Fix build for a1879878f

Paths that contain illegal path components will be dropped
in the dispatcher.

(cherry picked from commit fc0ef37977)
Service-Card-Id: 85900829
Service-Version: 1.15

.clang-format

@@ -1,25 +1,57 @@
----
-Language: Cpp
-BasedOnStyle: Microsoft
+
 AccessModifierOffset: -4
+AlignAfterOpenBracket: Align
+AllowAllArgumentsOnNextLine: true
+AlignConsecutiveMacros: false
+AlignConsecutiveAssignments: false
+AlignConsecutiveDeclarations: false
+AllowAllConstructorInitializersOnNextLine: true
 AlignEscapedNewlines: Left
+AlignOperands: true
 AlignTrailingComments: false
 AllowAllParametersOfDeclarationOnNextLine: false
+AllowShortBlocksOnASingleLine: Never
 AllowShortFunctionsOnASingleLine: All
+AllowShortCaseLabelsOnASingleLine: false
+AllowShortIfStatementsOnASingleLine: Never
+#AllowShortLambdasOnASingleLine: Inline
+AllowShortLoopsOnASingleLine: false
+AlwaysBreakAfterReturnType: None
+AlwaysBreakBeforeMultilineStrings: false
 AlwaysBreakTemplateDeclarations: Yes
 BinPackArguments: false
 BinPackParameters: false
 BraceWrapping:
   AfterCaseLabel: true
+  AfterClass: true
+  AfterControlStatement: true
+  AfterEnum: true
+  AfterFunction: true
+  AfterNamespace: true
+  AfterObjCDeclaration: true
+  AfterStruct: true
   AfterUnion: true
   AfterExternBlock: false
+  BeforeCatch: true
+  BeforeElse: true
+  IndentBraces: false
+  SplitEmptyFunction: true
+  SplitEmptyRecord: true
+  SplitEmptyNamespace: true
+BreakBeforeBinaryOperators: None
+BreakBeforeBraces: Custom
 BreakBeforeTernaryOperators: false
 BreakConstructorInitializers: AfterColon
 BreakInheritanceList: AfterColon
 ColumnLimit: 0
 CommentPragmas: "suppress"
+CompactNamespaces: false
 ConstructorInitializerAllOnOneLineOrOnePerLine: true
+ConstructorInitializerIndentWidth: 4
+ContinuationIndentWidth: 4
 Cpp11BracedListStyle: false
+DeriveLineEnding: true
+DerivePointerAlignment: false
 FixNamespaceComments: false
 IncludeBlocks: Regroup
 IncludeCategories:
@@ -31,13 +63,35 @@ IncludeCategories:
       Priority: 2
     - Regex: '.*'
       Priority: 3
+IndentCaseLabels: false
+IndentPPDirectives: None
+IndentWidth: 4
+IndentWrappedFunctionNames: false
 KeepEmptyLinesAtTheStartOfBlocks: false
 MacroBlockBegin: "BEGIN_TEST_METHOD_PROPERTIES|BEGIN_MODULE|BEGIN_TEST_CLASS|BEGIN_TEST_METHOD"
 MacroBlockEnd: "END_TEST_METHOD_PROPERTIES|END_MODULE|END_TEST_CLASS|END_TEST_METHOD"
+MaxEmptyLinesToKeep: 1
 NamespaceIndentation: All
 PointerAlignment: Left
 ReflowComments: false
 SortIncludes: false
+SortUsingDeclarations: true
+SpaceAfterCStyleCast: false
+SpaceAfterLogicalNot: false
 SpaceAfterTemplateKeyword: false
+SpaceBeforeAssignmentOperators: true
+SpaceBeforeCpp11BracedList: false
+SpaceBeforeCtorInitializerColon: true
+SpaceBeforeInheritanceColon: true
+SpaceBeforeParens: ControlStatements
+SpaceBeforeRangeBasedForLoopColon: true
+SpaceInEmptyParentheses: false
+SpacesBeforeTrailingComments: 1
 SpacesInAngles: false
+SpacesInCStyleCastParentheses: false
 SpacesInContainerLiterals: false
+SpacesInParentheses: false
+SpacesInSquareBrackets: false
+Standard: Latest
+TabWidth: 4
+UseTab: Never

.config/dotnet-tools.json

@@ -3,7 +3,7 @@
   "isRoot": true,
   "tools": {
     "XamlStyler.Console": {
-      "version": "3.2311.2",
+      "version": "3.2008.4",
       "commands": [
         "xstyler"
       ]

.git-blame-ignore-revs

@@ -1,15 +0,0 @@
-# Commits mentioned in this file will automatically
-# be skipped by GitHub's blame view.
-# To use it with "git", run
-# > git blame --ignore-revs-file ./.git-blame-ignore-revs
-
-# Reformatted the entire codebase
-9b92986b49bed8cc41fde4d6ef080921c41e6d9e
-
-# Line Endings changes
-cb7a76d96c92aa9fc7b03f69148fb0c75dff191d
-5bbf61af8c8f12e6c05d07a696bf7d411b330a67
-d07546a6fef73fa4e1fb1c2f01535843d1fcc212
-
-# UTF-8 BOM changes
-ddae2a1d49d604487d3c963e5eacbeb73861d986

.github/ISSUE_TEMPLATE/Bug_Report.yml

@@ -1,6 +1,6 @@
 name: "Bug report 🐛"
 description: Report errors or unexpected behavior
-labels: [Issue-Bug, Needs-Triage]
+labels: [Issue-Bug]
 body:
 - type: markdown
   attributes:
@@ -14,7 +14,7 @@ body:
     label: Windows Terminal version
     placeholder: "1.7.3651.0"
     description: |
-      You can copy the version number from the About dialog. Open the About dialog by opening the menu with the "V" button (to the right of the "+" button that opens a new tab) and choosing About from the end of the list.
+      You can find the version in the about dialog, or by running `wt -v` at the commandline.
   validations:
     required: false
     

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,14 +1,20 @@
+<!-- Enter a brief description/summary of your PR here. What does it fix/what does it change/how was it tested (even manually, if necessary)? -->
 ## Summary of the Pull Request
 
-## References and Relevant Issues
+<!-- Other than the issue solved, is this relevant to any other issues/existing PRs? --> 
+## References
 
+<!-- Please review the items on the PR checklist before submitting-->
+## PR Checklist
+* [ ] Closes #xxx
+* [ ] CLA signed. If not, go over [here](https://cla.opensource.microsoft.com/microsoft/Terminal) and sign the CLA
+* [ ] Tests added/passed
+* [ ] Documentation updated. If checked, please file a pull request on [our docs repo](https://github.com/MicrosoftDocs/terminal) and link it here: #xxx
+* [ ] Schema updated.
+* [ ] I've discussed this with core contributors already. If not checked, I'm ready to accept this work might be rejected in favor of a different grand plan. Issue number where discussion took place: #xxx
+
+<!-- Provide a more detailed description of the PR, other things fixed or any additional comments/features here -->
 ## Detailed Description of the Pull Request / Additional comments
 
+<!-- Describe how you validated the behavior. Add automated tests wherever possible, but list manual validation steps taken as well -->
 ## Validation Steps Performed
-
-## PR Checklist
-- [ ] Closes #xxx
-- [ ] Tests added/passed
-- [ ] Documentation updated
-   - If checked, please file a pull request on [our docs repo](https://github.com/MicrosoftDocs/terminal) and link it here: #xxx
-- [ ] Schema updated (if necessary)

.github/actions/spelling/README.md

@@ -1,15 +0,0 @@
-# check-spelling/check-spelling configuration
-
-File | Purpose | Format | Info
--|-|-|-
-[allow/*.txt](allow/) | Add words to the dictionary | one word per line (only letters and `'`s allowed) | [allow](https://github.com/check-spelling/check-spelling/wiki/Configuration#allow)
-[reject.txt](reject.txt) | Remove words from the dictionary (after allow) | grep pattern matching whole dictionary words | [reject](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples%3A-reject)
-[excludes.txt](excludes.txt) | Files to ignore entirely | perl regular expression | [excludes](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples%3A-excludes)
-[patterns/*.txt](patterns/) | Patterns to ignore from checked lines | perl regular expression (order matters, first match wins) | [patterns](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples%3A-patterns)
-[candidate.patterns](candidate.patterns) | Patterns that might be worth adding to [patterns.txt](patterns.txt) | perl regular expression with optional comment block introductions (all matches will be suggested) | [candidates](https://github.com/check-spelling/check-spelling/wiki/Feature:-Suggest-patterns)
-[line_forbidden.patterns](line_forbidden.patterns) | Patterns to flag in checked lines | perl regular expression (order matters, first match wins) | [patterns](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples%3A-patterns)
-[expect/*.txt](expect.txt) | Expected words that aren't in the dictionary | one word per line (sorted, alphabetically) | [expect](https://github.com/check-spelling/check-spelling/wiki/Configuration#expect)
-[advice.md](advice.md) | Supplement for GitHub comment when unrecognized words are found | GitHub Markdown | [advice](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples%3A-advice)
-
-Note: you can replace any of these files with a directory by the same name (minus the suffix)
-and then include multiple files inside that directory (with that suffix) to merge multiple files together.

.github/actions/spelling/advice.md

@@ -1,4 +1,4 @@
-<!-- See https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples%3A-advice --> <!-- markdownlint-disable MD033 MD041 -->
+<!-- markdownlint-disable MD033 MD041 -->
 <details>
 <summary>
 :pencil2: Contributor please read this
@@ -6,6 +6,8 @@
 
 By default the command suggestion will generate a file named based on your commit. That's generally ok as long as you add the file to your commit. Someone can reorganize it later.
 
+:warning: The command is written for posix shells. You can copy the contents of each `perl` command excluding the outer `'` marks and dropping any `'"`/`"'` quotation mark pairs into a file and then run `perl file.pl` from the root of the repository to run the code. Alternatively, you can manually insert the items...
+
 If the listed items are:
 
 * ... **misspelled**, then please *correct* them instead of using the command.
@@ -18,31 +20,31 @@ See the `README.md` in each directory for more information.
 
 :microscope: You can test your commits **without** *appending* to a PR by creating a new branch with that extra change and pushing it to your fork. The [check-spelling](https://github.com/marketplace/actions/check-spelling) action will run in response to your **push** -- it doesn't require an open pull request. By using such a branch, you can limit the number of typos your peers see you make. :wink:
 
+<details><summary>:clamp: If you see a bunch of garbage</summary>
 
-<details><summary>If the flagged items are :exploding_head: false positives</summary>
+If it relates to a ...
+<details><summary>well-formed pattern</summary>
 
-If items relate to a ...
-* binary file (or some other file you wouldn't want to check at all).
+See if there's a [pattern](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples:-patterns) that would match it.
 
-  Please add a file path to the `excludes.txt` file matching the containing file.
+If not, try writing one and adding it to a `patterns/{file}.txt`.
 
-  File paths are Perl 5 Regular Expressions - you can [test](
-https://www.regexplanet.com/advanced/perl/) yours before committing to verify it will match your files.
-
-  `^` refers to the file's path from the root of the repository, so `^README\.md$` would exclude [README.md](
-../tree/HEAD/README.md) (on whichever branch you're using).
-
-* well-formed pattern.
-
-  If you can write a [pattern](
-https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples:-patterns
-) that would match it,
-  try adding it to the `patterns.txt` file.
-
-  Patterns are Perl 5 Regular Expressions - you can [test](
+Patterns are Perl 5 Regular Expressions - you can [test](
 https://www.regexplanet.com/advanced/perl/) yours before committing to verify it will match your lines.
 
-  Note that patterns can't match multiline strings.
+Note that patterns can't match multiline strings.
+</details>
+<details><summary>binary-ish string</summary>
+
+Please add a file path to the `excludes.txt` file instead of just accepting the garbage.
+
+File paths are Perl 5 Regular Expressions - you can [test](
+https://www.regexplanet.com/advanced/perl/) yours before committing to verify it will match your files.
+
+`^` refers to the file's path from the root of the repository, so `^README\.md$` would exclude [README.md](
+../tree/HEAD/README.md) (on whichever branch you're using).
+</details>
+
 </details>
 
 </details>

.github/actions/spelling/allow/allow.txt

@@ -1,38 +1,28 @@
-aci
 admins
-allcolors
-Apc
 apc
-backpressure
+Apc
+bsd
 breadcrumb
 breadcrumbs
-bsd
 calt
+CMMI
 ccmp
-ccon
 changelog
 clickable
 clig
-CMMI
 copyable
-Counterintuitively
-CtrlDToClose
 cybersecurity
 dalet
-Dcs
 dcs
-deselection
+Dcs
 dialytika
-diffing
 dje
 downside
 downsides
 dze
 dzhe
-DTo
 EDDB
 EDDC
-Emacspeak
 Enum'd
 Fitt
 formattings
@@ -43,19 +33,16 @@ gantt
 gcc
 geeksforgeeks
 ghe
-github
 gje
 godbolt
 hostname
 hostnames
-https
 hyperlink
 hyperlinking
 hyperlinks
 iconify
 img
 inlined
-issuetitle
 It'd
 kje
 libfuzzer
@@ -66,15 +53,13 @@ Llast
 llvm
 Lmid
 locl
-lol
 lorem
 Lorigin
 maxed
-megathread
-minimalistic
 mkmk
 mnt
 mru
+noreply
 nje
 noreply
 ogonek
@@ -82,8 +67,6 @@ ok'd
 overlined
 pipeline
 postmodern
-Powerline
-powerline
 ptys
 qof
 qps
@@ -94,38 +77,24 @@ reserialize
 reserializes
 rlig
 runtimes
-servicebus
 shcha
-similaritytolerance
 slnt
 Sos
-ssh
-sustainability
-stakeholders
-sxn
 timeline
 timelines
 timestamped
 TLDR
 tokenizes
 tonos
-toolset
-truthiness
 tshe
-ubuntu
 uiatextrange
 UIs
 und
 unregister
 versioned
 vsdevcmd
-walkthrough
-walkthroughs
 We'd
-westus
 wildcards
-workarounds
-XBox
-YBox
 yeru
 zhe
+allcolors

.github/actions/spelling/allow/apis.txt

@@ -5,7 +5,6 @@ aclapi
 alignas
 alignof
 APPLYTOSUBMENUS
-appxrecipe
 bitfield
 bitfields
 BUILDBRANCH
@@ -28,14 +27,10 @@ CYICON
 Dacl
 dataobject
 dcomp
-debugbreak
-delayimp
 DERR
 dlldata
 DNE
 DONTADDTORECENT
-DWMSBT
-DWMWA
 DWORDLONG
 endfor
 ENDSESSION
@@ -53,12 +48,9 @@ futex
 GETDESKWALLPAPER
 GETHIGHCONTRAST
 GETMOUSEHOVERTIME
-GETTEXTLENGTH
 Hashtable
 HIGHCONTRASTON
 HIGHCONTRASTW
-hinternet
-HINTERNET
 hotkeys
 href
 hrgn
@@ -78,11 +70,9 @@ IConnection
 ICustom
 IDialog
 IDirect
-Idn
 IExplorer
 IFACEMETHOD
 IFile
-IGraphics
 IInheritable
 IMap
 IMonarch
@@ -90,7 +80,6 @@ IObject
 iosfwd
 IPackage
 IPeasant
-isa
 ISetup
 isspace
 IStorage
@@ -98,7 +87,6 @@ istream
 IStringable
 ITab
 ITaskbar
-itow
 IUri
 IVirtual
 KEYSELECT
@@ -110,16 +98,12 @@ lround
 Lsa
 lsass
 LSHIFT
-LTGRAY
-MAINWINDOW
-MAXIMIZEBOX
 memchr
 memicmp
 MENUCOMMAND
 MENUDATA
-MENUINFO
 MENUITEMINFOW
-MINIMIZEBOX
+MENUINFO
 mmeapi
 MOUSELEAVE
 mov
@@ -156,7 +140,6 @@ OUTLINETEXTMETRICW
 overridable
 PACL
 PAGESCROLL
-PATINVERT
 PEXPLICIT
 PICKFOLDERS
 pmr
@@ -166,13 +149,11 @@ rcx
 REGCLS
 RETURNCMD
 rfind
-RLO
-ROOTOWNER
 roundf
+ROOTOWNER
 RSHIFT
 SACL
 schandle
-SEH
 semver
 serializer
 SETVERSION
@@ -188,7 +169,6 @@ snprintf
 spsc
 sregex
 SRWLOC
-srwlock
 SRWLOCK
 STDCPP
 STDMETHOD
@@ -200,17 +180,13 @@ Stubless
 Subheader
 Subpage
 syscall
-SYSTEMBACKDROP
-TABROW
 TASKBARCREATED
 TBPF
 THEMECHANGED
-THICKFRAME
 tlg
 TME
 tmp
 tmpdir
-tokeninfo
 tolower
 toupper
 TRACKMOUSEEVENT
@@ -221,19 +197,10 @@ UFIELD
 ULARGE
 UOI
 UPDATEINIFILE
-urlmon
 userenv
 USEROBJECTFLAGS
-Vcpp
-Viewbox
-virtualalloc
-vsnwprintf
-wcsnlen
 wcsstr
 wcstoui
-WDJ
-winhttp
-wininet
 winmain
 winsta
 winstamin
@@ -241,7 +208,6 @@ wmemcmp
 wpc
 WSF
 wsregex
-WWH
 wwinmain
 xchg
 XDocument
@@ -267,4 +233,3 @@ xtree
 xutility
 YIcon
 YMax
-zwstring

.github/actions/spelling/allow/microsoft.txt

@@ -4,17 +4,14 @@ advapi
 altform
 altforms
 appendwttlogging
-appinstaller
 appx
 appxbundle
 appxerror
 appxmanifest
 ATL
-autoexec
 backplating
 bitmaps
 BOMs
-COMPUTERNAME
 CPLs
 cpptools
 cppvsdbg
@@ -29,7 +26,6 @@ dotnetfeed
 DTDs
 DWINRT
 enablewttlogging
-HOMESHARE
 Intelli
 IVisual
 libucrt
@@ -37,7 +33,6 @@ libucrtd
 LKG
 LOCKFILE
 Lxss
-makepri
 mfcribbon
 microsoft
 microsoftonline
@@ -55,20 +50,14 @@ pgo
 pgosweep
 powerrename
 powershell
-priconfig
-PRIINFO
 propkey
 pscustomobject
 QWORD
-rdpclip
 regedit
-resfiles
 robocopy
 SACLs
 sdkddkver
-segoe
 Shobjidl
-sid
 Skype
 SRW
 sxs
@@ -81,7 +70,6 @@ tdbuildteamid
 ucrt
 ucrtd
 unvirtualized
-USERDNSDOMAIN
 VCRT
 vcruntime
 Virtualization

.github/actions/spelling/allow/names.txt

@@ -1,12 +1,11 @@
 Anup
-arkthur
 austdi
+arkthur
 Ballmer
 bhoj
 Bhojwani
 Bluloco
 carlos
-craigloewen
 dhowett
 Diviness
 dsafa
@@ -24,7 +23,6 @@ Griese
 Hernan
 Howett
 Illhardt
-Imms
 iquilezles
 italo
 jantari
@@ -32,11 +30,10 @@ jerrysh
 Kaiyu
 kimwalisch
 KMehrain
-Kodelife
 KODELIFE
+Kodelife
 Kourosh
 kowalczyk
-leonardder
 leonmsft
 Lepilleur
 lhecker
@@ -55,7 +52,6 @@ mikegr
 mikemaccana
 miloush
 miniksa
-nguyen
 niksa
 nvaccess
 nvda
@@ -63,7 +59,6 @@ oising
 oldnewthing
 opengl
 osgwiki
-Ottosson
 pabhojwa
 panos
 paulcam
@@ -74,26 +69,21 @@ Rincewind
 rprichard
 Schoonover
 shadertoy
-Shomnipotence
-simioni
 Somuah
 sonph
 sonpham
 stakx
 talo
 thereses
-Thysell
 Walisch
 WDX
 Wellons
-Westerman
 Wirt
 Wojciech
 zadjii
 Zamor
-zamora
 Zamora
-zljubisic
+zamora
 Zoey
 zorio
 Zverovich

.github/actions/spelling/candidate.patterns

@@ -1,643 +0,0 @@
-# marker to ignore all code on line
-^.*/\* #no-spell-check-line \*/.*$
-# marker to ignore all code on line
-^.*\bno-spell-check(?:-line|)(?:\s.*|)$
-
-# https://cspell.org/configuration/document-settings/
-# cspell inline
-^.*\b[Cc][Ss][Pp][Ee][Ll]{2}:\s*[Dd][Ii][Ss][Aa][Bb][Ll][Ee]-[Ll][Ii][Nn][Ee]\b
-
-# patch hunk comments
-^\@\@ -\d+(?:,\d+|) \+\d+(?:,\d+|) \@\@ .*
-# git index header
-index (?:[0-9a-z]{7,40},|)[0-9a-z]{7,40}\.\.[0-9a-z]{7,40}
-
-# file permissions
-['"`\s][-bcdLlpsw](?:[-r][-w][-Ssx]){2}[-r][-w][-SsTtx]\+?['"`\s]
-
-# css url wrappings
-\burl\([^)]+\)
-
-# cid urls
-(['"])cid:.*?\g{-1}
-
-# data url in parens
-#\(data:(?:[^) ][^)]*?|)(?:[A-Z]{3,}|[A-Z][a-z]{2,}|[a-z]{3,})[^)]*\)
-
-# data url in quotes
-([`'"])data:(?:[^ `'"].*?|)(?:[A-Z]{3,}|[A-Z][a-z]{2,}|[a-z]{3,}).*\g{-1}
-# data url
-data:[-a-zA-Z=;:/0-9+]*,\S*
-
-# https/http/file urls
-(?:\b(?:https?|ftp|file)://)[-A-Za-z0-9+&@#/%?=~_|!:,.;]+[-A-Za-z0-9+&@#/%=~_|]
-
-# mailto urls
-mailto:[-a-zA-Z=;:/?%&0-9+@.]{3,}
-
-# magnet urls
-magnet:[?=:\w]+
-
-# magnet urls
-"magnet:[^"]+"
-
-# obs:
-"obs:[^"]*"
-
-# The `\b` here means a break, it's the fancy way to handle urls, but it makes things harder to read
-# In this examples content, I'm using a number of different ways to match things to show various approaches
-# asciinema
-\basciinema\.org/a/[0-9a-zA-Z]+
-
-# asciinema v2
-^\[\d+\.\d+, "[io]", ".*"\]$
-
-# apple
-\bdeveloper\.apple\.com/[-\w?=/]+
-# Apple music
-\bembed\.music\.apple\.com/fr/playlist/usr-share/[-\w.]+
-
-# appveyor api
-\bci\.appveyor\.com/api/projects/status/[0-9a-z]+
-# appveyor project
-\bci\.appveyor\.com/project/(?:[^/\s"]*/){2}builds?/\d+/job/[0-9a-z]+
-
-# Amazon
-
-# Amazon
-\bamazon\.com/[-\w]+/(?:dp/[0-9A-Z]+|)
-# AWS S3
-\b\w*\.s3[^.]*\.amazonaws\.com/[-\w/&#%_?:=]*
-# AWS execute-api
-\b[0-9a-z]{10}\.execute-api\.[-0-9a-z]+\.amazonaws\.com\b
-# AWS ELB
-\b\w+\.[-0-9a-z]+\.elb\.amazonaws\.com\b
-# AWS SNS
-\bsns\.[-0-9a-z]+.amazonaws\.com/[-\w/&#%_?:=]*
-# AWS VPC
-vpc-\w+
-
-# While you could try to match `http://` and `https://` by using `s?` in `https?://`, sometimes there
-# YouTube url
-\b(?:(?:www\.|)youtube\.com|youtu.be)/(?:channel/|embed/|user/|playlist\?list=|watch\?v=|v/|)[-a-zA-Z0-9?&=_%]*
-# YouTube music
-\bmusic\.youtube\.com/youtubei/v1/browse(?:[?&]\w+=[-a-zA-Z0-9?&=_]*)
-# YouTube tag
-<\s*youtube\s+id=['"][-a-zA-Z0-9?_]*['"]
-# YouTube image
-\bimg\.youtube\.com/vi/[-a-zA-Z0-9?&=_]*
-# Google Accounts
-\baccounts.google.com/[-_/?=.:;+%&0-9a-zA-Z]*
-# Google Analytics
-\bgoogle-analytics\.com/collect.[-0-9a-zA-Z?%=&_.~]*
-# Google APIs
-\bgoogleapis\.(?:com|dev)/[a-z]+/(?:v\d+/|)[a-z]+/[-@:./?=\w+|&]+
-# Google Storage
-\b[-a-zA-Z0-9.]*\bstorage\d*\.googleapis\.com(?:/\S*|)
-# Google Calendar
-\bcalendar\.google\.com/calendar(?:/u/\d+|)/embed\?src=[@./?=\w&%]+
-\w+\@group\.calendar\.google\.com\b
-# Google DataStudio
-\bdatastudio\.google\.com/(?:(?:c/|)u/\d+/|)(?:embed/|)(?:open|reporting|datasources|s)/[-0-9a-zA-Z]+(?:/page/[-0-9a-zA-Z]+|)
-# The leading `/` here is as opposed to the `\b` above
-# ... a short way to match `https://` or `http://` since most urls have one of those prefixes
-# Google Docs
-/docs\.google\.com/[a-z]+/(?:ccc\?key=\w+|(?:u/\d+|d/(?:e/|)[0-9a-zA-Z_-]+/)?(?:edit\?[-\w=#.]*|/\?[\w=&]*|))
-# Google Drive
-\bdrive\.google\.com/(?:file/d/|open)[-0-9a-zA-Z_?=]*
-# Google Groups
-\bgroups\.google\.com(?:/[a-z]+/(?:#!|)[^/\s"]+)*
-# Google Maps
-\bmaps\.google\.com/maps\?[\w&;=]*
-# Google themes
-themes\.googleusercontent\.com/static/fonts/[^/\s"]+/v\d+/[^.]+.
-# Google CDN
-\bclients2\.google(?:usercontent|)\.com[-0-9a-zA-Z/.]*
-# Goo.gl
-/goo\.gl/[a-zA-Z0-9]+
-# Google Chrome Store
-\bchrome\.google\.com/webstore/detail/[-\w]*(?:/\w*|)
-# Google Books
-\bgoogle\.(?:\w{2,4})/books(?:/\w+)*\?[-\w\d=&#.]*
-# Google Fonts
-\bfonts\.(?:googleapis|gstatic)\.com/[-/?=:;+&0-9a-zA-Z]*
-# Google Forms
-\bforms\.gle/\w+
-# Google Scholar
-\bscholar\.google\.com/citations\?user=[A-Za-z0-9_]+
-# Google Colab Research Drive
-\bcolab\.research\.google\.com/drive/[-0-9a-zA-Z_?=]*
-
-# GitHub SHAs (api)
-\bapi.github\.com/repos(?:/[^/\s"]+){3}/[0-9a-f]+\b
-# GitHub SHAs (markdown)
-(?:\[`?[0-9a-f]+`?\]\(https:/|)/(?:www\.|)github\.com(?:/[^/\s"]+){2,}(?:/[^/\s")]+)(?:[0-9a-f]+(?:[-0-9a-zA-Z/#.]*|)\b|)
-# GitHub SHAs
-\bgithub\.com(?:/[^/\s"]+){2}[@#][0-9a-f]+\b
-# GitHub SHA refs
-\[([0-9a-f]+)\]\(https://(?:www\.|)github.com/[-\w]+/[-\w]+/commit/\g{-1}[0-9a-f]*
-# GitHub wiki
-\bgithub\.com/(?:[^/]+/){2}wiki/(?:(?:[^/]+/|)_history|[^/]+(?:/_compare|)/[0-9a-f.]{40,})\b
-# githubusercontent
-/[-a-z0-9]+\.githubusercontent\.com/[-a-zA-Z0-9?&=_\/.]*
-# githubassets
-\bgithubassets.com/[0-9a-f]+(?:[-/\w.]+)
-# gist github
-\bgist\.github\.com/[^/\s"]+/[0-9a-f]+
-# git.io
-\bgit\.io/[0-9a-zA-Z]+
-# GitHub JSON
-"node_id": "[-a-zA-Z=;:/0-9+_]*"
-# Contributor
-\[[^\]]+\]\(https://github\.com/[^/\s"]+/?\)
-# GHSA
-GHSA(?:-[0-9a-z]{4}){3}
-
-# GitLab commit
-\bgitlab\.[^/\s"]*/\S+/\S+/commit/[0-9a-f]{7,16}#[0-9a-f]{40}\b
-# GitLab merge requests
-\bgitlab\.[^/\s"]*/\S+/\S+/-/merge_requests/\d+/diffs#[0-9a-f]{40}\b
-# GitLab uploads
-\bgitlab\.[^/\s"]*/uploads/[-a-zA-Z=;:/0-9+]*
-# GitLab commits
-\bgitlab\.[^/\s"]*/(?:[^/\s"]+/){2}commits?/[0-9a-f]+\b
-
-# binance
-accounts\.binance\.com/[a-z/]*oauth/authorize\?[-0-9a-zA-Z&%]*
-
-# bitbucket diff
-\bapi\.bitbucket\.org/\d+\.\d+/repositories/(?:[^/\s"]+/){2}diff(?:stat|)(?:/[^/\s"]+){2}:[0-9a-f]+
-# bitbucket repositories commits
-\bapi\.bitbucket\.org/\d+\.\d+/repositories/(?:[^/\s"]+/){2}commits?/[0-9a-f]+
-# bitbucket commits
-\bbitbucket\.org/(?:[^/\s"]+/){2}commits?/[0-9a-f]+
-
-# bit.ly
-\bbit\.ly/\w+
-
-# bitrise
-\bapp\.bitrise\.io/app/[0-9a-f]*/[\w.?=&]*
-
-# bootstrapcdn.com
-\bbootstrapcdn\.com/[-./\w]+
-
-# cdn.cloudflare.com
-\bcdnjs\.cloudflare\.com/[./\w]+
-
-# circleci
-\bcircleci\.com/gh(?:/[^/\s"]+){1,5}.[a-z]+\?[-0-9a-zA-Z=&]+
-
-# gitter
-\bgitter\.im(?:/[^/\s"]+){2}\?at=[0-9a-f]+
-
-# gravatar
-\bgravatar\.com/avatar/[0-9a-f]+
-
-# ibm
-[a-z.]*ibm\.com/[-_#=:%!?~.\\/\d\w]*
-
-# imgur
-\bimgur\.com/[^.]+
-
-# Internet Archive
-\barchive\.org/web/\d+/(?:[-\w.?,'/\\+&%$#_:]*)
-
-# discord
-/discord(?:app\.com|\.gg)/(?:invite/)?[a-zA-Z0-9]{7,}
-
-# Disqus
-\bdisqus\.com/[-\w/%.()!?&=_]*
-
-# medium link
-\blink\.medium\.com/[a-zA-Z0-9]+
-# medium
-\bmedium\.com/\@?[^/\s"]+/[-\w]+
-
-# microsoft
-\b(?:https?://|)(?:(?:download\.visualstudio|docs|msdn2?|research)\.microsoft|blogs\.msdn)\.com/[-_a-zA-Z0-9()=./%]*
-# powerbi
-\bapp\.powerbi\.com/reportEmbed/[^"' ]*
-# vs devops
-\bvisualstudio.com(?::443|)/[-\w/?=%&.]*
-# microsoft store
-\bmicrosoft\.com/store/apps/\w+
-
-# mvnrepository.com
-\bmvnrepository\.com/[-0-9a-z./]+
-
-# now.sh
-/[0-9a-z-.]+\.now\.sh\b
-
-# oracle
-\bdocs\.oracle\.com/[-0-9a-zA-Z./_?#&=]*
-
-# chromatic.com
-/\S+.chromatic.com\S*[")]
-
-# codacy
-\bapi\.codacy\.com/project/badge/Grade/[0-9a-f]+
-
-# compai
-\bcompai\.pub/v1/png/[0-9a-f]+
-
-# mailgun api
-\.api\.mailgun\.net/v3/domains/[0-9a-z]+\.mailgun.org/messages/[0-9a-zA-Z=@]*
-# mailgun
-\b[0-9a-z]+.mailgun.org
-
-# /message-id/
-/message-id/[-\w@./%]+
-
-# Reddit
-\breddit\.com/r/[/\w_]*
-
-# requestb.in
-\brequestb\.in/[0-9a-z]+
-
-# sched
-\b[a-z0-9]+\.sched\.com\b
-
-# Slack url
-slack://[a-zA-Z0-9?&=]+
-# Slack
-\bslack\.com/[-0-9a-zA-Z/_~?&=.]*
-# Slack edge
-\bslack-edge\.com/[-a-zA-Z0-9?&=%./]+
-# Slack images
-\bslack-imgs\.com/[-a-zA-Z0-9?&=%.]+
-
-# shields.io
-\bshields\.io/[-\w/%?=&.:+;,]*
-
-# stackexchange -- https://stackexchange.com/feeds/sites
-\b(?:askubuntu|serverfault|stack(?:exchange|overflow)|superuser).com/(?:questions/\w+/[-\w]+|a/)
-
-# Sentry
-[0-9a-f]{32}\@o\d+\.ingest\.sentry\.io\b
-
-# Twitter markdown
-\[\@[^[/\]:]*?\]\(https://twitter.com/[^/\s"')]*(?:/status/\d+(?:\?[-_0-9a-zA-Z&=]*|)|)\)
-# Twitter hashtag
-\btwitter\.com/hashtag/[\w?_=&]*
-# Twitter status
-\btwitter\.com/[^/\s"')]*(?:/status/\d+(?:\?[-_0-9a-zA-Z&=]*|)|)
-# Twitter profile images
-\btwimg\.com/profile_images/[_\w./]*
-# Twitter media
-\btwimg\.com/media/[-_\w./?=]*
-# Twitter link shortened
-\bt\.co/\w+
-
-# facebook
-\bfburl\.com/[0-9a-z_]+
-# facebook CDN
-\bfbcdn\.net/[\w/.,]*
-# facebook watch
-\bfb\.watch/[0-9A-Za-z]+
-
-# dropbox
-\bdropbox\.com/sh?/[^/\s"]+/[-0-9A-Za-z_.%?=&;]+
-
-# ipfs protocol
-ipfs://[0-9a-zA-Z]{3,}
-# ipfs url
-/ipfs/[0-9a-zA-Z]{3,}
-
-# w3
-\bw3\.org/[-0-9a-zA-Z/#.]+
-
-# loom
-\bloom\.com/embed/[0-9a-f]+
-
-# regex101
-\bregex101\.com/r/[^/\s"]+/\d+
-
-# figma
-\bfigma\.com/file(?:/[0-9a-zA-Z]+/)+
-
-# freecodecamp.org
-\bfreecodecamp\.org/[-\w/.]+
-
-# image.tmdb.org
-\bimage\.tmdb\.org/[/\w.]+
-
-# mermaid
-\bmermaid\.ink/img/[-\w]+|\bmermaid-js\.github\.io/mermaid-live-editor/#/edit/[-\w]+
-
-# Wikipedia
-\ben\.wikipedia\.org/wiki/[-\w%.#]+
-
-# gitweb
-[^"\s]+/gitweb/\S+;h=[0-9a-f]+
-
-# HyperKitty lists
-/archives/list/[^@/]+\@[^/\s"]*/message/[^/\s"]*/
-
-# lists
-/thread\.html/[^"\s]+
-
-# list-management
-\blist-manage\.com/subscribe(?:[?&](?:u|id)=[0-9a-f]+)+
-
-# kubectl.kubernetes.io/last-applied-configuration
-"kubectl.kubernetes.io/last-applied-configuration": ".*"
-
-# pgp
-\bgnupg\.net/pks/lookup[?&=0-9a-zA-Z]*
-
-# Spotify
-\bopen\.spotify\.com/embed/playlist/\w+
-
-# Mastodon
-\bmastodon\.[-a-z.]*/(?:media/|\@)[?&=0-9a-zA-Z_]*
-
-# scastie
-\bscastie\.scala-lang\.org/[^/]+/\w+
-
-# images.unsplash.com
-\bimages\.unsplash\.com/(?:(?:flagged|reserve)/|)[-\w./%?=%&.;]+
-
-# pastebin
-\bpastebin\.com/[\w/]+
-
-# heroku
-\b\w+\.heroku\.com/source/archive/\w+
-
-# quip
-\b\w+\.quip\.com/\w+(?:(?:#|/issues/)\w+)?
-
-# badgen.net
-\bbadgen\.net/badge/[^")\]'\s]+
-
-# statuspage.io
-\w+\.statuspage\.io\b
-
-# media.giphy.com
-\bmedia\.giphy\.com/media/[^/]+/[\w.?&=]+
-
-# tinyurl
-\btinyurl\.com/\w+
-
-# codepen
-\bcodepen\.io/[\w/]+
-
-# registry.npmjs.org
-\bregistry\.npmjs\.org/(?:@[^/"']+/|)[^/"']+/-/[-\w@.]+
-
-# getopts
-\bgetopts\s+(?:"[^"]+"|'[^']+')
-
-# ANSI color codes
-(?:\\(?:u00|x)1[Bb]|\x1b|\\u\{1[Bb]\})\[\d+(?:;\d+|)m
-
-# URL escaped characters
-\%[0-9A-F][A-F](?=[A-Za-z])
-# lower URL escaped characters
-\%[0-9a-f][a-f](?=[a-z]{2,})
-# IPv6
-#\b(?:[0-9a-fA-F]{0,4}:){3,7}[0-9a-fA-F]{0,4}\b
-
-# c99 hex digits (not the full format, just one I've seen)
-0x[0-9a-fA-F](?:\.[0-9a-fA-F]*|)[pP]
-# Punycode
-\bxn--[-0-9a-z]+
-# sha
-sha\d+:[0-9]*[a-f]{3,}[0-9a-f]*
-# sha-... -- uses a fancy capture
-(\\?['"]|&quot;)[0-9a-f]{40,}\g{-1}
-# hex runs
-\b[0-9a-fA-F]{16,}\b
-# hex in url queries
-=[0-9a-fA-F]*?(?:[A-F]{3,}|[a-f]{3,})[0-9a-fA-F]*?&
-# ssh
-(?:ssh-\S+|-nistp256) [-a-zA-Z=;:/0-9+]{12,}
-
-# PGP
-\b(?:[0-9A-F]{4} ){9}[0-9A-F]{4}\b
-# GPG keys
-\b(?:[0-9A-F]{4} ){5}(?: [0-9A-F]{4}){5}\b
-# Well known gpg keys
-.well-known/openpgpkey/[\w./]+
-
-# pki
------BEGIN.*-----END
-
-# uuid:
-\b[0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}\b
-# hex digits including css/html color classes:
-(?:[\\0][xX]|\\u|[uU]\+|#x?|\%23)[0-9_a-fA-FgGrR]*?[a-fA-FgGrR]{2,}[0-9_a-fA-FgGrR]*(?:[uUlL]{0,3}|[iu]\d+)\b
-# integrity
-integrity=(['"])(?:\s*sha\d+-[-a-zA-Z=;:/0-9+]{40,})+\g{-1}
-
-# https://www.gnu.org/software/groff/manual/groff.html
-# man troff content
-\\f[BCIPR]
-# '/"
-\\\([ad]q
-
-# .desktop mime types
-^MimeTypes?=.*$
-# .desktop localized entries
-^[A-Z][a-z]+\[[a-z]+\]=.*$
-# Localized .desktop content
-Name\[[^\]]+\]=.*
-
-# IServiceProvider / isAThing
-\b(?:I|isA)(?=(?:[A-Z][a-z]{2,})+\b)
-
-# crypt
-(['"])\$2[ayb]\$.{56}\g{-1}
-
-# scrypt / argon
-\$(?:scrypt|argon\d+[di]*)\$\S+
-
-# go.sum
-\bh1:\S+
-
-# scala modules
-("[^"]+"\s*%%?\s*){2,3}"[^"]+"
-
-# Input to GitHub JSON
-content: (['"])[-a-zA-Z=;:/0-9+]*=\g{-1}
-
-# This does not cover multiline strings, if your repository has them,
-# you'll want to remove the `(?=.*?")` suffix.
-# The `(?=.*?")` suffix should limit the false positives rate
-# printf
-#%(?:(?:(?:hh?|ll?|[jzt])?[diuoxn]|l?[cs]|L?[fega]|p)(?=[a-z]{2,})|(?:X|L?[FEGA]|p)(?=[a-zA-Z]{2,}))(?=[_a-zA-Z]+\b)(?!%)(?=.*?['"])
-
-# Python string prefix / binary prefix
-# Note that there's a high false positive rate, remove the `?=` and search for the regex to see if the matches seem like reasonable strings
-(?<!')\b(?:B|BR|Br|F|FR|Fr|R|RB|RF|Rb|Rf|U|UR|Ur|b|bR|br|f|fR|fr|r|rB|rF|rb|rf|u|uR|ur)'(?=[A-Z]{3,}|[A-Z][a-z]{2,}|[a-z]{3,})
-
-# Regular expressions for (P|p)assword
-\([A-Z]\|[a-z]\)[a-z]+
-
-# JavaScript regular expressions
-# javascript test regex
-/.*/[gim]*\.test\(
-# javascript match regex
-\.match\(/[^/\s"]*/[gim]*\s*
-# javascript match regex
-\.match\(/\\[b].*?/[gim]*\s*\)(?:;|$)
-# javascript regex
-^\s*/\\[b].*/[gim]*\s*(?:\)(?:;|$)|,$)
-# javascript replace regex
-\.replace\(/[^/\s"]*/[gim]*\s*,
-# assign regex
-= /[^*]*?(?:[a-z]{3,}|[A-Z]{3,}|[A-Z][a-z]{2,}).*/
-# perl regex test
-[!=]~ (?:/.*/|m\{.*?\}|m<.*?>|m([|!/@#,;']).*?\g{-1})
-
-# perl qr regex
-(?<!\$)\bqr(?:\{.*?\}|<.*?>|\(.*?\)|([|!/@#,;']).*?\g{-1})
-
-# Go regular expressions
-regexp?\.MustCompile\(`[^`]*`\)
-
-# regex choice
-\(\?:[^)]+\|[^)]+\)
-
-# proto
-^\s*(\w+)\s\g{-1} =
-
-# sed regular expressions
-sed 's/(?:[^/]*?[a-zA-Z]{3,}[^/]*?/){2}
-
-# node packages
-(["'])\@[^/'" ]+/[^/'" ]+\g{-1}
-
-# go install
-go install(?:\s+[a-z]+\.[-@\w/.]+)+
-
-# jetbrains schema https://youtrack.jetbrains.com/issue/RSRP-489571
-urn:shemas-jetbrains-com
-
-# kubernetes pod status lists
-# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase
-\w+(?:-\w+)+\s+\d+/\d+\s+(?:Running|Pending|Succeeded|Failed|Unknown)\s+
-
-# kubectl - pods in CrashLoopBackOff
-\w+-[0-9a-f]+-\w+\s+\d+/\d+\s+CrashLoopBackOff\s+
-
-# kubernetes object suffix
--[0-9a-f]{10}-\w{5}\s
-
-# posthog secrets
-([`'"])phc_[^"',]+\g{-1}
-
-# xcode
-
-# xcodeproject scenes
-(?:Controller|destination|ID|id)="\w{3}-\w{2}-\w{3}"
-
-# xcode api botches
-customObjectInstantitationMethod
-
-# configure flags
-.* \| --\w{2,}.*?(?=\w+\s\w+)
-
-# font awesome classes
-\.fa-[-a-z0-9]+
-
-# bearer auth
-(['"])Bear[e][r] .*?\g{-1}
-
-# basic auth
-(['"])Basic [-a-zA-Z=;:/0-9+]{3,}\g{-1}
-
-# base64 encoded content
-#([`'"])[-a-zA-Z=;:/0-9+]+=\g{-1}
-# base64 encoded content in xml/sgml
->[-a-zA-Z=;:/0-9+]+=</
-# base64 encoded content, possibly wrapped in mime
-#(?:^|[\s=;:?])[-a-zA-Z=;:/0-9+]{50,}(?:[\s=;:?]|$)
-
-# encoded-word
-=\?[-a-zA-Z0-9"*%]+\?[BQ]\?[^?]{0,75}\?=
-
-# Time Zones
-\b(?:Africa|Atlantic|America|Antarctica|Asia|Australia|Europe|Indian|Pacific)(?:/\w+)+
-
-# linux kernel info
-^(?:bugs|flags|Features)\s+:.*
-
-# systemd mode
-systemd.*?running in system mode \([-+].*\)$
-
-# Update Lorem based on your content (requires `ge` and `w` from https://github.com/jsoref/spelling; and `review` from https://github.com/check-spelling/check-spelling/wiki/Looking-for-items-locally )
-# grep '^[^#].*lorem' .github/actions/spelling/patterns.txt|perl -pne 's/.*i..\?://;s/\).*//' |tr '|' "\n"|sort -f |xargs -n1 ge|perl -pne 's/^[^:]*://'|sort -u|w|sed -e 's/ .*//'|w|review -
-# Warning, while `(?i)` is very neat and fancy, if you have some binary files that aren't proper unicode, you might run into:
-## Operation "substitution (s///)" returns its argument for non-Unicode code point 0x1C19AE (the code point will vary).
-## You could manually change `(?i)X...` to use `[Xx]...`
-## or you could add the files to your `excludes` file (a version after 0.0.19 should identify the file path)
-# Lorem
-(?:\w|\s|[,.])*\b(?i)(?:amet|consectetur|cursus|dolor|eros|ipsum|lacus|libero|ligula|lorem|magna|neque|nulla|suscipit|tempus)\b(?:\w|\s|[,.])*
-
-# Non-English
-[a-zA-Z]*[ÀÁÂÃÄÅÆČÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝßàáâãäåæčçèéêëìíîïðñòóôõöøùúûüýÿĀāŁłŃńŅņŒœŚśŠšŜŝŸŽžź][a-zA-Z]{3}[a-zA-ZÀÁÂÃÄÅÆČÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝßàáâãäåæčçèéêëìíîïðñòóôõöøùúûüýÿĀāŁłŃńŅņŒœŚśŠšŜŝŸŽžź]*|[a-zA-Z]{3,}[ÀÁÂÃÄÅÆČÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝßàáâãäåæčçèéêëìíîïðñòóôõöøùúûüýÿĀāŁłŃńŅņŒœŚśŠšŜŝŸŽžź]|[ÀÁÂÃÄÅÆČÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝßàáâãäåæčçèéêëìíîïðñòóôõöøùúûüýÿĀāŁłŃńŅņŒœŚśŠšŜŝŸŽžź][a-zA-Z]{3,}
-
-# highlighted letters
-\[[A-Z]\][a-z]+
-
-# French
-# This corpus only had capital letters, but you probably want lowercase ones as well.
-\b[LN]'+[a-z]{2,}\b
-
-# latex (check-spelling <= 0.0.21)
-#\\(?:n(?:ew|ormal|osub)|r(?:enew)|t(?:able(?:of|)|he|itle))(?=[a-z]+)
-
-# latex (check-spelling >= 0.0.22)
-\\\w{2,}\{
-
-# eslint
-"varsIgnorePattern": ".+"
-
-# Windows short paths
-[/\\][^/\\]{5,6}~\d{1,2}[/\\]
-
-# in check-spelling@v0.0.22+, printf markers aren't automatically consumed
-# printf markers
-#(?<!\\)\\[nrt](?=[a-z]{2,})
-
-# alternate markers if you run into latex and friends
-#(?<!\\)\\[nrt](?=[a-z]{2,})(?=.*['"`])
-
-# apache
-a2(?:en|dis)
-
-# weak e-tag
-W/"[^"]+"
-
-# the negative lookahead here is to allow catching 'templatesz' as a misspelling
-# but to otherwise recognize a Windows path with \templates\foo.template or similar:
-#\\(?:necessary|r(?:eport|esolve[dr]?|esult)|t(?:arget|emplates?))(?![a-z])
-
-# ignore long runs of a single character:
-\b([A-Za-z])\g{-1}{3,}\b
-
-# version suffix <word>v#
-(?:(?<=[A-Z]{2})V|(?<=[a-z]{2}|[A-Z]{2})v)\d+(?:\b|(?=[a-zA-Z_]))
-
-# Compiler flags (Unix, Java/Scala)
-# Use if you have things like `-Pdocker` and want to treat them as `docker`
-#(?:^|[\t ,>"'`=(])-(?:(?:J-|)[DPWXY]|[Llf])(?=[A-Z]{2,}|[A-Z][a-z]|[a-z]{2,})
-
-# Compiler flags (Windows / PowerShell)
-# This is a subset of the more general compiler flags pattern.
-# It avoids matching `-Path` to prevent it from being treated as `ath`
-#(?:^|[\t ,"'`=(])-(?:[DPL](?=[A-Z]{2,})|[WXYlf](?=[A-Z]{2,}|[A-Z][a-z]|[a-z]{2,}))
-
-# Compiler flags (linker)
-,-B
-
-# curl arguments
-\b(?:\\n|)curl(?:\s+-[a-zA-Z]{1,2}\b)*(?:\s+-[a-zA-Z]{3,})(?:\s+-[a-zA-Z]+)*
-# set arguments
-\bset(?:\s+-[abefimouxE]{1,2})*\s+-[abefimouxE]{3,}(?:\s+-[abefimouxE]+)*
-# tar arguments
-\b(?:\\n|)g?tar(?:\.exe|)(?:(?:\s+--[-a-zA-Z]+|\s+-[a-zA-Z]+|\s[ABGJMOPRSUWZacdfh-pr-xz]+\b)(?:=[^ ]*|))+
-# tput arguments -- https://man7.org/linux/man-pages/man5/terminfo.5.html -- technically they can be more than 5 chars long...
-\btput\s+(?:(?:-[SV]|-T\s*\w+)\s+)*\w{3,5}\b
-# macOS temp folders
-/var/folders/\w\w/[+\w]+/(?:T|-Caches-)/

.github/actions/spelling/excludes.txt

@@ -1,46 +1,28 @@
-# See https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples:-excludes
-(?:^|/)(?i)COPYRIGHT
-(?:^|/)(?i)LICEN[CS]E
-(?:^|/)3rdparty/
+(?:(?i)\.png$)
 (?:^|/)dirs$
+(?:^|/)go\.mod$
 (?:^|/)go\.sum$
-(?:^|/)package(?:-lock|)\.json$
-(?:^|/)Pipfile$
-(?:^|/)pyproject.toml
-(?:^|/)requirements(?:-dev|-doc|-test|)\.txt$
+(?:^|/)package-lock\.json$
 (?:^|/)sources(?:|\.dep)$
-(?:^|/)vendor/
-\.a$
+SUMS$
 \.ai$
-\.all-contributorsrc$
-\.avi$
 \.bmp$
-\.bz2$
 \.cer$
 \.class$
-\.coveragerc$
 \.crl$
 \.crt$
 \.csr$
 \.dll$
-\.docx?$
-\.drawio$
 \.DS_Store$
 \.eot$
 \.eps$
 \.exe$
 \.gif$
-\.git-blame-ignore-revs$
-\.gitattributes$
-\.gitignore$
-\.gitkeep$
 \.graffle$
 \.gz$
 \.icns$
 \.ico$
-\.ipynb$
 \.jar$
-\.jks$
 \.jpeg$
 \.jpg$
 \.key$
@@ -48,62 +30,37 @@
 \.lock$
 \.map$
 \.min\..
-\.mo$
-\.mod$
 \.mp3$
 \.mp4$
-\.o$
-\.ocf$
 \.otf$
-\.p12$
-\.parquet$
 \.pbxproj$
 \.pdf$
 \.pem$
-\.pfx$
-\.png$
 \.psd$
-\.pyc$
-\.pylintrc$
-\.qm$
 \.runsettings$
-\.s$
 \.sig$
 \.so$
 \.svg$
 \.svgz$
-\.sys$
 \.tar$
 \.tgz$
-\.tiff?$
 \.ttf$
-\.vcxproj\.filters$
 \.vsdx$
-\.wav$
-\.webm$
-\.webp$
 \.woff
 \.xcf$
-\.xlsx?$
+\.xls
 \.xpm$
-\.xz$
+\.yml$
 \.zip$
-^\.github/actions/spelling/
-^\Q.github/workflows/spelling.yml\E$
-^\Qbuild/config/release.gdnbaselines\E$
-^\Qsrc/host/ft_host/chafa.txt\E$
-^\Qsrc/host/ft_uia/run.bat\E$
-^\Qsrc/host/runft.bat\E$
-^\Qsrc/tools/lnkd/lnkd.bat\E$
-^\Qsrc/tools/pixels/pixels.bat\E$
 ^build/config/
 ^consolegit2gitfilters\.json$
 ^dep/
-^doc/reference/master-sequence-list\.csv$
+^doc/reference/master-sequence-list.csv$
 ^doc/reference/UTF8-torture-test\.txt$
-^doc/reference/windows-terminal-logo\.ans$
 ^oss/
-^samples/PixelShaders/Screenshots/
+^src/host/ft_uia/run\.bat$
+^src/host/runft\.bat$
+^src/host/runut\.bat$
 ^src/interactivity/onecore/BgfxEngine\.
 ^src/renderer/atlas/
 ^src/renderer/wddmcon/WddmConRenderer\.
@@ -114,14 +71,14 @@
 ^src/terminal/parser/ft_fuzzwrapper/run\.bat$
 ^src/terminal/parser/ut_parser/Base64Test.cpp$
 ^src/terminal/parser/ut_parser/run\.bat$
-^src/tools/benchcat
-^src/tools/integrity/dirs$
 ^src/tools/integrity/packageuwp/ConsoleUWP\.appxSources$
-^src/tools/RenderingTests/main\.cpp$
+^src/tools/lnkd/lnkd\.bat$
+^src/tools/pixels/pixels\.bat$
 ^src/tools/texttests/fira\.txt$
-^src/tools/U8U16Test/(?!en)..\.
-^src/types/ColorFix\.cpp$
-^src/types/ut_types/UtilsTests\.cpp$
-^tools/ReleaseEngineering/ServicingPipeline\.ps1$
-^XamlStyler\.json$
-ignore$
+^src/tools/U8U16Test/(?:fr|ru|zh)\.txt$
+^src/types/ut_types/UtilsTests.cpp$
+^tools/ReleaseEngineering/ServicingPipeline.ps1$
+^\.github/actions/spelling/
+^\.github/fabricbot.json$
+^\.gitignore$
+^\XamlStyler.json$

.github/actions/spelling/expect/04cdb9b77d6827c0202f51acd4205b017015bfff.txt

@@ -1,5 +0,0 @@
-EOB
-swrapped
-wordi
-wordiswrapped
-wrappe

.github/actions/spelling/expect/alphabet.txt

@@ -5,33 +5,35 @@ AAAAAABBBBBBCCC
 AAAAABBBBBBCCC
 abcd
 abcd
+abcde
+abcdef
+ABCDEFG
+ABCDEFGH
 ABCDEFGHIJ
 abcdefghijk
 ABCDEFGHIJKLMNO
 abcdefghijklmnop
-ABCDEFGHIJKLMNOPQRS
 ABCDEFGHIJKLMNOPQRST
+abcdefghijklmnopqrstuvwxyz
 ABCG
 ABE
 abf
 BBBBB
 BBBBBBBB
+BBBBBBBBBBBBBBDDDD
 BBBBBCCC
 BBBBCCCCC
 BBGGRR
-efg
+CCE
 EFG
-efgh
 EFGh
-KLMNOQQQQQQQQQQ
 QQQQQQQQQQABCDEFGHIJ
-QQQQQQQQQQABCDEFGHIJKLMNOPQRS
 QQQQQQQQQQABCDEFGHIJKLMNOPQRSTQQQQQQQQQ
 QQQQQQQQQQABCDEFGHIJKLMNOPQRSTQQQQQQQQQQ
-QQQQQQQQQQABCDEFGHIJPQRST
 QQQQQQQQQQABCDEFGHIJPQRSTQQQQQQQQQQ
 qrstuvwxyz
 qwerty
+QWERTYUIOP
 qwertyuiopasdfg
 YYYYYYYDDDDDDDDDDD
 ZAAZZ

.github/actions/spelling/expect/web.txt

@@ -1,6 +1,29 @@
+http
+www
+easyrgb
+php
+ecma
+rapidtables
+WCAG
+freedesktop
+ycombinator
+robertelder
+kovidgoyal
+leonerd
+fixterms
 winui
 appshellintegration
 mdtauk
+cppreference
 gfycat
 Guake
-xkcd
+azurewebsites
+askubuntu
+dostips
+viewtopic
+rosettacode
+Rexx
+tldp
+HOWTO
+uwspace
+uwaterloo

.github/actions/spelling/line_forbidden.patterns

@@ -1,119 +0,0 @@
-# reject `m_data` as VxWorks defined it and that breaks things if it's used elsewhere
-# see [fprime](https://github.com/nasa/fprime/commit/d589f0a25c59ea9a800d851ea84c2f5df02fb529)
-# and [Qt](https://github.com/qtproject/qt-solutions/blame/fb7bc42bfcc578ff3fa3b9ca21a41e96eb37c1c7/qtscriptclassic/src/qscriptbuffer_p.h#L46)
-# \bm_data\b
-
-# If you have a framework that uses `it()` for testing and `fit()` for debugging a specific test,
-# you might not want to check in code where you were debugging w/ `fit()`, in which case, you might want
-# to use this:
-#\bfit\(
-
-# s.b. anymore
-\bany more[,.]
-
-# s.b. GitHub
-(?<![&*.]|// |\btype )\bGithub\b(?![{)])
-
-# s.b. GitLab
-(?<![&*.]|// |\btype )\bGitlab\b(?![{)])
-
-# s.b. JavaScript
-\bJavascript\b
-
-# s.b. macOS or Mac OS X or ...
-\bMacOS\b
-
-# s.b. Microsoft
-\bMicroSoft\b
-
-# s.b. TypeScript
-\bTypescript\b
-
-# s.b. another
-\ban[- ]other\b
-
-# s.b. deprecation warning
-\b[Dd]epreciation [Ww]arnings?\b
-
-# s.b. greater than
-\bgreater then\b
-
-# s.b. in front of
-\bin from of\b
-
-# s.b. into
-# when not phrasal and when `in order to` would be wrong:
-# https://thewritepractice.com/into-vs-in-to/
-#\sin to\s(?!if\b)
-
-# s.b. is obsolete
-\bis obsolescent\b
-
-# s.b. it's or its
-\bits['’]
-
-# s.b. opt-in
-#(?<!\sfor)\sopt in\s
-
-# s.b. less than
-\bless then\b
-
-# s.b. one of
-\bon of\b
-
-# s.b. otherwise
-\bother[- ]wise\b
-
-# s.b. or (more|less)
-\bore (?:more|less)\b
-
-# s.b. nonexistent
-\bnon existing\b
-\b[Nn]o[nt][- ]existent\b
-
-# s.b. brief / details/ param / return / retval
-(?:^\s*|(?:\*|//|/*)\s+`)[\\@](?:breif|(?:detail|detials)|(?:params(?!\.)|prama?)|ret(?:uns?)|retvl)\b
-
-# s.b. preexisting
-[Pp]re[- ]existing
-
-# s.b. preempt
-[Pp]re[- ]empt\b
-
-# s.b. preemptively
-[Pp]re[- ]emptively
-
-# s.b. recently changed or recent changes
-[Rr]ecent changed
-
-# s.b. reentrancy
-[Rr]e[- ]entrancy
-
-# s.b. reentrant
-[Rr]e[- ]entrant
-
-# s.b. understand
-\bunder stand\b
-
-# s.b. workarounds
-#\bwork[- ]arounds\b
-
-# s.b. workaround
-(?:(?:[Aa]|[Tt]he|ugly)\swork[- ]around\b|\swork[- ]around\s+for)
-
-# s.b. (coarse|fine)-grained
-\b(?:coarse|fine) grained\b
-
-# s.b. neither/nor -- or reword
-#\bnot\b[^.?!"/(]+\bnor\b
-
-# probably a double negative
-# s.b. neither/nor (plus rewording the beginning)
-\bnot\b[^.?!"/]*\bneither\b[^.?!"/(]*\bnor\b
-
-# In English, it is generally wrong to have the same word twice in a row without punctuation.
-# Duplicated words are generally mistakes.
-# There are a few exceptions where it is acceptable (e.g. "that that").
-# If the highlighted doubled word pair is in a code snippet, you can write a pattern to mask it.
-# If the highlighted doubled word pair is in prose, have someone read the English before you dismiss this error.
-\s([A-Z]{3,}|[A-Z][a-z]{2,}|[a-z]{3,})\s\g{-1}\s

.github/actions/spelling/patterns/0_n.txt

@@ -0,0 +1,2 @@
+\\native(?![a-z])
+\\nihilist(?![a-z])

.github/actions/spelling/patterns/0_r.txt

@@ -0,0 +1,8 @@
+\\registry(?![a-z])
+\\release(?![a-z])
+\\resources?(?![a-z])
+\\result(?![a-z])
+\\resultmacros(?![a-z])
+\\rules(?![a-z])
+\\renderer(?![a-z])
+\\rectread(?![a-z])

.github/actions/spelling/patterns/0_t.txt

@@ -0,0 +1,13 @@
+\\telemetry(?![a-z])
+\\templates(?![a-z])
+\\term(?![a-z])
+\\terminal(?![a-z])
+\\terminalcore(?![a-z])
+\\terminalinput(?![a-z])
+\\testlist(?![a-z])
+\\testmd(?![a-z])
+\\testpasses(?![a-z])
+\\tests(?![a-z])
+\\thread(?![a-z])
+\\tools(?![a-z])
+\\types(?![a-z])

.github/actions/spelling/patterns/README.md

@@ -7,6 +7,10 @@ Note: order of the contents of these files can matter.
 Lines from an individual file are handled in file order.
 Files are selected in alphabetical order.
 
+* [n](0_n.txt), [r](0_r.txt), and [t](0_t.txt) are specifically to work around
+a quirk in the spell checker:
+it often sees C strings of the form "Hello\nwerld". And would prefer to
+spot the typo of `werld`.
 * [patterns](patterns.txt) is the main list -- there is nothing
 particularly special about the file name (beyond the extension which is
 important).

.github/actions/spelling/patterns/patterns.txt

@@ -1,9 +1,14 @@
-# See https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples:-patterns
-
-https?://\S+
+https://(?:(?:[-a-zA-Z0-9?&=]*\.|)microsoft\.com)/[-a-zA-Z0-9?&=_#\/.]*
+https://aka\.ms/[-a-zA-Z0-9?&=\/_]*
+https://www\.itscj\.ipsj\.or\.jp/iso-ir/[-0-9]+\.pdf
+https://www\.vt100\.net/docs/[-a-zA-Z0-9#_\/.]*
+https://www.w3.org/[-a-zA-Z0-9?&=\/_#]*
+https://(?:(?:www\.|)youtube\.com|youtu.be)/[-a-zA-Z0-9?&=]*
+https://(?:[a-z-]+\.|)github(?:usercontent|)\.com/[-a-zA-Z0-9?%&=_\/.+]*
+https://www.xfree86.org/[-a-zA-Z0-9?&=\/_#]*
 [Pp]ublicKeyToken="?[0-9a-fA-F]{16}"?
 (?:[{"]|UniqueIdentifier>)[0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}(?:[}"]|</UniqueIdentifier)
-(?:0[Xx]|\\x|U\+|#)[a-f0-9A-FGgRr]{2,}(?!\[)[Uu]?[Ll]{0,2}\b
+(?:0[Xx]|\\x|U\+|#)[a-f0-9A-FGgRr]{2,}[Uu]?[Ll]{0,2}\b
 microsoft/cascadia-code\@[0-9a-fA-F]{40}
 \d+x\d+Logo
 Scro\&ll
@@ -12,6 +17,7 @@ Scro\&ll
 TestUtils::VerifyExpectedString\(tb, L"[^"]+"
 (?:hostSm|mach)\.ProcessString\(L"[^"]+"
 \b([A-Za-z])\g{-1}{3,}\b
+0x[0-9A-Za-z]+
 Base64::s_(?:En|De)code\(L"[^"]+"
 VERIFY_ARE_EQUAL\(L"[^"]+"
 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\+/"
@@ -22,139 +28,3 @@ vcvars\w*
 ROY\sG\.\sBIV
 !(?:(?i)ESC)!\[
 !(?:(?i)CSI)!(?:\d+(?:;\d+|)m|[ABCDF])
-
-# SSE intrinsics like "_mm_subs_epu16"
-\b_mm(?:|256|512)_\w+\b
-
-# ARM NEON intrinsics like "vsubq_u16"
-\bv\w+_[fsu](?:8|16|32|64)\b
-
-# color floating numbers
-0x[0-9a-f](?:\.[0-9a-f]*p)[-+]\d+f
-
-# AppX package
-_\d[0-9a-z]{12}['\.]
-
-# string test
-equals_insensitive_ascii\("\w+", "\w+"
-
-# Automatically suggested patterns
-# hit-count: 3788 file-count: 599
-# IServiceProvider / isAThing
-\b(?:I|isA)(?=(?:[A-Z][a-z]{2,})+\b)
-
-# hit-count: 314 file-count: 21
-# hex runs
-\b[0-9a-fA-F]{16,}\b
-
-# hit-count: 47 file-count: 11
-# special cased printf markers
-\\r\\n(?=[a-z])|(?<!\\)\\[nrt](?=[a-z]{2,})(?=.*(?:<.*['"`]|"(?:[;,]|\);)$|\) \+$))
-
-# ConsoleArgumentsTests
---headless\\.*?"
-
-# hit-count: 109 file-count: 62
-# Compiler flags (Unix, Java/Scala)
-# Use if you have things like `-Pdocker` and want to treat them as `docker`
-(?:^|[\t ,>"'`=(])-(?:D(?=[A-Z])|[WX]|f(?=[ms]))(?=[A-Z]{2,}|[A-Z][a-z]|[a-z]{2,})
-
-# hit-count: 60 file-count: 35
-# version suffix <word>v#
-(?:(?<=[A-Z]{2})V|(?<=[a-z]{2}|[A-Z]{2})v)\d+(?:\b|(?=[a-zA-Z_]))
-
-# hit-count: 2 file-count: 2
-# This does not cover multiline strings, if your repository has them,
-# you'll want to remove the `(?=.*?")` suffix.
-# The `(?=.*?")` suffix should limit the false positives rate
-# printf
-%(?:s)(?!ize)(?=[a-z]{2,})
-
-# hit-count: 16 file-count: 10
-# uuid:
-\b[0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}\b
-
-# hit-count: 13 file-count: 4
-# Non-English
-[a-zA-Z]*[ÀÁÂÃÄÅÆČÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝßàáâãäåæčçèéêëìíîïðñòóôõöøùúûüýÿĀāŁłŃńŅņŒœŚśŠšŜŝŸŽžź][a-zA-Z]{3}[a-zA-ZÀÁÂÃÄÅÆČÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝßàáâãäåæčçèéêëìíîïðñòóôõöøùúûüýÿĀāŁłŃńŅņŒœŚśŠšŜŝŸŽžź]*|[a-zA-Z]{3,}[ÀÁÂÃÄÅÆČÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝßàáâãäåæčçèéêëìíîïðñòóôõöøùúûüýÿĀāŁłŃńŅņŒœŚśŠšŜŝŸŽžź]|[ÀÁÂÃÄÅÆČÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝßàáâãäåæčçèéêëìíîïðñòóôõöøùúûüýÿĀāŁłŃńŅņŒœŚśŠšŜŝŸŽžź][a-zA-Z]{3,}
-
-# hit-count: 7 file-count: 5
-# hex digits including css/html color classes:
-(?:[\\0][xX]|\\u|[uU]\+|#x?|\%23)[0-9_a-fA-FgGrR]*?[a-fA-FgGrR]{2,}[0-9_a-fA-FgGrR]*(?:[uUlL]{0,3}|[iu]\d+)\b
-
-# hit-count: 7 file-count: 1
-# regex choice
-\(\?:[^)]+\|[^)]+\)
-
-# hit-count: 4 file-count: 4
-# tar arguments
-\b(?:\\n|)g?tar(?:\.exe|)(?:(?:\s+--[-a-zA-Z]+|\s+-[a-zA-Z]+|\s[ABGJMOPRSUWZacdfh-pr-xz]+\b)(?:=[^ ]*|))+
-
-# hit-count: 4 file-count: 1
-# ANSI color codes
-(?:\\(?:u00|x)1[Bb]|\x1b|\\u\{1[Bb]\})\[\d+(?:;\d+|)m
-
-# hit-count: 4 file-count: 1
-# Update Lorem based on your content (requires `ge` and `w` from https://github.com/jsoref/spelling; and `review` from https://github.com/check-spelling/check-spelling/wiki/Looking-for-items-locally )
-# grep '^[^#].*lorem' .github/actions/spelling/patterns.txt|perl -pne 's/.*i..\?://;s/\).*//' |tr '|' "\n"|sort -f |xargs -n1 ge|perl -pne 's/^[^:]*://'|sort -u|w|sed -e 's/ .*//'|w|review -
-# Warning, while `(?i)` is very neat and fancy, if you have some binary files that aren't proper unicode, you might run into:
-## Operation "substitution (s///)" returns its argument for non-Unicode code point 0x1C19AE (the code point will vary).
-## You could manually change `(?i)X...` to use `[Xx]...`
-## or you could add the files to your `excludes` file (a version after 0.0.19 should identify the file path)
-# Lorem
-(?:\w|\s|[,.])*\b(?i)(?:amet|consectetur|cursus|dolor|eros|ipsum|lacus|libero|ligula|lorem|magna|neque|nulla|suscipit|tempus)\b(?:\w|\s|[,.])*
-
-# hit-count: 3 file-count: 3
-# mailto urls
-mailto:[-a-zA-Z=;:/?%&0-9+@.]{3,}
-
-# hit-count: 2 file-count: 1
-# Python string prefix / binary prefix
-# Note that there's a high false positive rate, remove the `?=` and search for the regex to see if the matches seem like reasonable strings
-(?<!')\b(?:B|BR|Br|F|FR|Fr|R|RB|RF|Rb|Rf|U|UR|Ur|b|bR|br|f|fR|fr|r|rB|rF|rb|rf|u|uR|ur)'(?=[A-Z]{3,}|[A-Z][a-z]{2,}|[a-z]{3,})
-
-# hit-count: 1 file-count: 1
-# Punycode
-\bxn--[-0-9a-z]+
-
-# hit-count: 1 file-count: 1
-# latex (check-spelling >= 0.0.22)
-\\\w{2,}\{
-
-# hit-count: 1 file-count: 1
-# tput arguments -- https://man7.org/linux/man-pages/man5/terminfo.5.html -- technically they can be more than 5 chars long...
-\btput\s+(?:(?:-[SV]|-T\s*\w+)\s+)*\w{3,5}\b
-
-# Questionably acceptable forms of `in to`
-# Personally, I prefer `log into`, but people object
-# https://www.tprteaching.com/log-into-log-in-to-login/
-\b(?:[Ll]og|[Ss]ign) in to\b
-
-# to opt in
-\bto opt in\b
-
-# acceptable duplicates
-# ls directory listings
-[-bcdlpsw](?:[-r][-w][-Ssx]){3}\s+\d+\s+\S+\s+\S+\s+\d+\s+
-# mount
-\bmount\s+-t\s+(\w+)\s+\g{-1}\b
-# C types and repeated CSS values
-\s(auto|center|div|Guid|inherit|long|LONG|none|normal|solid|that|thin|transparent|very)(?: \g{-1})+\s
-# C struct
-\bstruct\s+(\w+)\s+\g{-1}\b
-# go templates
-\s(\w+)\s+\g{-1}\s+\`(?:graphql|inject|json|yaml):
-# doxygen / javadoc / .net
-(?:[\\@](?:brief|groupname|t?param|return|retval)|(?:public|private|\[Parameter(?:\(.+\)|)\])(?:\s+static|\s+override|\s+readonly)*)(?:\s+\{\w+\}|)\s+(\w+)\s+\g{-1}\s
-
-# Commit message -- Signed-off-by and friends
-^\s*(?:(?:Based-on-patch|Co-authored|Helped|Mentored|Reported|Reviewed|Signed-off)-by|Thanks-to): (?:[^<]*<[^>]*>|[^<]*)\s*$
-
-# Autogenerated revert commit message
-^This reverts commit [0-9a-f]{40}\.$
-
-# vtmode
---vtmode\s+(\w+)\s+\g{-1}\s
-
-# ignore long runs of a single character:
-\b([A-Za-z])\g{-1}{3,}\b

.github/actions/spelling/reject.txt

@@ -1,13 +1,22 @@
 ^attache$
 ^attacher$
 ^attachers$
-^bellow$
-benefitting
-occurences?
-^dependan.*
-^oer$
-Sorce
-^[Ss]pae.*
-^untill$
-^untilling$
-^wether.*
+^spae$
+^spaebook$
+^spaecraft$
+^spaed$
+^spaedom$
+^spaeing$
+^spaeings$
+^spae-man$
+^spaeman$
+^spaer$
+^Spaerobee$
+^spaes$
+^spaewife$
+^spaewoman$
+^spaework$
+^spaewright$
+^wether$
+^wethers$
+^wetherteg$

.github/policies/resourceManagement.yml

@@ -1,751 +0,0 @@
-id: 
-name: GitOps.PullRequestIssueManagement
-description: GitOps.PullRequestIssueManagement primitive
-owner: 
-resource: repository
-disabled: false
-where: 
-configuration:
-  resourceManagementConfiguration:
-    scheduledSearches:
-    - description: 
-      frequencies:
-      - hourly:
-          hour: 3
-      filters:
-      - isIssue
-      - isOpen
-      - hasLabel:
-          label: Needs-Author-Feedback
-      - hasLabel:
-          label: No-Recent-Activity
-      - noActivitySince:
-          days: 3
-      actions:
-      - closeIssue
-    - description: 
-      frequencies:
-      - hourly:
-          hour: 3
-      filters:
-      - isIssue
-      - isOpen
-      - hasLabel:
-          label: Needs-Author-Feedback
-      - noActivitySince:
-          days: 4
-      - isNotLabeledWith:
-          label: No-Recent-Activity
-      actions:
-      - addLabel:
-          label: No-Recent-Activity
-      - addReply:
-          reply: This issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for **4 days**. It will be closed if no further activity occurs **within 3 days of this comment**.
-    - description: 
-      frequencies:
-      - hourly:
-          hour: 3
-      filters:
-      - isIssue
-      - isOpen
-      - hasLabel:
-          label: Resolution-Duplicate
-      - noActivitySince:
-          days: 1
-      actions:
-      - addReply:
-          reply: This issue has been marked as duplicate and has not had any activity for **1 day**. It will be closed for housekeeping purposes.
-      - closeIssue
-    - description: 
-      frequencies:
-      - hourly:
-          hour: 3
-      filters:
-      - isPullRequest
-      - isOpen
-      - hasLabel:
-          label: Needs-Author-Feedback
-      - hasLabel:
-          label: No-Recent-Activity
-      - noActivitySince:
-          days: 7
-      actions:
-      - closeIssue
-    - description: 
-      frequencies:
-      - hourly:
-          hour: 3
-      filters:
-      - isPullRequest
-      - isOpen
-      - hasLabel:
-          label: Needs-Author-Feedback
-      - noActivitySince:
-          days: 7
-      - isNotLabeledWith:
-          label: No-Recent-Activity
-      actions:
-      - addLabel:
-          label: No-Recent-Activity
-      - addReply:
-          reply: This pull request has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for **7 days**. It will be closed if no further activity occurs **within 7 days of this comment**.
-    eventResponderTasks:
-    - if:
-      - payloadType: Issues
-      - or:
-        - and:
-          - isAction:
-              action: Opened
-          - not:
-              hasLabel:
-                label: ⛺ Reserved
-      then:
-      - addLabel:
-          label: Needs-Triage
-      description: 
-    - if:
-      - payloadType: Issue_Comment
-      - isAction:
-          action: Created
-      - isActivitySender:
-          issueAuthor: True
-      - hasLabel:
-          label: Needs-Author-Feedback
-      then:
-      - addLabel:
-          label: Needs-Attention
-      - removeLabel:
-          label: Needs-Author-Feedback
-      description: 
-    - if:
-      - payloadType: Issues
-      - not:
-          isAction:
-            action: Closed
-      - hasLabel:
-          label: No-Recent-Activity
-      then:
-      - removeLabel:
-          label: No-Recent-Activity
-      description: 
-    - if:
-      - payloadType: Issue_Comment
-      - hasLabel:
-          label: No-Recent-Activity
-      then:
-      - removeLabel:
-          label: No-Recent-Activity
-      description: 
-    - if:
-      - payloadType: Pull_Request_Review
-      - isAction:
-          action: Submitted
-      - isReviewState:
-          reviewState: Changes_requested
-      then:
-      - addLabel:
-          label: Needs-Author-Feedback
-      description: 
-    - if:
-      - payloadType: Pull_Request
-      - isActivitySender:
-          issueAuthor: True
-      - not:
-          isAction:
-            action: Closed
-      - hasLabel:
-          label: Needs-Author-Feedback
-      then:
-      - removeLabel:
-          label: Needs-Author-Feedback
-      description: 
-    - if:
-      - payloadType: Issue_Comment
-      - isActivitySender:
-          issueAuthor: True
-      - hasLabel:
-          label: Needs-Author-Feedback
-      then:
-      - removeLabel:
-          label: Needs-Author-Feedback
-      description: 
-    - if:
-      - payloadType: Pull_Request_Review
-      - isActivitySender:
-          issueAuthor: True
-      - hasLabel:
-          label: Needs-Author-Feedback
-      then:
-      - removeLabel:
-          label: Needs-Author-Feedback
-      description: 
-    - if:
-      - payloadType: Pull_Request
-      - not:
-          isAction:
-            action: Closed
-      - hasLabel:
-          label: No-Recent-Activity
-      then:
-      - removeLabel:
-          label: No-Recent-Activity
-      description: 
-    - if:
-      - payloadType: Issue_Comment
-      - hasLabel:
-          label: No-Recent-Activity
-      then:
-      - removeLabel:
-          label: No-Recent-Activity
-      description: 
-    - if:
-      - payloadType: Pull_Request_Review
-      - hasLabel:
-          label: No-Recent-Activity
-      then:
-      - removeLabel:
-          label: No-Recent-Activity
-      description: 
-    - if:
-      - payloadType: Pull_Request
-      - hasLabel:
-          label: AutoMerge
-      then:
-      - enableAutoMerge:
-          mergeMethod: Squash
-      description: 
-    - if:
-      - payloadType: Pull_Request
-      - labelRemoved:
-          label: AutoMerge
-      then:
-      - disableAutoMerge
-      description: 
-    - if:
-      - payloadType: Issues
-      - or:
-        - and:
-          - isLabeled
-          - hasLabel:
-              label: Mass-Chaos
-        - isOpen
-        - isLabeled
-      - not:
-          hasLabel:
-            label: Needs-Tag-Fix
-      - or:
-        - and:
-          - not:
-              hasLabel:
-                label: Area-Accessibility
-          - not:
-              hasLabel:
-                label: Area-Build
-          - not:
-              hasLabel:
-                label: Area-Extensibility
-          - not:
-              hasLabel:
-                label: Area-Fonts
-          - not:
-              hasLabel:
-                label: Area-Input
-          - not:
-              hasLabel:
-                label: Area-Interaction
-          - not:
-              hasLabel:
-                label: Area-Interop
-          - not:
-              hasLabel:
-                label: Area-Output
-          - not:
-              hasLabel:
-                label: Area-Performance
-          - not:
-              hasLabel:
-                label: Area-Rendering
-          - not:
-              hasLabel:
-                label: Area-Server
-          - not:
-              hasLabel:
-                label: Area-Settings
-          - not:
-              hasLabel:
-                label: Area-TerminalConnection
-          - not:
-              hasLabel:
-                label: Area-TerminalControl
-          - not:
-              hasLabel:
-                label: Area-User Interface
-          - not:
-              hasLabel:
-                label: Area-VT
-          - not:
-              hasLabel:
-                label: Area-CodeHealth
-          - not:
-              hasLabel:
-                label: Area-Quality
-          - not:
-              hasLabel:
-                label: Area-AzureShell
-          - not:
-              hasLabel:
-                label: Area-Schema
-          - not:
-              hasLabel:
-                label: Area-Commandline
-          - not:
-              hasLabel:
-                label: Area-ShellExtension
-          - not:
-              hasLabel:
-                label: Area-WPFControl
-          - not:
-              hasLabel:
-                label: Area-Settings UI
-          - not:
-              hasLabel:
-                label: Area-DefApp
-          - not:
-              hasLabel:
-                label: Area-Remoting
-          - not:
-              hasLabel:
-                label: Area-Windowing
-          - not:
-              hasLabel:
-                label: Area-Theming
-          - not:
-              hasLabel:
-                label: Area-Localization
-        - and:
-          - not:
-              hasLabel:
-                label: Issue-Bug
-          - not:
-              hasLabel:
-                label: Issue-Docs
-          - not:
-              hasLabel:
-                label: Issue-Feature
-          - not:
-              hasLabel:
-                label: Issue-Question
-          - not:
-              hasLabel:
-                label: Issue-Samples
-          - not:
-              hasLabel:
-                label: Issue-Task
-          - not:
-              hasLabel:
-                label: Issue-Scenario
-        - and:
-          - not:
-              hasLabel:
-                label: Product-Cmd.exe
-          - not:
-              hasLabel:
-                label: Product-Colortool
-          - not:
-              hasLabel:
-                label: Product-Conhost
-          - not:
-              hasLabel:
-                label: Product-Conpty
-          - not:
-              hasLabel:
-                label: Product-Meta
-          - not:
-              hasLabel:
-                label: Product-Powershell
-          - not:
-              hasLabel:
-                label: Product-Terminal
-          - not:
-              hasLabel:
-                label: Product-WSL
-        - and:
-          - not: isOpen
-          - and:
-            - not:
-                hasLabel:
-                  label: Resolution-Answered
-            - not:
-                hasLabel:
-                  label: Resolution-By-Design
-            - not:
-                hasLabel:
-                  label: Resolution-Duplicate
-            - not:
-                hasLabel:
-                  label: Resolution-External
-            - not:
-                hasLabel:
-                  label: Resolution-Fix-Available
-            - not:
-                hasLabel:
-                  label: Resolution-Fix-Committed
-            - not:
-                hasLabel:
-                  label: Resolution-Won't-Fix
-      - not:
-          hasLabel:
-            label: Needs-Triage
-      - not:
-          hasLabel:
-            label: Resolution-Duplicate
-      - not:
-          hasLabel:
-            label: ⛺ Reserved
-      - not:
-          hasLabel:
-            label: Tracking-External
-      then:
-      - addLabel:
-          label: Needs-Tag-Fix
-      description: 
-    - if:
-      - payloadType: Issues
-      - and:
-        - isLabeled
-        - hasLabel:
-            label: Needs-Tag-Fix
-      - and:
-        - or:
-          - hasLabel:
-              label: Area-Accessibility
-          - hasLabel:
-              label: Area-Build
-          - hasLabel:
-              label: Area-Extensibility
-          - hasLabel:
-              label: Area-Fonts
-          - hasLabel:
-              label: Area-Input
-          - hasLabel:
-              label: Area-Interaction
-          - hasLabel:
-              label: Area-Interop
-          - hasLabel:
-              label: Area-Output
-          - hasLabel:
-              label: Area-Performance
-          - hasLabel:
-              label: Area-Rendering
-          - hasLabel:
-              label: Area-Server
-          - hasLabel:
-              label: Area-Settings
-          - hasLabel:
-              label: Area-TerminalConnection
-          - hasLabel:
-              label: Area-TerminalControl
-          - hasLabel:
-              label: Area-User Interface
-          - hasLabel:
-              label: Area-VT
-          - hasLabel:
-              label: Area-CodeHealth
-          - hasLabel:
-              label: Area-Quality
-          - hasLabel:
-              label: Area-Schema
-          - hasLabel:
-              label: Area-AzureShell
-          - hasLabel:
-              label: Area-Commandline
-          - hasLabel:
-              label: Area-ShellExtension
-          - hasLabel:
-              label: Area-WPFControl
-          - hasLabel:
-              label: Area-Settings UI
-          - hasLabel:
-              label: Area-DefApp
-          - hasLabel:
-              label: Area-Localization
-          - hasLabel:
-              label: Area-Windowing
-          - hasLabel:
-              label: Area-Theming
-          - hasLabel:
-              label: Area-AtlasEngine
-          - hasLabel:
-              label: Area-CmdPal
-        - or:
-          - hasLabel:
-              label: Issue-Bug
-          - hasLabel:
-              label: Issue-Docs
-          - hasLabel:
-              label: Issue-Feature
-          - hasLabel:
-              label: Issue-Question
-          - hasLabel:
-              label: Issue-Samples
-          - hasLabel:
-              label: Issue-Task
-          - hasLabel:
-              label: Issue-Scenario
-        - or:
-          - hasLabel:
-              label: Product-Cmd.exe
-          - hasLabel:
-              label: Product-Colortool
-          - hasLabel:
-              label: Product-Conhost
-          - hasLabel:
-              label: Product-Conpty
-          - hasLabel:
-              label: Product-Meta
-          - hasLabel:
-              label: Product-Powershell
-          - hasLabel:
-              label: Product-Terminal
-          - hasLabel:
-              label: Product-WSL
-        - or:
-          - isOpen
-          - and:
-            - not: isOpen
-            - or:
-              - hasLabel:
-                  label: Resolution-Answered
-              - hasLabel:
-                  label: Resolution-By-Design
-              - hasLabel:
-                  label: Resolution-Duplicate
-              - hasLabel:
-                  label: Resolution-External
-              - hasLabel:
-                  label: Resolution-Fix-Available
-              - hasLabel:
-                  label: Resolution-Fix-Committed
-              - hasLabel:
-                  label: Resolution-Won't-Fix
-              - hasLabel:
-                  label: Tracking-External
-      then:
-      - removeLabel:
-          label: Needs-Tag-Fix
-      description: 
-    - if:
-      - payloadType: Pull_Request
-      then:
-      - inPrLabel:
-          label: In-PR
-      description: 
-    - if:
-      - payloadType: Issues
-      - hasLabel:
-          label: Needs-Tag-Fix
-      - hasLabel:
-          label: Resolution-Duplicate
-      then:
-      - removeLabel:
-          label: Needs-Tag-Fix
-      description: 
-    - if:
-      - payloadType: Issues
-      - or:
-        - titleContains:
-            pattern: ^\s*Bug Report \(IF I DO NOT CHANGE THIS THE ISSUE WILL BE AUTO-CLOSED\)\s*$
-            isRegex: True
-        - titleContains:
-            pattern: ^\s*Bug Report\s*$
-            isRegex: True
-      - or:
-        - isAction:
-            action: Opened
-        - isAction:
-            action: Reopened
-      - not:
-          activitySenderHasPermission:
-            permission: Write
-      - not:
-          activitySenderHasPermission:
-            permission: Admin
-      then:
-      - closeIssue
-      - addLabel:
-          label: Needs-Author-Feedback
-      - addReply:
-          reply: Hi! Thanks for attempting to open an issue. Unfortunately, your title wasn't changed from the original template which makes it very hard for us to track and triage. You are welcome to fix up the title and try again with a new issue.
-      description: 
-    - if:
-      - payloadType: Issues
-      - or:
-        - isAction:
-            action: Opened
-        - isAction:
-            action: Reopened
-      - or:
-        - not:
-            bodyContains:
-              pattern: .+
-              isRegex: True
-      then:
-      - closeIssue
-      - addLabel:
-          label: Needs-Author-Feedback
-      - addReply:
-          reply: "Hi! Thanks for attempting to open an issue. Unfortunately, you didn't write anything in the body which makes it impossible to understand your concern. You are welcome to fix up the issue and try again by opening another issue with the body filled out. "
-      description: 
-    - if:
-      - payloadType: Pull_Request
-      - isLabeled
-      - hasLabel:
-          label: Needs-Second
-      - isOpen
-      then:
-      - requestReview:
-          reviewer: zadjii-msft
-      - requestReview:
-          reviewer: PankajBhojwani
-      - requestReview:
-          reviewer: carlos-zamora
-      - requestReview:
-          reviewer: dhowett
-      - requestReview:
-          reviewer: lhecker
-      description: 
-    - if:
-      - payloadType: Pull_Request_Review
-      - not: isOpen
-      - hasLabel:
-          label: Needs-Second
-      then:
-      - removeLabel:
-          label: Needs-Second
-      description: 
-    - if:
-      - payloadType: Issues
-      - hasLabel:
-          label: In-PR
-      - hasLabel:
-          label: Help Wanted
-      - isLabeled
-      then:
-      - removeLabel:
-          label: Help-Wanted
-      description: 
-    - if:
-      - payloadType: Issue_Comment
-      - commentContains:
-          pattern: '\/dup(licate|e)?(\s+of)?\s+\#[\d]+'
-          isRegex: True
-      - or:
-        - activitySenderHasPermission:
-            permission: Admin
-        - activitySenderHasPermission:
-            permission: Write
-      then:
-      - addReply:
-          reply: Hi! We've identified this issue as a duplicate of another one that already exists on this Issue Tracker. This specific instance is being closed in favor of tracking the concern over on the referenced thread. Thanks for your report!
-      - closeIssue
-      - removeLabel:
-          label: Needs-Triage
-      - addLabel:
-          label: Resolution-Duplicate
-      - removeLabel:
-          label: Needs-Tag-Fix
-      - removeLabel:
-          label: Needs-Attention
-      - removeLabel:
-          label: Needs-Author-Feedback
-      - removeLabel:
-          label: Needs-Repro
-      - removeLabel:
-          label: Needs-Second
-      description: 
-    - if:
-      - payloadType: Issue_Comment
-      - commentContains:
-          pattern: '\/feedback'
-          isRegex: True
-      - or:
-        - activitySenderHasPermission:
-            permission: Admin
-        - activitySenderHasPermission:
-            permission: Write
-      then:
-      - addReply:
-          reply: >2-
-
-            Hi there!<br><br>Can you please send us feedback with the [Feedback Hub](https://support.microsoft.com/en-us/windows/send-feedback-to-microsoft-with-the-feedback-hub-app-f59187f8-8739-22d6-ba93-f66612949332) with this issue? Make sure to click the "Start recording" button, then reproduce the issue before submitting the feedback. Once it's submitted, paste the link here so we can more easily find your crash information on the back end?<br><br>Thanks!<br><br>![image](https://user-images.githubusercontent.com/18356694/140811502-a068f78b-89d2-4587-925a-73e19652b830.png)<br><br>![image](https://user-images.githubusercontent.com/18356694/140811557-cdc22a0f-fa6a-4f6a-953e-73b51f5548a3.png)<br><br>![image](https://user-images.githubusercontent.com/18221333/62478649-6de55400-b760-11e9-806e-5aab7e085a9f.png)
-      - addLabel:
-          label: Needs-Author-Feedback
-      description: 
-    - if:
-      - payloadType: Issue_Comment
-      then:
-      - cleanEmailReply
-      description: 
-    - if:
-      - payloadType: Pull_Request
-      then:
-      - labelSync:
-          pattern: Issue-
-      - labelSync:
-          pattern: Area-
-      - labelSync:
-          pattern: Priority-
-      - labelSync:
-          pattern: Product-
-      - labelSync:
-          pattern: Severity-
-      - labelSync:
-          pattern: Impact-
-      description: 
-    - if:
-      - payloadType: Issue_Comment
-      - commentContains:
-          pattern: '\/dup(licate|e)?(\s+of)?\s+https'
-          isRegex: True
-      - or:
-        - activitySenderHasPermission:
-            permission: Admin
-        - activitySenderHasPermission:
-            permission: Write
-      then:
-      - addReply:
-          reply: Hi! We've identified this issue as a duplicate of one that exists on somebody else's Issue Tracker. Please make sure you subscribe to the referenced external issue for future updates. Thanks for your report!
-      - closeIssue
-      - removeLabel:
-          label: Needs-Triage
-      - addLabel:
-          label: Resolution-External
-      - removeLabel:
-          label: Needs-Attention
-      - removeLabel:
-          label: Needs-Author-Feedback
-      - removeLabel:
-          label: Needs-Bisect
-      - removeLabel:
-          label: Needs-Repro
-      - removeLabel:
-          label: Needs-Second
-      description: 
-    - if:
-      - payloadType: Issue_Comment
-      - commentContains:
-          pattern: /?
-          isRegex: False
-      - or:
-        - activitySenderHasPermission:
-            permission: Admin
-        - activitySenderHasPermission:
-            permission: Write
-      then:
-      - removeLabel:
-          label: Needs-Attention
-      - addLabel:
-          label: Needs-Author-Feedback
-      description: 
-onFailure: 
-onSuccess: 

