CMTrace Open v1.4.0
A modern, open-source, cross-platform replacement for Microsoft's CMTrace.exe — a log viewer for Windows troubleshooting with built-in Intune (IME) diagnostics, DSRegCmd analysis, and real-time log tailing.
Highlights
- CCM/PSADT
type="0"now renders as a first-class Success (green tick) instead of being flattened into Info — matching OneTrace. Wired through the severity filter, row rendering, Quick Stats, and status bar, with Success palettes across all 8 themes. (#248, closes #211) - Error navigation — jump straight to the next or previous error/warning without scrolling. (#192)
- Teams (MSIX) client log collection — the collector and known-sources list now cover the new Microsoft Teams log locations. (#205, #242)
- Log Text column auto-fits to its widest message the first time you open a file.
- Now built on Tauri 2.11 and TypeScript 7, with signed builds for Windows (x64/arm64), macOS (Apple Silicon), and Linux — in both Full and Lite editions.
Downloads
| Platform | Files |
|---|---|
| Windows x64 / arm64 | CMTrace-Open_1.4.0_<arch>-setup.exe (NSIS installer), CMTrace-Open_1.4.0_<arch>.msi, CMTrace-Open_1.4.0_<arch>.exe (Full standalone), CMTrace-Open-Lite_1.4.0_<arch>.exe (Lite standalone) |
| macOS (Apple Silicon) | CMTrace.Open_1.4.0_aarch64.dmg (signed + notarized) |
| Linux x64 | CMTrace.Open_1.4.0_amd64.deb, CMTrace.Open_1.4.0_amd64.AppImage, or CMTrace.Open-1.4.0-1.x86_64.rpm |
Windows builds are signed with Azure Trusted Signing (a re-issued certificate — SmartScreen reputation is rebuilding, so fresh installs may briefly show an "unknown publisher" prompt; More info → Run anyway is safe). CycloneDX SBOMs (sbom-rust.cdx.json, sbom-npm.cdx.json) and build-provenance attestations are attached.
Added
- Log Text column auto-fit on load: The Log Text (message) column now expands automatically to fit its widest visible content the first time a file is opened, so long messages are readable without a manual resize. Auto-fit runs once per source, measures against an actually rendered row so the resolved font matches the double-click Fit action exactly, and only ever grows the column past its baseline width — never shrinks it. A manual drag-resize or explicit Fit is treated as a user-owned override that auto-fit will not overwrite.
- CCM
type="0"Success severity (#248, closes #211): CCM/PSADT log lines withtype="0"— a completed operation that OneTrace renders with a green tick — now map to a new first-class Success severity instead of being flattened into Info.Severitygains aSuccessvariant end-to-end (Rust and TypeScript) and is wired through the severity filter, row rendering, the Quick Stats cards, and the status bar, with per-theme Success palette entries added across all 8 themes. A sanitized real-world PSADT install log is bundled as a regression fixture with an integration test. - Log error navigation (#192): Toolbar controls to jump straight to the previous or next error/warning entry in the log view, so you can step through problems without scrolling.
- Teams (MSIX) client log collection (#205, #242): The log collector and known-sources list now cover the new Microsoft Teams (MSIX) client log locations.
Fixed
- CCM empty/absent type coercion (#248): Fixed a latent bug where a missing, empty, or unparseable CCM
typefield was coerced to0. Now thattype="0"maps to Success, those lines preserve aNonetype and correctly fall back to text-based severity detection. Known numeric types map directly (0→Success,1→Info,2→Warning,3→Error) and unknown numeric types fall back to Info. - Session filter restore and persistent error logging (#193, #244): Opening a saved session now restores the filter that was active when it was saved, and the app writes persistent error logs (via
tauri-plugin-log) to make troubleshooting easier. - Tail view reset on truncation or rotation (#234, #243): When a tailed file is truncated or rotated, the view now resets and re-reads from the start instead of showing stale or duplicated lines.
- Log marker key source hygiene (#250): Replaced a raw NUL control byte in the row-marker key delimiter with the
\x00escape sequence — byte-identical at runtime, but the source file is now plain text. No behavior change.
