Skip to content

winTerm 1.0.1

Choose a tag to compare

@github-actions github-actions released this 18 Jul 10:01
27653d4

winTerm 1.0.1

Download

Download these files from the official winTerm v1.0.1 GitHub Release:

  • winTerm-1.0.1-x64.msix — the Windows 11 x64 installer;
  • winTerm-1.0.1.cer — the public self-signed code-signing certificate;
  • INSTALL.txt — certificate trust, installation, and removal instructions;
  • SHA256SUMS.txt — hashes for every published asset.

GitHub also displays automatically generated source archives. They are source snapshots, not the Windows installer.

Important signing notice

The installer is cryptographically self-signed with CN=winTerm Development; it is not signed by a public certificate authority and has no public timestamp. Windows will not trust it automatically.

Verify that every file came from github.com/HelloThisWorld/winTerm, check the SHA-256 hashes, and import only the certificate attached to the same Release. Never install a certificate or package obtained from a mirror or third-party download site.

Installation

  1. Place the MSIX, CER, INSTALL.txt, and SHA256SUMS.txt in one directory.

  2. Verify all hashes:

    .\scripts\winterm\verify-checksums.ps1 -Directory .

    If the repository scripts are not available, compare the MSIX manually:

    $expected = (Get-Content .\SHA256SUMS.txt |
        Where-Object { $_ -match 'winTerm-1.0.1-x64.msix$' }).Split(' ')[0]
    $actual = (Get-FileHash .\winTerm-1.0.1-x64.msix -Algorithm SHA256).Hash.ToLowerInvariant()
    if ($actual -cne $expected) { throw 'SHA-256 mismatch.' }
  3. Open winTerm-1.0.1.cer, select Install Certificate, choose Local Machine, approve the administrator prompt, and place it in Trusted People.

  4. Open winTerm-1.0.1-x64.msix and select Install.

PowerShell equivalent, run as administrator:

Import-Certificate `
  -FilePath .\winTerm-1.0.1.cer `
  -CertStoreLocation Cert:\LocalMachine\TrustedPeople

Add-AppxPackage .\winTerm-1.0.1-x64.msix

The package identity is HelloThisWorld.winTerm. It registers winterm.exe and does not register or replace Windows Terminal’s wt.exe.

What changed

  • Removed the previous package-identity name from source, validation, documentation, and publishing metadata.
  • Established HelloThisWorld.winTerm as the independent package and WinGet identity.
  • Updated application, package, shell module, release metadata, installer, and documentation versions to 1.0.1.
  • Added an exact-tag self-signed release pipeline that publishes the final MSIX, public certificate, installation instructions, checksums, notices, SBOMs, symbols, and GitHub provenance.
  • Added a direct download entry and version badge at the top of the README.

Supported platform

Windows 11 x64 is the supported release target. ARM64 and Windows 10 are not part of this Release.

Uninstall and remove certificate trust

Uninstall winTerm from Windows Settings. To remove the trusted self-signed certificate afterward, run PowerShell as administrator:

$certificate = [Security.Cryptography.X509Certificates.X509Certificate2]::new(
  (Resolve-Path .\winTerm-1.0.1.cer))
Remove-Item "Cert:\LocalMachine\TrustedPeople\$($certificate.Thumbprint)"

Removing winTerm must not remove Windows Terminal, wt.exe, WSL, global fonts, PowerShell profiles, or unrelated application data.

Provenance and security

The GitHub Release workflow builds from the exact immutable v1.0.1 Tag, removes the temporary private key after signing, verifies the embedded MSIX signature against the published CER, creates GitHub artifact attestations, and re-downloads the public assets for checksum and package verification.

Attestation verifies source and integrity; it is not proof that the application has no vulnerabilities. Follow SECURITY.md for private vulnerability reporting.

Self-signed installer: download winTerm-1.0.1-x64.msix, winTerm-1.0.1.cer, INSTALL.txt, and SHA256SUMS.txt. Windows does not trust this certificate by default. Verify the hashes and repository URL before importing the certificate into Trusted People.