39/8NnHLc8Pz2k14JspcbStbsVhoXhldJ6bWwk3CbDtktKqLVNjG0RmdKm2WKlMFz98rVYIRg/GrMGbr1pTXRoFpaVa5y015tWzqdy8fuDFCF42FIGsdz9FNu1K1TsQ9E2OOK1xnwtxTDvttQZEOeOAgvBRqJYzeQgHH6AnyCGVBW8mRmro2tMi5kTdD5nBHwGzX1K71D0rCtHZN05B6FB4/ZiGNCQoHneAgxF7Mho22MLh2+mu/17QfIA8F8e0zbBrHyMOxH0IyojgkZNhLC+LDvezNWC0WlRjUgEQP01tTw9QjWEtHrJ3WMk+rRgdSoGqQw5pPrzWkMptqSQ3Za3FtR1iWuUxgrVTxH6V1eDSrEQuGhCPsNKxm2KMIIYZY5Ef0dJwOgsALaLij9HBPYqC71yN87B/J6adnMRux+FKat7Ul6HliuVmNyAk+pLRJuWrcVp92N0Ib4HR+nsvMcs1Yuu6s7/m1yD+oSjacp7NrZYxaQYHcZkx58i1riH+hcqWbvuiieaBI09l5Vbbu1e4K3r0s5MZSferGM1saY/3yucWKzJO0YJ4Ez7yQsKW0l0CPZJ5yw+HD2iv7qYou6WPiMiaVSiTPJ5k0y/p6gknklUUGHS1knndjLFRhMViowlw5iA44RWeyQIjNY/YCCXwvYOj2YUNikcA59PVtPAADbG3LfizQGQ9tlgGZjmWOP2LOuwJeJEArGhHkyfKFOezHKhE4IhoPEacnEqKYgl7c6QMp6IUfhjTwGWUhi+kPelofeywaNs380KMEiERiGuGXKEXBiFAXuarTuVZuTH0eqdrkshAXu4gbuV3YEw/4mdv+p5nmqRSDvJj5sznp5c2kFokTpsLycm+jQx3/nKKpD3aIR9U3cUimduxEj9G9w3LJ3VsCoxJ6yP5GZ9qtgclIdw6IYifWq01mz0YeX1fM06Jl0rvEjmcKr21qWCqx6C8a9J1E9+awG1zaww1abXA7gQAepDAdi154QPPCp5K8cMTQK3pyZgbonNLwOGaSMMQ4+N8ws6I2b+dJcNtae7C108tyXlUuDf5eJi59El5SL9p3xpH/vLyMRryciZvXH7eRB+O2QqwnW8H1xPImr128Og9ggeY90wTFvfDtTikb0fvUUZ0PJ5z+Q/d5FI95hA7wCD0Rj+IRj8q6qaXF91pUNgyQ1fhguxIQO6TNpVhz51RZ9J4j8IOV0dtProvm5bN98fzudbbpZ862D+nCg0dht/MePAqz4wJQOApTTIcyc6KjMEN0cLLA+xEo82gckBgHPmE4+tEINACZJHfGuYwhj4Uh8eMwBK8eBi8uGO2ufnt74fULKn1QUMVKfZUTbPnaqugXmGO5/VKtZC6295+BD8Qyu1GfQDztsexY9SQH1JM8lXpiPKLMmDPQjiwrC9d6KY24KnmjL2sIbvbiqWGEt1iIIEkORXhpGF8j9ATeiu0Dvne5hSPidRrVw5ziMeb0yTAff3cwjshfE+bB/ZhD/PnMgI+vvdmrBjxi9wJOGX1mwMc3tPg1A473g+ARw8eH/H8X8PHFZhfyViUvBsAH32v7zSkcMhvgzm14ll3/AkODX+ge9VK/2qT1hMhCOlm7udg6oS3XtdVF1e3ll9Ir9xVROwSYUjuKttCICT97+zCnjEVH3otNLzD1X+7tw8EY6afvxXYL82TXCqA9h/zriW4W7Al597V/GzXf/vMEffMP</diagram></mxfile>
--- a/docs/ci-cd.png
+++ b/docs/ci-cd.png
--- a/docs/app-ddd.drawio
+++ b/docs/app-ddd.drawio
--- a/docs/app-ddd.png
+++ b/docs/app-ddd.png
--- a/img/app.png
+++ b/img/app.png
--- a/docs/aws-solution.drawio
+++ b/docs/aws-solution.drawio
--- a/docs/aws-solution.png
+++ b/docs/aws-solution.png
--- a/img/gitops.drawio
+++ b/img/gitops.drawio
--- a/img/gitops.png
+++ b/img/gitops.png
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@@ -1,42 +1,67 @@
 {
  "name": "privacy.sexy",
-  "version": "0.1.0",
+  "version": "0.6.0",
  "author": "undergroundwires",
  "description": "Enforce privacy & security best-practices on Windows, because privacy is sexy 🍑🍆",
  "private": true,
  "scripts": {
    "serve": "vue-cli-service serve",
    "build": "vue-cli-service build",
-    "lint": "vue-cli-service lint",
+    "test:unit": "vue-cli-service test:unit",
-    "test:unit": "vue-cli-service test:unit"
+    "lint": "npm run lint:vue && npm run lint:yaml && npm run lint:md && npm run lint:md:relative-urls && npm run lint:md:consistency",
    "electron:build": "vue-cli-service electron:build",
    "electron:serve": "vue-cli-service electron:serve",
    "lint:md": "markdownlint **/*.md --ignore node_modules",
    "lint:md:consistency": "remark . --frail --use remark-preset-lint-consistent",
    "lint:md:relative-urls": "remark . --frail --use remark-validate-links",
    "lint:vue": "vue-cli-service lint --no-fix",
    "lint:yaml": "yamllint **/*.yaml --ignore=node_modules/**/*.yaml",
    "postinstall": "electron-builder install-app-deps",
    "postuninstall": "electron-builder install-app-deps"
  },
  "main": "background.js",
  "dependencies": {
-    "@fortawesome/fontawesome-svg-core": "^1.2.26",
+    "@fortawesome/fontawesome-svg-core": "^1.2.30",
-    "@fortawesome/free-brands-svg-icons": "^5.12.0",
+    "@fortawesome/free-brands-svg-icons": "^5.14.0",
-    "@fortawesome/free-regular-svg-icons": "^5.12.0",
+    "@fortawesome/free-regular-svg-icons": "^5.14.0",
-    "@fortawesome/free-solid-svg-icons": "^5.12.0",
+    "@fortawesome/free-solid-svg-icons": "^5.14.0",
-    "@fortawesome/vue-fontawesome": "^0.1.9",
+    "@fortawesome/vue-fontawesome": "^0.1.10",
-    "ace-builds": "^1.4.7",
+    "ace-builds": "^1.4.12",
    "file-saver": "^2.0.2",
    "inversify": "^5.0.1",
    "liquor-tree": "^0.2.70",
    "v-tooltip": "^2.0.2",
    "vue": "^2.6.11",
-    "vue-class-component": "^7.1.0",
+    "vue-class-component": "^7.2.5",
-    "vue-property-decorator": "^8.3.0"
+    "vue-js-modal": "^2.0.0-rc.6",
    "vue-property-decorator": "^9.0.0"
  },
  "devDependencies": {
-    "@types/chai": "^4.2.7",
+    "@types/ace": "0.0.43",
-    "@types/mocha": "^5.2.7",
+    "@types/chai": "^4.2.12",
    "@types/ace": "0.0.42",
    "@types/file-saver": "^2.0.1",
-    "@vue/cli-plugin-typescript": "^4.1.1",
+    "@types/mocha": "^8.0.0",
-    "@vue/cli-plugin-unit-mocha": "^4.1.1",
+    "@types/node": "12.0.0",
-    "@vue/cli-service": "^4.1.1",
+    "@vue/cli-plugin-typescript": "^4.4.6",
-    "@vue/test-utils": "1.0.0-beta.30",
+    "@vue/cli-plugin-unit-mocha": "^4.4.6",
    "@vue/cli-service": "^4.4.6",
    "@vue/test-utils": "1.0.3",
    "chai": "^4.2.0",
-    "sass": "^1.24.0",
+    "electron": "^9.1.1",
-    "sass-loader": "^8.0.0",
+    "electron-devtools-installer": "^3.1.1",
    "electron-log": "^4.2.2",
    "electron-updater": "^4.3.4",
    "js-yaml-loader": "^1.2.2",
-    "typescript": "^3.7.4",
+    "markdownlint-cli": "^0.23.2",
-    "vue-template-compiler": "^2.6.11"
+    "remark-cli": "^8.0.1",
    "remark-lint-no-dead-urls": "^1.1.0",
    "remark-preset-lint-consistent": "^3.0.1",
    "remark-validate-links": "^10.0.2",
    "sass": "^1.26.10",
    "sass-loader": "^9.0.2",
    "typescript": "^3.9.7",
    "vue-cli-plugin-electron-builder": "^2.0.0-rc.4",
    "vue-template-compiler": "^2.6.11",
    "yaml-lint": "^1.2.4"
  }
 }
--- a/public/index.html
+++ b/public/index.html
@@ -32,4 +32,4 @@
    <div id="app"></div>
    <!-- built files will be auto injected -->
  </body>
-</html>
+</html>
--- a/src/App.vue
+++ b/src/App.vue
@@ -1,12 +1,11 @@
 <template>
  <div id="app">
      <div class="wrapper">
-          <TheHeader class="row"
+          <TheHeader class="row" />
-                     github-url="https://github.com/undergroundwires/privacy.sexy" />
+          <TheSearchBar class="row" />
          <!-- <TheSearchBar> </TheSearchBar> -->
          <TheScripts class="row"/>
          <TheCodeArea class="row" theme="xcode" />
-          <TheCodeButtons class="row" />
+          <TheCodeButtons class="row code-buttons" />
          <TheFooter />
      </div>
   </div>
@@ -14,21 +13,21 @@
 <script lang="ts">
 import { Component, Vue, Prop  } from 'vue-property-decorator';
-import { ApplicationState, IApplicationState } from '@/application/State/ApplicationState';
+import { ApplicationState } from '@/application/State/ApplicationState';
-import TheHeader from './presentation/TheHeader.vue';
+import TheHeader from '@/presentation/TheHeader.vue';
-import TheFooter from './presentation/TheFooter.vue';
+import TheFooter from '@/presentation/TheFooter/TheFooter.vue';
-import TheCodeArea from './presentation/TheCodeArea.vue';
+import TheCodeArea from '@/presentation/TheCodeArea.vue';
-import TheCodeButtons from './presentation/TheCodeButtons.vue';
+import TheCodeButtons from '@/presentation/TheCodeButtons.vue';
-import TheSearchBar from './presentation/TheSearchBar.vue';
+import TheSearchBar from '@/presentation/TheSearchBar.vue';
-import TheScripts from './presentation/Scripts/TheScripts.vue';
+import TheScripts from '@/presentation/Scripts/TheScripts.vue';
@Component({
  components: {
    TheHeader,
    TheCodeArea,
    TheCodeButtons,
    TheSearchBar,
    TheScripts,
    TheSearchBar,
    TheFooter,
  },
 })
@@ -68,6 +67,10 @@ body {
    .row {
      margin-bottom: 10px;
    }
    .code-buttons {
      padding-bottom: 10px;
    }
  }
 }
--- a/src/application/Environment/BrowserOs/BrowserOsDetector.ts
+++ b/src/application/Environment/BrowserOs/BrowserOsDetector.ts
@@ -0,0 +1,54 @@
 import { OperatingSystem } from '../OperatingSystem';
 import { DetectorBuilder } from './DetectorBuilder';
 import { IBrowserOsDetector } from './IBrowserOsDetector';
 export class BrowserOsDetector implements IBrowserOsDetector {
    private readonly detectors = BrowserDetectors;
    public detect(userAgent: string): OperatingSystem {
        if (!userAgent) {
            return OperatingSystem.Unknown;
        }
        for (const detector of this.detectors) {
            const os = detector.detect(userAgent);
            if (os !== OperatingSystem.Unknown) {
                return os;
            }
        }
        return OperatingSystem.Unknown;
    }
 }
 // Reference: https://github.com/keithws/browser-report/blob/master/index.js#L304
 const BrowserDetectors =
 [
    define(OperatingSystem.KaiOS, (b) =>
        b.mustInclude('KAIOS')),
    define(OperatingSystem.ChromeOS, (b) =>
        b.mustInclude('CrOS')),
    define(OperatingSystem.BlackBerryOS, (b) =>
        b.mustInclude('BlackBerry')),
    define(OperatingSystem.BlackBerryTabletOS, (b) =>
        b.mustInclude('RIM Tablet OS')),
    define(OperatingSystem.BlackBerry, (b) =>
        b.mustInclude('BB10')),
    define(OperatingSystem.Android, (b) =>
        b.mustInclude('Android').mustNotInclude('Windows Phone')),
    define(OperatingSystem.Android, (b) =>
        b.mustInclude('Adr').mustNotInclude('Windows Phone')),
    define(OperatingSystem.iOS, (b) =>
        b.mustInclude('like Mac OS X')),
    define(OperatingSystem.Linux, (b) =>
        b.mustInclude('Linux').mustNotInclude('Android').mustNotInclude('Adr')),
    define(OperatingSystem.Windows, (b) =>
        b.mustInclude('Windows').mustNotInclude('Windows Phone')),
    define(OperatingSystem.WindowsPhone, (b) =>
        b.mustInclude('Windows Phone')),
    define(OperatingSystem.macOS, (b) =>
        b.mustInclude('OS X').mustNotInclude('Android').mustNotInclude('like Mac OS X')),
 ];
 function define(os: OperatingSystem, applyRules: (builder: DetectorBuilder) => DetectorBuilder): IBrowserOsDetector {
    const builder = new DetectorBuilder(os);
    applyRules(builder);
    return builder.build();
 }
--- a/src/application/Environment/BrowserOs/DetectorBuilder.ts
+++ b/src/application/Environment/BrowserOs/DetectorBuilder.ts
@@ -0,0 +1,53 @@
 import { IBrowserOsDetector } from './IBrowserOsDetector';
 import { OperatingSystem } from '../OperatingSystem';
 export class DetectorBuilder {
    private readonly existingPartsInUserAgent = new Array<string>();
    private readonly notExistingPartsInUserAgent = new Array<string>();
    constructor(private readonly os: OperatingSystem) { }
    public mustInclude(str: string): DetectorBuilder {
        return this.add(str, this.existingPartsInUserAgent);
    }
    public mustNotInclude(str: string): DetectorBuilder {
        return this.add(str, this.notExistingPartsInUserAgent);
    }
    public build(): IBrowserOsDetector {
        if (!this.existingPartsInUserAgent.length) {
            throw new Error('Must include at least a part');
        }
        return {
            detect: (agent) => this.detect(agent),
        };
    }
    private detect(userAgent: string): OperatingSystem {
        if (!userAgent) {
            throw new Error('User agent is null or undefined');
        }
        if (this.existingPartsInUserAgent.some((part) => !userAgent.includes(part))) {
            return OperatingSystem.Unknown;
        }
        if (this.notExistingPartsInUserAgent.some((part) => userAgent.includes(part))) {
            return OperatingSystem.Unknown;
        }
        return this.os;
    }
    private add(part: string, array: string[]): DetectorBuilder {
        if (!part) {
            throw new Error('part is empty or undefined');
        }
        if (this.existingPartsInUserAgent.includes(part)) {
            throw new Error(`part ${part} is already included as existing part`);
        }
        if (this.notExistingPartsInUserAgent.includes(part)) {
            throw new Error(`part ${part} is already included as not existing part`);
        }
        array.push(part);
        return this;
    }
 }
--- a/src/application/Environment/BrowserOs/IBrowserOsDetector.ts
+++ b/src/application/Environment/BrowserOs/IBrowserOsDetector.ts
@@ -0,0 +1,5 @@
 import { OperatingSystem } from '../OperatingSystem';
 export interface IBrowserOsDetector {
    detect(userAgent: string): OperatingSystem;
 }
--- a/src/application/Environment/Environment.ts
+++ b/src/application/Environment/Environment.ts
@@ -0,0 +1,80 @@
 import { BrowserOsDetector } from './BrowserOs/BrowserOsDetector';
 import { IBrowserOsDetector } from './BrowserOs/IBrowserOsDetector';
 import { IEnvironment } from './IEnvironment';
 import { OperatingSystem } from './OperatingSystem';
 interface IEnvironmentVariables {
    readonly window: Window & typeof globalThis;
    readonly process: NodeJS.Process;
    readonly navigator: Navigator;
 }
 export class Environment implements IEnvironment {
    public static readonly CurrentEnvironment: IEnvironment = new Environment({
        window,
        process,
        navigator,
    });
    public readonly isDesktop: boolean;
    public readonly os: OperatingSystem;
    protected constructor(
      variables: IEnvironmentVariables,
      browserOsDetector: IBrowserOsDetector = new BrowserOsDetector()) {
        if (!variables) {
            throw new Error('variables is null or empty');
        }
        this.isDesktop = isDesktop(variables);
        this.os = this.isDesktop ?
            getDesktopOsType(getProcessPlatform(variables))
          : browserOsDetector.detect(getUserAgent(variables));
    }
 }
 function getUserAgent(variables: IEnvironmentVariables): string {
    if (!variables.window || !variables.window.navigator) {
        return undefined;
    }
    return variables.window.navigator.userAgent;
 }
 function getProcessPlatform(variables: IEnvironmentVariables): string {
    if (!variables.process || !variables.process.platform) {
        return undefined;
    }
    return variables.process.platform;
 }
 function getDesktopOsType(processPlatform: string): OperatingSystem {
    // https://nodejs.org/api/process.html#process_process_platform
    if (processPlatform === 'darwin') {
        return OperatingSystem.macOS;
    } else if (processPlatform === 'win32') {
        return OperatingSystem.Windows;
    } else if (processPlatform === 'linux') {
        return OperatingSystem.Linux;
    }
    return OperatingSystem.Unknown;
 }
 function isDesktop(variables: IEnvironmentVariables): boolean {
    // More: https://github.com/electron/electron/issues/2288
    // Renderer process
    if (variables.window
        && variables.window.process
        && variables.window.process.type === 'renderer') {
        return true;
    }
    // Main process
    if (variables.process
        && variables.process.versions
        && Boolean(variables.process.versions.electron)) {
        return true;
    }
    // Detect the user agent when the `nodeIntegration` option is set to true
    if (variables.navigator
        && variables.navigator.userAgent
        && variables.navigator.userAgent.includes('Electron')) {
        return true;
    }
    return false;
 }
--- a/src/application/Environment/IEnvironment.ts
+++ b/src/application/Environment/IEnvironment.ts
@@ -0,0 +1,6 @@
 import { OperatingSystem } from './OperatingSystem';
 export interface IEnvironment {
    isDesktop: boolean;
    os: OperatingSystem;
 }
--- a/src/application/Environment/OperatingSystem.ts
+++ b/src/application/Environment/OperatingSystem.ts
@@ -0,0 +1,14 @@
 export enum OperatingSystem {
    macOS,
    Windows,
    Linux,
    KaiOS,
    ChromeOS,
    BlackBerryOS,
    BlackBerry,
    BlackBerryTabletOS,
    Android,
    iOS,
    WindowsPhone,
    Unknown,
 }
--- a/src/application/Parser/ApplicationParser.ts
+++ b/src/application/Parser/ApplicationParser.ts
@@ -1,19 +1,29 @@
-import { Category } from '../../domain/Category';
+import { Category } from '@/domain/Category';
-import { Application } from '../../domain/Application';
+import { Application } from '@/domain/Application';
-import applicationFile from 'js-yaml-loader!./../application.yaml';
+import { IApplication } from '@/domain/IApplication';
 import { ApplicationYaml } from 'js-yaml-loader!./../application.yaml';
 import { parseCategory } from './CategoryParser';
-export function parseApplication(): Application {
+export function parseApplication(content: ApplicationYaml): IApplication {
-    const name = applicationFile.name as string;
+    validate(content);
    const version = applicationFile.version as number;
    const categories = new Array<Category>();
-    if (!applicationFile.actions || applicationFile.actions.length <= 0) {
+    for (const action of content.actions) {
        throw new Error('Application does not define any action');
    }
    for (const action of applicationFile.actions) {
        const category = parseCategory(action);
        categories.push(category);
    }
-    const app = new Application(name, version, categories);
+    const app = new Application(
        content.name,
        content.repositoryUrl,
        process.env.VUE_APP_VERSION,
        categories);
    return app;
 }
 function validate(content: ApplicationYaml): void {
    if (!content) {
        throw new Error('application is null or undefined');
    }
    if (!content.actions || content.actions.length <= 0) {
        throw new Error('application does not define any action');
    }
 }
--- a/src/application/Parser/CategoryParser.ts
+++ b/src/application/Parser/CategoryParser.ts
@@ -1,20 +1,18 @@
 import { YamlCategory, YamlScript } from 'js-yaml-loader!./application.yaml';
 import { Script } from '@/domain/Script';
-import { Category } from '../../domain/Category';
+import { Category } from '@/domain/Category';
 import { parseDocUrls } from './DocumentationParser';
 import { parseScript } from './ScriptParser';
 let categoryIdCounter: number = 0;
 interface ICategoryChildren {
    subCategories: Category[];
    subScripts: Script[];
 }
 export function parseCategory(category: YamlCategory): Category {
-    if (!category.children || category.children.length <= 0) {
+    ensureValid(category);
        throw Error('Category has no children');
    }
    const children: ICategoryChildren = {
        subCategories: new Array<Category>(),
        subScripts: new Array<Script>(),
@@ -31,6 +29,18 @@ export function parseCategory(category: YamlCategory): Category {
    );
 }
 function ensureValid(category: YamlCategory) {
    if (!category) {
        throw Error('category is null or undefined');
    }
    if (!category.children || category.children.length === 0) {
        throw Error('category has no children');
    }
    if (!category.category || category.category.length === 0) {
        throw Error('category has no name');
    }
 }
 function parseCategoryChild(
    categoryOrScript: any, children: ICategoryChildren, parent: YamlCategory) {
    if (isCategory(categoryOrScript)) {
@@ -38,11 +48,7 @@ function parseCategoryChild(
        children.subCategories.push(subCategory);
    } else if (isScript(categoryOrScript)) {
        const yamlScript = categoryOrScript as YamlScript;
-        const script = new Script(
+        const script = parseScript(yamlScript);
            /* name */  yamlScript.name,
            /* code */ yamlScript.code,
            /* docs */ parseDocUrls(yamlScript),
            /* is recommended? */ yamlScript.recommend);
        children.subScripts.push(script);
    } else {
        throw new Error(`Child element is neither a category or a script.
@@ -50,7 +56,6 @@ function parseCategoryChild(
    }
 }
 function isScript(categoryOrScript: any): boolean {
    return categoryOrScript.code && categoryOrScript.code.length > 0;
 }
--- a/src/application/Parser/DocumentationParser.ts
+++ b/src/application/Parser/DocumentationParser.ts
@@ -1,34 +1,46 @@
-import { YamlDocumentable } from 'js-yaml-loader!./application.yaml';
+import { YamlDocumentable, DocumentationUrls } from 'js-yaml-loader!./application.yaml';
 export function parseDocUrls(documentable: YamlDocumentable): ReadonlyArray<string> {
    if (!documentable) {
        throw new Error('documentable is null or undefined');
    }
    const docs = documentable.docs;
-    if (!docs) {
+    if (!docs || !docs.length) {
        return [];
    }
-    const result = new DocumentationUrls();
+    let result = new DocumentationUrlContainer();
-    if (docs instanceof Array) {
+    result = addDocs(docs, result);
        for (const doc of docs) {
            if (typeof doc !== 'string') {
                throw new Error('Docs field (documentation url) must be an array of strings');
            }
            result.add(doc);
        }
    } else if (typeof docs === 'string') {
        result.add(docs);
    } else {
        throw new Error('Docs field (documentation url) must a string or array of strings');
    }
    return result.getAll();
 }
-class DocumentationUrls {
+function addDocs(docs: DocumentationUrls, urls: DocumentationUrlContainer): DocumentationUrlContainer {
    if (docs instanceof Array) {
        urls.addUrls(docs);
    } else if (typeof docs === 'string') {
        urls.addUrl(docs);
    } else {
        throw new Error('Docs field (documentation url) must a string or array of strings');
    }
    return urls;
 }
 class DocumentationUrlContainer {
    private readonly urls = new Array<string>();
-    public add(url: string) {
+    public addUrl(url: string) {
        validateUrl(url);
        this.urls.push(url);
    }
    public addUrls(urls: any[]) {
        for (const url of urls) {
            if (typeof url !== 'string') {
                throw new Error('Docs field (documentation url) must be an array of strings');
            }
            this.addUrl(url);
        }
    }
    public getAll(): ReadonlyArray<string> {
        return this.urls;
    }
--- a/src/application/Parser/ScriptParser.ts
+++ b/src/application/Parser/ScriptParser.ts
@@ -0,0 +1,16 @@
 import { Script } from '@/domain/Script';
 import { YamlScript } from 'js-yaml-loader!./application.yaml';
 import { parseDocUrls } from './DocumentationParser';
 export function parseScript(yamlScript: YamlScript): Script {
    if (!yamlScript) {
        throw new Error('script is null or undefined');
    }
    const script = new Script(
        /* name */              yamlScript.name,
        /* code */              yamlScript.code,
        /* revertCode */        yamlScript.revertCode,
        /* docs */              parseDocUrls(yamlScript),
        /* isRecommended */     yamlScript.recommend);
    return script;
 }
--- a/src/application/State/ApplicationState.ts
+++ b/src/application/State/ApplicationState.ts
@@ -3,13 +3,14 @@ import { IUserFilter } from './Filter/IUserFilter';
 import { ApplicationCode } from './Code/ApplicationCode';
 import { UserSelection } from './Selection/UserSelection';
 import { IUserSelection } from './Selection/IUserSelection';
-import { AsyncLazy } from '../../infrastructure/Threading/AsyncLazy';
+import { AsyncLazy } from '@/infrastructure/Threading/AsyncLazy';
-import { Signal } from '../../infrastructure/Events/Signal';
+import { Signal } from '@/infrastructure/Events/Signal';
 import { parseApplication } from '../Parser/ApplicationParser';
 import { IApplicationState } from './IApplicationState';
-import { Script } from '../../domain/Script';
+import { Script } from '@/domain/Script';
-import { Application } from '../../domain/Application';
+import { IApplication } from '@/domain/IApplication';
 import { IApplicationCode } from './Code/IApplicationCode';
 import applicationFile from 'js-yaml-loader!@/application/application.yaml';
 /** Mutatable singleton application state that's the single source of truth throughout the application */
 export class ApplicationState implements IApplicationState {
@@ -20,7 +21,7 @@ export class ApplicationState implements IApplicationState {
    /** Application instance with all scripts. */
    private static instance = new AsyncLazy<IApplicationState>(() => {
-        const application = parseApplication();
+        const application = parseApplication(applicationFile);
        const selectedScripts = new Array<Script>();
        const state = new ApplicationState(application, selectedScripts);
        return Promise.resolve(state);
@@ -33,13 +34,11 @@ export class ApplicationState implements IApplicationState {
    private constructor(
        /** Inner instance of the all scripts */
-        public readonly app: Application,
+        public readonly app: IApplication,
        /** Initially selected scripts */
        public readonly defaultScripts: Script[]) {
        this.selection = new UserSelection(app, defaultScripts);
-        this.code = new ApplicationCode(this.selection, app.version.toString());
+        this.code = new ApplicationCode(this.selection, app.version);
        this.filter = new UserFilter(app);
    }
 }
 export { IApplicationState, IUserFilter };
--- a/src/application/State/Code/ApplicationCode.ts
+++ b/src/application/State/Code/ApplicationCode.ts
@@ -1,16 +1,19 @@
 import { SelectedScript } from '@/application/State/Selection/SelectedScript';
 import { IUserSelection } from '@/application/State/Selection/IUserSelection';
 import { UserScriptGenerator } from './UserScriptGenerator';
 import { IUserSelection } from './../Selection/IUserSelection';
 import { Signal } from '@/infrastructure/Events/Signal';
 import { IApplicationCode } from './IApplicationCode';
-import { IScript } from '@/domain/IScript';
+import { IUserScriptGenerator } from './IUserScriptGenerator';
 export class ApplicationCode implements IApplicationCode {
    public readonly changed = new Signal<string>();
    public current: string;
-    private readonly generator: UserScriptGenerator;
+    private readonly generator: IUserScriptGenerator = new UserScriptGenerator();
-    constructor(userSelection: IUserSelection, private readonly version: string) {
+    constructor(
        userSelection: IUserSelection,
        private readonly version: string) {
        if (!userSelection) { throw new Error('userSelection is null or undefined'); }
        if (!version) { throw new Error('version is null or undefined'); }
        this.generator = new UserScriptGenerator();
@@ -20,7 +23,7 @@ export class ApplicationCode implements IApplicationCode {
        });
    }
-    private setCode(scripts: ReadonlyArray<IScript>) {
+    private setCode(scripts: ReadonlyArray<SelectedScript>) {
        this.current = scripts.length === 0 ? '' : this.generator.buildCode(scripts, this.version);
        this.changed.notify(this.current);
    }
--- a/src/application/State/Code/IUserScriptGenerator.ts
+++ b/src/application/State/Code/IUserScriptGenerator.ts
@@ -0,0 +1,5 @@
 import { SelectedScript } from '@/application/State/Selection/SelectedScript';
 export interface IUserScriptGenerator {
    buildCode(selectedScripts: ReadonlyArray<SelectedScript>, version: string): string;
 }
--- a/src/application/State/Code/UserScriptGenerator.ts
+++ b/src/application/State/Code/UserScriptGenerator.ts
@@ -1,7 +1,8 @@
 import { SelectedScript } from '@/application/State/Selection/SelectedScript';
 import { IUserScriptGenerator } from './IUserScriptGenerator';
 import { CodeBuilder } from './CodeBuilder';
 import { Script } from '@/domain/Script';
-const adminRightsScript = {
+export const adminRightsScript = {
    name: 'Ensure admin privileges',
    code: 'fltmc >nul 2>&1 || (\n' +
    '   echo This batch script requires administrator privileges. Right-click on\n' +
@@ -11,17 +12,19 @@ const adminRightsScript = {
    ')',
 };
-export class UserScriptGenerator {
+export class UserScriptGenerator implements IUserScriptGenerator {
-    public buildCode(scripts: ReadonlyArray<Script>, version: string): string {
+    public buildCode(selectedScripts: ReadonlyArray<SelectedScript>, version: string): string {
-        if (!scripts) { throw new Error('scripts is undefined'); }
+        if (!selectedScripts) { throw new Error('scripts is undefined'); }
-        if (!scripts.length) { throw new Error('scripts are empty'); }
+        if (!selectedScripts.length) { throw new Error('scripts are empty'); }
        if (!version) { throw new Error('version is undefined'); }
        const builder = new CodeBuilder()
            .appendLine('@echo off')
            .appendCommentLine(`https://privacy.sexy — v${version} — ${new Date().toUTCString()}`)
            .appendFunction(adminRightsScript.name, adminRightsScript.code).appendLine();
-        for (const script of scripts) {
+        for (const selection of selectedScripts) {
-            builder.appendFunction(script.name, script.code).appendLine();
+            const name = selection.revert ? `${selection.script.name} (revert)` : selection.script.name;
            const code = selection.revert ? selection.script.revertCode : selection.script.code;
            builder.appendFunction(name, code).appendLine();
        }
        return builder.appendLine()
            .appendLine('pause')
--- a/src/application/State/Filter/FilterResult.ts
+++ b/src/application/State/Filter/FilterResult.ts
@@ -0,0 +1,18 @@
 import { IFilterResult } from './IFilterResult';
 import { IScript } from '@/domain/IScript';
 import { ICategory } from '@/domain/ICategory';
 export class FilterResult implements IFilterResult {
    constructor(
        public readonly scriptMatches: ReadonlyArray<IScript>,
        public readonly categoryMatches: ReadonlyArray<ICategory>,
        public readonly query: string) {
        if (!query) { throw new Error('Query is empty or undefined'); }
        if (!scriptMatches) { throw new Error('Script matches is undefined'); }
        if (!categoryMatches) { throw new Error('Category matches is undefined'); }
    }
    public hasAnyMatches(): boolean {
        return this.scriptMatches.length > 0
         || this.categoryMatches.length > 0;
    }
 }
--- a/src/application/State/Filter/IFilterMatches.ts
+++ b/src/application/State/Filter/IFilterMatches.ts
@@ -1,7 +1,8 @@
 import { IScript, ICategory } from '@/domain/ICategory';
-export interface IFilterMatches {
+export interface IFilterResult {
    readonly scriptMatches: ReadonlyArray<IScript>;
    readonly categoryMatches: ReadonlyArray<ICategory>;
    readonly scriptMatches: ReadonlyArray<IScript>;
    readonly query: string;
    hasAnyMatches(): boolean;
 }
--- a/src/application/State/Filter/IUserFilter.ts
+++ b/src/application/State/Filter/IUserFilter.ts
@@ -1,8 +1,8 @@
-import { IFilterMatches } from './IFilterMatches';
+import { IFilterResult } from './IFilterResult';
 import { ISignal } from '@/infrastructure/Events/Signal';
 export interface IUserFilter {
-    readonly filtered: ISignal<IFilterMatches>;
+    readonly filtered: ISignal<IFilterResult>;
    readonly filterRemoved: ISignal<void>;
    setFilter(filter: string): void;
    removeFilter(): void;
--- a/src/application/State/Filter/UserFilter.ts
+++ b/src/application/State/Filter/UserFilter.ts
@@ -1,13 +1,15 @@
-import { IFilterMatches } from './IFilterMatches';
+import { IScript } from '@/domain/IScript';
-import { Application } from '../../../domain/Application';
+import { FilterResult } from './FilterResult';
 import { IFilterResult } from './IFilterResult';
 import { IApplication } from '@/domain/IApplication';
 import { IUserFilter } from './IUserFilter';
 import { Signal } from '@/infrastructure/Events/Signal';
 export class UserFilter implements IUserFilter {
-    public readonly filtered = new Signal<IFilterMatches>();
+    public readonly filtered = new Signal<IFilterResult>();
    public readonly filterRemoved = new Signal<void>();
-    constructor(private application: Application) {
+    constructor(private application: IApplication) {
    }
@@ -15,15 +17,17 @@ export class UserFilter implements IUserFilter {
        if (!filter) {
            throw new Error('Filter must be defined and not empty. Use removeFilter() to remove the filter');
        }
        const filterLowercase = filter.toLocaleLowerCase();
        const filteredScripts = this.application.getAllScripts().filter(
-            (script) => script.name.toLowerCase().includes(filter.toLowerCase()) ||
+            (script) => isScriptAMatch(script, filterLowercase));
-            script.code.toLowerCase().includes(filter.toLowerCase()));
+        const filteredCategories = this.application.getAllCategories().filter(
            (category) => category.name.toLowerCase().includes(filterLowercase));
-        const matches: IFilterMatches = {
+        const matches = new FilterResult(
-            scriptMatches: filteredScripts,
+            filteredScripts,
-            categoryMatches: null,
+            filteredCategories,
-            query: filter,
+            filter,
-        };
+        );
        this.filtered.notify(matches);
    }
@@ -32,3 +36,16 @@ export class UserFilter implements IUserFilter {
        this.filterRemoved.notify();
    }
 }
 function isScriptAMatch(script: IScript, filterLowercase: string) {
    if (script.name.toLowerCase().includes(filterLowercase)) {
        return true;
    }
    if (script.code.toLowerCase().includes(filterLowercase)) {
        return true;
    }
    if (script.revertCode) {
        return script.revertCode.toLowerCase().includes(filterLowercase);
    }
    return false;
 }
--- a/src/application/State/Selection/IUserSelection.ts
+++ b/src/application/State/Selection/IUserSelection.ts
@@ -1,11 +1,13 @@
 import { SelectedScript } from './SelectedScript';
 import { ISignal } from '@/infrastructure/Events/Signal';
 import { IScript } from '@/domain/IScript';
 export interface IUserSelection {
-    readonly changed: ISignal<ReadonlyArray<IScript>>;
+    readonly changed: ISignal<ReadonlyArray<SelectedScript>>;
-    readonly selectedScripts: ReadonlyArray<IScript>;
