New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Package NVDA for the Windows Store #7851

Merged
merged 31 commits into from Jan 4, 2018

Conversation

Projects
None yet
10 participants
@michaelDCurran
Contributor

michaelDCurran commented Dec 13, 2017

Link to issue number:

None

Summary of the issue:

The Windows 10 S Operating System (recently introduced by Microsoft) is a locked-down version of Windows 10, that only allows the user to run apps from the Windows Store.
For NVDA to run on Windows 10 S, it is necessary for NVDA to be packaged as a store app, and submitted to the Windows store.

Description of how this pull request fixes the issue:

This PR allows NVDA to run within a Windows Desktop bridge app container by disabling certain features while in this container, that would either fail or would go against store policy. It also changes the build system to produce two extra files:

  • An unsigned NV Access branded appx package, suitable for submitting to the Windows store for validation, signing and publishing, and
  • An appx package signed with our own authenticode signing certificate, suitable for side-loading directly onto a Windows 10 PC in Developer Mode.

These packages do not contain any executables or dlls not needed to run as a store app. E.g. hooking dlls, UIAccess executables etc are specifically excluded from the packages as they would cause validation to fail.
Other than building the packages, the following changes were made to NVDA:

  • All executables and dlls are now signed using SHA256 encryption as required by the Windows Store. Previously we used SHA1.
  • the config module now has a new variable: isAppX. this is True if running in an app container (I.e. as a store app or side-loaded).
  • If NVDA detects it is in an app container:
  • NVDAHelperRemote is not initialized (I.e. there is no process injection).
  • Add-ons are disabled due to store policy, and it is impossible to install them in this copy of NVDA.
  • NVDA's user configuration is kept in an "nvda_appx" directory in appData, rather than "nvda", as the config cannt be shared between it and another installed copy of NVDA. The major reason being the other config may refer to add-ons which are unavailable.
  • NVDA does not look for custom appModules, brailleDisplayDrivers, globalPlugins or synthDrivers in the user config directory. Due to store policy we cannot currently allow any custom code.
  • If NVDA receives a queryEndSession message, it registers to be restarted, as Windows is closing our store app due to an update.
  • Launching the Python console is disabled due to current Store policy.
  • The Add-ons manager is unavailable (as there are no add-ons).
  • Creating a portable copy from the Tools menu is not available, as this copy of NVDA is missing executables and dlls necessary to run on other systems.
  • the reload plugins item in the Tools menu is not available, as there is no custom code anyway.
  • EaseOfAccess is not notified about this copy of NVDA

Testing performed:

  • Side-loaded the NVDA package on Windows 10 Pro and navigated the Start screen, File Explorer, Microsoft Word, Microsoft Edge.
  • Installed a hidden store-submitted package from the Windows store on Windows 10 S, and navigated the start screen, used File explorer, used Microsoft Edge.

Known issues with pull request:

There should be absolutely no changes to NVDA when not running in an app container.
However, the following features are unavailable when running as a store app:

  • No process injection. This means no access to Mozilla Firefox, google Chrome, or Internet Explorer. the only viable browser is Edge. Further to this, There is also no support for Microsoft Word, however #7849 fixes this.
  • No add-ons. Currently this is not allowed by Store policy. However, in future we could consider packaging add-ons as Store extensions.
  • No Python console. Again, due to Store policy.
  • No support for running on the logon screen or UAC screens. Store apps can only run on the user's logged in desktop at this point in time.
  • No support for touch input or Audio ducking. This is due to store apps not being allowed to run with the UIAccess privilidge. However, this limitation is currently being actively investigated by Microsoft.

It is fair enough to say this is a very cut-down version of NVDA at this point in time. However, one of the primary reasons for this work was to investigate the limitations of running as a store app, and to work with Microsoft to research solutions.

Change log entry:

Changes for developers:

  • A new "isAppX" variable in the config module can be used to detect if NVDA is running as a Windows Desktop Bridge Store app.

michaelDCurran added some commits Aug 31, 2017

Compile NVDA with the Windows 10 SDK, replace GetVersion with version…
…Helper macros, and remove a pre-vista TSF check.
Change back the publisher to NV Access in appveyor.yml. It is now har…
…dcoded separately in the appx manifest for windows store.
scons appx now produces two appx files:
 * storeSubmition: not signed, and a publisher ID matching NV Access Limited's Store publisher ID. Suitable for submitting to the Windows Store via NV Access Limited's developer account
 * sideLoadable: signed by NV Access Limited, suitable for installing on a Windows 10 system manually as a side-loaded app for testing.

@michaelDCurran michaelDCurran requested a review from feerrenrut Dec 13, 2017

@josephsl

This comment has been minimized.

Collaborator

josephsl commented Dec 13, 2017

@michaelDCurran

This comment has been minimized.

Contributor

michaelDCurran commented Dec 13, 2017

@josephsl

This comment has been minimized.

Collaborator

josephsl commented Dec 13, 2017

@leonardder

This comment has been minimized.

Collaborator

leonardder commented Dec 13, 2017

How about dealing with the what's new of future versions of NVDA describing features that aren't available in the store version of NVDA? Wouldn't this cause ambiguity for users?

DisplayName="%productName%"
Description="%description%"
Square150x150Logo="appx_images/nvda_150x150.png"
Square44x44Logo="appx_images/nvda_44x44.png"

This comment has been minimized.

@feerrenrut

feerrenrut Dec 13, 2017

Contributor

Shouldn't cause a problem, but the indentation is strange here.

packagePublisher="CN=83B1DA31-9B66-442C-88AB-77B4B815E1DE"
packagePublisherDisplayName="NV Access Limited"
productName="NVDA Screen Reader (Windows Store Edition)"
else: # not for submition, just side-loadable

This comment has been minimized.

@feerrenrut

feerrenrut Dec 13, 2017

Contributor

typo: submition -> submission

@gdata1

This comment has been minimized.

gdata1 commented Dec 13, 2017

Hello. I think in the future you'll need to send the add-ins to the Microsoft store. And I support the suggestion to talk to Microsoft about the possibility of publishing the builds Nvda next-master.

@PratikP1

This comment has been minimized.

PratikP1 commented Dec 13, 2017

This might require an "in process" blog entry to explain. Documenting via "what's new" may not be sufficient.

@bdorer

This comment has been minimized.

bdorer commented Dec 13, 2017

@Brian1Gaff

This comment has been minimized.

Brian1Gaff commented Dec 13, 2017

@michaelDCurran

This comment has been minimized.

Contributor

michaelDCurran commented Dec 13, 2017

@Brian1Gaff

This comment has been minimized.

Brian1Gaff commented Dec 14, 2017

@derekriemer

This comment has been minimized.

Collaborator

derekriemer commented Dec 14, 2017

@Brian1Gaff commented on Dec 14, 2017, 3:24 AM MST:

Hmm, however,S is seemingly so limiting on what it can run, it seems almost
pointless having it in the first place, at least to me.

I'm asking for a hault of this chain of the thread regarding whether windows ten s is good or not, because it's wandering off topic for this issue tracker, which is not the place for this discussion.

@Brian1Gaff

This comment has been minimized.

Brian1Gaff commented Dec 15, 2017

michaelDCurran added a commit that referenced this pull request Dec 21, 2017

@michaelDCurran michaelDCurran merged commit 2571d54 into master Jan 4, 2018

@nvaccessAuto nvaccessAuto removed the incubating label Jan 4, 2018

@nvaccessAuto nvaccessAuto added this to the 2018.1 milestone Jan 4, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment