Add Windows FMAs (letter B): 5 apps#48950
Conversation
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## main #48950 +/- ##
==========================================
- Coverage 68.11% 68.11% -0.01%
==========================================
Files 3709 3714 +5
Lines 235099 235109 +10
Branches 12352 12352
==========================================
+ Hits 160129 160134 +5
- Misses 60593 60598 +5
Partials 14377 14377
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
The vendor URL already serves 5.13.1.4288 while the only winget manifest ever published says 5.13.0.4246 (validator version check failed). Unlike other ignore_hash FMAs (TeamViewer, Chrome), this package's manifest is not actively maintained, so the installed version would chronically differ from the advertised one.
|
Validation results: 5/6 — Bytello Share dropped (1133755) Bytello Share installed and was detected fine, but the version check failed: the vendor's latest-pointer URL installs 5.13.1.4288 while the winget manifest (the only version ever published for that package) pins 5.13.0.4246. Latest-pointer URLs are workable when the winget manifest is actively maintained (TeamViewer, Chrome), but this package's manifest is effectively abandoned, so the installed version would chronically differ from what the catalog advertises. Dropped and recorded in the tracker. The remaining 5 (BandiView, BleachBit, Bulk Crap Uninstaller, BrowserStackLocal, Burp Suite Professional) all passed — the 3 'warnings' are the benign no-new-top-level-dir-in-Program-Files notices for x86/(x86)-path installs. |
|
Caution Review failedThe pull request is closed. ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: ⛔ Files ignored due to path filters (5)
📒 Files selected for processing (25)
WalkthroughThis PR adds five new maintained apps for winget/Windows: BandiView, BleachBit, BrowserStackLocal, Bulk Crap Uninstaller, and Burp Suite Professional. Each app gets a winget input JSON manifest specifying installer metadata and script paths, dedicated PowerShell install/uninstall scripts handling silent installation, registry-based uninstall detection, and exit-code handling, a corresponding generated output JSON embedding version detection queries and script references, and a new entry in the apps.json registry. Additionally, new React SVG icon components are added for each app and wired into the frontend's SOFTWARE_NAME_TO_ICON_MAP lookup used on the Software page. Possibly related PRs
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Pull request overview
Expands Fleet’s Windows Fleet-maintained apps (FMA) catalog for the “B” batch by adding new Winget ingester inputs, generated Windows outputs (install/patch queries + installer metadata + embedded scripts), and corresponding Software page icons so the apps render with proper branding in the UI.
Changes:
- Add 5 new Windows FMAs: BandiView, BleachBit, Bulk Crap Uninstaller, BrowserStackLocal, Burp Suite Professional (inputs + generated outputs + catalog index).
- Add 5 new Software page icon components and wire them into the icon map for loose-prefix matching.
- Add install/uninstall PowerShell scripts (and embed them into outputs via script refs) where needed for silent install/uninstall behavior.
Reviewed changes
Copilot reviewed 25 out of 30 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| frontend/pages/SoftwarePage/components/icons/index.ts | Registers new icon components and maps normalized software names to those icons. |
| frontend/pages/SoftwarePage/components/icons/Bandiview.tsx | Adds BandiView icon component. |
| frontend/pages/SoftwarePage/components/icons/Bleachbit.tsx | Adds BleachBit icon component. |
| frontend/pages/SoftwarePage/components/icons/Browserstacklocal.tsx | Adds BrowserStackLocal icon component. |
| frontend/pages/SoftwarePage/components/icons/BulkCrapUninstaller.tsx | Adds Bulk Crap Uninstaller icon component. |
| frontend/pages/SoftwarePage/components/icons/BurpSuiteProfessional.tsx | Adds Burp Suite Professional icon component. |
| ee/maintained-apps/outputs/bandiview/windows.json | Generated Windows FMA output for BandiView (queries/installer metadata/script refs). |
| ee/maintained-apps/outputs/bleachbit/windows.json | Generated Windows FMA output for BleachBit (queries/installer metadata/script refs). |
| ee/maintained-apps/outputs/bulk-crap-uninstaller/windows.json | Generated Windows FMA output for Bulk Crap Uninstaller (queries/installer metadata/script refs). |
| ee/maintained-apps/outputs/browserstacklocal/windows.json | Generated Windows FMA output for BrowserStackLocal (queries/installer metadata/MSI upgrade code). |
| ee/maintained-apps/outputs/burp-suite-professional/windows.json | Generated Windows FMA output for Burp Suite Professional (queries/installer metadata/script refs). |
| ee/maintained-apps/outputs/apps.json | Adds the new apps to the global maintained-apps catalog index. |
| ee/maintained-apps/inputs/winget/bandiview.json | Adds Winget ingester input for BandiView. |
