msix

Author(s)

• Sander de Wit

Tags

MSIX PSF Packaging AppX WindowsApps ContextMenu Investigation ProcMon Accelerator AppData AppAttach VHDX CIM AppIsolation Sandbox TMurgent MFR VcRuntime Compare TMEditX Enterprise CICD Pester PSADT

Functions

Add-MsixAlias Add-MsixAppIsolation Add-MsixCapability Add-MsixComServerExtension Add-MsixDiagnosticTrace Add-MsixEvidence Add-MsixFileExplorerContextMenu Add-MsixFileTypeAssociation Add-MsixFirewallRule Add-MsixFontExtension Add-MsixLegacyContextMenu Add-MsixLoaderSearchPathOverride Add-MsixManifestNamespace Add-MsixProtocolHandler Add-MsixPsfV2 Add-MsixShellVerbExtension Add-MsixSplashScreen Add-MsixStandardScript Add-MsixStartMenuFolder Add-MsixStartupTask Add-MsixVcRuntimeBundle Assert-MsixProcessSuccess Compare-MsixPackage Compare-MsixTrace ConvertFrom-MsixTraceLine ConvertFrom-MsixTraceToFinding ConvertFrom-MsixYamlAccelerator ConvertTo-MsixFinding ConvertTo-MsixLegacyFinding ConvertTo-MsixSarif ConvertTo-MsixReportHtml Copy-MsixHostAppDataIntoPackage Export-MsixRemediationPlan Dismount-MsixAppAttachImage Find-MsixPlaybook Get-MsixAliasCandidate Get-MsixAppRuntimeVersion Get-MsixCapabilityHint Get-MsixCompatibilityReport Get-MsixComServerEntry Get-MsixContainerAppData Get-MsixDebugRecommendation Get-MsixDebugViewVersion Get-MsixDesktopShortcutCandidate Get-MsixFindingConfidence Get-MsixFontCandidate Get-MsixHeuristicFinding Get-MsixInfo Get-MsixIsolationCapability Get-MsixKnownCapability Get-MsixLimitation Get-MsixManifest Get-MsixManifestApplication Get-MsixManifestApplications Get-MsixManifestNamespaceUri Get-MsixMfrKnownFolder Get-MsixMgrVersion Get-MsixNestedPackageCandidate Get-MsixOrphanedAppData Get-MsixPackageStorageSummary Get-MsixPlaybook Get-MsixPluginExtensionPoint Get-MsixProcMonFailure Get-MsixPsfBinariesVersion Get-MsixPublisherId Get-MsixRequiredAppRuntimeChannel Get-MsixRunKeyEntry Get-MsixSdkToolsVersion Get-MsixShellContextMenuEntry Get-MsixStandardScript Get-MsixStaticAnalysis Get-MsixToolsRoot Get-MsixTraceFailure Get-MsixTraceOutput Get-MsixUninstallerCandidate Get-MsixUninstallRegistryEntry Get-MsixUpdaterCandidate Get-MsixVcRuntimeReference Import-MsixAccelerator Import-MsixRemediationPlan Import-MsixSparseShellExtension Initialize-MsixToolchain Install-MsixAppRuntime Install-MsixDebugView Install-MsixMgr Install-MsixProcMon Install-MsixPsfBinary Install-MsixSdkTool Invoke-MsixAccelerator Invoke-MsixAutoFix Invoke-MsixAutoFixFromAnalysis Invoke-MsixAutoFixLoop Invoke-MsixCommand Invoke-MsixContainerCommand Invoke-MsixInvestigation Invoke-MsixManifestTransform Invoke-MsixPipeline Invoke-MsixPlaybook Invoke-MsixProcess Invoke-MsixRemediationPlan Invoke-MsixProcMonCapture Invoke-MsixSelfSignAndDebug Invoke-MsixSigning Merge-MsixFinding Mount-MsixAppAttachImage New-MsixAppAttachImage New-MsixFinding New-MsixManifestDocument New-MsixRemediationPlan New-MsixMfrLocalRule New-MsixMfrTraditionalRule New-MsixPsfArgument New-MsixPsfConfig New-MsixPsfDynamicLibraryConfig New-MsixPsfEnvVarConfig New-MsixPsfFileRedirectionConfig New-MsixPsfJson New-MsixPsfMfrConfig New-MsixPsfRegLegacyConfig New-MsixPsfStartScriptConfig New-MsixPsfTraceConfig New-MsixPsfWaitForDebuggerConfig New-MsixSandboxConfig New-MsixSelfSignedCertificate New-MsixStandardScript New-MsixWorkspace Remove-MsixAppIsolation Remove-MsixDesktopShortcut Remove-MsixStartMenuEntry Remove-MsixShellRegistryArtifact Remove-MsixUninstallerArtifact Remove-MsixUpdaterArtifact Resolve-MsixDebugViewPath Resolve-MsixMgrPath Resolve-MsixProcMonPath Save-MsixManifest Select-MsixManifestNode Select-MsixManifestNodes Set-MsixBrandMetadata Set-MsixFileSystemWriteVirtualization Set-MsixInstalledLocationVirtualization Set-MsixLogFile Set-MsixLogLevel Set-MsixManifestIdentity Set-MsixManifestMaxVersionTested Set-MsixManifestPublisher Set-MsixRegistryWriteVirtualization Set-MsixScriptSignature Set-MsixToolsRoot Start-MsixDebugSession Start-MsixSandbox Test-MsixAgainstLimitation Test-MsixAppAttachImage Test-MsixManifest Test-MsixPsfConfig Test-MsixRemediationPlan Test-MsixSignature Update-MsixAppRuntime Update-MsixDebugView Update-MsixMgr Update-MsixPackageVersion Update-MsixProcMon Update-MsixPsfBinary Update-MsixSdkTool Update-MsixSigner Write-MsixLog