+    readonly selectedScripts: ReadonlyArray<SelectedScript>;
    readonly totalSelected: number;
-    addSelectedScript(scriptId: string): void;
+    addSelectedScript(scriptId: string, revert: boolean): void;
    addOrUpdateSelectedScript(scriptId: string, revert: boolean): void;
    removeSelectedScript(scriptId: string): void;
    selectOnly(scripts: ReadonlyArray<IScript>): void;
    isSelected(script: IScript): boolean;
--- a/src/application/State/Selection/SelectedScript.ts
+++ b/src/application/State/Selection/SelectedScript.ts
@@ -0,0 +1,14 @@
 import { BaseEntity } from '@/infrastructure/Entity/BaseEntity';
 import { IScript } from '@/domain/IScript';
 export class SelectedScript extends BaseEntity<string> {
    constructor(
        public readonly script: IScript,
        public readonly revert: boolean,
        ) {
        super(script.id);
        if (revert && !script.canRevert()) {
            throw new Error('cannot revert an irreversible script');
        }
    }
 }
--- a/src/application/State/Selection/UserSelection.ts
+++ b/src/application/State/Selection/UserSelection.ts
@@ -1,13 +1,14 @@
 import { SelectedScript } from './SelectedScript';
 import { IApplication } from '@/domain/IApplication';
 import { IUserSelection } from './IUserSelection';
 import { InMemoryRepository } from '@/infrastructure/Repository/InMemoryRepository';
-import { IScript } from '@/domain/Script';
+import { IScript } from '@/domain/IScript';
 import { Signal } from '@/infrastructure/Events/Signal';
 import { IRepository } from '@/infrastructure/Repository/IRepository';
 export class UserSelection implements IUserSelection {
-    public readonly changed = new Signal<ReadonlyArray<IScript>>();
+    public readonly changed = new Signal<ReadonlyArray<SelectedScript>>();
-
+    private readonly scripts: IRepository<string, SelectedScript> = new InMemoryRepository<string, SelectedScript>();
    private readonly scripts = new InMemoryRepository<string, IScript>();
    constructor(
        private readonly app: IApplication,
@@ -15,33 +16,40 @@ export class UserSelection implements IUserSelection {
        selectedScripts: ReadonlyArray<IScript>) {
        if (selectedScripts && selectedScripts.length > 0) {
            for (const script of selectedScripts) {
-                this.scripts.addItem(script);
+                const selected = new SelectedScript(script, false);
                this.scripts.addItem(selected);
            }
        }
    }
-    /** Add a script to users application */
+    public addSelectedScript(scriptId: string, revert: boolean): void {
    public addSelectedScript(scriptId: string): void {
        const script = this.app.findScript(scriptId);
        if (!script) {
            throw new Error(`Cannot add (id: ${scriptId}) as it is unknown`);
        }
-        this.scripts.addItem(script);
+        const selectedScript = new SelectedScript(script, revert);
        this.scripts.addItem(selectedScript);
        this.changed.notify(this.scripts.getItems());
    }
    public addOrUpdateSelectedScript(scriptId: string, revert: boolean): void {
        const script = this.app.findScript(scriptId);
        const selectedScript = new SelectedScript(script, revert);
        this.scripts.addOrUpdateItem(selectedScript);
        this.changed.notify(this.scripts.getItems());
    }
    /** Remove a script from users application */
    public removeSelectedScript(scriptId: string): void {
        this.scripts.removeItem(scriptId);
        this.changed.notify(this.scripts.getItems());
    }
    public isSelected(script: IScript): boolean {
-        return this.scripts.exists(script);
+        return this.scripts.exists(script.id);
    }
    /** Get users scripts based on his/her selections */
-    public get selectedScripts(): ReadonlyArray<IScript> {
+    public get selectedScripts(): ReadonlyArray<SelectedScript> {
        return this.scripts.getItems();
    }
@@ -51,8 +59,9 @@ export class UserSelection implements IUserSelection {
    public selectAll(): void {
        for (const script of this.app.getAllScripts()) {
-            if (!this.scripts.exists(script)) {
+            if (!this.scripts.exists(script.id)) {
-                this.scripts.addItem(script);
+                const selection = new SelectedScript(script, false);
                this.scripts.addItem(selection);
            }
        }
        this.changed.notify(this.scripts.getItems());
@@ -78,9 +87,11 @@ export class UserSelection implements IUserSelection {
                .forEach((scriptId) => this.scripts.removeItem(scriptId));
        }
        // Select from unselected scripts
-        scripts
+        const unselectedScripts = scripts.filter((script) => !this.scripts.exists(script.id));
-            .filter((script) => !this.scripts.exists(script))
+        for (const toSelect of unselectedScripts) {
-            .forEach((script) => this.scripts.addItem(script));
+            const selection = new SelectedScript(toSelect, false);
            this.scripts.addItem(selection);
        }
        this.changed.notify(this.scripts.getItems());
    }
 }
--- a/src/application/application.yaml
+++ b/src/application/application.yaml
--- a/src/application/application.yaml.d.ts
+++ b/src/application/application.yaml.d.ts
@@ -1,6 +1,6 @@
 declare module 'js-yaml-loader!*' {
-    type CategoryOrScript = YamlCategory | YamlScript;
+    export type CategoryOrScript = YamlCategory | YamlScript;
-    type DocumentationUrls = ReadonlyArray<string> | string;
+    export type DocumentationUrls = ReadonlyArray<string> | string;
    export interface YamlDocumentable {
        docs?: DocumentationUrls;
@@ -9,6 +9,7 @@ declare module 'js-yaml-loader!*' {
    export interface YamlScript extends YamlDocumentable {
        name: string;
        code: string;
        revertCode: string;
        recommend: boolean;
    }
@@ -17,9 +18,9 @@ declare module 'js-yaml-loader!*' {
        category: string;
    }
-    interface ApplicationYaml {
+    export interface ApplicationYaml {
        name: string;
-        version: number;
+        repositoryUrl: string;
        actions: ReadonlyArray<YamlCategory>;
    }
--- a/src/background.ts
+++ b/src/background.ts
@@ -0,0 +1,133 @@
 'use strict';
 import { app, protocol, BrowserWindow, shell } from 'electron';
 import { createProtocol } from 'vue-cli-plugin-electron-builder/lib';
 import installExtension, { VUEJS_DEVTOOLS } from 'electron-devtools-installer';
 import path from 'path';
 import { autoUpdater } from 'electron-updater';
 import log from 'electron-log';
 const isDevelopment = process.env.NODE_ENV !== 'production';
 declare const __static: string; // https://github.com/electron-userland/electron-webpack/issues/172
 // Keep a global reference of the window object, if you don't, the window will
 // be closed automatically when the JavaScript object is garbage collected.
 let win: BrowserWindow | null;
 // Scheme must be registered before the app is ready
 protocol.registerSchemesAsPrivileged([
  { scheme: 'app', privileges: { secure: true, standard: true } },
 ]);
 // Setup logging
 autoUpdater.logger = log; // https://www.electron.build/auto-update#debugging
 log.transports.file.level = 'silly';
 if (!process.env.IS_TEST) {
  Object.assign(console, log.functions);  // override console.log, console.warn etc.
 }
 function createWindow() {
  // Create the browser window.
  win = new BrowserWindow({
    width: 1350,
    height: 955,
    webPreferences: {
      // Use pluginOptions.nodeIntegration, leave this alone
      // See nklayman.github.io/vue-cli-plugin-electron-builder/guide/security.html#node-integration for more info
      nodeIntegration: (process.env
          .ELECTRON_NODE_INTEGRATION as unknown) as boolean,
    },
    // https://nklayman.github.io/vue-cli-plugin-electron-builder/guide/recipes.html#icons
    icon: path.join(__static, `favicon.ico`),
  });
  win.setMenuBarVisibility(false);
  configureExternalsUrlsOpenBrowser(win);
  loadApplication(win);
  win.on('closed', () => {
    win = null;
  });
 }
 // Quit when all windows are closed.
 app.on('window-all-closed', () => {
  // On macOS it is common for applications and their menu bar
  // to stay active until the user quits explicitly with Cmd + Q
  if (process.platform !== 'darwin') {
    app.quit();
  }
 });
 app.on('activate', () => {
  // On macOS it's common to re-create a window in the app when the
  // dock icon is clicked and there are no other windows open.
  if (win === null) {
    createWindow();
  }
 });
 // This method will be called when Electron has finished
 // initialization and is ready to create browser windows.
 // Some APIs can only be used after this event occurs.
 app.on('ready', async () => {
  if (isDevelopment && !process.env.IS_TEST) {
    // Install Vue Devtools
    try {
      await installExtension(VUEJS_DEVTOOLS);
    } catch (e) {
      console.error('Vue Devtools failed to install:', e.toString()); // tslint:disable-line:no-console
    }
  }
  createWindow();
 });
 // See electron-builder issue "checkForUpdatesAndNotify updates but does not notify on Windows 10"
 // https://github.com/electron-userland/electron-builder/issues/2700
 // https://github.com/electron/electron/issues/10864
 if (process.platform === 'win32') {
  // https://docs.microsoft.com/en-us/windows/win32/shell/appid#how-to-form-an-application-defined-appusermodelid
  app.setAppUserModelId('Undergroundwires.PrivacySexy');
 }
 // Exit cleanly on request from parent process in development mode.
 if (isDevelopment) {
  if (process.platform === 'win32') {
    process.on('message', (data) => {
      if (data === 'graceful-exit') {
        app.quit();
      }
    });
  } else {
    process.on('SIGTERM', () => {
      app.quit();
    });
  }
 }
 function loadApplication(window: BrowserWindow) {
  if (process.env.WEBPACK_DEV_SERVER_URL) {
    // Load the url of the dev server if in development mode
    win.loadURL(process.env.WEBPACK_DEV_SERVER_URL as string);
    if (!process.env.IS_TEST) {
      win.webContents.openDevTools();
    }
  } else {
    createProtocol('app');
    // Load the index.html when not in development
    win.loadURL('app://./index.html');
    // tslint:disable-next-line:max-line-length
    autoUpdater.checkForUpdatesAndNotify(); // https://nklayman.github.io/vue-cli-plugin-electron-builder/guide/recipes.html#check-for-updates-in-background-js-ts
  }
 }
 function configureExternalsUrlsOpenBrowser(window: BrowserWindow) {
  window.webContents.on('new-window', (event, url) => { // handle redirect
    if (url !== win.webContents.getURL()) {
      event.preventDefault();
      shell.openExternal(url);
    }
  });
 }
--- a/src/domain/Application.ts
+++ b/src/domain/Application.ts
@@ -11,24 +11,14 @@ export class Application implements IApplication {
    constructor(
        public readonly name: string,
-        public readonly version: number,
+        public readonly repositoryUrl: string,
-        public readonly categories: ReadonlyArray<ICategory>) {
+        public readonly version: string,
-        if (!name) {
+        public readonly actions: ReadonlyArray<ICategory>) {
-            throw Error('Application has no name');
+        if (!name) { throw Error('Application has no name'); }
-        }
+        if (!repositoryUrl) { throw Error('Application has no repository url'); }
-        if (!version) {
+        if (!version) { throw Error('Version cannot be empty'); }
-            throw Error('Version cannot be zero');
+        this.flattened = flatten(actions);
-        }
+        ensureValid(this.flattened);
        this.flattened = flatten(categories);
        if (this.flattened.allCategories.length === 0) {
            throw new Error('Application must consist of at least one category');
        }
        if (this.flattened.allScripts.length === 0) {
            throw new Error('Application must consist of at least one script');
        }
        if (this.flattened.allScripts.filter((script) => script.isRecommended).length === 0) {
            throw new Error('Application must consist of at least one recommended script');
        }
        ensureNoDuplicates(this.flattened.allCategories);
        ensureNoDuplicates(this.flattened.allScripts);
    }
@@ -48,6 +38,10 @@ export class Application implements IApplication {
    public getAllScripts(): IScript[] {
        return this.flattened.allScripts;
    }
    public getAllCategories(): ICategory[] {
        return this.flattened.allCategories;
    }
 }
 function ensureNoDuplicates<TKey>(entities: ReadonlyArray<IEntity<TKey>>) {
@@ -73,30 +67,50 @@ interface IFlattenedApplication {
    allScripts: IScript[];
 }
-function flattenRecursive(
+function ensureValid(application: IFlattenedApplication) {
    if (!application.allCategories || application.allCategories.length === 0) {
        throw new Error('Application must consist of at least one category');
    }
    if (!application.allScripts || application.allScripts.length === 0) {
        throw new Error('Application must consist of at least one script');
    }
    if (application.allScripts.filter((script) => script.isRecommended).length === 0) {
        throw new Error('Application must consist of at least one recommended script');
    }
 }
 function flattenCategories(
    categories: ReadonlyArray<ICategory>,
-    flattened: IFlattenedApplication) {
+    flattened: IFlattenedApplication): IFlattenedApplication {
    if (!categories || categories.length === 0) {
        return flattened;
    }
    for (const category of categories) {
        flattened.allCategories.push(category);
-        if (category.scripts) {
+        flattened = flattenScripts(category.scripts, flattened);
-            for (const script of category.scripts) {
+        flattened = flattenCategories(category.subCategories, flattened);
                flattened.allScripts.push(script);
            }
        }
        if (category.subCategories && category.subCategories.length > 0) {
            flattenRecursive(
                category.subCategories as ReadonlyArray<ICategory>,
                flattened);
        }
    }
    return flattened;
 }
 function flattenScripts(
    scripts: ReadonlyArray<IScript>,
    flattened: IFlattenedApplication): IFlattenedApplication {
    if (!scripts) {
        return flattened;
    }
    for (const script of scripts) {
        flattened.allScripts.push(script);
    }
    return flattened;
 }
 function flatten(
    categories: ReadonlyArray<ICategory>): IFlattenedApplication {
-    const flattened: IFlattenedApplication = {
+    let flattened: IFlattenedApplication = {
        allCategories: new Array<ICategory>(),
        allScripts: new Array<IScript>(),
    };
-    flattenRecursive(categories, flattened);
+    flattened = flattenCategories(categories, flattened);
    return flattened;
 }
--- a/src/domain/IApplication.ts
+++ b/src/domain/IApplication.ts
@@ -3,15 +3,17 @@ import { ICategory } from '@/domain/ICategory';
 export interface IApplication {
    readonly name: string;
-    readonly version: number;
+    readonly repositoryUrl: string;
-    readonly categories: ReadonlyArray<ICategory>;
+    readonly version: string;
    readonly totalScripts: number;
    readonly totalCategories: number;
    readonly actions: ReadonlyArray<ICategory>;
    getRecommendedScripts(): ReadonlyArray<IScript>;
    findCategory(categoryId: number): ICategory | undefined;
    findScript(scriptId: string): IScript | undefined;
    getAllScripts(): ReadonlyArray<IScript>;
    getAllCategories(): ReadonlyArray<ICategory>;
 }
 export { IScript } from '@/domain/IScript';
--- a/src/domain/IScript.ts
+++ b/src/domain/IScript.ts
@@ -1,9 +1,11 @@
-import { IEntity } from './../infrastructure/Entity/IEntity';
+import { IEntity } from '../infrastructure/Entity/IEntity';
 import { IDocumentable } from './IDocumentable';
 export interface IScript extends IEntity<string>, IDocumentable {
    readonly name: string;
    readonly code: string;
    readonly isRecommended: boolean;
    readonly documentationUrls: ReadonlyArray<string>;
    readonly code: string;
    readonly revertCode: string;
    canRevert(): boolean;
 }
--- a/src/domain/Script.ts
+++ b/src/domain/Script.ts
@@ -2,44 +2,56 @@ import { BaseEntity } from '@/infrastructure/Entity/BaseEntity';
 import { IScript } from './IScript';
 export class Script extends BaseEntity<string> implements IScript {
    private static ensureNoEmptyLines(name: string, code: string): void {
        if (code.split('\n').some((line) => line.trim().length === 0)) {
            throw Error(`Script has empty lines "${name}"`);
        }
    }
    private static ensureCodeHasUniqueLines(name: string, code: string): void {
        const lines = code.split('\n')
            .filter((line) => this.mayBeUniqueLine(line));
        if (lines.length === 0) {
            return;
        }
        const duplicateLines = lines.filter((e, i, a) => a.indexOf(e) !== i);
        if (duplicateLines.length !== 0) {
            throw Error(`Duplicates detected in script "${name}":\n ${duplicateLines.join('\n')}`);
        }
    }
    private static mayBeUniqueLine(codeLine: string): boolean {
        const trimmed = codeLine.trim();
        if (trimmed === ')' || trimmed === '(') { // "(" and ")" are used often in batch code
            return false;
        }
        return true;
    }
    constructor(
-        public name: string,
+        public readonly name: string,
-        public code: string,
+        public readonly code: string,
-        public documentationUrls: ReadonlyArray<string>,
+        public readonly revertCode: string,
-        public isRecommended: boolean) {
+        public readonly documentationUrls: ReadonlyArray<string>,
        public readonly isRecommended: boolean) {
        super(name);
-        if (code == null || code.length === 0) {
+        validateCode(name, code);
-            throw new Error('Code is empty or null');
+        if (revertCode) {
            validateCode(name, revertCode);
            if (code === revertCode) {
                throw new Error(`${name}: Code itself and its reverting code cannot be the same`);
            }
        }
-        Script.ensureCodeHasUniqueLines(name, code);
+    }
-        Script.ensureNoEmptyLines(name, code);
+    public canRevert(): boolean {
        return Boolean(this.revertCode);
    }
 }
-export { IScript } from './IScript';
+function validateCode(name: string, code: string): void {
    if (!code || code.length === 0) {
        throw new Error(`Code of ${name} is empty or null`);
    }
    ensureCodeHasUniqueLines(name, code);
    ensureNoEmptyLines(name, code);
 }
 function ensureNoEmptyLines(name: string, code: string): void {
    if (code.split('\n').some((line) => line.trim().length === 0)) {
        throw Error(`Script has empty lines "${name}"`);
    }
 }
 function mayBeUniqueLine(codeLine: string): boolean {
    const trimmed = codeLine.trim();
    if (trimmed === ')' || trimmed === '(') { // "(" and ")" are used often in batch code
        return false;
    }
    return true;
 }
 function ensureCodeHasUniqueLines(name: string, code: string): void {
    const lines = code.split('\n')
        .filter((line) => mayBeUniqueLine(line));
    if (lines.length === 0) {
        return;
    }
    const duplicateLines = lines.filter((e, i, a) => a.indexOf(e) !== i);
    if (duplicateLines.length !== 0) {
        throw Error(`Duplicates detected in script "${name}":\n ${duplicateLines.join('\n')}`);
    }
 }
--- a/src/global.d.ts
+++ b/src/global.d.ts
@@ -13,6 +13,7 @@ declare module 'liquor-tree' {
    }
    interface ICustomLiquorTreeData {
        documentationUrls: ReadonlyArray<string>;
        isReversible: boolean;
    }
    /**
@@ -38,6 +39,18 @@ declare module 'liquor-tree' {
        data: ICustomLiquorTreeData;
    }
    // https://amsik.github.io/liquor-tree/#Component-Options
    export interface ILiquorTreeOptions {
        multiple: boolean;
        checkbox: boolean;
        checkOnSelect: boolean;
        autoCheckChildren: boolean;
        parentSelect: boolean;
        keyboardNavigation: boolean;
        deletion: (node: ILiquorTreeExistingNode) => void;
        filter: ILiquorTreeFilter;
    }
    // https://github.com/amsik/liquor-tree/blob/master/src/lib/Node.js
    interface ILiquorTreeNodeState {
        checked: boolean;
