|
|
|
|
@ -29,8 +29,9 @@ By default, scripts and components will be placed in ProgramData location (insid
|
|
|
|
|
From version 1.9.0 (on new installations) WAU runs everyday at 6AM. You can now configure the frequency with `-UpdatesInterval` option (Daily, BiDaily, Weekly, BiWeekly or Monthly). You can also add `-UpdatesAtLogon` parameter to run at user logon and keep this option activated like previous versions (recommanded).
|
|
|
|
|
|
|
|
|
|
### Log location
|
|
|
|
|
You can find logs in install location, in logs folder.
|
|
|
|
|
If **Intune Management Extension** is installed, a **SymLink** (WAU-updates.log) is created under **C:\ProgramData\Microsoft\IntuneManagementExtension\Logs**
|
|
|
|
|
You can find logs in install location, in logs folder.<br>
|
|
|
|
|
If **Intune Management Extension** is installed, a **SymLink** (WAU-updates.log) is created under **C:\ProgramData\Microsoft\IntuneManagementExtension\Logs**<br>
|
|
|
|
|
If you are deploying winget Apps with [Winget-Install](https://github.com/Romanitho/Winget-Install) a **SymLink** (WAU-install.log) is also created under **C:\ProgramData\Microsoft\IntuneManagementExtension\Logs**
|
|
|
|
|
|
|
|
|
|
### "Unknown" App version
|
|
|
|
|
As explained in this [post](https://github.com/microsoft/winget-cli/issues/1255), Winget cannot detect the current version of some installed apps. We decided to skip managing these apps with WAU to avoid retries each time WAU runs:
|
|
|
|
|
@ -71,41 +72,41 @@ Simply uninstall it from your programs:
|
|
|
|
|
## Advanced installation
|
|
|
|
|
You can run the `Winget-AutoUpdate-Install.ps1` script with parameters :
|
|
|
|
|
|
|
|
|
|
**-Silent**
|
|
|
|
|
**-Silent**<br>
|
|
|
|
|
Install Winget-AutoUpdate and prerequisites silently.
|
|
|
|
|
|
|
|
|
|
**-MaxLogFiles**
|
|
|
|
|
Specify number of allowed log files.
|
|
|
|
|
Default is 3 out of 0-99:
|
|
|
|
|
Setting MaxLogFiles to 0 don't delete any old archived log files.
|
|
|
|
|
**-MaxLogFiles**<br>
|
|
|
|
|
Specify number of allowed log files.<br>
|
|
|
|
|
Default is 3 out of 0-99:<br>
|
|
|
|
|
Setting MaxLogFiles to 0 don't delete any old archived log files.<br>
|
|
|
|
|
Setting it to 1 keeps the original one and just let it grow.
|
|
|
|
|
|
|
|
|
|
**-MaxLogSize**
|
|
|
|
|
Specify the size of the log file in bytes before rotating.
|
|
|
|
|
**-MaxLogSize**<br>
|
|
|
|
|
Specify the size of the log file in bytes before rotating.<br>
|
|
|
|
|
Default is 1048576 = 1 MB (ca. 7500 lines)
|
|
|
|
|
|
|
|
|
|
**-WingetUpdatePath**
|
|
|
|
|
**-WingetUpdatePath**<br>
|
|
|
|
|
Specify Winget-AutoUpdate installation location. Default: `C:\ProgramData\Winget-AutoUpdate` (Recommended to leave default).
|
|
|
|
|
|
|
|
|
|
**-DoNotUpdate**
|
|
|
|
|
**-DoNotUpdate**<br>
|
|
|
|
|
Do not run Winget-AutoUpdate after installation. By default, Winget-AutoUpdate is run just after installation.
|
|
|
|
|
|
|
|
|
|
**-DisableWAUAutoUpdate**
|
|
|
|
|
**-DisableWAUAutoUpdate**<br>
|
|
|
|
|
Disable Winget-AutoUpdate update checking. By default, WAU auto updates if new version is available on Github.
|
|
|
|
|
|
|
|
|
|
**-UseWhiteList**
|
|
|
|
|
**-UseWhiteList**<br>
|
|
|
|
|
Use White List instead of Black List. This setting will not create the "excluded_apps.txt" but "included_apps.txt".
|
|
|
|
|
|
|
|
|
|
**-ListPath**
|
|
|
|
|
Get Black/White List from external Path (**URL/UNC/Local/GPO**) - download/copy to Winget-AutoUpdate installation location if external list is newer.
