Windows port — Phase 5: applications (registry + MSIX + winget)

[ronylicha]

Phase 5 of the Windows port. Applications tab on Windows: inventory from registry Uninstall keys (winreg) + MSIX/Store (Get-AppxPackage); uninstall (registry UninstallString + Remove-AppxPackage); update detection + best-effort update via winget; frontend source labels.

Security: uninstall re-resolves the command from the registry/Appx by validated id — never executes a caller-supplied command string; MSIX PFN validated (^[A-Za-z0-9._-]+$); protected/unknown refused. PowerShell by absolute System32 path; winget via Command::args (no shell concat). No windows crate, no unsafe (winreg is safe). Linux/macOS unchanged (cfg-gated). Windows runtime = manual-smoke.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 5e1a0576ac

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Filter framework packages out of MSIX inventory

On Windows profiles with Store dependency packages, this Get-AppxPackage call includes framework packages by default—Microsoft documents -PackageTypeFilter defaults to Main and Framework (https://learn.microsoft.com/en-us/powershell/module/appx/get-appxpackage). Because the script does not request only Main packages or select/check IsFramework, non-user-facing frameworks can be returned as msix entries with protected: false, so the Applications tab offers them for removal via Remove-AppxPackage; filter with -PackageTypeFilter Main or reject IsFramework entries before adding them.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Convert MSI install commands before using them as uninstallers

When a registry entry has no QuietUninstallString and its UninstallString is an MSI command such as MsiExec.exe /I{...}, this fallback invokes /I, which Microsoft documents as install/configure while uninstall is /X or /uninstall (https://learn.microsoft.com/en-us/windows/win32/msi/command-line-options). Those entries are common for MSI packages, so choosing Uninstall selected can open repair/change UI or exit without removing the app; normalize MSI product-code commands to /X before executing the fallback.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Use the system cmd.exe path for registry uninstall

When FreeYourDisk is launched with a user-writable application/current directory, this unqualified cmd lookup can execute a local cmd.exe before the real system command processor; Microsoft documents that Windows process lookup for names without a directory searches the application and current directories before system directories (https://learn.microsoft.com/en-us/windows/win32/api/processthreadsapi/nf-processthreadsapi-createprocessa). Since this path executes installer-authored uninstall commands, use an absolute System32 cmd.exe path as was done for PowerShell.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Resolve winget upgrades by package identity

For apps whose name is also a substring of other winget packages, winget upgrade --name <name> can become ambiguous because winget's default matching is substring-based unless --exact is used (https://learn.microsoft.com/en-us/windows/package-manager/winget/upgrade). With --disable-interactivity that turns an app already badged as updatable into a failed update; parse the winget ID from the upgrade table and run --id, or otherwise use exact matching against the same winget identity.

Useful? React with 👍 / 👎.