@@ -58,7 +71,7 @@ declare module 'liquor-tree' {
    // https://github.com/amsik/liquor-tree/blob/master/src/components/TreeRoot.vue
    interface ILiquorTreeFilter {
        emptyText: string;
-        matcher(query: string, node: ILiquorTreeNewNode): boolean;
+        matcher(query: string, node: ILiquorTreeExistingNode): boolean;
    }
    const LiquorTree: PluginObject<any> & VueClass<any>;
--- a/src/infrastructure/Repository/IRepository.ts
+++ b/src/infrastructure/Repository/IRepository.ts
@@ -4,6 +4,7 @@ export interface IRepository<TKey, TEntity extends IEntity<TKey>> {
    readonly length: number;
    getItems(predicate?: (entity: TEntity) => boolean): TEntity[];
    addItem(item: TEntity): void;
    addOrUpdateItem(item: TEntity): void;
    removeItem(id: TKey): void;
-    exists(item: TEntity): boolean;
+    exists(id: TKey): boolean;
 }
--- a/src/infrastructure/Repository/InMemoryRepository.ts
+++ b/src/infrastructure/Repository/InMemoryRepository.ts
@@ -18,14 +18,24 @@ export class InMemoryRepository<TKey, TEntity extends IEntity<TKey>> implements
    public addItem(item: TEntity): void {
        if (!item) {
-            throw new Error('Item is null');
+            throw new Error('item is null or undefined');
        }
-        if (this.exists(item)) {
+        if (this.exists(item.id)) {
            throw new Error(`Cannot add (id: ${item.id}) as it is already exists`);
        }
        this.items.push(item);
    }
    public addOrUpdateItem(item: TEntity): void {
        if (!item) {
            throw new Error('item is null or undefined');
        }
        if (this.exists(item.id)) {
            this.removeItem(item.id);
        }
        this.items.push(item);
    }
    public removeItem(id: TKey): void {
        const index = this.items.findIndex((item) => item.id === id);
        if (index === -1) {
@@ -34,8 +44,8 @@ export class InMemoryRepository<TKey, TEntity extends IEntity<TKey>> implements
        this.items.splice(index, 1);
    }
-    public exists(entity: TEntity): boolean {
+    public exists(id: TKey): boolean {
-        const index = this.items.findIndex((item) => item.id === entity.id);
+        const index = this.items.findIndex((item) => item.id === id);
        return index !== -1;
    }
 }
--- a/src/presentation/Bootstrapping/ApplicationBootstrapper.ts
+++ b/src/presentation/Bootstrapping/ApplicationBootstrapper.ts
@@ -1,3 +1,4 @@
 import { VModalBootstrapper } from './Modules/VModalBootstrapper';
 import { TreeBootstrapper } from './Modules/TreeBootstrapper';
 import { IconBootstrapper } from './Modules/IconBootstrapper';
 import { VueConstructor, IVueBootstrapper } from './IVueBootstrapper';
@@ -19,6 +20,7 @@ export class ApplicationBootstrapper implements IVueBootstrapper {
            new TreeBootstrapper(),
            new VueBootstrapper(),
            new TooltipBootstrapper(),
            new VModalBootstrapper(),
        ];
    }
 }
--- a/src/presentation/Bootstrapping/Modules/IconBootstrapper.ts
+++ b/src/presentation/Bootstrapping/Modules/IconBootstrapper.ts
@@ -4,15 +4,20 @@ import { faGithub } from '@fortawesome/free-brands-svg-icons';
 /** BRAND ICONS (PREFIX: fab) */
 import { FontAwesomeIcon } from '@fortawesome/vue-fontawesome';
 /** REGULAR ICONS (PREFIX: far) */
-import { faFolderOpen, faFolder } from '@fortawesome/free-regular-svg-icons';
+import { faFolderOpen, faFolder, faSmile } from '@fortawesome/free-regular-svg-icons';
 /** SOLID ICONS (PREFIX: fas (default)) */
-import { faTimes, faFileDownload, faCopy, faSearch, faInfoCircle } from '@fortawesome/free-solid-svg-icons';
+import { faTimes, faFileDownload, faCopy, faSearch, faInfoCircle, faUserSecret, faDesktop, faTag, faGlobe } from '@fortawesome/free-solid-svg-icons';
 export class IconBootstrapper implements IVueBootstrapper {
    public bootstrap(vue: VueConstructor): void {
        library.add(
            faGithub,
            faUserSecret,
            faSmile,
            faDesktop,
            faGlobe,
            faTag,
            faFolderOpen,
            faFolder,
            faTimes,
--- a/src/presentation/Bootstrapping/Modules/VModalBootstrapper.ts
+++ b/src/presentation/Bootstrapping/Modules/VModalBootstrapper.ts
@@ -0,0 +1,8 @@
 import VModal from 'vue-js-modal';
 import { VueConstructor, IVueBootstrapper } from './../IVueBootstrapper';
 export class VModalBootstrapper implements IVueBootstrapper {
    public bootstrap(vue: VueConstructor): void {
        vue.use(VModal, { dynamic: true, injectModalsContainer: true });
    }
 }
--- a/src/presentation/IconButton.vue
+++ b/src/presentation/IconButton.vue
@@ -9,7 +9,7 @@
 <script lang="ts">
 import { Component, Prop, Vue, Emit } from 'vue-property-decorator';
-import { StatefulVue, IApplicationState } from './StatefulVue';
+import { StatefulVue } from './StatefulVue';
 import { SaveFileDialog } from './../infrastructure/SaveFileDialog';
 import { Clipboard } from './../infrastructure/Clipboard';
--- a/src/presentation/Scripts/Cards/CardList.vue
+++ b/src/presentation/Scripts/Cards/CardList.vue
@@ -4,6 +4,7 @@
      <CardListItem
        class="card"
        v-for="categoryId of categoryIds"
        :data-category="categoryId"
        v-bind:key="categoryId"
        :categoryId="categoryId"
        :activeCategoryId="activeCategoryId"
@@ -17,8 +18,9 @@
 <script lang="ts">
 import { Component, Prop, Vue } from 'vue-property-decorator';
 import CardListItem from './CardListItem.vue';
-import { StatefulVue, IApplicationState } from '@/presentation/StatefulVue';
+import { StatefulVue } from '@/presentation/StatefulVue';
 import { ICategory } from '@/domain/ICategory';
 import { hasDirective } from './NonCollapsingDirective';
@Component({
  components: {
@@ -31,7 +33,13 @@ export default class CardList extends StatefulVue {
  public async mounted() {
    const state = await this.getCurrentStateAsync();
-    this.setCategories(state.app.categories);
+    this.setCategories(state.app.actions);
    this.onOutsideOfActiveCardClicked((element) => {
      if (hasDirective(element)) {
        return;
      }
      this.activeCategoryId = null;
    });
  }
  public onSelected(categoryId: number, isExpanded: boolean) {
@@ -41,7 +49,21 @@ export default class CardList extends StatefulVue {
  private setCategories(categories: ReadonlyArray<ICategory>): void {
    this.categoryIds = categories.map((category) => category.id);
  }
  private onOutsideOfActiveCardClicked(callback: (clickedElement: Element) => void) {
    const outsideClickListener = (event) => {
      if (!this.activeCategoryId) {
        return;
      }
      const element = document.querySelector(`[data-category="${this.activeCategoryId}"]`);
      if (element && !element.contains(event.target)) {
          callback(event.target);
      }
    };
    document.addEventListener('click', outsideClickListener);
  }
 }
 </script>
 <style scoped lang="scss">
--- a/src/presentation/Scripts/Cards/CardListItem.vue
+++ b/src/presentation/Scripts/Cards/CardListItem.vue
@@ -4,16 +4,22 @@
          v-bind:class="{ 
                    'is-collapsed': !isExpanded,
                    'is-inactive': activeCategoryId && activeCategoryId != categoryId,
-                    'is-expanded': isExpanded}">
+                    'is-expanded': isExpanded
-      <div class="card__inner">
+                    }"
-        <span v-if="cardTitle && cardTitle.length > 0">{{cardTitle}}</span>
+          ref="cardElement">
-        <span v-else>Oh no 😢</span>
+        <div class="card__inner">
-        <font-awesome-icon :icon="['far', isExpanded ? 'folder-open' : 'folder']" class="expand-button"  />
+          <span v-if="cardTitle && cardTitle.length > 0">{{cardTitle}}</span>
          <span v-else>Oh no 😢</span>
          <font-awesome-icon :icon="['far', isExpanded ? 'folder-open' : 'folder']" class="card__inner__expand-icon" />
        </div>
        <div class="card__expander" v-on:click.stop>
          <div class="card__expander__content">
            <ScriptsTree :categoryId="categoryId"></ScriptsTree>
          </div>
          <div class="card__expander__close-button">
            <font-awesome-icon :icon="['fas', 'times']"  v-on:click="onSelected(false)"/>
          </div>
      </div>
      <div class="card__expander" v-on:click.stop>
          <font-awesome-icon :icon="['fas', 'times']"  class="close-button" v-on:click="onSelected(false)"/>
          <ScriptsTree :categoryId="categoryId"></ScriptsTree>
    </div>
    </div>
 </template>
@@ -37,11 +43,18 @@ export default class CardListItem extends StatefulVue {
  public onSelected(isExpanded: boolean) {
    this.isExpanded = isExpanded;
  }
  @Watch('activeCategoryId')
  public async onActiveCategoryChanged(value: |number) {
    this.isExpanded = value === this.categoryId;
  }
  @Watch('isExpanded')
  public async onExpansionChangedAsync(newValue: number, oldValue: number) {
    if (!oldValue && newValue) {
      await new Promise((r) => setTimeout(r, 400));
      const focusElement = this.$refs.cardElement as HTMLElement;
      (focusElement as HTMLElement).scrollIntoView({behavior: 'smooth'});
    }
  }
  public async mounted() {
    this.cardTitle = this.categoryId ? await this.getCardTitleAsync(this.categoryId) : undefined;
@@ -52,7 +65,6 @@ export default class CardListItem extends StatefulVue {
    this.cardTitle = value ? await this.getCardTitleAsync(value) : undefined;
  }
  private async getCardTitleAsync(categoryId: number): Promise<string | undefined> {
      const state = await this.getCurrentStateAsync();
      const category = state.app.findCategory(this.categoryId);
@@ -63,74 +75,74 @@ export default class CardListItem extends StatefulVue {
 <style scoped lang="scss">
@import "@/presentation/styles/colors.scss";
@import "@/presentation/styles/media.scss";
 $card-padding: 30px;
 $card-margin: 15px;
 $card-line-break-width: 30px;
 $arrow-size: 15px;
 $expanded-margin-top: 30px;
 .card {
  margin: 15px; 
-  width: calc((100% / 3) - 30px);
+  width: calc((100% / 3) - #{$card-line-break-width});
  transition: all 0.2s ease-in-out;
  // Media queries for stacking cards
  @media screen and (max-width: $big-screen-width) {  width: calc((100% / 2) - #{$card-line-break-width}); }
  @media screen and (max-width: $medium-screen-width) {  width: 100%; }
  @media screen and (max-width: $small-screen-width) {  width: 90%; }
-  //media queries for stacking cards
+  &__inner {  
-  @media screen and (max-width: 991px) {
+    padding: $card-padding;
    width: calc((100% / 2) - 30px);
  }
  @media screen and (max-width: 767px) {
    width: 100%;
  }
  @media screen and (max-width: 380px) {
    width: 90%;
  }
  &:hover {
    .card__inner {
      background-color: $accent;
      transform: scale(1.05);
    }
  }
  &__inner {
    width: 100%;
    padding: 30px;
    position: relative;
    cursor: pointer;
    background-color: $gray;
    color: $light-gray;
    font-size: 1.5em;
    height: 100%;
    text-transform: uppercase;
    text-align: center;
    transition: all 0.2s ease-in-out;
-    
+
    display:flex;
    flex-direction: column;
    justify-content: center;
    &:hover {
      background-color: $accent;
      transform: scale(1.05);
    }
    &:after {
      transition: all 0.3s ease-in-out;
    }
-    
+  
-    .expand-button {
+    &__expand-icon {
      width: 100%;
      margin-top: .25em;
    }
  }
  //Expander
  &__expander {
    transition: all 0.2s ease-in-out;
    background-color: $slate;
    width: 100%;
    position: relative;
-    
+    background-color: $slate;
    color: $light-gray;
    display: flex;
    justify-content: center;
    align-items: center;
    &__content {
      width: 100%;
      display: flex;
      justify-content: center;
      word-break: break-word;
    }
-    .close-button {
+    &__close-button {
-      font-size: 0.75em;
+      width: auto;
-      position: absolute;
+      font-size: 1.5em;
-      top: 10px;
+      align-self: flex-start;
-      right: 10px;
+      margin-right:0.25em;
      cursor: pointer;
      &:hover {
        opacity: 0.9;
      }
@@ -138,49 +150,42 @@ export default class CardListItem extends StatefulVue {
  }
  &.is-collapsed {
    .card__inner {
      &:after {
        content: "";
        opacity: 0;
      }
    }
    .card__expander {
      max-height: 0;
      min-height: 0;
      overflow: hidden;
      margin-top: 0;
      opacity: 0;
    }
  }
  &.is-expanded {
    .card__inner {
      height: auto;
      background-color: $accent;
-      
+      &:after { // arrow
      &:after{
        content: "";
        opacity: 1;
        display: block;
        height: 0;
        width: 0;
        position: absolute;
-        bottom: -30px;
+        bottom: calc(-1 * #{$expanded-margin-top});
-        left: calc(50% - 15px);
+        left: calc(50% - #{$arrow-size});
-        border-left: 15px solid transparent;
+        border-left: #{$arrow-size} solid transparent;
-        border-right: 15px solid transparent;
+        border-right: #{$arrow-size} solid transparent;
-        border-bottom: 15px solid #333a45;
+        border-bottom: #{$arrow-size} solid #333a45;
      }
    }
    .card__expander {
      min-height: 200px;
      // max-height: 1000px;
      // overflow-y: auto;
-
+      margin-top: $expanded-margin-top;
      margin-top: 30px;
      opacity: 1;
    }
@@ -194,7 +199,9 @@ export default class CardListItem extends StatefulVue {
  &.is-inactive {
    .card__inner {
      pointer-events: none;
      height: auto;
      opacity: 0.5;
      transform: scale(0.95);
    }
    &:hover {
@@ -206,39 +213,30 @@ export default class CardListItem extends StatefulVue {
  }
 }
-
+@media screen and (min-width: $big-screen-width) { // when 3 cards in a row
 //Expander Widths
 //when 3 cards in a row
@media screen and (min-width: 992px) {
  .card:nth-of-type(3n+2) .card__expander {
-    margin-left: calc(-100% - 30px);
+    margin-left: calc(-100% - #{$card-line-break-width});
  }
  .card:nth-of-type(3n+3) .card__expander {
-    margin-left: calc(-200% - 60px);
+    margin-left: calc(-200% - (#{$card-line-break-width} * 2));
  }
  .card:nth-of-type(3n+4) {
    clear: left;
  }
  .card__expander {
-    width: calc(300% + 60px);
+    width: calc(300% + (#{$card-line-break-width} * 2));
  }
 }
-//when 2 cards in a row
+@media screen and (min-width: $medium-screen-width) and (max-width: $big-screen-width) { // when 2 cards in a row
@media screen and (min-width: 768px) and (max-width: 991px) {
  .card:nth-of-type(2n+2) .card__expander {
-    margin-left: calc(-100% - 30px);
+    margin-left: calc(-100% - #{$card-line-break-width});
  }
  .card:nth-of-type(2n+3) {
    clear: left;
  }
  .card__expander {
-    width: calc(200% + 30px);
+    width: calc(200% + #{$card-line-break-width});
  }
 }
 </style>
--- a/src/presentation/Scripts/Cards/NonCollapsingDirective.ts
+++ b/src/presentation/Scripts/Cards/NonCollapsingDirective.ts
@@ -0,0 +1,17 @@
 import { DirectiveOptions } from 'vue';
 const attributeName = 'data-interactionDoesNotCollapse';
 export function hasDirective(el: Element): boolean {
    if (el.hasAttribute(attributeName)) {
        return true;
    }
    const parent = el.closest(`[${attributeName}]`);
    return !!parent;
 }
 export const NonCollapsing: DirectiveOptions = {
    inserted(el: HTMLElement) {
        el.setAttribute(attributeName, '');
    },
 };
--- a/src/presentation/Scripts/Grouping/TheGrouper.vue
+++ b/src/presentation/Scripts/Grouping/TheGrouper.vue
@@ -4,12 +4,12 @@
        <span class="part">
            <span 
                class="part"
-                v-bind:class="{ 'disabled': isGrouped, 'enabled': !isGrouped}"
+                v-bind:class="{ 'disabled': cardsSelected, 'enabled': !cardsSelected}"
-                @click="!isGrouped ? toggleGrouping() : undefined">Cards</span>
+                @click="groupByCard()">Cards</span>
            <span class="part">|</span>
            <span class="part"
-                v-bind:class="{ 'disabled': !isGrouped, 'enabled': isGrouped}"
+                v-bind:class="{ 'disabled': noneSelected, 'enabled': !noneSelected}"
-                @click="isGrouped ? toggleGrouping() : undefined">None</span>
+                @click="groupByNone()">None</span>
            </span>
    </div>
 </template>
@@ -20,14 +20,35 @@ import { StatefulVue } from '@/presentation/StatefulVue';
 import { IApplicationState } from '@/application/State/IApplicationState';
 import { Grouping } from './Grouping';
 const DefaultGrouping = Grouping.Cards;
@Component
 export default class TheGrouper extends StatefulVue {
    public currentGrouping: Grouping;
    public isGrouped = true;
-    public toggleGrouping() {
+    public cardsSelected = false;
-        this.currentGrouping = this.currentGrouping === Grouping.None ? Grouping.Cards : Grouping.None;
+    public noneSelected = false;
-        this.isGrouped = this.currentGrouping === Grouping.Cards;
+
    private currentGrouping: Grouping;
    public mounted() {
        this.changeGrouping(DefaultGrouping);
    }
    public groupByCard() {
        this.changeGrouping(Grouping.Cards);
    }
    public groupByNone() {
        this.changeGrouping(Grouping.None);
    }
    private changeGrouping(newGrouping: Grouping) {
        if (this.currentGrouping === newGrouping) {
            return;
        }
        this.currentGrouping = newGrouping;
        this.cardsSelected = newGrouping === Grouping.Cards;
        this.noneSelected = newGrouping === Grouping.None;
        this.$emit('groupingChanged', this.currentGrouping);
    }
 }
--- a/src/presentation/Scripts/ScriptsTree/ScriptNodeParser.ts
+++ b/src/presentation/Scripts/ScriptsTree/ScriptNodeParser.ts
@@ -1,42 +1,61 @@
-import { IApplicationState, IUserSelection } from '@/application/State/IApplicationState';
+import { IApplication } from './../../../domain/IApplication';
 import { ICategory, IScript } from '@/domain/ICategory';
 import { INode } from './SelectableTree/INode';
-export function parseAllCategories(state: IApplicationState): INode[] | undefined {
+export function parseAllCategories(app: IApplication): INode[] | undefined {
  const nodes = new Array<INode>();
-  for (const category of state.app.categories) {
+  for (const category of app.actions) {
-    const children = parseCategoryRecursively(category, state.selection);
+    const children = parseCategoryRecursively(category);
    nodes.push(convertCategoryToNode(category, children));
  }
  return nodes;
 }
-export function parseSingleCategory(categoryId: number, state: IApplicationState): INode[] | undefined {
+export function parseSingleCategory(categoryId: number, app: IApplication): INode[] | undefined {
-  const category = state.app.findCategory(categoryId);
+  const category = app.findCategory(categoryId);
  if (!category) {
    throw new Error(`Category with id ${categoryId} does not exist`);
  }
-  const tree = parseCategoryRecursively(category, state.selection);
+  const tree = parseCategoryRecursively(category);
  return tree;
 }
-function parseCategoryRecursively(
+export function getScriptNodeId(script: IScript): string {
-  parentCategory: ICategory,
+  return script.id;
-  selection: IUserSelection): INode[] {
+}
  if (!parentCategory) { throw new Error('parentCategory is undefined'); }
  if (!selection) { throw new Error('selection is undefined'); }
-  const nodes = new Array<INode>();
+export function getCategoryNodeId(category: ICategory): string {
-  if (parentCategory.subCategories && parentCategory.subCategories.length > 0) {
+  return `Category${category.id}`;
-    for (const subCategory of parentCategory.subCategories) {
+}
-      const subCategoryNodes = parseCategoryRecursively(subCategory, selection);
+
-      nodes.push(convertCategoryToNode(subCategory, subCategoryNodes));
+function parseCategoryRecursively(
-    }
+  parentCategory: ICategory): INode[] {
  if (!parentCategory) {
    throw new Error('parentCategory is undefined');
  }
-  if (parentCategory.scripts && parentCategory.scripts.length > 0) {
+  let nodes = new Array<INode>();
-    for (const script of parentCategory.scripts) {
+  nodes = addCategories(parentCategory.subCategories, nodes);
-      nodes.push(convertScriptToNode(script, selection));
+  nodes = addScripts(parentCategory.scripts, nodes);
-    }
+  return nodes;
 }
 function addScripts(scripts: ReadonlyArray<IScript>, nodes: INode[]): INode[] {
  if (!scripts || scripts.length === 0) {
    return nodes;
  }
  for (const script of scripts) {
    nodes.push(convertScriptToNode(script));
  }
  return nodes;
 }
 function addCategories(categories: ReadonlyArray<ICategory>, nodes: INode[]): INode[] {
  if (!categories || categories.length === 0) {
    return nodes;
  }
  for (const category of categories) {
    const subCategoryNodes = parseCategoryRecursively(category);
    nodes.push(convertCategoryToNode(category, subCategoryNodes));
  }
  return nodes;
 }
@@ -44,20 +63,20 @@ function parseCategoryRecursively(
 function convertCategoryToNode(
  category: ICategory, children: readonly INode[]): INode {
  return {
-    id: `${category.id}`,
+    id: getCategoryNodeId(category),
    text: category.name,
    selected: false,
    children,
    documentationUrls: category.documentationUrls,
    isReversible: false,
  };
 }
-function convertScriptToNode(script: IScript, selection: IUserSelection): INode {
+function convertScriptToNode(script: IScript): INode {
  return {
-    id: `${script.id}`,
+    id: getScriptNodeId(script),
    text: script.name,
    selected: selection.isSelected(script),
    children: undefined,
    documentationUrls: script.documentationUrls,
    isReversible: script.canRevert(),
  };
 }
--- a/src/presentation/Scripts/ScriptsTree/ScriptsTree.vue
+++ b/src/presentation/Scripts/ScriptsTree/ScriptsTree.vue
@@ -1,12 +1,14 @@
 <template>
    <span id="container">
        <span v-if="nodes != null && nodes.length > 0">
-            <SelectableTree
+            <SelectableTree 
-              :nodes="nodes"
+                :initialNodes="nodes"
-              :selectedNodeIds="selectedNodeIds"
+                :selectedNodeIds="selectedNodeIds"
-              :filterPredicate="filterPredicate"
+                :filterPredicate="filterPredicate"
-              :filterText="filterText"
+                :filterText="filterText"
-              v-on:nodeSelected="checkNodeAsync($event)">
+                v-on:nodeSelected="toggleNodeSelectionAsync($event)"
                v-on:nodeRevertToggled="handleNodeRevertToggleAsync($event)"
                >
            </SelectableTree>
        </span>
        <span v-else>Nooo 😢</span>
@@ -19,11 +21,13 @@
  import { Category } from '@/domain/Category';
  import { IRepository } from '@/infrastructure/Repository/IRepository';
  import { IScript } from '@/domain/IScript';
  import { ICategory } from '@/domain/ICategory';
  import { IApplicationState, IUserSelection } from '@/application/State/IApplicationState';
-  import { IFilterMatches } from '@/application/State/Filter/IFilterMatches';
+  import { IFilterResult } from '@/application/State/Filter/IFilterResult';
-  import { parseAllCategories, parseSingleCategory } from './ScriptNodeParser';
+  import { parseAllCategories, parseSingleCategory, getScriptNodeId, getCategoryNodeId } from './ScriptNodeParser';
  import SelectableTree, { FilterPredicate } from './SelectableTree/SelectableTree.vue';
  import { INode } from './SelectableTree/INode';
  import { SelectedScript } from '@/application/State/Selection/SelectedScript';
  @Component({
    components: {
@@ -33,15 +37,15 @@
  export default class ScriptsTree extends StatefulVue {
    @Prop() public categoryId?: number;
-    public nodes?: INode[] = null;
+    public nodes?: ReadonlyArray<INode> = null;
-    public selectedNodeIds?: string[] = null;
+    public selectedNodeIds?: ReadonlyArray<string> = [];
    public filterText?: string = null;
-    private matches?: IFilterMatches;
+    private filtered?: IFilterResult;
    public async mounted() {
      // React to state changes
      const state = await this.getCurrentStateAsync();
      // React to state changes
      state.selection.changed.on(this.handleSelectionChanged);
      state.filter.filterRemoved.on(this.handleFilterRemoved);
      state.filter.filtered.on(this.handleFiltered);
@@ -49,13 +53,13 @@
      await this.initializeNodesAsync(this.categoryId);
    }
-    public async checkNodeAsync(node: INode) {
+    public async toggleNodeSelectionAsync(node: INode) {
        if (node.children != null && node.children.length > 0) {
            return; // only interested in script nodes
        }
        const state = await this.getCurrentStateAsync();
-        if (node.selected) {
+        if (!this.selectedNodeIds.some((id) => id === node.id)) {
-            state.selection.addSelectedScript(node.id);
+            state.selection.addSelectedScript(node.id, false);
        } else {
            state.selection.removeSelectedScript(node.id);
        }
@@ -65,40 +69,36 @@
    public async initializeNodesAsync(categoryId?: number) {
      const state = await this.getCurrentStateAsync();
      if (categoryId) {
-        this.nodes = parseSingleCategory(categoryId, state);
+        this.nodes = parseSingleCategory(categoryId, state.app);
      } else {
-        this.nodes = parseAllCategories(state);
+        this.nodes = parseAllCategories(state.app);
      }
      this.selectedNodeIds = state.selection.selectedScripts
        .map((selected) => getScriptNodeId(selected.script));
    }
    public filterPredicate(node: INode): boolean {
-      return this.matches.scriptMatches.some((script: IScript) => script.id === node.id);
+      return this.filtered.scriptMatches.some(
        (script: IScript) => node.id === getScriptNodeId(script))
        || this.filtered.categoryMatches.some(
          (category: ICategory) => node.id === getCategoryNodeId(category));
    }
-    private handleSelectionChanged(selectedScripts: ReadonlyArray<IScript>) {
+    private handleSelectionChanged(selectedScripts: ReadonlyArray<SelectedScript>): void {
-      this.nodes = this.nodes.map((node: INode) => updateNodeSelection(node, selectedScripts));
+      this.selectedNodeIds = selectedScripts
          .map((node) => node.id);
    }
    private handleFilterRemoved() {
      this.filterText = '';
    }
-    private handleFiltered(matches: IFilterMatches) {
+    private handleFiltered(result: IFilterResult) {
-      this.filterText = matches.query;
+      this.filterText = result.query;
-      this.matches = matches;
+      this.filtered = result;
    }
  }
  function updateNodeSelection(node: INode, selectedScripts: ReadonlyArray<IScript>): INode {
    return {
      id: node.id,
      text: node.text,
      selected: selectedScripts.some((script) => script.id === node.id),
      children: node.children ? node.children.map((child) => updateNodeSelection(child, selectedScripts)) : [],
      documentationUrls: node.documentationUrls,
      };
  }
 </script>
 <style scoped lang="scss">
--- a/src/presentation/Scripts/ScriptsTree/SelectableTree/DocumentationUrls.vue
+++ b/src/presentation/Scripts/ScriptsTree/SelectableTree/DocumentationUrls.vue
@@ -0,0 +1,46 @@
 <template>
    <div class="documentationUrls">
        <a v-for="url of this.documentationUrls"
            v-bind:key="url"
            :href="url"
            :alt="url"
            target="_blank" class="documentationUrl"
            v-tooltip.top-center="url"
            v-on:click.stop>
            <font-awesome-icon :icon="['fas', 'info-circle']" />
        </a>
    </div>
 </template>
 <script lang="ts">
    import { Component, Prop, Vue } from 'vue-property-decorator';
    /** Wrapper for Liquor Tree, reveals only abstracted INode for communication */
    @Component
    export default class DocumentationUrls extends Vue {
        @Prop() public documentationUrls: string[];
    }
 </script>
 <style scoped lang="scss">
@import "@/presentation/styles/colors.scss";
 .documentationUrls {
    display: flex;
    flex-direction: row;
    flex-wrap: wrap;
    align-items: center;
 }
 .documentationUrl {
    display: flex;
    color: $gray;
    cursor: pointer;
    vertical-align: middle;
    &:hover {
        color: $slate;
    }
    &:not(:first-child) {
      margin-left: 0.1em;
    }
 }
 </style>
--- a/src/presentation/Scripts/ScriptsTree/SelectableTree/INode.ts
+++ b/src/presentation/Scripts/ScriptsTree/SelectableTree/INode.ts
@@ -1,7 +1,7 @@
 export interface INode {
    readonly id: string;
    readonly text: string;
    readonly isReversible: boolean;
    readonly documentationUrls: ReadonlyArray<string>;
    readonly children?: ReadonlyArray<INode>;
    readonly selected: boolean;
 }
--- a/src/presentation/Scripts/ScriptsTree/SelectableTree/Node.vue
+++ b/src/presentation/Scripts/ScriptsTree/SelectableTree/Node.vue
@@ -1,17 +1,14 @@
 <template>
    <div id="node">
-        <div>{{ this.data.text }}</div>
+        <div class="item text">{{ this.data.text }}</div>
-        <div
+        <RevertToggle
-          v-for="url of this.data.documentationUrls"
+          class="item"
-          v-bind:key="url">
+          v-if="data.isReversible"
-            <a :href="url"
+          :scriptId="data.id" />
-                :alt="url"
+        <DocumentationUrls
-                target="_blank" class="docs"
+          class="item"
-                  v-tooltip.top-center="url"
+          v-if="data.documentationUrls && data.documentationUrls.length > 0"
-                v-on:click.stop>
+          :documentationUrls="this.data.documentationUrls" />
                <font-awesome-icon :icon="['fas', 'info-circle']" />
                </a>
        </div>
    </div>
 </template>
@@ -19,8 +16,15 @@
 <script lang="ts">
    import { Component, Prop, Vue } from 'vue-property-decorator';
    import { INode } from './INode';
    import RevertToggle from './RevertToggle.vue';
    import DocumentationUrls from './DocumentationUrls.vue';
    /** Wrapper for Liquor Tree, reveals only abstracted INode for communication */
-    @Component
+    @Component({
        components: {
          RevertToggle,
          DocumentationUrls,
        },
    })
    export default class Node extends Vue {
        @Prop() public data: INode;
    }
@@ -30,17 +34,15 @@
 <style scoped lang="scss">
@import "@/presentation/styles/colors.scss";
 #node {
-  display:flex;
+    display:flex;
-  flex-direction: row;
+    flex-direction: row;
    flex-wrap: wrap;
-  .docs {
+    .text {
-    color: $gray;
+      display: flex;
-    cursor: pointer;
+      align-items: center;
-    margin-left:5px;
+    }
-    &:hover {
+    .item:not(:first-child) {
-        color: $slate;
+      margin-left: 5px;
    }
  }
 }
 </style>
--- a/src/presentation/Scripts/ScriptsTree/SelectableTree/NodeTranslator.ts
+++ b/src/presentation/Scripts/ScriptsTree/SelectableTree/NodeTranslator.ts
@@ -0,0 +1,41 @@
 import { ILiquorTreeNewNode, ILiquorTreeExistingNode } from 'liquor-tree';
 import { INode } from './INode';
 // Functions to translate INode to LiqourTree models and vice versa for anti-corruption
 export function convertExistingToNode(liquorTreeNode: ILiquorTreeExistingNode): INode {
    if (!liquorTreeNode) { throw new Error('liquorTreeNode is undefined'); }
    return {
        id: liquorTreeNode.id,
        text: liquorTreeNode.data.text,
        // selected: liquorTreeNode.states && liquorTreeNode.states.checked,
        children: convertChildren(liquorTreeNode.children, convertExistingToNode),
        documentationUrls: liquorTreeNode.data.documentationUrls,
        isReversible : liquorTreeNode.data.isReversible,
    };
 }
 export function toNewLiquorTreeNode(node: INode): ILiquorTreeNewNode {
    if (!node) { throw new Error('node is undefined'); }
    return {
        id: node.id,
        text: node.text,
        state: {
            checked: false,
        },
        children: convertChildren(node.children, toNewLiquorTreeNode),
        data: {
            documentationUrls: node.documentationUrls,
            isReversible: node.isReversible,
        },
    };
 }
 function convertChildren<TOldNode, TNewNode>(
    oldChildren: readonly TOldNode[],
    callback: (value: TOldNode) => TNewNode): TNewNode[] {
    if (!oldChildren || oldChildren.length === 0) {
        return [];
    }
    return oldChildren.map((childNode) => callback(childNode));
 }
--- a/src/presentation/Scripts/ScriptsTree/SelectableTree/RevertToggle.vue
+++ b/src/presentation/Scripts/ScriptsTree/SelectableTree/RevertToggle.vue
@@ -0,0 +1,141 @@
 <template>
        <div class="checkbox-switch" >
            <input type="checkbox" class="input-checkbox" 
                v-model="isReverted"
                @change="onRevertToggledAsync()" >
            <div class="checkbox-animate">
                <span class="checkbox-off">revert</span>
                <span class="checkbox-on">revert</span>
            </div>
        </div>
 </template>
 <script lang="ts">
    import { Component, Prop, Vue } from 'vue-property-decorator';
    import { StatefulVue } from '@/presentation/StatefulVue';
    import { INode } from './INode';
    import { SelectedScript } from '@/application/State/Selection/SelectedScript';
    @Component
    export default class RevertToggle extends StatefulVue {
        @Prop() public scriptId: string;
        public isReverted = false;
        public async mounted() {
            const state = await this.getCurrentStateAsync();
            state.selection.changed.on(this.handleSelectionChanged);
        }
        public async onRevertToggledAsync() {
            const state = await this.getCurrentStateAsync();
            state.selection.addOrUpdateSelectedScript(this.scriptId, this.isReverted);
        }
        private handleSelectionChanged(selectedScripts: ReadonlyArray<SelectedScript>): void {
            const selectedScript = selectedScripts.find((script) => script.id === this.scriptId);
            if (!selectedScript) {
                this.isReverted = false;
            } else {
                this.isReverted = selectedScript.revert;
            }
        }
    }
 </script>
 <style scoped lang="scss">
@import "@/presentation/styles/colors.scss";
 $width: 85px;
 $height: 30px;
 // https://www.designlabthemes.com/css-toggle-switch/
 .checkbox-switch {
    cursor: pointer;
    display: inline-block;
    overflow: hidden;
    position: relative;
    width: $width;
    height: $height;
    -webkit-border-radius: $height;
    border-radius: $height;
    line-height: $height;
    font-size: $height / 2;
    display: inline-block;
    input.input-checkbox {
        position: absolute;
        left: 0;
        top: 0;
        width: $width;
        height: $height;
        padding: 0;
        margin: 0;
        opacity: 0;
        z-index: 2;
        cursor: pointer;
    }
    .checkbox-animate {
        position: relative;
        width: $width;
        height: $height;
        background-color: $gray;
        -webkit-transition: background-color 0.25s ease-out 0s;
        transition: background-color 0.25s ease-out 0s;
        // Circle
        &:before {
            $circle-size: $height * 0.66;
            content: "";
            display: block;
            position: absolute;
            width: $circle-size;
            height: $circle-size;
            border-radius: $circle-size * 2;
            -webkit-border-radius: $circle-size * 2;
            background-color: $slate;
            top: $height * 0.16;
            left: $width * 0.05;
            -webkit-transition: left 0.3s ease-out 0s;
            transition: left 0.3s ease-out 0s;
            z-index: 10;
        }
    }
    input.input-checkbox:checked {
        + .checkbox-animate {
            background-color: $accent;
        }
        + .checkbox-animate:before {
            left: ($width - $width/3.5);
            background-color: $light-gray;
        }
        + .checkbox-animate .checkbox-off {
            display: none;
            opacity: 0;
        }
        + .checkbox-animate .checkbox-on {
            display: block;
            opacity: 1;
        }
    }
    .checkbox-off, .checkbox-on {
        float: left;
        color: $white;
        font-weight: 700;
            -webkit-transition: all 0.3s ease-out 0s;
        transition: all 0.3s ease-out 0s;
    }
    .checkbox-off {
        margin-left: $width / 3;
        opacity: 1;
    }
    .checkbox-on {
        display: none;
        float: right;
        margin-right: $width / 3;
        opacity: 0;
    }
 }
 </style>
--- a/src/presentation/Scripts/ScriptsTree/SelectableTree/SelectableTree.vue
+++ b/src/presentation/Scripts/ScriptsTree/SelectableTree/SelectableTree.vue
@@ -1,14 +1,14 @@
 <template>
    <span>
-        <span v-if="initialNodes != null && initialNodes.length > 0">
+        <span v-if="initialLiquourTreeNodes != null && initialLiquourTreeNodes.length > 0">
            <tree :options="liquorTreeOptions"
-                  :data="this.initialNodes"
+                  :data="initialLiquourTreeNodes"
                  v-on:node:checked="nodeSelected($event)"
                  v-on:node:unchecked="nodeSelected($event)"
                  ref="treeElement"
                >
                <span class="tree-text" slot-scope="{ node }">
-                    <Node :data="convertExistingToNode(node)"/>
+                    <Node :data="convertExistingToNode(node)" />
                </span>
            </tree>
        </span>
@@ -18,9 +18,10 @@
 <script lang="ts">
    import { Component, Prop, Vue, Emit, Watch } from 'vue-property-decorator';
-    import LiquorTree, { ILiquorTreeNewNode, ILiquorTreeExistingNode, ILiquorTree } from 'liquor-tree';
+    import LiquorTree, { ILiquorTreeNewNode, ILiquorTreeExistingNode, ILiquorTree, ILiquorTreeOptions } from 'liquor-tree';
    import Node from './Node.vue';
    import { INode } from './INode';
    import { convertExistingToNode, toNewLiquorTreeNode } from './NodeTranslator';
    export type FilterPredicate = (node: INode) => boolean;
    /** Wrapper for Liquor Tree, reveals only abstracted INode for communication */
@@ -33,28 +34,31 @@
    export default class SelectableTree extends Vue {
        @Prop() public filterPredicate?: FilterPredicate;
        @Prop() public filterText?: string;
-        @Prop() public nodes?: INode[];
+        @Prop() public selectedNodeIds?: ReadonlyArray<string>;
        @Prop() public initialNodes?: ReadonlyArray<INode>;
-        public initialNodes?: ILiquorTreeNewNode[] = null;
+        public initialLiquourTreeNodes?: ILiquorTreeNewNode[] = null;
-        public liquorTreeOptions = this.getLiquorTreeOptions();
+        public liquorTreeOptions = this.getDefaults();
        public convertExistingToNode = convertExistingToNode;
        public mounted() {
-            // console.log('Mounted', 'initial nodes', this.nodes);
+            if (this.initialNodes) {
-            // console.log('Mounted', 'initial model', this.getLiquorTreeApi().model);
+                const initialNodes = this.initialNodes.map((node) => toNewLiquorTreeNode(node));
-
+                if (this.selectedNodeIds) {
-            if (this.nodes) {
+                    recurseDown(initialNodes,
-                this.initialNodes = this.nodes.map((node) => this.toLiquorTreeNode(node));
+                        (node) => node.state.checked = this.selectedNodeIds.includes(node.id));
                }
                this.initialLiquourTreeNodes = initialNodes;
            } else {
                throw new Error('Initial nodes are null or empty');
            }
            if (this.filterText) {
               this.updateFilterText(this.filterText);
            }
        }
        public nodeSelected(node: ILiquorTreeExistingNode) {
-            this.$emit('nodeSelected', this.convertExistingToNode(node));
+            this.$emit('nodeSelected', convertExistingToNode(node));
            return;
        }
@@ -64,104 +68,28 @@
            if (!filterText) {
                api.clearFilter();
            } else {
-                api.filter('filtered'); // text does not matter, it'll trigger the predicate
+                api.filter('filtered'); // text does not matter, it'll trigger the filterPredicate
            }
        }
-        @Watch('nodes', {deep: true})
+        @Watch('selectedNodeIds')
-        public setSelectedStatus(nodes: |ReadonlyArray<INode>) {
+        public setSelectedStatus(selectedNodeIds: ReadonlyArray<string>) {
-            if (!nodes || nodes.length === 0) {
+            if (!selectedNodeIds) {
-                throw new Error('Updated nodes are null or empty');
+                throw new Error('Selected nodes are undefined');
            }
-            // Update old node properties, re-setting it changes expanded status etc.
+            const newNodes = updateCheckedState(this.getLiquorTreeApi().model, selectedNodeIds);
-            // It'll not be needed when this is merged: https://github.com/amsik/liquor-tree/pull/141
+            this.getLiquorTreeApi().setModel(newNodes);
-            const updateCheckedState = (
+            /*  Alternative:
-                oldNodes: ReadonlyArray<ILiquorTreeExistingNode>,
+                    this.getLiquorTreeApi().recurseDown((node) => {
-                updatedNodes: ReadonlyArray<INode>): ILiquorTreeNewNode[] => {
+                                node.states.checked = selectedNodeIds.includes(node.id);
-                    const newNodes = new Array<ILiquorTreeNewNode>();
+                            });
-                    for (const oldNode of oldNodes) {
+                Problem: Does not check their parent if all children are checked, because it does not
-                                for (const updatedNode of updatedNodes) {
+                        trigger update on parent as we work with scripts not categories. */
-                                    if (oldNode.id === updatedNode.id) {
+            /*  Alternative:
-                                        const newState = oldNode.states;
+                    this.getLiquorTreeApi().recurseDown((node) => {
-                                        newState.checked = updatedNode.selected;
+                            if(selectedNodeIds.includes(node.id)) { node.select(); } else { node.unselect(); }
-                                        newNodes.push({
+                    });
-                                            id: oldNode.id,
+                Problem: Emits nodeSelected() event again which will cause an infinite loop. */
                                            text: updatedNode.text,
                                            children: oldNode.children == null ? [] :
                                                updateCheckedState(
                                                    oldNode.children,
                                                    updatedNode.children),
                                            state: newState,
                                            data: {
                                                documentationUrls: oldNode.data.documentationUrls,
                                            },
                                        });
                                    }
                                }
                            }
                    return newNodes;
            };
            const newModel = updateCheckedState(
                this.getLiquorTreeApi().model, nodes);
            this.getLiquorTreeApi().setModel(newModel);
        }
        private convertItem(liquorTreeNode: ILiquorTreeNewNode): INode {
            if (!liquorTreeNode) { throw new Error('liquorTreeNode is undefined'); }
            return {
                id: liquorTreeNode.id,
                text: liquorTreeNode.text,
                selected: liquorTreeNode.state && liquorTreeNode.state.checked,
                children: (!liquorTreeNode.children || liquorTreeNode.children.length === 0)
                 ? [] : liquorTreeNode.children.map((childNode) => this.convertItem(childNode)),
                documentationUrls: liquorTreeNode.data.documentationUrls,
            };
        }
        private convertExistingToNode(liquorTreeNode: ILiquorTreeExistingNode): INode {
            if (!liquorTreeNode) { throw new Error('liquorTreeNode is undefined'); }
            return {
                id: liquorTreeNode.id,
                text: liquorTreeNode.data.text,
                selected: liquorTreeNode.states && liquorTreeNode.states.checked,
                children: (!liquorTreeNode.children || liquorTreeNode.children.length === 0)
                 ? [] : liquorTreeNode.children.map((childNode) => this.convertExistingToNode(childNode)),
                documentationUrls: liquorTreeNode.data.documentationUrls,
            };
        }
        private toLiquorTreeNode(node: INode): ILiquorTreeNewNode {
            if (!node) { throw new Error('node is undefined'); }
            return {
                id: node.id,
                text: node.text,
                state: {
                    checked: node.selected,
                },
                children: (!node.children || node.children.length === 0) ? [] :
                 node.children.map((childNode) => this.toLiquorTreeNode(childNode)),
                data: {
                    documentationUrls: node.documentationUrls,
                },
            };
        }
        private getLiquorTreeOptions(): any {
            return {
                checkbox: true,
                checkOnSelect: true,
                deletion: (node) => !node.children || node.children.length === 0,
                filter: {
                    matcher: (query: string, node: ILiquorTreeExistingNode) => {
                        if (!this.filterPredicate) {
                            throw new Error('Cannot filter as predicate is null');
                        }
                        return this.filterPredicate(this.convertExistingToNode(node));
                    },
                    emptyText: '🕵️Hmm.. Can not see one 🧐',
                },
            };
        }
        private getLiquorTreeApi(): ILiquorTree {
@@ -170,12 +98,60 @@
            }
            return (this.$refs.treeElement as any).tree;
        }
        private getDefaults(): ILiquorTreeOptions {
            return {
                multiple: true,
                checkbox: true,
                checkOnSelect: true,
                autoCheckChildren: true,
                parentSelect: false,
                keyboardNavigation: true,
                deletion: (node) => !node.children || node.children.length === 0,
                filter: {
                    matcher: (query: string, node: ILiquorTreeExistingNode) => {
                        if (!this.filterPredicate) {
                            throw new Error('Cannot filter as predicate is null');
                        }
                        return this.filterPredicate(convertExistingToNode(node));
                    },
                    emptyText: '🕵️Hmm.. Can not see one 🧐',
                },
            };
        }
    }
    function recurseDown(
        nodes: ReadonlyArray<ILiquorTreeNewNode>,
        handler: (node: ILiquorTreeNewNode) => void) {
        for (const node of nodes) {
            handler(node);
            if (node.children) {
                recurseDown(node.children, handler);
            }
        }
    }
    function updateCheckedState(
        oldNodes: ReadonlyArray<ILiquorTreeExistingNode>,
        selectedNodeIds: ReadonlyArray<string>): ReadonlyArray<ILiquorTreeNewNode> {
        const result = new Array<ILiquorTreeNewNode>();
        for (const oldNode of oldNodes) {
            const newState = oldNode.states;
            newState.checked = selectedNodeIds.some((id) => id === oldNode.id);
            const newNode: ILiquorTreeNewNode = {
                id: oldNode.id,
                text: oldNode.data.text,
                data: {
                    documentationUrls: oldNode.data.documentationUrls,
                    isReversible: oldNode.data.isReversible,
                },
                children: oldNode.children == null ? [] :
                        updateCheckedState(oldNode.children, selectedNodeIds),
                state: newState,
            };
            result.push(newNode);
        }
        return result;
    }
 </script>
 <style scoped lang="scss">
@import "@/presentation/styles/colors.scss";
 </style>
--- a/src/presentation/Scripts/Selector/SelectableOption.vue
+++ b/src/presentation/Scripts/Selector/SelectableOption.vue
@@ -1,14 +1,18 @@
 <template>
    <span
        v-bind:class="{ 'disabled': enabled, 'enabled': !enabled}"
        v-non-collapsing
        @click="onClicked()">{{label}}</span>
 </template>
 <script lang="ts">
 import { Component, Prop, Vue, Emit } from 'vue-property-decorator';
 import { StatefulVue } from '@/presentation/StatefulVue';
 import { NonCollapsing } from '@/presentation/Scripts/Cards/NonCollapsingDirective';
-@Component
+@Component({
    directives: { NonCollapsing },
 })
 export default class SelectableOption extends StatefulVue {
  @Prop() public enabled: boolean;
  @Prop() public label: string;
--- a/src/presentation/Scripts/Selector/TheSelector.vue
+++ b/src/presentation/Scripts/Selector/TheSelector.vue
@@ -32,7 +32,8 @@ import { Component, Prop, Vue } from 'vue-property-decorator';
 import { StatefulVue } from '@/presentation/StatefulVue';
 import SelectableOption from './SelectableOption.vue';
 import { IApplicationState } from '@/application/State/IApplicationState';
-import { IScript } from '@/domain/Script';
+import { IScript } from '@/domain/IScript';
 import { SelectedScript } from '../../../application/State/Selection/SelectedScript';
@Component({
  components: {
@@ -79,12 +80,14 @@ export default class TheSelector extends StatefulVue {
    private updateSelections(state: IApplicationState) {
        this.isNoneSelected = state.selection.totalSelected === 0;
        this.isAllSelected = state.selection.totalSelected === state.app.totalScripts;
-        this.isRecommendedSelected = this.areSame(state.app.getRecommendedScripts(), state.selection.selectedScripts);
+        this.isRecommendedSelected = this.areAllRecommended(state.app.getRecommendedScripts(),
            state.selection.selectedScripts);
    }
-    private areSame(scripts: ReadonlyArray<IScript>, other: ReadonlyArray<IScript>): boolean {
+    private areAllRecommended(scripts: ReadonlyArray<IScript>, other: ReadonlyArray<SelectedScript>): boolean {
        other = other.filter((selected) => !(selected).revert);
        return (scripts.length === other.length) &&
-            scripts.every((script) => other.some((s) => s.id === script.id));
+            scripts.every((script) => other.some((selected) => selected.id === script.id));
    }
 }
 </script>
--- a/src/presentation/Scripts/TheScripts.vue
+++ b/src/presentation/Scripts/TheScripts.vue
@@ -1,12 +1,25 @@
 <template>
    <div>
        <div class="help-container">
-            <TheSelector class="left" />
+            <TheSelector />
-            <TheGrouper class="right"
+            <TheGrouper
-                v-on:groupingChanged="onGroupingChanged($event)" />
+                v-on:groupingChanged="onGroupingChanged($event)"
                v-show="!this.isSearching" />
        </div>
        <div class="scripts">
            <div v-if="!isSearching || searchHasMatches">
                    <CardList v-if="this.showCards" />
                    <div v-else-if="this.showList" class="tree">
                        <div v-if="this.isSearching" class="search-query">
                            Searching for "{{this.searchQuery | threeDotsTrim}}"</div>
                        <ScriptsTree />
                    </div>
                    </div>
                    <div v-else class="search-no-matches">
                        Sorry, no matches for "{{this.searchQuery | threeDotsTrim}}" 😞
                        Feel free to extend the scripts <a :href="repositoryUrl" target="_blank" class="child github" >here</a>.
            </div>
        </div>
        <CardList v-if="showCards" />
        <ScriptsTree v-if="showList" />
    </div>
 </template>
@@ -14,11 +27,13 @@
    import { Component, Prop, Vue, Emit } from 'vue-property-decorator';
    import { Category } from '@/domain/Category';
    import { StatefulVue } from '@/presentation/StatefulVue';
    import { Grouping } from './Grouping/Grouping';
    import { IFilterResult } from '@/application/State/Filter/IFilterResult';
    import TheGrouper from '@/presentation/Scripts/Grouping/TheGrouper.vue';
    import TheSelector from '@/presentation/Scripts/Selector/TheSelector.vue';
    import ScriptsTree from '@/presentation/Scripts/ScriptsTree/ScriptsTree.vue';
    import CardList from '@/presentation/Scripts/Cards/CardList.vue';
-    import { Grouping } from './Grouping/Grouping';
+
    /** Shows content of single category or many categories */
    @Component({
@@ -28,40 +43,86 @@
        ScriptsTree,
        CardList,
    },
    filters: {
        threeDotsTrim(query: string) {
            const threshold = 30;
            if (query.length <= threshold - 3) {
                return query;
            }
            return `${query.substr(0, threshold)}...`;
        },
    },
    })
    export default class TheScripts extends StatefulVue {
-        public showCards = true;
+        public showCards = false;
        public showList = false;
        public repositoryUrl = '';
        private searchQuery = '';
        private isSearching = false;
        private searchHasMatches = false;
-        @Prop() public data!: Category | Category[];
+        private currentGrouping: Grouping;
        public async mounted() {
            const state = await this.getCurrentStateAsync();
            this.repositoryUrl = state.app.repositoryUrl;
            state.filter.filterRemoved.on(() => {
                this.isSearching = false;
                this.updateGroups();
            });
            state.filter.filtered.on((result: IFilterResult) => {
                this.searchQuery = result.query;
                this.isSearching = true;
                this.searchHasMatches = result.hasAnyMatches();
                this.updateGroups();
            });
        }
        public onGroupingChanged(group: Grouping) {
-            switch (group) {
+            this.currentGrouping = group;
-                case Grouping.Cards:
+            this.updateGroups();
-                    this.showCards = true;
+        }
-                    this.showList = false;
+
-                    break;
+        private updateGroups(): void {
-                case Grouping.None:
+            this.showCards = !this.isSearching && this.currentGrouping === Grouping.Cards;
-                    this.showCards = false;
+            this.showList = this.isSearching || this.currentGrouping === Grouping.None;
                    this.showList = true;
                    break;
                default:
                    throw new Error('Unknown grouping');
            }
        }
    }
 </script>
 <style scoped lang="scss">
@import "@/presentation/styles/colors.scss";
@import "@/presentation/styles/fonts.scss";
 .scripts {
    margin-top:10px;
    .search-no-matches {
        word-break:break-word;
        color: $white;
        text-transform: uppercase;
        color: $light-gray;
        font-size: 1.5em;
        background-color: $slate;
        padding:5%;
        text-align:center;
        > a {
            color: $gray;
        }
    }
    .tree {
        padding-left: 3%;
        padding-top: 15px;
        padding-bottom: 15px;
        .search-query {
            display: flex;
            justify-content: center;
            color: $gray;
        }
    }
 }
 .help-container {
  display: flex;
  justify-content: space-between;
-
+  flex-wrap: wrap;
  .left {
      justify-content: flex-start;
  }
  .right {
      justify-content: flex-end;
  }
 }
 </style>
--- a/src/presentation/StatefulVue.ts
+++ b/src/presentation/StatefulVue.ts
@@ -1,6 +1,6 @@
-import { ApplicationState, IApplicationState } from '../application/State/ApplicationState';
+import { ApplicationState } from '@/application/State/ApplicationState';
 import { IApplicationState } from '@/application/State/IApplicationState';
 import { Vue } from 'vue-property-decorator';
 export { IApplicationState };
 export abstract class StatefulVue extends Vue {
    public isLoading = true;
--- a/src/presentation/TheCodeArea.vue
+++ b/src/presentation/TheCodeArea.vue
@@ -4,7 +4,7 @@
 <script lang="ts">
 import { Component, Prop, Watch, Vue } from 'vue-property-decorator';
-import { StatefulVue, IApplicationState } from './StatefulVue';
+import { StatefulVue } from './StatefulVue';
 import ace from 'ace-builds';
 import 'ace-builds/webpack-resolver';
 import { CodeBuilder } from '../application/State/Code/CodeBuilder';
@@ -13,16 +13,16 @@ const NothingChosenCode =
  new CodeBuilder()
    .appendCommentLine('privacy.sexy — 🔐 Enforce privacy & security best-practices on Windows')
    .appendLine()
    .appendCommentLine('-- 🤔 How to use')
    .appendCommentLine(' 📙 Start by exploring different categories and choosing different tweaks.')