Dependencies

This module has no dependencies.

Release Notes

## v0.70.5

### Tier-2 remediation orchestration: #30 + #31 + #32
- Compare-MsixTrace (#31): before/after correlation of two runtime
 trace captures (DebugView .log/.txt or ProcMon .pml). Classifies
 every observed failure row as Resolved / Persisted / Introduced
 based on a (Function x Path x Result) match key. -Sarif emits a
 three-run SARIF 2.1.0 document so regressions show up as errors,
 fixes show up as notes.
- New/Export/Import/Test/Invoke-MsixRemediationPlan (#32):
 serialise a remediation plan to YAML, route through change-control,
 and replay it deterministically against a later package build.
 Strict cmdlet-safety guard (only MSIX module cmdlets may appear in
 appliedFixes), identity + SHA-256 fingerprint drift detection,
 single-sign-at-end semantics matching Invoke-MsixPlaybook.
 YAML emitter/parser is dependency-free and scalar-only - same
 security stance as the accelerator YAML.
- Invoke-MsixAutoFixLoop (#30): multi-pass remediation pipeline.
 Per-pass artefacts under $env:TEMP\msix-autofix-loop-<runId>\pass-N\,
 optional Compare-MsixTrace integration for NoRegressions stop
 condition, MinConfidence gate from the evidence model, signs once
 at the end. Closes the loop on chained MSIX issues where fixing
 one problem reveals the next.

### PowerShell 5.1 compatibility
- Removed PS7-only null-coalescing operator (??) from Merge-MsixFinding
 and Invoke-MsixAutoFixLoop.
- Stripped em-dashes from string literals in MSIX.RemediationPlan.ps1
 and MSIX.AutoFixLoop.ps1: the UTF-8 byte 0x94 was read as a curly
 double-quote terminator under CP-1252 when files lack a BOM, which
 is the default on Windows PowerShell 5.1.

### Quality bar
- Pester: 351 pass / 0 fail / 1 skip on PowerShell 7
 (27 new tests for the Tier-2 features).
- PSScriptAnalyzer (scoped to MSIX module): 0 findings.

## v0.70.4

### Tier-1 foundation: unified evidence model + confidence scoring (#29)
- New MSIX.Evidence.ps1: New-MsixFinding / Add-MsixEvidence /
 Merge-MsixFinding / Get-MsixFindingConfidence /
 ConvertTo-MsixFinding (legacy adapter) / ConvertTo-MsixLegacyFinding.
- Invoke-MsixAutoFixFromAnalysis: new -MinConfidence gate (default 0.85).
 Legacy findings without EvidenceItems are treated as confident so the
 migration is incremental and nothing regresses.
- SARIF emitter surfaces evidenceItems[] and confidence in
 result.properties when the analyzer populated them.
- Unblocks #30 (Invoke-MsixAutoFixLoop), #31 (Compare-MsixTrace),
 #32 (Export/Import/Invoke-MsixRemediationPlan).

### PSSA cleanup
- Get-MsixManifestApplication: per-parameter-set OutputType (XmlNode
 for First/ById, XmlNode[] for All), plus return-site casts so PSSA's
 static type inference matches.
- Get-MsixRequiredAppRuntimeChannel: returns [string[]] (was Object[]).
- Tests: trailing whitespace stripped from Recommendations test file.
- PSScriptAnalyzer (scoped to MSIX module): 0 findings.
- Pester: 325 pass / 0 fail / 1 skip.

## v0.70.0

### Security hardening
- Authenticode verification for every downloaded toolchain binary
 (PSF, Procmon, msixmgr, SDK tools) before use.
- SecureString for all signing/PFX secrets end-to-end. ConvertTo-SecureString
 -AsPlainText -Force is banned; tests use ConvertTo-TestSecureString instead.
- Secret non-leakage: Get-MsixDebugRecommendation emits a Read-Host
 -AsSecureString placeholder, never the real value. SignTool with -Pfx
 now emits a -WarningVariable-capturable warning about cmdline exposure.
- XML hardening: all manifest loading via _MsixLoadXmlSecure
 (DtdProcessing=Prohibit, MaxCharactersFromEntities=1MB). XXE and
 billion-laughs payloads are rejected.
- powershell-yaml dependency removed; accelerator parser is a restricted
 scalar-only implementation that cannot instantiate .NET objects from
 untrusted YAML.

### Reliability & architecture
- Atomic pack-sign-move: Invoke-MsixPipeline packs to a scratch path,
 signs at the scratch, then Move-Item to the target only on success.
 UnsignedOutputPath preserves the scratch when signing fails.
- Consistent -WhatIf semantics across every mutating cmdlet.
- Pure manifest transforms: Invoke-MsixManifestTransform,
 Set-MsixManifestPublisher, Set-MsixManifestIdentity (in-memory XML
 only, no pack/sign).
- Three signing backends: SignTool (default), TrustedSigning,
 AzureSignTool. PFX password is a SecureString throughout.
- offreg.dll integration: Get-MsixUninstallRegistryEntry,
 Get-MsixShellContextMenuEntry, Get-MsixComServerEntry, and the
 Remove-MsixUninstallerArtifact registry-cleanup path no longer
 require elevation. reg.exe load (admin-only) replaced with the
 Offline Registry API.
- Shell-extension context menus generated via the TMEditX-verified
 desktop4 + desktop5 schema. New AppExecutionAlias autofix stage.
 Alias inheritance from parent Application Executable.

### Documentation & testing
- EXAMPLES.md: 19 copy-paste recipes covering all major use cases.
- TEST-PLAN.md: 13 integration scenarios + release checklist.
- CONTRIBUTING.md: coding standards (SecureString hygiene, XML loading,
 WhatIf semantics, Authenticode requirements).
- 230+ Pester tests; CI runs PSScriptAnalyzer (Error+Warning) and Pester
 on every push/PR. All tests import via .psd1 (not .psm1).

Full release history: see CHANGELOG.md in the project repository.