x9/xetup
1
0
Fork 0
Code Issues 17 Pull requests Projects Releases 5 Packages Wiki Activity Actions
xetup/CHANGELOG.md
X9 Dev 9f7e18ced4 docs: release 0.9 
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-03 16:29:49 +02:00

6.7 KiB
Raw Blame History

Changelog

All notable changes to xetup. Format based on Keep a Changelog. No diacritics anywhere (project rule).

Builds are continuous: every push to main produces a signed xetup.exe published as the latest release. Version tags (e.g. v0.7) mark notable milestones.

[Unreleased]

Nothing yet.

[0.9] - 2026-06-03

Added

  • Bloatware feature toggles (01): the bloatware step now exposes three GUI checkboxes - standardBloatware (default on, the bulk AppX/capability/feature list), removeNewOutlook (default on, the new Outlook for Windows app Microsoft.OutlookForWindows) and removeSnippingTool (default OFF). Each toggle is independent, so a technician can spare Outlook or remove the Snipping Tool without affecting the rest.

Changed

  • Snipping Tool now kept by default (01): Microsoft.ScreenSketch (the modern Snipping Tool app) plus the legacy capability and optional feature are no longer removed unless removeSnippingTool is checked - it is a commonly used productivity tool, like Calculator. Classic Outlook from M365 was never removed (it is a Win32 app, not an AppX package); only the bundled new Outlook is, and that is now toggleable.

Fixed

  • bloatware.keepPackages was dropped at runtime: the Go Config struct had no Bloatware field, so the GUI's runtime-config regeneration silently discarded keepPackages. Added the field so the keep-list survives and is honored by 01-bloatware.ps1.

[0.8] - 2026-06-02

Added

  • Web changelog page (/changelog/) that renders CHANGELOG.md from the repo (Forgejo raw API via the /forgejo-api proxy) - single source of truth. Linked from the site nav.
  • CI release automation: the release workflow derives the release notes from CHANGELOG.md, and a version tag (vX.Y) builds, signs and publishes a named (non-prerelease) release for that version; main/dispatch keep the rolling latest prerelease.

Fixed

  • BackInfo background color: use the COLORREF value 4668194 for #223B47. BackInfo uses a COLORREF (0x00BBGGRR / BGR), so the 0.7 value 2243399 (0x223B47) was read with red/blue swapped and rendered olive-brown (#473B22). Reverts the 0.7 change.
  • BackInfo black border in some profiles (04): BackInfo paints a centered bitmap; when it is smaller than the screen, the surrounding desktop showed black in profiles whose Control Panel\Colors\Background was not set. The solid desktop background color (#223B47) is now written to HKU.DEFAULT and to every existing user profile (loading each hive as needed), in addition to the Default hive and current user, so the area around the bitmap blends in.

[0.7] - 2026-06-02

Added

  • Code signing in CI: the release workflow signs xetup.exe on every push (and via workflow_dispatch) using Azure Trusted Signing (certificate "X9.cz s.r.o.") through jsign, plus an RFC3161 timestamp (timestamp.acs.microsoft.com). jsign is pinned by version + sha256. Trusted Signing certs are short-lived (~3 days); the timestamp keeps the signature valid past expiry. Only AZURE_CLIENT_SECRET is a Forgejo Actions secret. (853908b)
  • workflow_dispatch trigger for manual release runs. (cdad15a)
  • Keyboard layout: CZ primary + US secondary, applied to all profiles via Set-WinUserLanguageList (current user) and the Preload key in the Default hive and HKU\.DEFAULT. (94b7786)

Fixed

  • winget (02, 11): pass --source winget to every install. Fresh Win11 ISOs ship an App Installer with a stale pinned cert, so the msstore source fails with 0x8a15005e and aborts the install; forcing the winget source bypasses it. (94b7786)
  • Network Discovery (10): enable by resource-string group -Group "@FirewallAPI.dll,-32752" instead of -DisplayGroup "Network Discovery", which is localized and failed on Czech Windows. (94b7786)
  • Atera detection (02): verify via the AteraAgent service (Get-Service) with a path-check fallback incl. C:\ProgramData, since Atera no longer installs to a fixed location. (94b7786)
  • Windows Update log (12): format installed updates via $_.Result/$_.Title instead of logging the raw objects (which printed "System.__ComObject"). (94b7786)
  • UCPD (02): the UCPD stop failure on Win11 24H2 (protected service) is logged WARN, not ERROR; the system-wide HKCR write succeeds regardless. (94b7786)
  • Atera under SYSTEM (02): install the MSI via a one-shot scheduled task running as NT AUTHORITY\SYSTEM (msiexec /qn). Under SYSTEM the agent registers silently with no interactive MFA window. (451b9e2)
  • Taskbar File Explorer pin (04): pin Explorer via its AppUserModelID (DesktopApplicationID="Microsoft.Windows.Explorer") instead of a hand-made .lnk. The custom shortcut launched a second Explorer that did not group with the running window and could not be unpinned. (451b9e2)
  • Accent color in all profiles (04): write AccentPalette (REG_BINARY, 8 shades from #223B47) alongside AccentColor. Without it Win11 drops the custom accent on Start/taskbar and falls back to the default. The full theme (Custom mode: dark system + light apps; accent on Start/taskbar and title bars/borders) is written to the Default hive, the current user (HKCU) and HKU\.DEFAULT so all profiles match. (4d08d0c)
  • BackInfo background color: changed BackgroundColor to 2243399 (later found wrong - BackInfo uses COLORREF/BGR; corrected in [Unreleased]). (4d08d0c)

CI / Infra

  • deploy.json update step made non-fatal (cosmetic, runs after the release is published). (8a7fc10)
  • Forgejo runner: bind-mount the docker socket into job containers so the deploy.json step's docker exec works. (c8c8523, beceeb4)
  • docker-compose: mount web/data read-write so CI can refresh deploy.json (rest of the web docroot stays read-only). (7becac7)

Docs

  • Web (spec, descriptions.json, navod, landing) updated for all of the above.
  • SPEC.md + CLAUDE.md synced. Added this CHANGELOG.md.

[0.6] - 2026-04-28

Added

  • Step 03: disable hibernation and Smart App Control; reworked Edge configuration (mandatory policies + initial_preferences). (0cfe751)

Fixed

  • Reliability and robustness pass: watchdog kills a stalled script after 30 min of silence; reboot-loop protection caps each step at 5 restarts; atomic state.json writes (tmp+rename); email report retried 3x with a local HTML fallback; Default-hive unload retried; resume mode fixed to actually run pending steps. (d30767e)

Earlier history (pre-0.6): see the git log - initial Go launcher, embedded PowerShell steps, reboot-resume cycle, Forgejo CI build, and the static site at xetup.x9.cz.