    .appendCommentLine(' 📙 You can select "Recommended" on the top to select "safer" tweaks. Always double check!')
    .appendCommentLine(' 📙 After you choose any tweak, you can download & copy to execute your script.')
    .appendLine()
    .appendCommentLine('-- 🧐 Why privacy.sexy')
    .appendCommentLine(' ✔️ Rich tweak pool to harden security & privacy of the OS and other softwares on it.')
    .appendCommentLine(' ✔️ You don\'t need to run any compiled software on your system, just run the generated scripts.')
    .appendCommentLine(' ✔️ Have full visibility into what the tweaks do as you enable them.')
    .appendCommentLine(' ✔️ Free software, 100% transparency: both application & infrastructure code are open-sourced.')
    .appendLine()
    .appendCommentLine('-- 🤔 How to use')
    .appendCommentLine(' 📙 Start by exploring different categories and choosing different tweaks.')
    .appendCommentLine(' 📙 You can select "Recommended" on the top to select "safer" tweaks. Always double check!')
    .appendCommentLine(' 📙 After you choose any tweak, you can download & copy to execute your script.')
    .toString();
@Component
--- a/src/presentation/TheCodeButtons.vue
+++ b/src/presentation/TheCodeButtons.vue
@@ -15,7 +15,7 @@
 <script lang="ts">
 import { Component, Prop, Vue } from 'vue-property-decorator';
-import { StatefulVue, IApplicationState } from './StatefulVue';
+import { StatefulVue } from './StatefulVue';
 import { SaveFileDialog } from './../infrastructure/SaveFileDialog';
 import { Clipboard } from './../infrastructure/Clipboard';
 import IconButton from './IconButton.vue';
--- a/src/presentation/TheFooter.vue
+++ b/src/presentation/TheFooter.vue
@@ -1,31 +0,0 @@
 <template>
    <div id="footer">
        {{text}}
    </div>
 </template>
 <script lang="ts">
 import { Component, Prop, Vue } from 'vue-property-decorator';
 import { StatefulVue } from './StatefulVue';
@Component
 export default class TheFooter extends StatefulVue {
  private text: string = '';
  public async mounted() {
    const state = await this.getCurrentStateAsync();
    this.text = `v${state.app.version}`;
  }
 }
 </script>
 <style scoped lang="scss">
@import "@/presentation/styles/colors.scss";
@import "@/presentation/styles/fonts.scss";
 #footer {
    color: $gray;
    font-size: 0.7em;
    font-family: $artistic-font;
    text-align: center;
 }
 </style>
--- a/src/presentation/TheFooter/DownloadUrlList.vue
+++ b/src/presentation/TheFooter/DownloadUrlList.vue
@@ -0,0 +1,72 @@
 <template>
  <span 
    class="container"
    v-bind:class="{ 'container_unsupported': !hasCurrentOsDesktopVersion, 'container_supported': hasCurrentOsDesktopVersion }">
    <span class="description">
      <font-awesome-icon class="description__icon" :icon="['fas', 'desktop']"  />
      <span class="description__text">For desktop:</span>
    </span>
    <span class="urls">
      <span class="urls__url" v-for="os of supportedDesktops" v-bind:key="os">
        <DownloadUrlListItem :operatingSystem="os" />
      </span>
    </span>
  </span>
 </template>
 <script lang="ts">
 import { Component, Prop, Vue } from 'vue-property-decorator';
 import { Environment } from '@/application/Environment/Environment';
 import { OperatingSystem } from '@/application/Environment/OperatingSystem';
 import DownloadUrlListItem from './DownloadUrlListItem.vue';
@Component({
  components: { DownloadUrlListItem },
 })
 export default class DownloadUrlList extends Vue {
  public readonly supportedDesktops: ReadonlyArray<OperatingSystem>;
  public readonly hasCurrentOsDesktopVersion: boolean = false;
  constructor() {
    super();
    const supportedOperativeSystems = [OperatingSystem.Windows, OperatingSystem.Linux, OperatingSystem.macOS];
    const currentOs = Environment.CurrentEnvironment.os;
    this.supportedDesktops = supportedOperativeSystems.sort((os) => os === currentOs ? 0 : 1);
    this.hasCurrentOsDesktopVersion = supportedOperativeSystems.includes(currentOs);
  }
 }
 </script>
 <style scoped lang="scss">
@import "@/presentation/styles/media.scss";
 .container {
  display:flex;
  flex-wrap: wrap;
  justify-content: space-around;
  &_unsupported {
    opacity: 0.9;
  }
  &_supported {
    font-size: 1em;
  }
  .description {
    &__icon {
      margin-right: 0.5em;
    }
    &__text {
      margin-right: 0.3em;
    }
  }
 }
 .urls {
  &__url {
    &:not(:first-child)::before {
      opacity: 0.5;
      content: "|";
      font-size: 0.6rem;
      padding: 0 5px;
    }
  }
 }
 </style>
--- a/src/presentation/TheFooter/DownloadUrlListItem.vue
+++ b/src/presentation/TheFooter/DownloadUrlListItem.vue
@@ -0,0 +1,94 @@
 <template>
  <span class="url">
    <a :href="downloadUrl"
        v-bind:class="{
            'url__active': hasCurrentOsDesktopVersion && isCurrentOs,
            'url__inactive': hasCurrentOsDesktopVersion && !isCurrentOs,
            }">{{ operatingSystemName }}</a>
  </span>
 </template>
 <script lang="ts">
 import { Component, Prop, Vue, Watch } from 'vue-property-decorator';
 import { StatefulVue } from '@/presentation/StatefulVue';
 import { Environment } from '@/application/Environment/Environment';
 import { OperatingSystem } from '@/application/Environment/OperatingSystem';
@Component
 export default class DownloadUrlListItem extends StatefulVue {
  @Prop() public operatingSystem!: OperatingSystem;
  public OperatingSystem = OperatingSystem;
  public downloadUrl: string = '';
  public operatingSystemName: string = '';
  public isCurrentOs: boolean = false;
  public hasCurrentOsDesktopVersion: boolean = false;
  public async mounted() {
      await this.onOperatingSystemChangedAsync(this.operatingSystem);
  }
  @Watch('operatingSystem')
  public async onOperatingSystemChangedAsync(os: OperatingSystem) {
    const currentOs = Environment.CurrentEnvironment.os;
    this.isCurrentOs = os === currentOs;
    this.downloadUrl = await this.getDownloadUrlAsync(os);
    this.operatingSystemName = getOperatingSystemName(os);
    this.hasCurrentOsDesktopVersion = hasDesktopVersion(currentOs);
  }
  private async getDownloadUrlAsync(os: OperatingSystem): Promise<string> {
    const state = await this.getCurrentStateAsync();
    return `${state.app.repositoryUrl}/releases/download/${state.app.version}/${getFileName(os, state.app.version)}`;
  }
 }
 function hasDesktopVersion(os: OperatingSystem): boolean {
    return os === OperatingSystem.Windows
        || os === OperatingSystem.Linux
        || os === OperatingSystem.macOS;
 }
 function getOperatingSystemName(os: OperatingSystem): string {
    switch (os) {
        case OperatingSystem.Linux:
            return 'Linux';
        case OperatingSystem.macOS:
            return 'macOS';
        case OperatingSystem.Windows:
            return 'Windows';
        default:
            throw new Error(`Unsupported os: ${OperatingSystem[os]}`);
    }
 }
 function getFileName(os: OperatingSystem, version: string): string {
    switch (os) {
        case OperatingSystem.Linux:
            return `privacy.sexy-${version}.AppImage`;
        case OperatingSystem.macOS:
            return `privacy.sexy-${version}.dmg`;
        case OperatingSystem.Windows:
            return `privacy.sexy-Setup-${version}.exe`;
        default:
            throw new Error(`Unsupported os: ${OperatingSystem[os]}`);
    }
 }
 </script>
 <style scoped lang="scss">
 .url {
    &__active {
        font-size: 1em;
    }
    &__inactive {
        font-size: 0.70em;
    }
    a {
        color:inherit;
        &:hover {
            opacity: 0.8;
        }
    }
 }
 </style>
--- a/src/presentation/TheFooter/PrivacyPolicy.vue
+++ b/src/presentation/TheFooter/PrivacyPolicy.vue
@@ -0,0 +1,81 @@
 <template>
    <div class="privacy-policy">
      <div v-if="!isDesktop" class="line">
          <div class="line__emoji">🚫🍪</div>
          <div>No cookies!</div>
      </div>
      <div v-if="isDesktop" class="line">
          <div class="line__emoji">🚫🌐</div>
          <div>Everything is offline, except single request GitHub to check for updates on application start.</div>
      </div>
      <div class="line">
          <div class="line__emoji">🚫👀</div>
          <div>No user behavior / IP adress collection!</div>
      </div>
      <div class="line">
          <div class="line__emoji">🤖</div>
          <div>All transparent: Deployed automatically from master branch
          of the <a :href="repositoryUrl" target="_blank">source code</a> with no changes.</div>
      </div>
      <div v-if="!isDesktop" class="line">
          <div class="line__emoji">📈</div>
          <div>Basic <a href="https://aws.amazon.com/cloudfront/reporting/" target="_blank">CDN statistics</a>
          are collected by AWS but they cannot be related to you or your behavior. You can download the offline version if you don't want CDN data collection.</div>
      </div>
      <div class="line">
          <div class="line__emoji">🎉</div>
          <div>As almost no data is colected, the application gets better only with your active feedback.
          Feel free to <a :href="feedbackUrl" target="_blank">create an issue</a> 😊</div>
      </div>
    </div>
 </template>
 <script lang="ts">
 import { Component, Prop, Vue } from 'vue-property-decorator';
 import { StatefulVue } from '@/presentation/StatefulVue';
 import { Environment } from '@/application/Environment/Environment';
@Component
 export default class TheFooter extends StatefulVue {
  public repositoryUrl: string = '';
  public feedbackUrl: string = '';
  public isDesktop: boolean = false;
  constructor() {
    super();
    this.isDesktop = Environment.CurrentEnvironment.isDesktop;
  }
  public async mounted() {
    const state = await this.getCurrentStateAsync();
    this.repositoryUrl = state.app.repositoryUrl;
    this.feedbackUrl = `${state.app.repositoryUrl}/issues`;
  }
 }
 </script>
 <style scoped lang="scss">
@import "@/presentation/styles/fonts.scss";
 .privacy-policy {
    display: flex;
    flex-direction: column;
    font-family: $normal-font;
    text-align:center;
    .line {
        display: flex;
        flex-direction: column;
        &:not(:first-child) {
          margin-top:0.2rem;
        }
    }
    a {
      color:inherit;
      &:hover {
        opacity: 0.8;
      }
    }
 }
 </style>
--- a/src/presentation/TheFooter/TheFooter.vue
+++ b/src/presentation/TheFooter/TheFooter.vue
@@ -0,0 +1,159 @@
 <template>
  <div>
    <div class="footer">
      <div class="footer__section">
        <span v-if="isDesktop" class="footer__section__item">
          <font-awesome-icon class="icon" :icon="['fas', 'globe']"  />
          <span>Online version at <a href="https://privacy.sexy" target="_blank">https://privacy.sexy</a></span>
        </span>
        <span v-else class="footer__section__item">
          <DownloadUrlList />
        </span>
      </div>
      <div class="footer__section">
        <div class="footer__section__item">
          <a :href="feedbackUrl" target="_blank">
            <font-awesome-icon class="icon" :icon="['far', 'smile']"  />
            <span>Feedback</span>
          </a>
        </div>
        <div class="footer__section__item">
          <a :href="repositoryUrl" target="_blank">
            <font-awesome-icon class="icon" :icon="['fab', 'github']"  />
            <span>Source Code</span>
          </a>
        </div>
        <div class="footer__section__item">
          <a :href="releaseUrl" target="_blank">
            <font-awesome-icon class="icon" :icon="['fas', 'tag']"  />
            <span>v{{ version }}</span>
          </a>
        </div>
        <div class="footer__section__item">
          <font-awesome-icon class="icon" :icon="['fas', 'user-secret']"  />
          <a @click="$modal.show(modalName)">Privacy</a>
        </div>
      </div>
    </div>
    <modal :name="modalName" height="auto" :scrollable="true" :adaptive="true">
      <div class="modal">
        <PrivacyPolicy class="modal__content"/>
        <div class="modal__close-button">
          <font-awesome-icon :icon="['fas', 'times']"  @click="$modal.hide(modalName)"/>
        </div>
      </div>
    </modal>
  </div>
 </template>
 <script lang="ts">
 import { Component, Prop, Vue } from 'vue-property-decorator';
 import { StatefulVue } from '@/presentation/StatefulVue';
 import { Environment } from '@/application/Environment/Environment';
 import PrivacyPolicy from './PrivacyPolicy.vue';
 import DownloadUrlList from './DownloadUrlList.vue';
 import { OperatingSystem } from '@/application/Environment/OperatingSystem';
@Component({
  components: {
    PrivacyPolicy, DownloadUrlList,
  },
 })
 export default class TheFooter extends StatefulVue {
  public readonly modalName = 'privacy-policy';
  public readonly isDesktop: boolean;
  public version: string = '';
  public repositoryUrl: string = '';
  public releaseUrl: string = '';
  public feedbackUrl: string = '';
  constructor() {
    super();
    this.isDesktop = Environment.CurrentEnvironment.isDesktop;
  }
  public async mounted() {
    const state = await this.getCurrentStateAsync();
    this.version = state.app.version;
    this.repositoryUrl = state.app.repositoryUrl;
    this.releaseUrl = `${state.app.repositoryUrl}/releases/tag/${state.app.version}`;
    this.feedbackUrl = `${state.app.repositoryUrl}/issues`;
  }
 }
 </script>
 <style scoped lang="scss">
@import "@/presentation/styles/colors.scss";
@import "@/presentation/styles/fonts.scss";
@import "@/presentation/styles/media.scss";
 .icon {
  margin-right: 0.5em;
  text-decoration: none;
 }
 .footer {
  display: flex;
  justify-content: space-between;
  @media (max-width: $big-screen-width) {  
    flex-direction: column;
    align-items: center;
  }
  &__section {
    display: flex;
    @media (max-width: $big-screen-width) {  
      justify-content: space-around;
      width:100%;  
      &:not(:first-child) {
        margin-top: 0.7em;
      }
    }
    flex-wrap: wrap;
    color: $dark-gray;
    font-size: 1rem;
    font-family: $normal-font;
    a {
      color:inherit;
      text-decoration: underline;
      cursor: pointer;
      &:hover {
        opacity: 0.8;
      }
    }
    &__item:not(:first-child) {
      &::before {
        content: "|";
        padding: 0 5px;
      }
      @media (max-width: $big-screen-width) {  
        margin-top: 3px;
        &::before {
          content: "";
          padding: 0;
        }
      }
    }
  }
 }
 .modal {
    margin-bottom: 10px;
    display: flex;
    flex-direction: row;
    &__content {
      width: 100%;
    }
    &__close-button {
      width: auto;
      font-size: 1.5em;
      margin-right:0.25em;
      align-self: flex-start;
      cursor: pointer;
      &:hover {
        opacity: 0.9;
      }
    }
 }