| ee/maintained-apps/inputs/winget/bleachbit.json | Adds Winget ingester input for BleachBit. |
| ee/maintained-apps/inputs/winget/bulk-crap-uninstaller.json | Adds Winget ingester input for Bulk Crap Uninstaller. |
| ee/maintained-apps/inputs/winget/browserstacklocal.json | Adds Winget ingester input for BrowserStackLocal (MSI, ignore_hash). |
| ee/maintained-apps/inputs/winget/burp-suite-professional.json | Adds Winget ingester input for Burp Suite Professional (custom scripts, fuzzy match). |
| ee/maintained-apps/inputs/winget/scripts/bandiview_install.ps1 | Silent install script for BandiView. |
| ee/maintained-apps/inputs/winget/scripts/bandiview_uninstall.ps1 | Silent uninstall script for BandiView via registry uninstall entry. |
| ee/maintained-apps/inputs/winget/scripts/bleachbit_install.ps1 | Silent install script for BleachBit with NsisMultiUser all-users switch. |
| ee/maintained-apps/inputs/winget/scripts/bleachbit_uninstall.ps1 | Silent uninstall script for BleachBit via registry uninstall entry. |
| ee/maintained-apps/inputs/winget/scripts/bulk-crap-uninstaller_install.ps1 | Silent install script for Bulk Crap Uninstaller (Inno Setup). |
| ee/maintained-apps/inputs/winget/scripts/bulk-crap-uninstaller_uninstall.ps1 | Silent uninstall script for Bulk Crap Uninstaller (Inno Setup) via registry uninstall entry. |
| ee/maintained-apps/inputs/winget/scripts/burp_suite_professional_install.ps1 | Silent install script for Burp Suite Professional (install4j) with explicit machine install dir. |
| ee/maintained-apps/inputs/winget/scripts/burp_suite_professional_uninstall.ps1 | Uninstall script for Burp Suite Professional (install4j) with process cleanup and arg normalization. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| { | ||
| "name": "BandiView", | ||
| "slug": "bandiview/windows", | ||
| "platform": "windows", | ||
| "unique_identifier": "BandiView", | ||
| "description": "BandiView is a fast image viewer supporting a wide range of photo and comic formats." | ||
| }, |
Related issue: N/A — part of the Windows Fleet-maintained apps catalog expansion (letter B batch; follows #48872 and #48881).
Adds six new Windows Fleet-maintained apps:
Bandisoft.BandiViewignore_hash(URL verified to serve the binary reliably without Referer tricks). DisplayName "BandiView" stable across releases.BleachBit.BleachBit/allusers /S— without/allusersthe NsisMultiUser installer's scope is ambiguous. winget declares a VCRedist 2010 x86 dependency Fleet can't satisfy; noted as a caveat.Klocman.BulkCrapUninstallerunique_identifier"BCUninstaller" +fuzzy_match_name. Registry version is 4-part vs winget's "6.2" —version_comparepads, verified consistent.BrowserStack.BrowserStackLocalignore_hash.PortSwigger.BurpSuite.Professional-q -Dinstall4j.suppressUnattendedReboot=trueplus the load-bearing-dirinto Program Files (install4j defaults to per-user otherwise). DisplayName is versioned without "Edition" ("Burp Suite Professional 2026.3.3"), unlike Community — fuzzy patternBurp Suite Professional %can't collide with Community's.Bytello.BytelloShareagent=dvariant whose ARP identity ("Bytello Share" / publisher "Bytello Share") matches real-world inventory; the zip variant registers a different name ("BytelloShare") and its nested-MSI path is version-pinned and already stale. Vendor URL is a latest-pointer already ahead of winget →ignore_hash. Note: the input saysinstaller_type: "msi"— the ingester classifies this nullsoft entry as msi because its URL has no file extension (vendor-type → URL-extension → machine-scope fallback chain iningester.go); the custom scripts handle the actual NSIS exe.Considered but not added (recorded in the workstream tracker):
Bambulab.Bambustudio): the uninstaller shows a keep-user-data confirmation dialog even with/S(deployment guides work around it with Send-Keys, impossible in a SYSTEM session) — same failure class that disqualified Adobe AIR in the letter A batch.StephenRessler.BridgeDesigner): installer URL 404s (file removed from SourceForge) and the desktop product was discontinued July 1, 2026 in favor of a browser-based edition.Burnaware.BurnAwareFree): the vendor deletes each old release URL — the winget-pinned installer already redirects to their homepage, so pinned downloads break every release cycle.Registry identities were verified per app (msiinfo Property tables for MSIs; vendor installer sources, winget AppsAndFeaturesEntries, and uninstall-database corroboration for EXEs). Installer SHAs verified against manifests where URLs are version-pinned; unversioned URLs use
ignore_hashper the TeamViewer/Chrome precedent. Icons generated viatools/software/icons/generate-icons.sh.Checklist for submitter
SELECT *is avoided, SQL injection is prevented (using placeholders for values in statements), JS inline code is prevented especially for url redirects, and untrusted data interpolated into shell scripts/commands is validated against shell metacharacters.Testing
Summary by CodeRabbit
New Features
Bug Fixes