New version: RedEyeNetworks.Logivore version 0.10.1

[beadams987]

Logivore v0.10.1 ships two distinct installers per architecture (user-scope + machine-scope), matching the Microsoft.PowerToys + Notepad++.Notepad++ convention. Each (architecture, scope) tuple maps to a unique Inno Setup EXE with a single, deterministic PrivilegesRequired value, so Microsoft's dynamic-scan validation has unambiguous install behavior to verify per installer entry.

Manifest construction is done in Logivore's release.yml as a hand-built heredoc (not wingetcreate update) so the 4-entry shape is locked from version 1 — the previous wingetcreate-based flow inherited shape from the latest published manifest, which couldn't grow installer-entry count cleanly.

The same Logivore.iss AppId is shared across user-scope and machine-scope builds so an existing HKCU install (user-scope) and HKLM install (machine-scope) each match the appropriate manifest installer entry on winget upgrade.

Microsoft Reviewers: Open in CodeFlow

[wingetbot]

Validation Pipeline Run WinGetSvc-Validation-140-368676-20260504-1

[stephengillie]

Automatic Validation ended with:

Installer Verification Analysis Context Information:
Specified hash doesn't match. Actual hash: '05DBA9C716EB11BC35EF32A7735C8322AAED0D9672601FD2F7AE7ACE85A5DAD7' Expected hash: 'fdbd42d57c970b308eb5e642b29907afae0b61db972ffb28884e86181034e7ba'
Specified hash doesn't match. Actual hash: 'C81BC02E5F58057A5EC086AD171902C4EEDC36A94B381CEBCE6DA1BFA43C3DAC' Expected hash: '14a8063876add05ff82c18735107e305b091717f079c360c88dfcb7d616f0a46'
Specified hash doesn't match. Actual hash: '6D151C0D7E60DC27EAC7B0725777BA89F5C7C5EDB054C3FCC5A69D352CFA117E' Expected hash: '4bea26d9517107df908ff2e136915f93182159e72de01b6f01c521d59af3db98'
Specified hash doesn't match. Actual hash: 'D84F303A31A6E63743F698EABDC4CD97F8C0D4D6B4D7BF8020FBD9130747679E' Expected hash: '0b02484230ad2b576c0d58b4c4fedc250d9c7e25f8ea4f4f2815adbbdd6b5258'

(Automated response - build 1295.)

[wingetbot]

Validation Pipeline Run WinGetSvc-Validation-142-368676-20260510-1

[beadams987]

Thanks for the validator catch — the hashes in the original manifest were computed from the workflow_dispatch run's local build artifacts, while R2 has a slightly-different build's bytes (an embedded build timestamp in <InformationalVersion> makes our dotnet publish output non-deterministic across separate workflow runs).

Just pushed a fix replacing all four InstallerSha256 values with the actual SHA256s of the bytes currently served at the R2 URLs:

Architecture	Scope	InstallerSha256
x64	user	6D151C0D7E60DC27EAC7B0725777BA89F5C7C5EDB054C3FCC5A69D352CFA117E
x64	machine	05DBA9C716EB11BC35EF32A7735C8322AAED0D9672601FD2F7AE7ACE85A5DAD7
arm64	user	C81BC02E5F58057A5EC086AD171902C4EEDC36A94B381CEBCE6DA1BFA43C3DAC
arm64	machine	D84F303A31A6E63743F698EABDC4CD97F8C0D4D6B4D7BF8020FBD9130747679E

Verified locally via curl … | sha256sum against each R2 URL before pushing. URLs unchanged. Will harden the build for deterministic SHAs in our pipeline as a follow-up.

[stephengillie]

Verify:

[wingetbot]

Publish pipeline succeeded for this Pull Request. Once you refresh your index, this change should be present.