|
|
|
|
|
**PATH** must end with a Directory, not a File...
|
|
|
|
|
**-ListPath**<br>
|
|
|
|
|
Get Black/White List from external Path (**URL/UNC/Local/GPO**) - download/copy to Winget-AutoUpdate installation location if external list is newer.<br>
|
|
|
|
|
**PATH** must end with a Directory, not a File...<br>
|
|
|
|
|
...if the external Path is an **URL** and the web host doesn't respond with a date/time header for the file (i.e **GitHub**) then the file is always downloaded!
|
|
|
|
|
|
|
|
|
|
If `-ListPath` is set to **GPO** the Black/White List can be managed from within the GPO itself under **Application GPO Blacklist**/**Application GPO Whitelist**.
|
|
|
|
|
Thanks to [Weatherlights](https://github.com/Weatherlights) in [#256 (reply in thread)](https://github.com/Romanitho/Winget-AutoUpdate/discussions/256#discussioncomment-4710599)!
|
|
|
|
|
If `-ListPath` is set to **GPO** the Black/White List can be managed from within the GPO itself under **Application GPO Blacklist**/**Application GPO Whitelist**. Thanks to [Weatherlights](https://github.com/Weatherlights) in [#256 (reply in thread)](https://github.com/Romanitho/Winget-AutoUpdate/discussions/256#discussioncomment-4710599)!
|
|
|
|
|
|
|
|
|
|
**-ModsPath**
|
|
|
|
|
Get Mods from external Path (**URL/UNC/Local/AzureBlob**) - download/copy to `mods` in Winget-AutoUpdate installation location if external mods are newer.
|
|
|
|
|
|
|
|
|
|
**-ModsPath**<br>
|
|
|
|
|
Get Mods from external Path (**URL/UNC/Local/AzureBlob**) - download/copy to `mods` in Winget-AutoUpdate installation location if external mods are newer.<br>
|
|
|
|
|
|
|
|
|
|
For **URL**: This requires a site directory with **Directory Listing Enabled** and no index page overriding the listing of files (or an index page with href listing of all the **Mods** to be downloaded):
|
|
|
|
|
```
|
|
|
|
|
@ -118,49 +119,50 @@ For **URL**: This requires a site directory with **Directory Listing Enabled** a
|
|
|
|
|
```
|
|
|
|
|
Validated on **IIS/Apache**.
|
|
|
|
|
|
|
|
|
|
**Nota bene IIS** :
|
|
|
|
|
- The extension **.ps1** must be added as **MIME Types** (text/powershell-script) otherwise it's displayed in the listing but can't be opened
|
|
|
|
|
- Files with special characters in the filename can't be opened by default from an IIS server - config must be administrated: **Enable Allow double escaping** in '**Request Filtering**'
|
|
|
|
|
>**Nota bene IIS** :
|
|
|
|
|
>- The extension **.ps1** must be added as **MIME Types** (text/powershell-script) otherwise it's displayed in the listing but can't be opened
|
|
|
|
|
>- Files with special characters in the filename can't be opened by default from an IIS server - config must be administrated: **Enable Allow double escaping** in '**Request Filtering**'
|
|
|
|
|
|
|
|
|
|
For **AzureBlob**: This requires the parameter **-AzureBlobURL** to be set with an appropriate Azure Blob Storage URL including the SAS token. See **-AzureBlobURL** for more information.
|
|
|
|
|
|
|
|
|
|
**-AzureBlobURL**
|
|
|
|
|
**-AzureBlobURL**<br>
|
|
|
|
|
Used in conjunction with the **-ModsPath** parameter to provide the Azure Storage Blob URL with SAS token. The SAS token must, at a minimum, have 'Read' and 'List' permissions. It is recommended to set the permisions at the container level and rotate the SAS token on a regular basis. Ensure the container reflects the same structure as found under the initial `mods` folder. (From version 1.16.4).
|
|
|
|
|
|
|
|
|
|
**-InstallUserContext**
|
|
|
|
|
Install WAU with system and **user** context executions (From version 1.15.3).
|
|
|
|
|
**-InstallUserContext**<br>
|
|
|
|
|
Install WAU with system and **user** context executions (From version 1.15.3).<br>
|
|
|
|
|
Applications installed in system context will be ignored under user context.
|
|
|
|
|
|
|
|
|
|
**-BypassListForUsers**
|
|
|
|
|
**-BypassListForUsers**<br>
|
|
|
|
|
Bypass Black/White list when run in user context (From version 1.15.0).
|
|
|
|
|
|
|
|
|
|
**-NoClean**
|
|
|
|
|
**-NoClean**<br>
|
|
|
|
|
Keep critical files when installing/uninstalling. This setting will keep "excluded_apps.txt", "included_apps.txt", "mods" and "logs" as they were.
|
|
|
|
|
|
|
|
|
|
**-DesktopShortcut**
|
|
|
|
|
**-DesktopShortcut**<br>
|
|
|
|
|
Create a shortcut for user interaction on the Desktop to run task `Winget-AutoUpdate` (From version 1.15.0).
|
|
|
|
|
|
|
|
|
|
**-StartMenuShortcut**
|
|
|
|
|
**-StartMenuShortcut**<br>
|
|
|
|
|
Create shortcuts for user interaction in the Start Menu to run task `Winget-AutoUpdate`, open Logs and Web Help (From version 1.15.0).
|
|
|
|
|
|
|
|
|
|
**-NotificationLevel**
|
|
|
|
|
**-NotificationLevel**<br>
|
|
|
|
|
Specify the Notification level: Full (Default, displays all notification), SuccessOnly (Only displays notification for success) or None (Does not show any popup).
|
|
|
|
|
|
|
|
|
|
**-UpdatesAtLogon**
|
|
|
|
|
**-UpdatesAtLogon**<br>
|
|
|
|
|
Set WAU to run at user logon.
|
|
|
|
|
|
|
|
|
|
**-UpdatesInterval**
|
|
|
|
|
**-UpdatesInterval**<br>
|
|
|
|
|
Specify the update frequency: Daily (Default), BiDaily, Weekly, BiWeekly, Monthly or Never. Can be set to 'Never' in combination with '-UpdatesAtLogon' for instance.
|
|
|
|
|
|
|
|
|
|
**-UpdatesAtTime**
|
|
|
|
|
**-UpdatesAtTime**<br>
|
|
|
|
|
Specify the time of the update interval execution time. Default 6AM. (From version 1.15.0).
|
|
|
|
|
|
|
|
|
|
**-UserApproval**
|
|
|
|
|
**-UserApproval**<br>
|
|
|
|
|
Specify if user approval is needed before updating apps
|
|
|
|
|
|
|
|
|
|
**-RunOnMetered**
|
|
|
|
|
**-RunOnMetered**<br>
|
|
|
|
|
Run WAU on metered connection. Default No.
|
|
|
|
|
|
|
|
|
|
**-Uninstall**
|
|
|
|
|
**-Uninstall**<br>
|
|
|
|
|
Remove scheduled tasks and scripts.
|
|
|
|
|
|
|
|
|
|
## Intune/SCCM use
|
|
|
|
|
@ -169,37 +171,39 @@ See https://github.com/Romanitho/Winget-AutoUpdate/discussions/88
|
|
|
|
|
## Custom scripts (Mods feature)
|
|
|
|
|
From version 1.8.0, the Mods feature allows you to run additional scripts when upgrading or installing an app.
|
|
|
|
|
Just put the scripts in question with the **AppID** followed by the `-preinstall`, `-upgrade`, `-install` or `-installed` suffix in the **mods** folder.
|
|
|
|
|
> Runs before upgrade/install: `AppID-preinstall.ps1`
|
|
|
|
|
> Runs during upgrade/install (before install check): `AppID-upgrade.ps1`/`AppID-install.ps1`
|
|
|
|
|
> Runs after upgrade/install has been confirmed: `AppID-installed.ps1`
|
|
|
|
|
|
|
|
|
|
The **-install** mod will be used for upgrades too if **-upgrade** doesn't exist (**WAU** first tries `& $Winget upgrade --id` and if the app isn't detected after that `& $Winget install --id` is tried).
|
|
|
|
|
>- Runs before upgrade/install: `AppID-preinstall.ps1`<br>
|
|
|
|
|
>- Runs during upgrade/install (before install check): `AppID-upgrade.ps1`/`AppID-install.ps1`<br>
|
|
|
|
|
>- Runs after upgrade/install has been confirmed: `AppID-installed.ps1`
|
|
|
|
|
|
|
|
|
|
The **-install** mod will be used for upgrades too if **-upgrade** doesn't exist (**WAU** first tries `& $Winget upgrade --id` and if the app isn't detected after that `& $Winget install --id` is tried).<br>
|
|
|
|
|
`AppID-install.ps1` is recommended because it's used in **both** scenarios.
|
|
|
|
|
|
|
|
|
|
> Example:
|
|
|
|
|
If you want to run a script that removes the shortcut from **%PUBLIC%\Desktop** (we don't want to fill the desktop with shortcuts our users can't delete) just after installing **Acrobat Reader DC** (32-bit), prepare a powershell script that removes the Public Desktop shortcut **Acrobat Reader DC.lnk** and name your script like this:
|
|
|
|
|
`Adobe.Acrobat.Reader.32-bit-installed.ps1` and put it in the **mods** folder.