.github/workflows/addToProject.yml

@@ -1,21 +0,0 @@
-name: Add triaged bugs & tasks to project board
-# https://github.com/actions/add-to-project
-
-on:
-  issues:
-    types:
-      - labeled
-      - unlabeled
-
-permissions: {}
-jobs:
-  add-to-project:
-    name: Add issue to project
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/add-to-project@v0.5.0
-        with:
-          project-url: https://github.com/orgs/microsoft/projects/159
-          github-token: ${{ secrets.ADD_TO_PROJECT_PAT }}
-          labeled: Issue-Feature, Needs-Triage, Needs-Author-Feedback, Issue-Scenario
-          label-operator: NOT

.github/workflows/similarIssues.yml

@@ -1,32 +0,0 @@
-name: GitGudSimilarIssues comments
-
-on:
-  issues:
-    types: [opened]
-
-jobs:
-  getSimilarIssues:
-    runs-on: ubuntu-latest
-    outputs:
-      message: ${{ steps.getBody.outputs.message }}
-    steps:
-      - id: getBody
-        uses: craigloewen-msft/GitGudSimilarIssues@main
-        with:
-          issuetitle: ${{ github.event.issue.title }}
-          repo: ${{ github.repository }}
-          similaritytolerance: "0.75"
-  add-comment:
-    needs: getSimilarIssues
-    runs-on: ubuntu-latest
-    permissions:
-      issues: write
-    if: needs.getSimilarIssues.outputs.message != ''
-    steps:
-      - name: Add comment
-        run: gh issue comment "$NUMBER" --repo "$REPO" --body "$BODY"
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          NUMBER: ${{ github.event.issue.number }}
-          REPO: ${{ github.repository }}
-          BODY: ${{ needs.getSimilarIssues.outputs.message }}

.github/workflows/spelling2.yml

@@ -1,197 +1,20 @@
 # spelling.yml is blocked per https://github.com/check-spelling/check-spelling/security/advisories/GHSA-g86g-chm8-7r2p
 name: Spell checking
-
-# Comment management is handled through a secondary job, for details see:
-# https://github.com/check-spelling/check-spelling/wiki/Feature%3A-Restricted-Permissions
-#
-# `jobs.comment-push` runs when a push is made to a repository and the `jobs.spelling` job needs to make a comment
-#   (in odd cases, it might actually run just to collapse a comment, but that's fairly rare)
-#   it needs `contents: write` in order to add a comment.
-#
-# `jobs.comment-pr` runs when a pull_request is made to a repository and the `jobs.spelling` job needs to make a comment
-#   or collapse a comment (in the case where it had previously made a comment and now no longer needs to show a comment)
-#   it needs `pull-requests: write` in order to manipulate those comments.
-
-# Updating pull request branches is managed via comment handling.
-# For details, see: https://github.com/check-spelling/check-spelling/wiki/Feature:-Update-expect-list
-#
-# These elements work together to make it happen:
-#
-# `on.issue_comment`
-#   This event listens to comments by users asking to update the metadata.
-#
-# `jobs.update`
-#   This job runs in response to an issue_comment and will push a new commit
-#   to update the spelling metadata.
-#
-# `with.experimental_apply_changes_via_bot`
-#   Tells the action to support and generate messages that enable it
-#   to make a commit to update the spelling metadata.
-#
-# `with.ssh_key`
-#   In order to trigger workflows when the commit is made, you can provide a
-#   secret (typically, a write-enabled github deploy key).
-#
-#   For background, see: https://github.com/check-spelling/check-spelling/wiki/Feature:-Update-with-deploy-key
-
-# Sarif reporting
-#
-# Access to Sarif reports is generally restricted (by GitHub) to members of the repository.
-#
-# Requires enabling `security-events: write`
-# and configuring the action with `use_sarif: 1`
-#
-#   For information on the feature, see: https://github.com/check-spelling/check-spelling/wiki/Feature:-Sarif-output
-
-# Minimal workflow structure:
-#
-# on:
-#   push:
-#     ...
-#   pull_request_target:
-#     ...
-# jobs:
-#   # you only want the spelling job, all others should be omitted
-#   spelling:
-#     # remove `security-events: write` and `use_sarif: 1`
-#     # remove `experimental_apply_changes_via_bot: 1`
-#     ... otherwise adjust the `with:` as you wish
-
 on:
-  push:
-    branches:
-    - "**"
-    tags-ignore:
-    - "**"
   pull_request_target:
-    branches:
-    - "**"
-    types:
-    - 'opened'
-    - 'reopened'
-    - 'synchronize'
-  issue_comment:
-    types:
-    - 'created'
+  push:
 
 jobs:
   spelling:
     name: Spell checking
-    permissions:
-      contents: read
-      pull-requests: read
-      actions: read
-      security-events: write
-    outputs:
-      followup: ${{ steps.spelling.outputs.followup }}
     runs-on: ubuntu-latest
-    if: ${{ contains(github.event_name, 'pull_request') || github.event_name == 'push' }}
-    concurrency:
-      group: spelling-${{ github.event.pull_request.number || github.ref }}
-      # note: If you use only_check_changed_files, you do not want cancel-in-progress
-      cancel-in-progress: true
     steps:
-    - name: check-spelling
-      id: spelling
-      uses: check-spelling/check-spelling@v0.0.22
+    - name: checkout-merge
+      if: "contains(github.event_name, 'pull_request')"
+      uses: actions/checkout@v2
       with:
-        suppress_push_for_open_pull_request: ${{ github.actor != 'dependabot[bot]' && 1 }}
-        checkout: true
-        check_file_names: 1
-        spell_check_this: microsoft/terminal@main
-        post_comment: 0
-        use_magic_file: 1
-        report-timing: 1
-        warnings: bad-regex,binary-file,deprecated-feature,ignored-expect-variant,large-file,limited-references,no-newline-at-eof,noisy-file,non-alpha-in-dictionary,token-is-substring,unexpected-line-ending,whitespace-in-dictionary,minified-file,unsupported-configuration,no-files-to-check
-        experimental_apply_changes_via_bot: ${{ github.repository_owner != 'microsoft' && 1 }}
-        use_sarif: ${{ (!github.event.pull_request || (github.event.pull_request.head.repo.full_name == github.repository)) && 1 }}
-        extra_dictionary_limit: 20
-        extra_dictionaries:
-          cspell:software-terms/dict/softwareTerms.txt
-          cspell:cpp/src/stdlib-cpp.txt
-          cspell:lorem-ipsum/dictionary.txt
-          cspell:cpp/src/stdlib-c.txt
-          cspell:php/dict/php.txt
-          cspell:filetypes/filetypes.txt
-          cspell:java/src/java.txt
-          cspell:python/src/common/extra.txt
-          cspell:node/dict/node.txt
-          cspell:java/src/java-terms.txt
-          cspell:aws/aws.txt
-          cspell:typescript/dict/typescript.txt
-          cspell:dotnet/dict/dotnet.txt
-          cspell:golang/dict/go.txt
-          cspell:fullstack/dict/fullstack.txt
-          cspell:cpp/src/compiler-msvc.txt
-          cspell:python/src/python/python-lib.txt
-          cspell:mnemonics/src/mnemonics.txt
-          cspell:cpp/src/stdlib-cmath.txt
-          cspell:css/dict/css.txt
-          cspell:cpp/src/lang-keywords.txt
-          cspell:django/dict/django.txt
-          cspell:python/src/python/python.txt
-          cspell:html/dict/html.txt
-          cspell:cpp/src/ecosystem.txt
-          cspell:cpp/src/compiler-clang-attributes.txt
-          cspell:npm/dict/npm.txt
-          cspell:r/src/r.txt
-          cspell:powershell/dict/powershell.txt
-          cspell:csharp/csharp.txt
-
-  comment-push:
-    name: Report (Push)
-    # If your workflow isn't running on push, you can remove this job
-    runs-on: ubuntu-latest
-    needs: spelling
-    permissions:
-      contents: write
-    if: (success() || failure()) && needs.spelling.outputs.followup && github.event_name == 'push'
-    steps:
-    - name: comment
-      uses: check-spelling/check-spelling@v0.0.22
-      with:
-        checkout: true
-        spell_check_this: microsoft/terminal@main
-        task: ${{ needs.spelling.outputs.followup }}
-
-  comment-pr:
-    name: Report (PR)
-    # If you workflow isn't running on pull_request*, you can remove this job
-    runs-on: ubuntu-latest
-    needs: spelling
-    permissions:
-      contents: read
-      pull-requests: write
-    if: (success() || failure()) && needs.spelling.outputs.followup && contains(github.event_name, 'pull_request')
-    steps:
-    - name: comment
-      uses: check-spelling/check-spelling@v0.0.22
-      with:
-        checkout: true
-        spell_check_this: microsoft/terminal@main
-        task: ${{ needs.spelling.outputs.followup }}
-        experimental_apply_changes_via_bot: ${{ github.repository_owner != 'microsoft' && 1 }}
-
-  update:
-    name: Update PR
-    permissions:
-      contents: write
-      pull-requests: write
-      actions: read
-    runs-on: ubuntu-latest
-    if: ${{
-        github.repository_owner != 'microsoft' &&
-        github.event_name == 'issue_comment' &&
-        github.event.issue.pull_request &&
-        contains(github.event.comment.body, '@check-spelling-bot apply')
-      }}
-    concurrency:
-      group: spelling-update-${{ github.event.issue.number }}
-      cancel-in-progress: false
-    steps:
-    - name: apply spelling updates
-      uses: check-spelling/check-spelling@v0.0.22
-      with:
-        experimental_apply_changes_via_bot: ${{ github.repository_owner != 'microsoft' && 1 }}
-        checkout: true
-        ssh_key: "${{ secrets.CHECK_SPELLING }}"
+        ref: refs/pull/${{github.event.pull_request.number}}/merge
+    - name: checkout
+      if: "!contains(github.event_name, 'pull_request')"
+      uses: actions/checkout@v2
+    - uses: check-spelling/check-spelling@v0.0.19

.github/workflows/winget.yml

@@ -1,24 +0,0 @@
-name: Publish to Winget
-
-on:
-  release:
-    types: [published]
-
-env:
-  REGEX: 'Microsoft\.WindowsTerminal(?:Preview)?_([\d.]+)_8wekyb3d8bbwe\.msixbundle$'
-
-jobs:
-  publish:
-    runs-on: windows-latest # Action can only run on Windows
-    steps:
-      - name: Publish Windows Terminal ${{ github.event.release.prerelease && 'Preview' || 'Stable' }}
-        run: |
-          $assets = '${{ toJSON(github.event.release.assets) }}' | ConvertFrom-Json
-          $wingetRelevantAsset = $assets | Where-Object { $_.name -like '*.msixbundle' } | Select-Object -First 1
-          $regex = [Regex]::New($env:REGEX)
-          $version = $regex.Match($wingetRelevantAsset.name).Groups[1].Value
-
-          $wingetPackage = "Microsoft.WindowsTerminal${{ github.event.release.prerelease && '.Preview' || '' }}"
-
-          & curl.exe -JLO https://aka.ms/wingetcreate/latest
-          & .\wingetcreate.exe update $wingetPackage -s -v $version -u $wingetRelevantAsset.browser_download_url -t "${{ secrets.WINGET_TOKEN }}"

.gitmodules

@@ -1,3 +1,6 @@
 [submodule "dep/gsl"]
 	path = dep/gsl
 	url = https://github.com/microsoft/gsl
+[submodule "dep/wil"]
+	path = dep/wil
+	url = https://github.com/microsoft/wil

.vscode/settings.json

@@ -6,7 +6,7 @@
     "C_Cpp.loggingLevel": "None",
     "files.associations": {
         "xstring": "cpp",
-        "*.idl": "midl3",
+        "*.idl": "cpp",
         "array": "cpp",
         "future": "cpp",
         "istream": "cpp",
@@ -103,9 +103,7 @@
     "files.exclude": {
         "**/bin/**": true,
         "**/obj/**": true,
+        "**/packages/**": true,
         "**/Generated Files/**": true
-    },
-    "search.exclude": {
-        "**/packages/**": true
     }
-}
+}

.vsconfig

@@ -17,7 +17,7 @@
     "Microsoft.Net.Component.4.5.TargetingPack",
     "Microsoft.VisualStudio.Component.DiagnosticTools",
     "Microsoft.VisualStudio.Component.Debugger.JustInTime",
-    "Microsoft.VisualStudio.Component.Windows11SDK.22621",
+    "Microsoft.VisualStudio.Component.Windows11SDK.22000",
     "Microsoft.VisualStudio.ComponentGroup.UWP.Support",
     "Microsoft.VisualStudio.Component.VC.CoreIde",
     "Microsoft.VisualStudio.ComponentGroup.NativeDesktop.Core",
@@ -26,10 +26,10 @@
     "Microsoft.VisualStudio.Component.VC.Tools.x86.x64",
     "Microsoft.VisualStudio.Component.VC.Tools.ARM64",
     "Microsoft.VisualStudio.Component.VC.ASAN",
-    "Microsoft.VisualStudio.Component.VC.v143.x86.x64",
-    "Microsoft.VisualStudio.Component.VC.v143.ARM64",
+    "Microsoft.VisualStudio.Component.VC.v142.x86.x64",
+    "Microsoft.VisualStudio.Component.VC.v142.ARM64",
     "Microsoft.VisualStudio.ComponentGroup.UWP.VC",
-    "Microsoft.VisualStudio.ComponentGroup.UWP.VC.v143",
+    "Microsoft.VisualStudio.ComponentGroup.UWP.VC.v142",
     "Microsoft.VisualStudio.Component.UWP.VC.ARM64"
   ]
 }

CONTRIBUTING.md

@@ -14,7 +14,7 @@ The point of doing all this work in public is to ensure that we are holding ours
 
 The team triages new issues several times a week. During triage, the team uses labels to categorize, manage, and drive the project workflow.
 
-We employ [a bot engine](./doc/bot.md) to help us automate common processes within our workflow.
+We employ [a bot engine](https://github.com/microsoft/terminal/blob/main/doc/bot.md) to help us automate common processes within our workflow.
 
 We drive the bot by tagging issues with specific labels which cause the bot engine to close issues, merge branches, etc. This bot engine helps us keep the repo clean by automating the process of notifying appropriate parties if/when information/follow-up is needed, and closing stale issues/PRs after reminders have remained unanswered for several days.
 
@@ -81,7 +81,7 @@ When you hit "New Issue", select the type of issue closest to what you want to r
   Microsoft Windows [Version 10.0.18900.1001]
   ```
 
-* What tools and apps you're using (e.g. VS 2022, VSCode, etc.)
+* What tools and apps you're using (e.g. VS 2019, VSCode, etc.)
 * Don't assume we're experts in setting up YOUR environment and don't assume we are experts in `<your distro/tool of choice>`. Teach us to help you!
 * **We LOVE detailed repro steps!** What steps do we need to take to reproduce the issue? Assume we love to read repro steps. As much detail as you can stand is probably _barely_ enough detail for us!
 * If you're reporting a particular character/glyph not rendering correctly, the specific Unicode codepoint would be MOST welcome (e.g. U+1F4AF, U+4382)
@@ -101,7 +101,7 @@ If you don't have any additional info/context to add but would like to indicate
 
 If you're able & willing to help fix issues and/or implement features, we'd love your contribution!
 
-The best place to start is the list of ["walkthroughs"](https://aka.ms/terminal-walkthroughs). This is a collection of issues where we've written a "walkthrough", little guides to help get started with a particular issue. These are usually good first issues, and are a great way to get familiar with the codebase. Additionally, the list of ["good first issue"](https://github.com/microsoft/terminal/issues?q=is%3Aopen+is%3Aissue+label%3A%22Help+Wanted%22++label%3A%22good+first+issue%22+)s is another set of issues that might be easier for first-time contributors. Once you're feeling more comfortable in the codebase, feel free to just use the ["Help Wanted"](https://github.com/microsoft/terminal/issues?q=is%3Aopen+is%3Aissue+label%3A%22Help+Wanted%22+) label, or just find any issue you're interested in and hop in!
+The best place to start is the list of ["Easy Starter"](https://github.com/microsoft/terminal/issues?q=is%3Aopen+is%3Aissue+label%3A%22Help+Wanted%22+label%3A%22Easy+Starter%22+) issues. These are bugs or tasks that we on the team believe would be easier to implement for someone without any prior experience in the codebase. Once you're feeling more comfortable in the codebase, feel free to just use the ["Help Wanted"](https://github.com/microsoft/terminal/issues?q=is%3Aopen+is%3Aissue+label%3A%22Help+Wanted%22+) label, or just find an issue your interested in and hop in!
 
 Generally, we categorize issues in the following way, which is largely derived from our old internal work tracking system:
 * ["Bugs"](https://github.com/microsoft/terminal/issues?q=is%3Aopen+is%3Aissue+label%3A%22Issue-Bug%22+) are parts of the Terminal & Console that are not quite working the right way. There's code to already support some scenario, but it's not quite working right. Fixing these is generally a matter of debugging the broken functionality and fixing the wrong code.

NOTICE.md

@@ -215,6 +215,39 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
 ```
 
+
+## boost
+
+**Source**: [https://github.com/boostorg/boost](https://github.com/boostorg/boost)
+
+### License
+
+```
+Boost Software License - Version 1.0 - August 17th, 2003
+
+Permission is hereby granted, free of charge, to any person or organization
+obtaining a copy of the software and accompanying documentation covered by
+this license (the "Software") to use, reproduce, display, distribute,
+execute, and transmit the Software, and to prepare derivative works of the
+Software, and to permit third-parties to whom the Software is furnished to
+do so, all subject to the following:
+
+The copyright notices in the Software and this entire statement, including
+the above license grant, this restriction and the following disclaimer,
+must be included in all copies of the Software, in whole or in part, and
+all derivative works of the Software, unless such copies or derivative
+works are solely in the form of machine-executable object code generated by
+a source language processor.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
+SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
+FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+DEALINGS IN THE SOFTWARE.
+```
+
 ## PCG Random Number Generation
 
 **Source**: [https://github.com/imneme/pcg-cpp](https://github.com/imneme/pcg-cpp)
@@ -243,86 +276,41 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
 ```
 
-## wyhash
-
-**Source**: [https://github.com/wangyi-fudan/wyhash](https://github.com/wangyi-fudan/wyhash)
+## ConEmu
+**Source**: [https://github.com/Maximus5/ConEmu](https://github.com/Maximus5/ConEmu)
 
 ### License
 
 ```
-This is free and unencumbered software released into the public domain.
+BSD 3-Clause License
 
-Anyone is free to copy, modify, publish, use, compile, sell, or
-distribute this software, either in source code form or as a compiled
-binary, for any purpose, commercial or non-commercial, and by any
-means.
+Copyright (c) 2009-2017, Maximus5 <ConEmu.Maximus5@gmail.com>
+All rights reserved.
 
-In jurisdictions that recognize copyright laws, the author or authors
-of this software dedicate any and all copyright interest in the
-software to the public domain. We make this dedication for the benefit
-of the public at large and to the detriment of our heirs and
-successors. We intend this dedication to be an overt act of
-relinquishment in perpetuity of all present and future rights to this
-software under copyright law.
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
 
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
-IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
-OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
-ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
-OTHER DEALINGS IN THE SOFTWARE.
+* Redistributions of source code must retain the above copyright notice, this
+  list of conditions and the following disclaimer.
 
-For more information, please refer to <http://unlicense.org/>
-```
+* Redistributions in binary form must reproduce the above copyright notice,
+  this list of conditions and the following disclaimer in the documentation
+  and/or other materials provided with the distribution.
 
-## stb
+* Neither the name of the copyright holder nor the names of its
+  contributors may be used to endorse or promote products derived from
+  this software without specific prior written permission.
 
-**Source**: [https://github.com/nothings/stb](https://github.com/nothings/stb)
-
-### License
-
-```
-This is free and unencumbered software released into the public domain.
-Anyone is free to copy, modify, publish, use, compile, sell, or distribute this
-software, either in source code form or as a compiled binary, for any purpose,
-commercial or non-commercial, and by any means.
-In jurisdictions that recognize copyright laws, the author or authors of this
-software dedicate any and all copyright interest in the software to the public
-domain. We make this dedication for the benefit of the public at large and to
-the detriment of our heirs and successors. We intend this dedication to be an
-overt act of relinquishment in perpetuity of all present and future rights to
-this software under copyright law.
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
-ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-```
-
-## Oklab
-**Source**: [https://bottosson.github.io/posts/oklab/](https://bottosson.github.io/posts/oklab/)
-
-### License
-
-```
-Copyright (c) 2020 Björn Ottosson
-Permission is hereby granted, free of charge, to any person obtaining a copy of
-this software and associated documentation files (the "Software"), to deal in
-the Software without restriction, including without limitation the rights to
-use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
-of the Software, and to permit persons to whom the Software is furnished to do
-so, subject to the following conditions:
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 ```
 
 # Microsoft Open Source

README.md

@@ -1,4 +1,4 @@
-![terminal-logos](https://github.com/microsoft/terminal/assets/91625426/333ddc76-8ab2-4eb4-a8c0-4d7b953b1179)
+![terminal-logos](https://user-images.githubusercontent.com/48369326/115790869-4c852b00-a37c-11eb-97f1-f61972c7800c.png)
 
 # Welcome to the Windows Terminal, Console and Command-Line repo
 
@@ -8,8 +8,8 @@ This repository contains the source code for:
 * [Windows Terminal Preview](https://aka.ms/terminal-preview)
 * The Windows console host (`conhost.exe`)
 * Components shared between the two projects
-* [ColorTool](./src/tools/ColorTool)
-* [Sample projects](./samples)
+* [ColorTool](https://github.com/microsoft/terminal/tree/main/src/tools/ColorTool)
+* [Sample projects](https://github.com/microsoft/terminal/tree/main/samples)
   that show how to consume the Windows Console APIs
 
 Related repositories include:
@@ -21,8 +21,7 @@ Related repositories include:
 
 ## Installing and running Windows Terminal
 
-> [!NOTE]
-> Windows Terminal requires Windows 10 2004 (build 19041) or later
+> 🔴 Note: Windows Terminal requires Windows 10 2004 (build 19041) or later
 
 ### Microsoft Store [Recommended]
 
@@ -53,11 +52,8 @@ fails for any reason, you can try the following command at a PowerShell prompt:
 Add-AppxPackage Microsoft.WindowsTerminal_<versionNumber>.msixbundle
 ```
 
-> [!NOTE]
-> If you install Terminal manually:
+> 🔴 Note: If you install Terminal manually:
 >
-> * You may need to install the [VC++ v14 Desktop Framework Package](https://docs.microsoft.com/troubleshoot/cpp/c-runtime-packages-desktop-bridge#how-to-install-and-update-desktop-framework-packages).
->   This should only be necessary on older builds of Windows 10 and only if you get an error about missing framework packages.
 > * Terminal will not auto-update when new builds are released so you will need
 >   to regularly install the latest Terminal release to receive all the latest
 >   fixes and improvements!
@@ -69,12 +65,9 @@ the latest Terminal release by installing the `Microsoft.WindowsTerminal`
 package:
 
