x9/xetup
1
0
Fork 0
Code Issues 17 Pull requests Projects Releases 5 Packages Wiki Activity Actions
xetup/CHANGELOG.md
X9 Dev d20b0b439e
All checks were successful
release / build-and-release (push) Successful in 32s
Details
fix(backinfo): set desktop background color in all profiles (no black border) 
BackInfo paints a centered bitmap; when it is smaller than the screen the area
around it shows HKCU\Control Panel\Colors\Background, which was black in profiles
step 04 had not touched. Set the solid background (#223B47) in HKU\.DEFAULT and in
every existing user profile (loading each hive as needed), on top of the Default
hive and current user, so the border around the bitmap blends into the background.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-02 14:35:22 +02:00

87 lines
5 KiB
Markdown
Raw Blame History

# Changelog
All notable changes to xetup. Format based on [Keep a Changelog](https://keepachangelog.com).
No diacritics anywhere (project rule).
Builds are continuous: every push to `main` produces a signed `xetup.exe` published as the
`latest` release. Version tags (e.g. `v0.7`) mark notable milestones.
## [Unreleased]
### Fixed
- **BackInfo background color**: use the COLORREF value `4668194` for #223B47. BackInfo uses a
COLORREF (`0x00BBGGRR` / BGR), so the 0.7 value `2243399` (`0x223B47`) was read with red/blue
swapped and rendered olive-brown (#473B22). Reverts the 0.7 change.
- **BackInfo black border in some profiles** (04): BackInfo paints a centered bitmap; when it is
smaller than the screen, the surrounding desktop showed black in profiles whose
`Control Panel\Colors\Background` was not set. The solid desktop background color (#223B47) is
now written to HKU\.DEFAULT and to every existing user profile (loading each hive as needed),
in addition to the Default hive and current user, so the area around the bitmap blends in.
## [0.7] - 2026-06-02
### Added
- **Code signing in CI**: the release workflow signs `xetup.exe` on every push (and via
`workflow_dispatch`) using Azure Trusted Signing (certificate "X9.cz s.r.o.") through jsign,
plus an RFC3161 timestamp (`timestamp.acs.microsoft.com`). jsign is pinned by version + sha256.
Trusted Signing certs are short-lived (~3 days); the timestamp keeps the signature valid past
expiry. Only `AZURE_CLIENT_SECRET` is a Forgejo Actions secret. (`853908b`)
- `workflow_dispatch` trigger for manual release runs. (`cdad15a`)
- **Keyboard layout**: CZ primary + US secondary, applied to all profiles via
`Set-WinUserLanguageList` (current user) and the `Preload` key in the Default hive and
`HKU\.DEFAULT`. (`94b7786`)
### Fixed
- **winget** (02, 11): pass `--source winget` to every install. Fresh Win11 ISOs ship an App
Installer with a stale pinned cert, so the msstore source fails with `0x8a15005e` and aborts
the install; forcing the winget source bypasses it. (`94b7786`)
- **Network Discovery** (10): enable by resource-string group `-Group "@FirewallAPI.dll,-32752"`
instead of `-DisplayGroup "Network Discovery"`, which is localized and failed on Czech Windows. (`94b7786`)
- **Atera detection** (02): verify via the `AteraAgent` service (`Get-Service`) with a path-check
fallback incl. `C:\ProgramData`, since Atera no longer installs to a fixed location. (`94b7786`)
- **Windows Update log** (12): format installed updates via `$_.Result`/`$_.Title` instead of
logging the raw objects (which printed "System.__ComObject"). (`94b7786`)
- **UCPD** (02): the UCPD stop failure on Win11 24H2 (protected service) is logged WARN, not
ERROR; the system-wide HKCR write succeeds regardless. (`94b7786`)
- **Atera under SYSTEM** (02): install the MSI via a one-shot scheduled task running as
`NT AUTHORITY\SYSTEM` (`msiexec /qn`). Under SYSTEM the agent registers silently with no
interactive MFA window. (`451b9e2`)
- **Taskbar File Explorer pin** (04): pin Explorer via its AppUserModelID
(`DesktopApplicationID="Microsoft.Windows.Explorer"`) instead of a hand-made `.lnk`. The custom
shortcut launched a second Explorer that did not group with the running window and could not be
unpinned. (`451b9e2`)
- **Accent color in all profiles** (04): write `AccentPalette` (REG_BINARY, 8 shades from #223B47)
alongside `AccentColor`. Without it Win11 drops the custom accent on Start/taskbar and falls back
to the default. The full theme (Custom mode: dark system + light apps; accent on Start/taskbar and
title bars/borders) is written to the Default hive, the current user (HKCU) and `HKU\.DEFAULT` so
all profiles match. (`4d08d0c`)
- **BackInfo background color**: changed `BackgroundColor` to 2243399 (later found wrong - BackInfo
uses COLORREF/BGR; corrected in [Unreleased]). (`4d08d0c`)
### CI / Infra
- deploy.json update step made non-fatal (cosmetic, runs after the release is published). (`8a7fc10`)
- Forgejo runner: bind-mount the docker socket into job containers so the deploy.json step's
`docker exec` works. (`c8c8523`, `beceeb4`)
- docker-compose: mount `web/data` read-write so CI can refresh `deploy.json` (rest of the web
docroot stays read-only). (`7becac7`)
### Docs
- Web (spec, descriptions.json, navod, landing) updated for all of the above.
- `SPEC.md` + `CLAUDE.md` synced. Added this `CHANGELOG.md`.
## [0.6] - 2026-04-28
### Added
- Step 03: disable hibernation and Smart App Control; reworked Edge configuration
(mandatory policies + initial_preferences). (`0cfe751`)
### Fixed
- Reliability and robustness pass: watchdog kills a stalled script after 30 min of silence;
reboot-loop protection caps each step at 5 restarts; atomic `state.json` writes (tmp+rename);
email report retried 3x with a local HTML fallback; Default-hive unload retried; resume mode
fixed to actually run pending steps. (`d30767e`)
---
Earlier history (pre-0.6): see the git log - initial Go launcher, embedded PowerShell steps,
reboot-resume cycle, Forgejo CI build, and the static site at xetup.x9.cz.
Reference in a new issue View git blame Copy permalink