aboutsummaryrefslogtreecommitdiff
path: root/src (unfollow)
Commit message (Collapse)AuthorFilesLines
2024-03-22WiX Toolset v5.0.0-rc.2v5.0.0-rc.2Rob Mensching1-1/+1
2024-03-22Protect elevated working folder from malicious dataRob Mensching6-33/+43
When running elevated, Burn uses the Windows Temp folder as its working folder to prevent normal processes from tampering with the files. Windows Temp does allow non-elevated processes to write to the folder but they cannot see the files there. Unfortunately, contrary to our belief, non-elevated processes can read the files in Windows Temp by watching for directory changes. This allows a malicious process to lie in wait, watching the Windows Temp folder until a Burn process is launched elevated, then attack the working folder. Mitigate that attack by protecting the working folder to only elevated users. Managed custom actions also fall back to using the Windows Temp folder in some cases and thus can be exposed in a similar fashion as an elevated Burn process. Remove that possibility.
2024-03-22Don't follow junctions when recursing directories.Rob Mensching2-3/+13
When deleting directories recursively, an elevated custom action following junctions in a user-writable location could recurse into any directory, including some that you might not want to be deleted. Therefore, avoid recursing into directories that are actually junctions (aka "reparse points"). This applies to: - The RemoveFoldersEx custom action (which doesn't actually do deletions but would instruct elevated MSI to delete on your behalf). - DTF's custom action runner.
2024-03-21Simplify BootstrapperApplication header filesRob Mensching34-154/+75
Take this breaking change opportunity to simplify the header files used by BA devs.
2024-03-20Fix "typo."Bob Arnson1-1/+1
2024-03-20Fix IniFile action values.Bob Arnson3-5/+26
Fixes https://github.com/wixtoolset/issues/issues/8059.
2024-03-18Fix Profile column definition.Bob Arnson5-7/+20
It's a formatted field but was too short. Fixes https://github.com/wixtoolset/issues/issues/8043.
2024-03-18Use WixBA in an upgrade.Bob Arnson5-2/+79
2024-03-14Clean up Burn a bit.Bob Arnson6-3502/+1
2024-03-14Handle directories a bit better for `Files`.Bob Arnson14-15/+43
Fixes https://github.com/wixtoolset/issues/issues/8040.
2024-03-12Fix localization collation.Bob Arnson6-1/+63
Fixes https://github.com/wixtoolset/issues/issues/8036.
2024-03-10Start WiX Toolset v5-rc.2Rob Mensching1-1/+1
2024-03-08WiX Toolset v5.0.0-rc.1v5.0.0-rc.1Rob Mensching2-2/+1
2024-03-08Ensure virtual symbols are included when overridden but not referencedRob Mensching13-156/+322
2024-03-07Add tests demonstrating linker error.Bob Arnson2-18/+50
2024-03-07Rename "bundle extension" to "bootstrapper extension" for more consistencyRob Mensching119-1087/+1082
Also renames WixToolet.BextUtil nupkg to WixToolset.BootstrapperExtensionApi.
2024-03-07Move wixstdba functions to Bal.wixext buildRob Mensching40-57/+397
2024-03-07Better .nupkg namesRob Mensching324-607/+534
2024-03-06WIP - BA header simplificationRob Mensching23-67/+50
2024-03-06Move the BootstrapperApplication out of procRob Mensching420-12382/+24331
2024-03-06Do not follow junctions when recursively deleting directoriesRob Mensching1-4/+4
This will prevent elevated processes from accidentally following a junction from a user-writable directory to a per-machine directory and erroneously deleting the per-machine contents.
2024-03-06Mitigate .local DLL redirection Windows bug.Bob Arnson2-0/+27
2024-03-06Normalize signing command-lineRob Mensching1-9/+8
2024-03-06WiX v5 uses `wixext5` NuGet package subdirectory.Bob Arnson6-9/+58
Fixes wixtoolset/issues#7709.
2024-03-03More virtual/override symbols.Bob Arnson12-19/+19
And *Sequence/Show works thusly, even with somewhat funky ids.
2024-02-28Add detail when failing to extract containers.Bob Arnson2-4/+4
2024-02-27Decompile null Message column in Error table.Bob Arnson3-1/+2
2024-02-27Cleaning up a typo and a missed commit.Bob Arnson2-1/+6
2024-02-27Use camelCase attribute values.Bob Arnson6-80/+98
2024-02-26Add `Files` file harvesting.Bob Arnson40-9/+1146
Implements https://github.com/wixtoolset/issues/issues/7857. Like [naked files](https://github.com/wixtoolset/issues/issues/7696), `Files` elements can appear where `Component` elements do in WiX v4. The optimizer enumerates files and directories, generating single-file components as it goes. MSBuild-like wildcards (including `**`) are supported. `Excludes` child elements lets you exclude files that would otherwise be captured by wildcards.
2024-02-17Support loc strings for Directory/@ShortName.Bob Arnson4-1/+10
Fixes https://github.com/wixtoolset/issues/issues/7935.
2024-02-17Allow MsiProperty/@Value to be an empty string.Bob Arnson5-2/+13
Fixes https://github.com/wixtoolset/issues/issues/7798.
2024-02-16Test/sample for default major upgrade message.Bob Arnson3-0/+29
2024-02-16Switch to `virtual` access modifiers...Bob Arnson11-74/+79
...from `Overridable="yes"`. Fixes https://github.com/wixtoolset/issues/issues/7981 for WiX v5.
2024-02-05Improve error when virtual action symbols collide.Bob Arnson3-6/+25
2024-01-22Fix crash when CloseApplications_X64 closes Electron appAndrzej Wojtas1-1/+1
2024-01-20Fixes wixtoolset/issues#5220: Automatically add logging flag for any burn ↵Nir Bar6-1/+102
ExePackage, BundlePackage, and related bundles
2024-01-19Clean up TouchFile.Bob Arnson2-6/+6
2024-01-11Correctly prefix the functions exposed from burnpipe.hRob Mensching10-115/+115
2024-01-11Update Burn to use pipeutil for low-level pipe operationsRob Mensching8-328/+86
2024-01-11Add pipeutil to dutilRob Mensching12-7/+570
Plus a couple small clean-ups in a couple of dutil files.
2024-01-11Rename inter-Burn communication related pipe fileRob Mensching5-4/+4
When BootstrapperApplications move out of proc there will be another set of pipes in Burn that behave differently from the inter-Burn communication pipes that exist now. So renaming the existing pipe related files now to better reflect that it is related to Burn talking to Burn when elevated or embedded.
2024-01-08Support naked files.Bob Arnson27-120/+751
Implements https://github.com/wixtoolset/issues/issues/7696. `File` elements can appear where `Component` elements do in WiX v4. The compiler generates an appropriate per-file component. Naked files under `Directory`, `DirectoryRef`, `Fragment`, `StandardDirectory`, or `Package` elements are included in a package via the [default-feature feature](https://github.com/wixtoolset/issues/issues/7581). Naked files appearing under `ComponentGroup`, `Feature`, `FeatureRef`, and `FeatureGroup` generate the component and the reference to the parent element. Components and naked Files default to being installed to INSTALLFOLDER (including a default INSTALLFOLDER if one isn't otherwise authored).
2024-01-01Remove warning for `Wix` bundle variable prefix.Bob Arnson8-97/+50
It's a bit overzealous. Fixes https://github.com/wixtoolset/issues/issues/7579.
2023-12-31Use `/DEPENDENTLOADFLAG` to tell the loader...Bob Arnson1-0/+1
...to load DLLs from System32 only. (Belt and suspenders to current approaches.) See https://devblogs.microsoft.com/oldnewthing/20230328-00/?p=107978. Fixes https://github.com/wixtoolset/issues/issues/7319.
2023-12-31Remove bundle container signing support.Bob Arnson2-29/+2
It was never implemented and ass-u-mes containers are cabs, which hopefully won't be the case forever. Fixes https://github.com/wixtoolset/issues/issues/7490.
2023-12-31Rename IWindowsInstallerDecompileContext...Bob Arnson6-19/+11
...TreatProductAsModule to KeepModularizationIds to better describe what it does. Fixes https://github.com/wixtoolset/issues/issues/7607.
2023-12-30Add a warning that VBScript is deprecated.Bob Arnson4-0/+66
2023-12-30Add default major upgrade.Bob Arnson9-5/+164
Add Package/@UpgradeStrategy to allow `none` to suppress major upgrade. Implements https://github.com/wixtoolset/issues/issues/7605. Requires https://github.com/wixtoolset/wix/pull/435.
2023-12-30Provide a default INSTALLFOLDER.Bob Arnson6-40/+157
If INSTALLFOLDER is referenced and not defined, define one with reasonable default values. Implements WIP https://github.com/wixtoolset/issues/issues/7588.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-16 22:37:48 +0000