Skip to content

Added selfcontained support.#7

Merged
azchohfi merged 6 commits into
mainfrom
alzollin/selfContained
Oct 3, 2025
Merged

Added selfcontained support.#7
azchohfi merged 6 commits into
mainfrom
alzollin/selfContained

Conversation

@azchohfi

Copy link
Copy Markdown
Collaborator

No description provided.

@azchohfi azchohfi force-pushed the alzollin/selfContained branch 2 times, most recently from 75c8349 to d306064 Compare September 29, 2025 22:29
@azchohfi azchohfi force-pushed the alzollin/selfContained branch from d306064 to 72fa34f Compare October 1, 2025 19:47
- Enhanced CopyRuntimeFiles method in MsixService.cs to include additional file types and improved logging.
- Deleted unused app.manifest.selfcontained.xml template file.
@azchohfi azchohfi changed the title [WIP] selfcontained. Added selfcontained support. Oct 3, 2025
@azchohfi azchohfi merged commit 811af35 into main Oct 3, 2025
7 checks passed
@azchohfi azchohfi deleted the alzollin/selfContained branch October 3, 2025 22:44
nmetulev added a commit that referenced this pull request Apr 29, 2026
## Summary

Adds a multi-dimensional **PR / feature review skill** for contributors
working on this repo. Inspired by the `microsoft-ui-reactor` reviewer
pipeline, but pared down to a single `SKILL.md` the orchestrating
Copilot CLI agent reads — no PowerShell scripts, no manager workflow, no
auto-apply. Findings are printed to stdout; the contributor decides what
to act on.

## What's added

`
.github/skills/ ← new dev-facing skills folder
README.md ← index, distinguishes from .github/plugin/
  pr-review/
    SKILL.md                                 ← orchestrator workflow
    dimensions/
_shared-contract.md ← finding schema + Team Lead Test
      security.md
      correctness.md
      cli-ux.md
      alternative-solution.md
      test-coverage.md
      docs-and-samples.md
      packaging.md
      multi-model.md
`

Plus a short pointer in `README.md`'s Contributing section.

## How it works

1. **Resolves the diff scope.** Supports four scopes:
   - `branch` (default) — committed work vs `origin/main`
   - `working` — uncommitted (`git diff HEAD` + untracked file contents)
   - `staged` — `git diff --cached`
   - `all` — committed + uncommitted, concatenated with a separator
   
   Auto-detects from working-tree state; asks the user when ambiguous.
2. **Diff-size guardrail.** >50 files prompts the user before fanning
out.
3. **Fans out 7 parallel sub-agents** via the `task` tool, one per
dimension. Each prompt is self-contained: diff + area classification +
shared output contract + dimension instructions.
4. **Multi-model cross-check** runs after #1#7 and re-evaluates the
critical/high findings using a different model family than the
orchestrator.
5. **Consolidates** — dedupe, sort, assign IDs (C1/H1/M1/L1), mark each
critical/high as confirmed/disputed.
6. **Prints stdout report** with Summary + Coverage table + Findings
list + Details + per-dimension "what I checked" notes.

## Dimensions covered

| # | Dimension | Catches |
|---|-----------|---------|
| 1 | security | `Process.Start` injection, path traversal, secrets,
cert handling, manifest XML via regex, network exposure |
| 2 | correctness & edge cases | null/empty inputs, async/cancellation,
manifest auto-detect order, parser config, logger-bypass for Debug/Info
|
| 3 | CLI UX & usability | option naming, defaults, help text, error
messages, `--verbose`/`--quiet`/`--json` discipline, exit codes |
| 4 | alternative-solution | duplication of `AppxManifestDocument`,
`ManifestHelper`, `PriService`, `SelectorService`; service-pattern
choice; file-size limits |
| 5 | test coverage | `WinApp.Cli.Tests` xUnit gaps, Pester
`test.Tests.ps1` for samples, `test-samples.yml` matrix entries |
| 6 | docs & samples sync | `docs/usage.md`, `docs/guides/`, `samples/`,
`docs/fragments/skills/`, `.github/plugin/agents/winapp.agent.md`, stale
`cli-schema.json` / `winapp-commands.ts` |
| 7 | packaging & release impact | npm wrapper forwarding, NuGet
`WinAppManifestPath` contract, VSC extension parity, version.json drift,
MSBuild glob conventions |
| 8 | multi-model cross-check | hallucinated line refs, severity
disputes, blind spots between Claude / GPT model families |

## Signal-to-noise

The shared **Team Lead Test** (adopted from the reactor reviewer) is
mandatory: every finding must be one a senior maintainer would keep in a
real PR review. Style nits, formatting, and anything
analyzers/`EnforceCodeStyleInBuild` already catch are dropped. Severity
auto-escalations baked in (`BinaryFormatter` = critical, `Process.Start`
w/ unsanitized input = high, hardcoded creds = high, manifest regex =
medium, etc.).