Changed
- Tauri 2.11 runtime (#240): Upgraded the app to the Tauri 2.11 stack (runtime/webview) to match the frontend, and repaired the Cargo workspace and a stale lockfile so CI, nightly, and release builds pass again.
- TypeScript 7 (#247): Upgraded the frontend compiler from TypeScript 6 to the native (Go) TypeScript 7.0.2 (GA). No source changes were required, and type-checking is ~5.5× faster (
tsc --noEmit~3.8s → ~0.7s), speeding up both CI and local builds. - Clippy
--all-targetsenforcement (#245): CI now runscargo clippy --all-targets -D warnings(full and Lite), catching lints in test and benchmark targets that previously slipped through; the two latent lints this surfaced were fixed. - Re-issued code-signing certificate: Windows builds are now signed with a re-issued Azure Trusted Signing certificate (still a valid Microsoft Public Trust certificate; macOS builds remain signed and notarized). Because the signing identity was renewed, Windows SmartScreen reputation is rebuilding — fresh installs may briefly show an "unrecognized app" prompt. The installers are validly signed; More info → Run anyway is safe.
Documentation
- Full vs Lite editions in README (#227, #241): New "Editions: Full vs Lite" section describing what each download includes — Full (default) bundles every specialized workspace and tool; Lite (
--no-default-features) is the core log viewer plus the Timeline and DNS/DHCP workspaces, with a smaller binary.
Security
- Patch
tarandrkyvadvisories (#249): Bumpedtar0.4.45 → 0.4.46 (GHSA-3pv8-6f4r-ffg2, PAX header desynchronization) andrkyv0.8.15 → 0.8.16 (GHSA-vfvv-c25p-m7mm, panic-safety bugs enabling arbitrary code execution), resolving the two fixable Dependabot alerts. The remainingglib0.18 unsoundness (RUSTSEC-2024-0429) is fixed in glib 0.20 but blocked upstream —gtk0.18, pinned transitively by Tauri 2.11 on Linux, requires glib ^0.18 — so it is documented as an accepted, warn-level advisory until Tauri adopts gtk-rs 0.20. - Ignore quick-xml RUSTSEC-2026-0194/0195 (#239): Two newly published quick-xml advisories (transitive-only on Linux via the Tauri clipboard stack, not bumpable without an upstream update) are ignored alongside the other Tauri Linux transitive advisories, matching existing policy.
- Microsoft Security DevOps workflow: Added a GitHub Actions workflow that runs Microsoft Security DevOps (MSDO) static analysis over the repository.
Build & CI
- Signed nightly build channel: Stood up a signed nightly release channel with its own updater feed and a published "nightly builds" page.
- Nightly failure alerting (#236): A
notify-failurejob opens/updates a tracking issue when a scheduled nightly run fails, and anotify-recoveryjob auto-closes it once a nightly fully succeeds again.
Dependencies
- Rust:
evtx0.11 → 0.12 (#217); addedtauri-plugin-log(#244);tar0.4.45 → 0.4.46 andrkyv0.8.15 → 0.8.16 (security patches, #249). - Frontend (production):
react/react-dom19.2.5 → 19.2.7,zustand5.0.12 → 5.0.14,@fluentui/react-components9.73.8 → 9.74.3,@fluentui/react-charts9.3.18 → 9.3.21,@fluentui/react-icons2.0.325 → 2.0.331,@tanstack/react-virtual3.13.24 → 3.14.4, and the@tauri-apps/*plugins (#209, #233). - Frontend (dev):
typescript6.0.3 → 7.0.2,vite8.0.9 → 8.1.3,@tauri-apps/cli2.11.0 → 2.11.4,@playwright/test1.59.1 → 1.61.1, and others (#222, #235). - GitHub Actions:
azure/trusted-signing-action→ 2.0.0,actions/checkout→ 7.0.0,tauri-apps/tauri-action→ 1.0.0, and others (#188, #197–#232).
Full changelog: v1.3.2...v1.4.0