 </style>
--- a/src/presentation/TheHeader.vue
+++ b/src/presentation/TheHeader.vue
@@ -1,10 +1,7 @@
 <template>
    <div id="container">
      <h1 class="child title" >{{ title }}</h1>
-      <h2 class="child subtitle">{{ subtitle }}</h2>
+      <h2 class="child subtitle">Enforce privacy & security on Windows</h2>
      <a :href="githubUrl" target="_blank" class="child github" >
          <font-awesome-icon :icon="['fab', 'github']" size="3x"  />
      </a>
    </div>
 </template>
@@ -14,14 +11,12 @@ import { StatefulVue } from './StatefulVue';
@Component
 export default class TheHeader extends StatefulVue {
-  private title: string = '';
+  public title = '';
-  private subtitle: string = '';
+  public subtitle = '';
  @Prop() private githubUrl!: string;
  public async mounted() {
    const state = await this.getCurrentStateAsync();
    this.title = state.app.name;
    this.subtitle = 'Enforce privacy & security on Windows';
  }
 }
 </script>
@@ -55,13 +50,6 @@ export default class TheHeader extends StatefulVue {
    font-weight: 500;
    line-height: 1.2;
  }
  .github {
    color:inherit;
    cursor: pointer;
    &:hover {
        opacity: 0.9;
    }
  }
 }
 </style>
--- a/src/presentation/TheSearchBar.vue
+++ b/src/presentation/TheSearchBar.vue
@@ -1,22 +1,32 @@
 <template>
-    <div class="container">
+  <div class="search" v-non-collapsing>
-        <div class="search">
+      <input type="search" class="searchTerm"
-            <input type="text" class="searchTerm" placeholder="Search for configurations"
+        :placeholder="searchPlaceHolder"
-              @input="updateFilterAsync($event.target.value)" >
+        @input="updateFilterAsync($event.target.value)" >
-            <div class="iconWrapper">
+      <div class="iconWrapper">
-                <font-awesome-icon :icon="['fas', 'search']" />
+          <font-awesome-icon :icon="['fas', 'search']" />
-            </div>
+      </div>
-        </div>
+  </div>
    </div>
 </template>
 <script lang="ts">
 import { Component, Prop, Vue, Watch } from 'vue-property-decorator';
 import { StatefulVue } from './StatefulVue';
 import { NonCollapsing } from '@/presentation/Scripts/Cards/NonCollapsingDirective';
-@Component
+@Component( {
    directives: { NonCollapsing },
  },
 )
 export default class TheSearchBar extends StatefulVue {
  public searchPlaceHolder = 'Search';
  public async mounted() {
    const state = await this.getCurrentStateAsync();
    const totalScripts = state.app.totalScripts;
    const totalCategories = state.app.totalCategories;
    this.searchPlaceHolder = `Search in ${totalScripts} scripts`;
  }
  public async updateFilterAsync(filter: |string) {
    const state = await this.getCurrentStateAsync();
@@ -34,13 +44,6 @@ export default class TheSearchBar extends StatefulVue {
@import "@/presentation/styles/colors.scss";
@import "@/presentation/styles/fonts.scss";
 .container {
    padding-top: 30px;
    padding-right: 30%;
    padding-left: 30%;
    font: $normal-font;
 }
 .search {
  width: 100%;
  position: relative;
@@ -49,6 +52,7 @@ export default class TheSearchBar extends StatefulVue {
 .searchTerm {
  width: 100%;
  min-width: 60px;
  border: 1.5px solid $gray;
  border-right: none;
  height: 36px;
@@ -57,6 +61,8 @@ export default class TheSearchBar extends StatefulVue {
  padding-right:10px;
  outline: none;
  color: $gray;
    font-family: $normal-font;
    font-size:1em;
 }
 .searchTerm:focus{
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
undergroundwires	1cc12195a3	fixed removing onedrive does not clean start menu / quick access	2020-08-09 03:00:19 +01:00
undergroundwires	66d4d39d5b	refactorings	2020-08-09 03:00:18 +01:00
undergroundwires	a5dbe66fc1	tweaks to disable webcam, speech and compatibility telemetry	2020-08-09 03:00:18 +01:00
undergroundwires	4c8be45e28	fixed mac / linux download links	2020-08-09 03:00:18 +01:00
undergroundwires	6049a2b834	moved windows connect now to security & recommended	2020-08-09 03:00:18 +01:00
undergroundwires	831c014f97	more scripts can be reverted	2020-08-09 03:00:18 +01:00
undergroundwires	5c15a7a64a	fixed typo in footer	2020-08-09 03:00:18 +01:00
dependabot[bot]	e43992b278	Bump elliptic from 6.5.2 to 6.5.3 (#23 ) Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.2 to 6.5.3. - [Release notes](https://github.com/indutny/elliptic/releases) - [Commits](https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2020-08-09 03:00:18 +01:00
undergroundwires	5963d2bac5	updated documentation	2020-08-09 03:00:18 +01:00
undergroundwires	45816a2bcc	updated dependencies to latest	2020-08-09 03:00:17 +01:00
undergroundwires	60a5a2aa40	reworked on footer & removed github icon	2020-08-09 03:00:17 +01:00
undergroundwires	04b9b59e14	support for desktop versions #20	2020-08-09 03:00:13 +01:00
undergroundwires	4ff4b52202	code area now shows "how" before "why"	2020-07-24 15:43:19 +01:00
undergroundwires	73c426844a	runs tests on each push on the repository	2020-07-19 15:14:23 +01:00
undergroundwires	25ce236a77	fixed dead links in documentation	2020-07-19 02:37:54 +01:00
undergroundwires-bot	9b20175545	⬆️ bumped to 0.5.0	2020-07-19 00:32:13 +00:00
undergroundwires	92a7118d1c	patched loadash vulnerability (#18 )	2020-07-19 02:27:01 +01:00
undergroundwires	a9f9e90443	all cards in same line now have same height	2020-07-19 02:27:01 +01:00
undergroundwires	31d2067f07	opening a card scrolls to its content div	2020-07-19 02:27:01 +01:00
undergroundwires	dd7e1416b4	do not collapse card when on "Search" and "Select"	2020-07-19 02:27:01 +01:00
undergroundwires	1d5225de07	search placeholder shows total scripts	2020-07-19 02:27:01 +01:00
undergroundwires	9c063d59de	added ability to revert (#21 )	2020-07-19 02:26:56 +01:00
undergroundwires-bot	57028987f1	⬆️ bumped to 0.4.10	2020-07-15 16:52:43 +01:00
undergroundwires	9e722ddfb3	fixed script errors & added tests	2020-07-15 16:52:18 +01:00
undergroundwires-bot	646a8e0b9f	⬆️ bumped to 0.4.9	2020-07-14 21:38:19 +00:00
undergroundwires	f27a2871d7	simplified docker builds	2020-07-14 18:20:15 +01:00
undergroundwires	909c44d72a	updated to may 2020 update	2020-07-14 18:20:15 +01:00
undergroundwires	53cf595e17	disable office telemetry Disassembler0/Win10-Initial-Setup-Script#288	2020-07-14 18:20:15 +01:00
undergroundwires	2c4eb78c3f	more tweaks #16	2020-07-11 17:05:21 +01:00
Disk2019	d7a1325c0b	updated one more typo (#19 )	2020-07-11 00:34:59 +01:00
undergroundwires	30efbcc621	can disable features, capabilities & remove onedrive #16	2020-07-11 00:23:23 +01:00
undergroundwires	628c16eb95	stopping services before disabling #16	2020-07-11 00:23:23 +01:00
undergroundwires	d8552c62ff	added more scripts #16 (#17 )	2020-07-11 00:23:13 +01:00
undergroundwires-bot	df84083536	⬆️ bumped to 0.4.7	2020-06-29 20:29:16 +00:00
Disk2019	461a4f122b	Fixed types + script in "Clear Windows log files" (#15 ) Kindly cross check & approve	2020-06-29 20:28:14 +00:00
undergroundwires	c937af8ee7	removed HKU tweak as all HKU's are changed #10	2020-06-29 16:20:35 +01:00
undergroundwires-bot	636d4279c8	⬆️ bumped to 0.4.6	2020-06-29 14:15:03 +00:00
Disk2019	019b838925	Updated Some More Tweaks (#13 )	2020-06-29 16:06:22 +01:00
Disk2019	0fc18459cd	Updated Some Tweaks (#11 ) ResetBase is by Default Disabled in Win10 Dism.exe /online /Cleanup-Image /StartComponentCleanup . Hence added this tweak to enable it in script on line 271 . Updated HKU Tweaks to Correct HKCU Values & removed last experimental tweak as its not needed anymore & does not do anything exccept loading default user hive & then unloading it.	2020-06-29 15:51:40 +01:00
undergroundwires	583c5660d6	removed failing continuous deployment #14	2020-06-29 14:51:52 +01:00
Disk2019	52d5713a99	Fixed Some More Issues (#12 ) Fixed typo issues : Force enable data execution prevention (DEP) disable cortana Disable diagnostics telemetry Empty trash bin	2020-06-19 20:08:16 +00:00
undergroundwires-bot	b34a66f270	⬆️ bumped to 0.4.5	2020-06-13 00:59:26 +00:00
dependabot[bot]	eed996f608	Bump websocket-extensions from 0.1.3 to 0.1.4 (#9 ) Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node) from 0.1.3 to 0.1.4. - [Release notes](https://github.com/faye/websocket-extensions-node/releases) - [Changelog](https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md) - [Commits](https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2020-06-13 00:59:03 +00:00
undergroundwires-bot	b96c5d0557	⬆️ bumped to 0.4.4	2020-05-24 19:25:47 +01:00
undergroundwires	aab8f21a8d	clicking outside of a card closes it	2020-05-24 19:25:47 +01:00
undergroundwires	c668a97950	fix "group by" overflows on smaller screens	2020-05-24 19:25:47 +01:00
undergroundwires	bb98d20637	one command to lint everything "npm run lint"	2020-05-24 19:25:47 +01:00
undergroundwires	e2ab124fb7	new footer with privacy policy	2020-05-24 19:25:47 +01:00
undergroundwires	0d2efe5b05	fixed close card button not being visible & cleanup	2020-05-24 19:25:47 +01:00
undergroundwires-bot	156a6554ef	⬆️ bumped to 0.4.3	2020-05-24 19:25:47 +01:00
undergroundwires	4a91e8ccd8	automated using bump-everywhere + more quality checks (#8 ) - new workflows - linting commands & linted stuff - security checks & fixed audited vulnerabilities - updated documentation	2020-05-24 19:25:43 +01:00
undergroundwires	997be7113f	using deployment operations from aws-static-site-with-cd	2020-05-23 22:59:29 +01:00
undergroundwires	3e3bc07576	automatically increases patch number #5	2020-04-26 15:47:20 +00:00
undergroundwires	691f989682	reading version from package.json instead of version file #5	2020-04-26 15:47:20 +00:00
undergroundwires	226074c534	simplified heading	2020-04-26 15:47:20 +00:00
undergroundwires	97b7e03233	fixed broke link	2020-04-26 15:47:20 +00:00
undergroundwires	749a140eb8	removed redundant documentation	2020-04-26 15:47:20 +00:00
undergroundwires	4739a4ac40	Merge pull request #4 from undergroundwires/dependabot/npm_and_yarn/acorn-6.4.1 Bump acorn from 6.4.0 to 6.4.1	2020-04-05 16:58:59 +00:00
dependabot[bot]	4800340b9b	Bump acorn from 6.4.0 to 6.4.1 Bumps [acorn](https://github.com/acornjs/acorn) from 6.4.0 to 6.4.1. - [Release notes](https://github.com/acornjs/acorn/releases) - [Commits](https://github.com/acornjs/acorn/compare/6.4.0...6.4.1) Signed-off-by: dependabot[bot] <support@github.com>	2020-04-05 16:20:27 +00:00
undergroundwires	074734242b	🚀 0.4.2 release	2020-02-29 18:51:55 +01:00
undergroundwires	802b36bdd8	shortened all HKEY paths	2020-01-12 10:10:37 +01:00
undergroundwires	0c39a06be5	set font on input	2020-01-11 10:55:43 +01:00
undergroundwires	e63ac4ae67	added missing semicolon for masking	2020-01-11 09:45:37 +01:00
undergroundwires	edd076fade	🚀 0.4.1 release	2020-01-11 09:27:19 +01:00
undergroundwires	0ce354ea09	using right 🔍 input type	2020-01-11 09:14:45 +01:00
undergroundwires	19813b6917	more efficient queries with single lowercase	2020-01-11 08:57:24 +01:00
undergroundwires	97a7747933	👀🔍 showing search queries	2020-01-11 08:57:06 +01:00
undergroundwires	92f1a36bcb	hide grouping while searching	2020-01-11 07:20:44 +01:00
undergroundwires	31364bdfec	fixed search bug	2020-01-11 07:18:02 +01:00
undergroundwires	5b743a67a4	Merge pull request #3 from undergroundwires/develop Develop	2020-01-11 05:57:01 +01:00
undergroundwires	16a7327750	🚀 v0.4.0	2020-01-11 05:50:58 +01:00
undergroundwires	5ea46ecbf5	more margin for the scripts	2020-01-11 05:13:18 +01:00
undergroundwires	e3f82e069e	refactorings	2020-01-11 05:13:03 +01:00
undergroundwires	95baf3175b	more scripts & better organized	2020-01-11 05:12:36 +01:00
undergroundwires	89862b2775	🔍 support for search	2020-01-10 01:35:09 +01:00
		`@@ -1 +0,0 @@`
			<mxfile host="www.draw.io" modified="2019-12-27T14:40:11.720Z" agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" etag="6t_Q0ZRAKXZ_lLm1WdcF" version="12.4.3" type="device" pages="1"><diagram id="pFg2tUHn5hOZkmQyf_J4" name="Page-1">7Vvtd6I4F/9r+lEOEMLLR23rzJzdme3qPLMvXzwUomaLxA2x1f3rnwSIEoIWFdqd3bXnKLmEJNz7u69Jb8DtavuBhuvlZxKj5MY24+0NuLux7SAA/FsQdgXBD8yCsKA4LkjWgTDFf6GSKLttcIwypSMjJGF4rRIjkqYoYgotpJS8qN3mJFFnXYcLpBGmUZjo1F9wzJblW0DzQP+I8GIpZ7bM8s4qlJ1LQrYMY/JSIYH7G3BLCWHF1Wp7ixLBO8mX4rnxkbv7hVGUsjYPfB19Hf0+Wf6+DcbR9Mtksvm2hANYjPIcJpvyhe/IKsQpp03QAmeMhrRcPttJnqwJThmi9898ZsFe6waM9m9n8kYcZksUl40lWyWyE6PkCd2ShFBOSUnKBxzNcZJI0o0NoCn+OD0JH1HyQDLMMEn5vQiJSfmNZ0QZ5hL6sdbhkTBGVpUOwwQvxA1G1pxKNizBKZ9dAkVMEpZd9oPz91iL11xtFwLPBpnPcYSMDNFn/psZVHJlVpL4M7okSuGIhaBthVRK5gMiK8Tojncp79qeXzxSqgmQ+H85gA66BWlZwRu0S6iXMF/sRz4ggV+UYDgDGJatIUPDASWbNN7L+WWJGZquQ8GSuxfOPFX2e0xYNZmXMFCxwYEQe8GjaXbDXslNyd1A564r9bTKXuCYffEXvM5fiUW8yo1UlZvNEH9VM3KdGoXR0yKXXYXb8/zDu+STDbN1RUdkY463QoKjcj13S8aEFR4KTtjjKE5tA3M7PMccFdSI+Iz2OA5ZyH8EPeO/4Sr8i6SD8CUbZAylEU4ENTea4y/8xrRQqtmUT4m55s0ist7NZsNfprPbhGxijkvfWKeLDjAxMA1gBpWP76kgcW0dJIGOEUm7BiJ/bp/idPL8FMApjNFk+8N6+/NA18CcBWNK+DvXsdJo3ea8Z0XG/G8s5h9x0xZjpNwLHHg3tiv37jDlAxX4SQkVHNBM9RCYI9iku3s0KZ7gQsOt2eiKHog3LIMGy5btkiuN2K3bd45Ehxv1jGxohD5FYj0j3iyu1F6R4P485343RslXrZJrAg1w0i1UASdpnQNON0lTTjJHm+gJdY841xwC4J2HONvzLMv91yAuA90gDToq0mDgGa7zvmDTI0+JM/OBJDjadQu45mDzCJ7Kzn87KB0JvHV4rQsOdgIexwlU8EDdTEHfkAMr0WkH0VMjeFwNPBOODsRJcnH/uca3NFRUcH8GOzJXAKjmyrGC97VVnh6JCXHw+DTMQfc5THlErCfKjcjrW+4NYgRGdFjvbFWsdmbrsPVgcHvKfHZhTmquCDiNrggYsCHUBj0J2NcEfJ/OCYc9z07cRMR7j1y67kJcffz69WGqiRrFCyS1S5gEsiBpmNwfqCM1Wz70+ZEIkeai+wMxtit1NtwwogqW85zufq02fhODGVA277bl4EVrV209IIo5rwRY7k4m1YW6n+BVmZawkC4Qe11pBGNO4oKiJGT4Wa23NUm4fPRBOMFKFO2qlRPoBgb0LMf2i29PHbB4vXKMarWsNqzt2IbFAed5rmfbZmB558xSMEebJcfm/tUvh6ulB08TFOdeKXsPZBZOTtZH7avg5baEl/028OKiNZQigQoDD14GL+Aq8PIDeHrcngEli0//smpUil4GOxTSgYhyko1YnyALfzSukAZm0GHdybUMT5U2MC3dATZUI72+wmlbz/xVbq4pfg6jnZGhrZ6XfWcGRkK7amFO7Y30bWGAr+ZXPN9SXIt7oQfbF7nLce2gBp++bYqjgSqf63vyUKdw8aqHclvip5SXaXCnUD5zLaQsqxdI2Y5v+JWBaoUB4LYC2JDScFfptt6j4piC1HZvHLuG12LE2tNyeDKfZ6gfhOtpA0/1GE43ZMPfx4zROiG6vbw+Edhi9qsM7vl1JQ3grUMWIBoyCejUgrbVAHCuBlhWYCuyHgTXKcQbgECPxT9gttw8fv8BlPlqAEUiJi8tUxj88SqkT4NFzoAuYya3VhFym6sGPQVNz2vPu/92v8tcb/fTty+TzAzmA0uT+08UL/KjE8MoQpmwAJ9i/s6YvUkt+9azgDX+59WyKUkOpScNMg3AOn7IwndUhwVB220Qx+kJRXri9TG8JEK6JCaqHtnh6o0jxVdUoGXmH9FrQ5/3hzgajXtnNaXjOnfCf0DLUVMrv5N4qn46B/r2ZQEUcLiP24dh/FsZ1gXtykjnBlB8veryPbdNACXPSfhNHO3UsTbKWk8fhkkizvMJcYbxu6QRHUK+IYa6APID0zDBlTGS3CSGgeF7PAfJt0UDUxW7C4Im5J6rAC6oQd6EhgUq9bVeFMDR9NdvowD9Y1zfx3wz69+XKQc6ro/j/xSubUv11t2kxrC2twi9GuTaIhlaavbrgnbllXOxq53daGe8Zf4kz3H2j2V9k3TyXmb6WLLbV6xyXBF62I/oagcCng5FeisWNns53RL+L0M6eN6ldtIleNq6/cLcdQ4fLZEOLoQPdKChhtqOC7jN5jmV5zqO67mB86YIatjDeAU95xxYF42HkPGENc0pttn2GPujz1l1QNFVCSw0a9Jr2DgKGmogltnBGeVmruvVr32U/kI5f/tU4b3a/la506UKnwTapQ7gEOFAt7YRuPfWV2q5452y7bB+jKa1zgNvf8xvd5jJdDzXCuR3K6V/yxjb1l3Lp+FnTuAOhmro/K8w17owF8Zxfiaw2TZ2Yu4CDW+O/p87jfW6vqq+tqdBphrQlkKtVtM6s3DmSQunVPOOV/C6Co1bm8YTHa+Ibq6SoYxtNYvwgfumtSZfDmDWlF80Ofma6s/9CEVRk4bWFXmF4zhPfpqiEtVltghM3jHWsM/XPHHaZv9vsIXZP/wvMbj/Pw==</diagram></mxfile>