## How to use

Once merged, contributors can ask Copilot CLI (or any agent that reads
skill files):

- *"review my PR"* → `branch` scope
- *"review my uncommitted changes"* → `working` scope
- *"review what I'm about to commit"* → `staged` scope
- *"review everything including uncommitted"* → `all` scope
- *"review my branch vs `release/2.0`"* → custom base

## Not in scope (intentional)

- No PowerShell orchestrator script — the agent does the orchestration.
- No file output — stdout only.
- No auto-apply of fixes — contributor decides.
- No build/test execution — flags staleness without running
`build-cli.ps1` or test suites.

## Smoke test

Validated cross-references: every dimension referenced in `SKILL.md` has
a fragment file; no orphans; no missing fragments. The skill itself has
not yet been exercised against a real diff — first real run will likely
want one tuning pass.

Co-authored-by: Nikola Metulev <711864+nmetulev@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
nmetulev added a commit that referenced this pull request Jul 12, 2026
…iewer round 2)

Address the 12 remaining reviewer round-2 findings on top of cc727d8. All are
inside W2 scope (schema, conformance gate, docs, golden traces, scan/CI). No
runtime work built; deferred-runtime areas (W1 transport / W8 security) are
softened in docs with explicit "deferred" notes rather than implemented.

Tooling / gate depth:
- #2  Deepen golden validation: ConformTrace now requires jsonrpc "2.0" on every
      message, rejects result+error together, correlates error ids (not just
      results) to a prior request, and validates payloads RECURSIVELY against the
      contract via ValidateObject/ValidateValue/ValidateScalar — nested $ref
      objects, enum value sets, and array element types, not just top-level names.
- #4  Assert golden trace count > 0 (an empty golden dir no longer passes vacuously).
- #5  gen Validator.CheckType now runs CheckField over each object type's
      properties, so a dangling $ref inside an object type is flagged (was silent).
- #8  New golden traces 04-07 (HotReload lifecycle, Resource+Diagnostics, Selection
      +Security, describe/set/cancel lifecycle). New golden-coverage check requires
      every command+event to be exercised by at least one trace (all 40 covered).
- #10 wdxp.schema.json root closed (additionalProperties:false) + $schema property;
      new protocol/scripts/validate-schema.py (draft 2020-12 guard) wired into CI.
- #11 check-public-appropriateness.ps1 broadened to also scan specs/winapp-devtools-*.md
      and AGENTS.md (excludes the csproj agent's file by design).
- #15 Extract shared Wdxp.Gen.SchemaPaths.FindUp; gen + conformance both call it.

Schema / contract consistency:
- #7  Outcome invariant narrowed to transactional apply/commit; ephemeral
      Property.set/setPreview return the resulting PropertyValue (schema + envelope §6 + README).
- #12 Security.authenticate now returns token (+optional expiresAt) so the reconnect
      token param has a source; envelope §7 softened to "host-defined, finalized in W8".
- #13 envelope §3/§7 document the pre-auth trust boundary (CurrentUserOnly pipe ACL)
      and what target binding grants before authenticate.
- #14 ids pinned to string protocol-wide (envelope §2, enforced in ConformTrace);
      NodeHandle.handle integer -> string (decimal-encoded uint64, no >2^53 precision
      loss); goldens 02/03 handles updated to strings.
- #6  envelope §1/§3 clarify per-target pipe vs pre-bind discovery; cross-target
      discovery marked W1/phase-3 deferred.
- README: de-hardcode the check count, Applied->applied casing, schema-guard note.

Verified: Release build 0 warnings; conformance PASS (10/10) with recursive
validation + full coverage; negative tests prove teeth (missing jsonrpc, numeric id,
result+error, unknown/enum field, dangling $ref, closed-root schema guard); python
schema guard PASS (+rejects stray key); license headers + broadened scrub scan green.

Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>
Copilot-Session: d376fce1-8858-45ae-a496-245835e5879f
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant