x9/xetup
1
0
Fork 0
Code Issues 17 Pull requests Projects Releases 5 Packages Wiki Activity Actions
xetup/CHANGELOG.md
X9 Dev e0206f7e1e
All checks were successful
release / build-and-release (push) Successful in 33s
Details
fix(backinfo): background color is COLORREF, revert to 4668194 (#223B47) 
BackInfo reads BackgroundColor as a Windows COLORREF (0x00BBGGRR / BGR), as its
own header documents. The 0.7 value 2243399 (0x223B47) was therefore read with
red/blue swapped and rendered olive-brown (#473B22 / observed ~#554D39). The
correct COLORREF for #223B47 is 71*65536 + 59*256 + 34 = 4668194 (the original
value). Docs updated to match.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-02 14:25:12 +02:00

4.6 KiB
Raw Blame History

Changelog

All notable changes to xetup. Format based on Keep a Changelog. No diacritics anywhere (project rule).

Builds are continuous: every push to main produces a signed xetup.exe published as the latest release. Version tags (e.g. v0.7) mark notable milestones.

[Unreleased]

Fixed

  • BackInfo background color: use the COLORREF value 4668194 for #223B47. BackInfo uses a COLORREF (0x00BBGGRR / BGR), so the 0.7 value 2243399 (0x223B47) was read with red/blue swapped and rendered olive-brown (#473B22). Reverts the 0.7 change.

[0.7] - 2026-06-02

Added

  • Code signing in CI: the release workflow signs xetup.exe on every push (and via workflow_dispatch) using Azure Trusted Signing (certificate "X9.cz s.r.o.") through jsign, plus an RFC3161 timestamp (timestamp.acs.microsoft.com). jsign is pinned by version + sha256. Trusted Signing certs are short-lived (~3 days); the timestamp keeps the signature valid past expiry. Only AZURE_CLIENT_SECRET is a Forgejo Actions secret. (853908b)
  • workflow_dispatch trigger for manual release runs. (cdad15a)
  • Keyboard layout: CZ primary + US secondary, applied to all profiles via Set-WinUserLanguageList (current user) and the Preload key in the Default hive and HKU\.DEFAULT. (94b7786)

Fixed

  • winget (02, 11): pass --source winget to every install. Fresh Win11 ISOs ship an App Installer with a stale pinned cert, so the msstore source fails with 0x8a15005e and aborts the install; forcing the winget source bypasses it. (94b7786)
  • Network Discovery (10): enable by resource-string group -Group "@FirewallAPI.dll,-32752" instead of -DisplayGroup "Network Discovery", which is localized and failed on Czech Windows. (94b7786)
  • Atera detection (02): verify via the AteraAgent service (Get-Service) with a path-check fallback incl. C:\ProgramData, since Atera no longer installs to a fixed location. (94b7786)
  • Windows Update log (12): format installed updates via $_.Result/$_.Title instead of logging the raw objects (which printed "System.__ComObject"). (94b7786)
  • UCPD (02): the UCPD stop failure on Win11 24H2 (protected service) is logged WARN, not ERROR; the system-wide HKCR write succeeds regardless. (94b7786)
  • Atera under SYSTEM (02): install the MSI via a one-shot scheduled task running as NT AUTHORITY\SYSTEM (msiexec /qn). Under SYSTEM the agent registers silently with no interactive MFA window. (451b9e2)
  • Taskbar File Explorer pin (04): pin Explorer via its AppUserModelID (DesktopApplicationID="Microsoft.Windows.Explorer") instead of a hand-made .lnk. The custom shortcut launched a second Explorer that did not group with the running window and could not be unpinned. (451b9e2)
  • Accent color in all profiles (04): write AccentPalette (REG_BINARY, 8 shades from #223B47) alongside AccentColor. Without it Win11 drops the custom accent on Start/taskbar and falls back to the default. The full theme (Custom mode: dark system + light apps; accent on Start/taskbar and title bars/borders) is written to the Default hive, the current user (HKCU) and HKU\.DEFAULT so all profiles match. (4d08d0c)
  • BackInfo background color: changed BackgroundColor to 2243399 (later found wrong - BackInfo uses COLORREF/BGR; corrected in [Unreleased]). (4d08d0c)

CI / Infra

  • deploy.json update step made non-fatal (cosmetic, runs after the release is published). (8a7fc10)
  • Forgejo runner: bind-mount the docker socket into job containers so the deploy.json step's docker exec works. (c8c8523, beceeb4)
  • docker-compose: mount web/data read-write so CI can refresh deploy.json (rest of the web docroot stays read-only). (7becac7)

Docs

  • Web (spec, descriptions.json, navod, landing) updated for all of the above.
  • SPEC.md + CLAUDE.md synced. Added this CHANGELOG.md.

[0.6] - 2026-04-28

Added

  • Step 03: disable hibernation and Smart App Control; reworked Edge configuration (mandatory policies + initial_preferences). (0cfe751)

Fixed

  • Reliability and robustness pass: watchdog kills a stalled script after 30 min of silence; reboot-loop protection caps each step at 5 restarts; atomic state.json writes (tmp+rename); email report retried 3x with a local HTML fallback; Default-hive unload retried; resume mode fixed to actually run pending steps. (d30767e)

Earlier history (pre-0.6): see the git log - initial Go launcher, embedded PowerShell steps, reboot-resume cycle, Forgejo CI build, and the static site at xetup.x9.cz.