|
|
|
|
|
> Example:<br>
|
|
|
|
|
If you want to run a script that removes the shortcut from **%PUBLIC%\Desktop** (we don't want to fill the desktop with shortcuts our users can't delete) just after installing **Acrobat Reader DC** (32-bit), prepare a powershell script that removes the Public Desktop shortcut **Acrobat Reader DC.lnk** and name your script like this: `Adobe.Acrobat.Reader.32-bit-installed.ps1` and put it in the **mods** folder.
|
|
|
|
|
|
|
|
|
|
You can find more information on [Winget-Install Repo](https://github.com/Romanitho/Winget-Install#custom-mods), as it's a related feature.
|
|
|
|
|
You can find more information on [Winget-Install Repo](https://github.com/Romanitho/Winget-Install#custom-mods), as it's a related feature.<br>
|
|
|
|
|
Read more in the `README.md` under the directory **mods**.
|
|
|
|
|
|
|
|
|
|
Share your mods with the community:
|
|
|
|
|
Share your mods with the community:<br>
|
|
|
|
|
|
|
|
|
|
https://github.com/Romanitho/Winget-AutoUpdate/discussions/categories/mods
|
|
|
|
|
|
|
|
|
|
### Winget native parameters
|
|
|
|
|
Another finess is the **AppID** followed by the `-override` suffix as a **text file** (.**txt**) that you can place under the **mods** folder.
|
|
|
|
|
> Example:
|
|
|
|
|
> **Canneverbe.CDBurnerXP-override.txt** with the content `ADDLOCAL=All REMOVE=Desktop_Shortcut /qn`
|
|
|
|
|
|
|
|
|
|
> Example:<br>
|
|
|
|
|
**Canneverbe.CDBurnerXP-override.txt** with the content `ADDLOCAL=All REMOVE=Desktop_Shortcut /qn`
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This will use the **content** of the text file as a native **winget --override** parameter when upgrading (as proposed by [JonNesovic](https://github.com/JonNesovic) in [Mod for --override argument #244](https://github.com/Romanitho/Winget-AutoUpdate/discussions/244#discussion-4637666)).
|
|
|
|
|
|
|
|
|
|
## GPO Management
|
|
|
|
|
In an enterprise environment it's crucial that different groups can have different settings in applications etc. or to implement other mandatory settings, i.e for security/management reasons.
|
|
|
|
|
**WAU** doesn't have any setting that can be changed except for when installing (or editing the registry/the task `Winget-AutoUpdate` as **Admin**).
|
|
|
|
|
With the use of **ADML/ADMX** files you can manage every **WAU** setting from within **GPO**.
|
|
|
|
|
They will be detected/evaluated during the next run of **WAU** (taking effect before any actions).
|
|
|
|
|
The **GPO ADMX/ADML** validated with:
|
|
|
|
|
[Windows 10 - Validate ADMX for Ingestion](https://developer.vmware.com/samples/7115/windows-10---validate-admx-for-ingestion)
|
|
|
|
|
In an enterprise environment it's crucial that different groups can have different settings in applications etc. or to implement other mandatory settings, i.e for security/management reasons.<br>
|
|
|
|
|
**WAU** doesn't have any setting that can be changed except for when installing (or editing the registry/the task `Winget-AutoUpdate` as **Admin**).<br>
|
|
|
|
|
With the use of **ADML/ADMX** files you can manage every **WAU** setting from within **GPO**.<br>
|
|
|
|
|
They will be detected/evaluated during the next run of **WAU** (taking effect before any actions).<br>
|
|
|
|
|
The **GPO ADMX/ADML** validated with: [Windows 10 - Validate ADMX for Ingestion](https://developer.vmware.com/samples/7115/windows-10---validate-admx-for-ingestion)<br>
|
|
|
|
|
Read more in the `README.md` under the directory **Policies**.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -211,4 +215,4 @@ In some cases, you need to "unblock" the `install.bat` file (Windows Defender Sm
|
|
|
|
|
* As reported by [soredake](https://github.com/soredake), Powershell from MsStore is not supported with WAU in system context. See https://github.com/Romanitho/Winget-AutoUpdate/issues/113
|
|
|
|
|
|
|
|
|
|
## Optimization
|
|
|
|
|
Feel free to give us any suggestions or optimizations in code and support us by adding a star :).
|
|
|
|
|
Feel free to give us any suggestions or optimizations in code and support us by adding a star :)
|
|
|
|
|
|
Romain
GitHub