 ```powershell
-winget install --id Microsoft.WindowsTerminal -e
+winget install --id=Microsoft.WindowsTerminal -e
 ```
 
-> [!NOTE]
-> Dependency support is available in WinGet version [1.6.2631 or later](https://github.com/microsoft/winget-cli/releases). To install the Terminal stable release 1.18 or later, please make sure you have the updated version of the WinGet client.
-
 #### Via Chocolatey (unofficial)
 
 [Chocolatey](https://chocolatey.org) users can download and install the latest
@@ -118,31 +111,9 @@ repository.
 
 ---
 
-## Installing Windows Terminal Canary
-Windows Terminal Canary is a nightly build of Windows Terminal. This build has the latest code from our `main` branch, giving you an opportunity to try features before they make it to Windows Terminal Preview.
-
-Windows Terminal Canary is our least stable offering, so you may discover bugs before we have had a chance to find them.
-
-Windows Terminal Canary is available as an App Installer distribution and a Portable ZIP distribution.
-
-The App Installer distribution supports automatic updates. Due to platform limitations, this installer only works on Windows 11.
-
-The Portable ZIP distribution is a portable application. It will not automatically update and will not automatically check for updates. This portable ZIP distribution works on Windows 10 (19041+) and Windows 11.
-
-| Distribution  | Architecture    | Link                                                 |
-|---------------|:---------------:|------------------------------------------------------|
-| App Installer | x64, arm64, x86 | [download](https://aka.ms/terminal-canary-installer) |
-| Portable ZIP  | x64             | [download](https://aka.ms/terminal-canary-zip-x64)   |
-| Portable ZIP  | ARM64           | [download](https://aka.ms/terminal-canary-zip-arm64) |
-| Portable ZIP  | x86             | [download](https://aka.ms/terminal-canary-zip-x86)   |
-
-_Learn more about the [types of Windows Terminal distributions](https://learn.microsoft.com/windows/terminal/distributions)._
-
----
-
 ## Windows Terminal Roadmap
 
-The plan for the Windows Terminal [is described here](/doc/roadmap-2023.md) and
+The plan for the Windows Terminal [is described here](/doc/roadmap-2022.md) and
 will be updated as the project proceeds.
 
 ## Project Build Status
@@ -204,7 +175,7 @@ While overhauling Windows Console, we modernized its codebase considerably,
 cleanly separating logical entities into modules and classes, introduced some
 key extensibility points, replaced several old, home-grown collections and
 containers with safer, more efficient [STL
-containers](https://docs.microsoft.com/en-us/cpp/standard-library/stl-containers?view=vs-2022),
+containers](https://docs.microsoft.com/en-us/cpp/standard-library/stl-containers?view=vs-2019),
 and made the code simpler and safer by using Microsoft's [Windows Implementation
 Libraries - WIL](https://github.com/Microsoft/wil).
 
@@ -262,8 +233,7 @@ Cause: You're launching the incorrect solution in Visual Studio.
 Solution: Make sure you're building & deploying the `CascadiaPackage` project in
 Visual Studio.
 
-> [!NOTE]
-> `OpenConsole.exe` is just a locally-built `conhost.exe`, the classic
+> ⚠ Note: `OpenConsole.exe` is just a locally-built `conhost.exe`, the classic
 > Windows Console that hosts Windows' command-line infrastructure. OpenConsole
 > is used by Windows Terminal to connect to and communicate with command-line
 > applications (via
@@ -286,7 +256,7 @@ enhance Windows Terminal\!
 
 ***BEFORE you start work on a feature/fix***, please read & follow our
 [Contributor's
-Guide](./CONTRIBUTING.md) to
+Guide](https://github.com/microsoft/terminal/blob/main/CONTRIBUTING.md) to
 help avoid any wasted or duplicate effort.
 
 ## Communicating with the Team
@@ -294,15 +264,15 @@ help avoid any wasted or duplicate effort.
 The easiest way to communicate with the team is via GitHub issues.
 
 Please file new issues, feature requests and suggestions, but **DO search for
-similar open/closed preexisting issues before creating a new issue.**
+similar open/closed pre-existing issues before creating a new issue.**
 
 If you would like to ask a question that you feel doesn't warrant an issue
 (yet), please reach out to us via Twitter:
 
-* Christopher Nguyen, Product Manager:
-  [@nguyen_dows](https://twitter.com/nguyen_dows)
+* Kayla Cinnamon, Program Manager:
+  [@cinnamon\_msft](https://twitter.com/cinnamon_msft)
 * Dustin Howett, Engineering Lead: [@dhowett](https://twitter.com/DHowett)
-* Mike Griese, Senior Developer: [@zadjii@mastodon.social](https://mastodon.social/@zadjii)
+* Mike Griese, Senior Developer: [@zadjii](https://twitter.com/zadjii)
 * Carlos Zamora, Developer: [@cazamor_msft](https://twitter.com/cazamor_msft)
 * Pankaj Bhojwani, Developer
 * Leonard Hecker, Developer: [@LeonardHecker](https://twitter.com/LeonardHecker)
@@ -317,18 +287,18 @@ If you would like to ask a question that you feel doesn't warrant an issue
   app](https://docs.microsoft.com/en-us/windows/uwp/get-started/enable-your-device-for-development)
   to locally install and run Windows Terminal
 * You must have [PowerShell 7 or later](https://github.com/PowerShell/PowerShell/releases/latest) installed
-* You must have the [Windows 11 (10.0.22621.0)
+* You must have the [Windows 11 (10.0.22000.0)
   SDK](https://developer.microsoft.com/en-us/windows/downloads/windows-sdk/)
   installed
 * You must have at least [VS
-  2022](https://visualstudio.microsoft.com/downloads/) installed
+  2019](https://visualstudio.microsoft.com/downloads/) installed
 * You must install the following Workloads via the VS Installer. Note: Opening
-  the solution in VS 2022 will [prompt you to install missing components
+  the solution in VS 2019 will [prompt you to install missing components
   automatically](https://devblogs.microsoft.com/setup/configure-visual-studio-across-your-organization-with-vsconfig/):
   * Desktop Development with C++
   * Universal Windows Platform Development
   * **The following Individual Components**
-    * C++ (v143) Universal Windows Platform Tools
+    * C++ (v142) Universal Windows Platform Tools
 * You must install the [.NET Framework Targeting Pack](https://docs.microsoft.com/dotnet/framework/install/guide-for-developers#to-install-the-net-framework-developer-pack-or-targeting-pack) to build test projects
 
 ## Building the Code
@@ -387,10 +357,10 @@ Please review these brief docs below about our coding practices.
 This is a work in progress as we learn what we'll need to provide people in
 order to be effective contributors to our project.
 
-* [Coding Style](./doc/STYLE.md)
-* [Code Organization](./doc/ORGANIZATION.md)
-* [Exceptions in our legacy codebase](./doc/EXCEPTIONS.md)
-* [Helpful smart pointers and macros for interfacing with Windows in WIL](./doc/WIL.md)
+* [Coding Style](https://github.com/microsoft/terminal/blob/main/doc/STYLE.md)
+* [Code Organization](https://github.com/microsoft/terminal/blob/main/doc/ORGANIZATION.md)
+* [Exceptions in our legacy codebase](https://github.com/microsoft/terminal/blob/main/doc/EXCEPTIONS.md)
+* [Helpful smart pointers and macros for interfacing with Windows in WIL](https://github.com/microsoft/terminal/blob/main/doc/WIL.md)
 
 ---
 

SUPPORT.md

@@ -14,4 +14,4 @@ Support for Windows Terminal is limited to the resources listed above.
 [gh-bug]: https://github.com/microsoft/terminal/issues/new?assignees=&labels=Issue-Bug&template=bug_report.md&title=
 [gh-feature]: https://github.com/microsoft/terminal/issues/new?assignees=&labels=Issue-Feature&template=Feature_Request.md&title=
 [docs]: https://docs.microsoft.com/windows/terminal
-[contributor]: ./CONTRIBUTING.md
+[contributor]: https://github.com/microsoft/terminal/blob/main/CONTRIBUTING.md

build/Helix/AzurePipelinesHelperScripts.ps1

@@ -0,0 +1,175 @@
+function GetAzureDevOpsBaseUri
+{
+    Param(
+        [string]$CollectionUri,
+        [string]$TeamProject
+    )
+
+    return $CollectionUri + $TeamProject
+}
+
+function GetQueryTestRunsUri
+{
+    Param(
+        [string]$CollectionUri,
+        [string]$TeamProject,
+        [string]$BuildUri,
+        [switch]$IncludeRunDetails
+    )
+
+    if ($IncludeRunDetails)
+    {
+        $includeRunDetailsParameter = "&includeRunDetails=true"
+    }
+    else
+    {
+        $includeRunDetailsParameter = ""
+    }
+
+    $baseUri = GetAzureDevOpsBaseUri -CollectionUri $CollectionUri -TeamProject $TeamProject
+    $queryUri = "$baseUri/_apis/test/runs?buildUri=$BuildUri$includeRunDetailsParameter&api-version=5.0"
+    return $queryUri
+}
+
+function Get-HelixJobTypeFromTestRun
+{
+    Param ($testRun)
+
+    $testRunSingleResultUri = "$($testRun.url)/results?`$top=1&`$skip=0&api-version=5.1"
+    $singleTestResult = Invoke-RestMethod -Uri $testRunSingleResultUri -Method Get -Headers $azureDevOpsRestApiHeaders
+    $count = $singleTestResult.value.Length
+    if($count -eq 0)
+    {
+        # If the count is 0, then results have not yet been reported for this run.
+        # We only care about completed runs with results, so it is ok to just return 'UNKNOWN' for this run.
+        return "UNKNOWN"
+    }
+    else
+    {
+        $info = ConvertFrom-Json $singleTestResult.value.comment
+        $helixJobId = $info.HelixJobId
+        $job = Invoke-RestMethodWithRetries "https://helix.dot.net/api/2019-06-17/jobs/${helixJobId}?access_token=${HelixAccessToken}"
+        return $job.Type
+    }
+}
+
+function Append-HelixAccessTokenToUrl
+{
+    Param ([string]$url, [string]$token)
+    if($url.Contains("?"))
+    {
+        $url = "$($url)&access_token=$($token)"
+    }
+    else
+    {
+        $url = "$($url)?access_token=$($token)"
+    }
+    return $url
+}
+
+
+# The Helix Rest api is sometimes unreliable. So we call these apis with retry logic. 
+# Note: The Azure DevOps apis are stable and do not need to be called with this retry logic.
+$helixApiRetries = 0
+$helixApiRetriesMax = 10 
+
+function Download-StringWithRetries
+{
+    Param ([string]$fileName, [string]$url)
+
+    $result = ""
+    $done = $false
+
+    while(!($done))
+    {
+        try
+        {
+            Write-Host "Downloading $fileName"
+            $result = (New-Object System.Net.WebClient).DownloadString($url)
+            $done = $true
+        }
+        catch
+        {
+            Write-Host "Failed to download $fileName $($PSItem.Exception)"
+
+            $helixApiRetries = $helixApiRetries + 1
+            if($helixApiRetries -lt $helixApiRetriesMax)
+            {
+                Write-Host "Sleep and retry download of $fileName"
+                Start-Sleep 60
+            }
+            else
+            {
+                throw "Failed to download $fileName"
+            }
+        }
+    }
+
+    return $result
+}
+
+function Invoke-RestMethodWithRetries
+{
+    Param ([string]$url,$Headers)
+
+    $result = @()
+    $done = $false
+
+    while(!($done))
+    {
+        try
+        {
+            $result = Invoke-RestMethod -Uri $url -Method Get -Headers $Headers
+            $done = $true
+        }
+        catch
+        {
+            Write-Host "Failed to invoke Rest method $($PSItem.Exception)"
+
+            $helixApiRetries = $helixApiRetries + 1
+            if($helixApiRetries -lt $helixApiRetriesMax)
+            {
+                Write-Host "Sleep and retry invoke"
+                Start-Sleep 60
+            }
+            else
+            {
+                throw "Failed to invoke Rest method"
+            }
+        }
+    }
+
+    return $result
+}
+
+function Download-FileWithRetries
+{
+    Param ([string]$fileurl, [string]$destination)
+
+    $done = $false
+
+    while(!($done))
+    {
+        try
+        {
+            Write-Host "Downloading $destination"
+            $webClient.DownloadFile($fileurl, $destination)
+            $done = $true
+        }
+        catch
+        {
+            Write-Host "Failed to download $destination $($PSItem.Exception)"
+
+            $helixApiRetries = $helixApiRetries + 1
+            if($helixApiRetries -lt $helixApiRetriesMax)
+            {
+                Write-Host "Sleep and retry download of $destination"
+                Start-Sleep 60
+            }
+            else
+            {
+                throw "Failed to download $destination"
+            }
+        }
+    }
+}

build/Helix/ConvertWttLogToXUnit.ps1

@@ -20,7 +20,9 @@ Param(
 $helixResultsContainerUri = $Env:HELIX_RESULTS_CONTAINER_URI
 $helixResultsContainerRsas = $Env:HELIX_RESULTS_CONTAINER_RSAS
 
+$rerunPassesRequiredToAvoidFailure = $env:rerunPassesRequiredToAvoidFailure
+
 Add-Type -Language CSharp -ReferencedAssemblies System.Xml,System.Xml.Linq,System.Runtime.Serialization,System.Runtime.Serialization.Json (Get-Content $PSScriptRoot\HelixTestHelpers.cs -Raw)
 
 $testResultParser = [HelixTestHelpers.TestResultParser]::new($TestNamePrefix, $helixResultsContainerUri, $helixResultsContainerRsas)
-$testResultParser.ConvertWttLogToXUnitLog($WttInputPath, $WttSingleRerunInputPath, $WttMultipleRerunInputPath, $XUnitOutputPath)
+$testResultParser.ConvertWttLogToXUnitLog($WttInputPath, $WttSingleRerunInputPath, $WttMultipleRerunInputPath, $XUnitOutputPath, $rerunPassesRequiredToAvoidFailure)

build/Helix/EnsureMachineState.ps1

@@ -0,0 +1,112 @@
+$scriptDirectory = $script:MyInvocation.MyCommand.Path | Split-Path -Parent
+
+# List all processes to aid debugging:
+Write-Host "All processes running:"
+Get-Process
+
+tasklist /svc
+
+# Add this test directory as an exclusion for Windows Defender
+Write-Host "Add $scriptDirectory as Exclusion Path"
+Add-MpPreference -ExclusionPath $scriptDirectory
+Write-Host "Add $($env:HELIX_CORRELATION_PAYLOAD) as Exclusion Path"
+Add-MpPreference -ExclusionPath $env:HELIX_CORRELATION_PAYLOAD
+Get-MpPreference
+Get-MpComputerStatus
+
+
+# Minimize all windows:
+$shell = New-Object -ComObject "Shell.Application"
+$shell.minimizeall()
+
+# Kill any instances of Windows Security Alert:
+$windowTitleToMatch = "*Windows Security Alert*"
+$procs = Get-Process | Where {$_.MainWindowTitle -like "*Windows Security Alert*"}
+foreach ($proc in $procs)
+{
+    Write-Host "Found process with '$windowTitleToMatch' title: $proc"
+    $proc.Kill();
+}
+
+# Kill processes by name that are known to interfere with our tests:
+$processNamesToStop = @("Microsoft.Photos", "WinStore.App", "SkypeApp", "SkypeBackgroundHost", "OneDriveSetup", "OneDrive")
+foreach($procName in $processNamesToStop)
+{
+    Write-Host "Attempting to kill $procName if it is running"
+    Stop-Process -ProcessName $procName -Verbose -ErrorAction Ignore   
+}
+Write-Host "All processes running after attempting to kill unwanted processes:"
+Get-Process
+
+tasklist /svc
+
+$platform = $env:testbuildplatform
+if(!$platform)
+{
+    $platform = "x86"
+}
+
+function UninstallApps {
+    Param([string[]]$appsToUninstall)
+
+    foreach($pkgName in $appsToUninstall)
+    {
+        foreach($pkg in (Get-AppxPackage $pkgName).PackageFullName) 
+        {
+            Write-Output "Removing: $pkg" 
+            Remove-AppxPackage $pkg
+        } 
+    }
+}
+
+function UninstallTestApps {
+    Param([string[]]$appsToUninstall)
+
+    foreach($pkgName in $appsToUninstall)
+    {
+        foreach($pkg in (Get-AppxPackage $pkgName).PackageFullName) 
+        {
+            Write-Output "Removing: $pkg" 
+            Remove-AppxPackage $pkg
+        }
+
+        # Sometimes an app can get into a state where it is no longer returned by Get-AppxPackage, but it is still present
+        # which prevents other versions of the app from being installed.
+        # To handle this, we can directly call Remove-AppxPackage against the full name of the package. However, without
+        # Get-AppxPackage to find the PackageFullName, we just have to manually construct the name.
+        $packageFullName = "$($pkgName)_1.0.0.0_$($platform)__8wekyb3d8bbwe" 
+        Write-Host "Removing $packageFullName if installed"
+        Remove-AppPackage $packageFullName -ErrorVariable appxerror -ErrorAction SilentlyContinue 
+        if($appxerror)
+        {
+            foreach($error in $appxerror)
+            {
+                # In most cases, Remove-AppPackage will fail due to the package not being found. Don't treat this as an error.
+                if(!($error.Exception.Message -match "0x80073CF1"))
+                {
+                    Write-Error $error
+                }
+            }
+        }
+        else
+        {
+            Write-Host "Successfully removed $packageFullName"
+        }
+    }
+}
+
+Write-Host "Uninstall AppX packages that are known to cause issues with our tests"
+UninstallApps("*Skype*", "*Windows.Photos*")
+
+Write-Host "Uninstall any of our test apps that may have been left over from previous test runs"
+UninstallTestApps("NugetPackageTestApp", "NugetPackageTestAppCX", "IXMPTestApp", "MUXControlsTestApp")
+
+Write-Host "Uninstall MUX Framework package that may have been left over from previous test runs"
+# We don't want to uninstall all versions of the MUX Framework package, as there may be other apps preinstalled on the system 
+# that depend on it. We only uninstall the Framework package that corresponds to the version of MUX that we are testing.
+[xml]$versionData = (Get-Content "version.props")
+$versionMajor = $versionData.GetElementsByTagName("MUXVersionMajor").'#text'
+$versionMinor = $versionData.GetElementsByTagName("MUXVersionMinor").'#text'
+UninstallApps("Microsoft.UI.Xaml.$versionMajor.$versionMinor")
+
+Get-Process

build/Helix/GenerateTestProjFile.ps1

@@ -0,0 +1,336 @@
+[CmdLetBinding()]
+Param(
+    [Parameter(Mandatory = $true)] 
+    [string]$TestFile,
+
+    [Parameter(Mandatory = $true)] 
+    [string]$OutputProjFile,
+
+    [Parameter(Mandatory = $true)] 
+    [string]$JobTestSuiteName,
+
+    [Parameter(Mandatory = $true)] 
+    [string]$TaefPath,
+
+    [string]$TaefQuery
+)
+
+Class TestCollection
+{
+    [string]$Name
+    [string]$SetupMethodName
+    [string]$TeardownMethodName
+    [System.Collections.Generic.Dictionary[string, string]]$Properties
+
+    TestCollection()
+    {
+        if ($this.GetType() -eq [TestCollection])
+        {
+            throw "This class should never be instantiated directly; it should only be derived from."
+        }
+    }
+
+    TestCollection([string]$name)
+    {
+        $this.Init($name)
+    }
+
+    hidden Init([string]$name)
+    {
+        $this.Name = $name
+        $this.Properties = @{}
+    }
+}
+
+Class Test : TestCollection 
+{
+    Test([string]$name)
+    {
+        $this.Init($name)
+    }
+}
+
+Class TestClass : TestCollection
+{
+    [System.Collections.Generic.List[Test]]$Tests
+
+    TestClass([string]$name)
+    {
+        $this.Init($name)
+        $this.Tests = @{}
+    }
+}
+
+Class TestModule : TestCollection
+{
+    [System.Collections.Generic.List[TestClass]]$TestClasses
+
+    TestModule([string]$name)
+    {
+        $this.Init($name)
+        $this.TestClasses = @{}
+    }
+}
+
+function Parse-TestInfo([string]$taefOutput)
+{
+    enum LineType
+    {
+        None
+        TestModule
+        TestClass
+        Test
+        Setup
+        Teardown
+        Property
+    }
+        
+    [string]$testModuleIndentation = "        "
+    [string]$testClassIndentation = "            "
+    [string]$testIndentation = "                "
+    [string]$setupBeginning = "Setup: "
+    [string]$teardownBeginning = "Teardown: "
+    [string]$propertyBeginning = "Property["
+
+    function Get-LineType([string]$line)
+    {
+        if ($line.Contains($setupBeginning))
+        {
+            return [LineType]::Setup;
+        }
+        elseif ($line.Contains($teardownBeginning))
+        {
+            return [LineType]::Teardown;
+        }
+        elseif ($line.Contains($propertyBeginning))
+        {
+            return [LineType]::Property;
+        }
+        elseif ($line.StartsWith($testModuleIndentation) -and -not $line.StartsWith("$testModuleIndentation "))
+        {
+            return [LineType]::TestModule;
+        }
+        elseif ($line.StartsWith($testClassIndentation) -and -not $line.StartsWith("$testClassIndentation "))
+        {
+            return [LineType]::TestClass;
+        }
+        elseif ($line.StartsWith($testIndentation) -and -not $line.StartsWith("$testIndentation "))
+        {
+            return [LineType]::Test;
+        }
+        else
+        {
+            return [LineType]::None;
+        }
+    }
+
+    [string[]]$lines = $taefOutput.Split(@([Environment]::NewLine, "`n"), [StringSplitOptions]::RemoveEmptyEntries)
+    [System.Collections.Generic.List[TestModule]]$testModules = @()
+
+    [TestModule]$currentTestModule = $null
+    [TestClass]$currentTestClass = $null
+    [Test]$currentTest = $null
+
+    [TestCollection]$lastTestCollection = $null
+
+    foreach ($rawLine in $lines)
+    {
+        [LineType]$lineType = (Get-LineType $rawLine)
+
+        # We don't need the whitespace around the line anymore, so we'll discard it to make things easier.
+        [string]$line = $rawLine.Trim()
+
+        if ($lineType -eq [LineType]::TestModule)
+        {
+            if ($currentTest -ne $null -and $currentTestClass -ne $null)
+            {
+                $currentTestClass.Tests.Add($currentTest)
+            }
+
+            if ($currentTestClass -ne $null -and $currentTestModule -ne $null)
+            {
+                $currentTestModule.TestClasses.Add($currentTestClass)
+            }
+
+            if ($currentTestModule -ne $null)
+            {
+                $testModules.Add($currentTestModule)
+            }
+
+            $currentTestModule = [TestModule]::new($line)
+            $currentTestClass = $null
+            $currentTest = $null
+            $lastTestCollection = $currentTestModule
+        }
+        elseif ($lineType -eq [LineType]::TestClass)
+        {
+            if ($currentTest -ne $null -and $currentTestClass -ne $null)
+            {
+                $currentTestClass.Tests.Add($currentTest)
+            }
+
+            if ($currentTestClass -ne $null -and $currentTestModule -ne $null)
+            {
+                $currentTestModule.TestClasses.Add($currentTestClass)
+            }
+
+            $currentTestClass = [TestClass]::new($line)
+            $currentTest = $null
+            $lastTestCollection = $currentTestClass
+        }
+        elseif ($lineType -eq [LineType]::Test)
+        {
+            if ($currentTest -ne $null -and $currentTestClass -ne $null)
+            {
+                $currentTestClass.Tests.Add($currentTest)
+            }
+
+            $currentTest = [Test]::new($line)
+            $lastTestCollection = $currentTest
+        }
+        elseif ($lineType -eq [LineType]::Setup)
+        {
+            if ($lastTestCollection -ne $null)
+            {
+                $lastTestCollection.SetupMethodName = $line.Replace($setupBeginning, "")
+            }
+        }
+        elseif ($lineType -eq [LineType]::Teardown)
+        {
+            if ($lastTestCollection -ne $null)
+            {
+                $lastTestCollection.TeardownMethodName = $line.Replace($teardownBeginning, "")
+            }
+        }
+        elseif ($lineType -eq [LineType]::Property)
+        {
+            if ($lastTestCollection -ne $null)
+            {
+                foreach ($match in [Regex]::Matches($line, "Property\[(.*)\]\s+=\s+(.*)"))
+                {
+                    [string]$propertyKey = $match.Groups[1].Value;
+                    [string]$propertyValue = $match.Groups[2].Value;
+                    $lastTestCollection.Properties.Add($propertyKey, $propertyValue);
+                }
+            }
+        }
+    }
+
+    if ($currentTest -ne $null -and $currentTestClass -ne $null)
+    {
+        $currentTestClass.Tests.Add($currentTest)
+    }
+
+    if ($currentTestClass -ne $null -and $currentTestModule -ne $null)
+    {
+        $currentTestModule.TestClasses.Add($currentTestClass)
+    }
+
+    if ($currentTestModule -ne $null)
+    {
+        $testModules.Add($currentTestModule)
+    }
+
+    return $testModules
+}
+
+Write-Verbose "TaefQuery = $TaefQuery"
+
+$TaefSelectQuery = ""
+$TaefQueryToAppend = ""
+if($TaefQuery)
+{
+    $TaefSelectQuery = "/select:`"$TaefQuery`""
+    $TaefQueryToAppend = " and $TaefQuery"
+}
+Write-Verbose "TaefSelectQuery = $TaefSelectQuery"
+
+
+$taefExe = "$TaefPath\te.exe"
+[string]$taefOutput = & "$taefExe" /listproperties $TaefSelectQuery $TestFile | Out-String
+
+[System.Collections.Generic.List[TestModule]]$testModules = (Parse-TestInfo $taefOutput)
+
+$projFileContent = @"
+<Project>
+  <ItemGroup>
+"@
+
+foreach ($testModule in $testModules)
+{
+    foreach ($testClass in $testModules.TestClasses)
+    {
+        Write-Host "Generating Helix work item for test class $($testClass.Name)..."
+        [System.Collections.Generic.List[string]]$testSuiteNames = @()
+        
+        $testSuiteExists = $false
+        $suitelessTestExists = $false
+
+        foreach ($test in $testClass.Tests)
+        {
+            # A test method inherits its 'TestSuite' property from its TestClass
+            if (!$test.Properties.ContainsKey("TestSuite") -and $testClass.Properties.ContainsKey("TestSuite"))
+            {
+                $test.Properties["TestSuite"] = $testClass.Properties["TestSuite"]
+            }
+
+            if ($test.Properties.ContainsKey("TestSuite"))
+            {
+                [string]$testSuite = $test.Properties["TestSuite"]
+
+                if (-not $testSuiteNames.Contains($testSuite))
+                {
+                    Write-Host "    Found test suite $testSuite. Generating Helix work item for it as well."
+                    $testSuiteNames.Add($testSuite)
+                }
+
+                $testSuiteExists = $true
+            }
+            else
+            {
+                $suitelessTestExists = $true
+            }
+        }
+        
+        $testClassSelectPattern = "$($testClass.Name).*"
+        if($testClass.Name.Contains("::"))
+        {
+            $testClassSelectPattern = "$($testClass.Name)::*"
+        }
+        $testNameQuery= "(@Name='$testClassSelectPattern')"
+
+        $workItemName = $testClass.Name
+        # Native tests use '::' as a separator, which is not valid for workItem names.
+        $workItemName = $workItemName -replace "::", "-"
+        
+        if ($suitelessTestExists)
+        {
+            $projFileContent += @"
+
+    <HelixWorkItem Include="$($workItemName)" Condition="'`$(TestSuite)'=='$($JobTestSuiteName)'">
+      <Timeout>00:30:00</Timeout>
+      <Command>call %HELIX_CORRELATION_PAYLOAD%\runtests.cmd /select:"(@Name='$($testClass.Name)*'$(if ($testSuiteExists) { "and not @TestSuite='*'" }))$($TaefQueryToAppend)"</Command>
+    </HelixWorkItem>
+"@
+        }
+        
+        foreach ($testSuiteName in $testSuiteNames)
+        {
+            $projFileContent += @"
+
+    <HelixWorkItem Include="$($workItemName)-$testSuiteName" Condition="'`$(TestSuite)'=='$($JobTestSuiteName)'">
+      <Timeout>00:30:00</Timeout>
+      <Command>call %HELIX_CORRELATION_PAYLOAD%\runtests.cmd /select:"(@Name='$($testClass.Name)*' and @TestSuite='$testSuiteName')$($TaefQueryToAppend)"</Command>
+    </HelixWorkItem>
+"@
+        }
+    }
+}
+
+$projFileContent += @"
+
+  </ItemGroup>
+</Project>
+"@
+
+Set-Content $OutputProjFile $projFileContent -NoNewline -Encoding UTF8

build/Helix/HelixTestHelpers.cs

@@ -20,13 +20,32 @@ namespace HelixTestHelpers
         public string Name { get; set; }
         public string SourceWttFile { get; set; }
         public bool Passed { get; set; }
-        public bool Skipped { get; set; }
         public bool CleanupPassed { get; set; }
         public TimeSpan ExecutionTime { get; set; }
         public string Details { get; set; }
 
         public List<string> Screenshots { get; private set; }
         public List<TestResult> RerunResults { get; private set; }
+
+        // Returns true if the test pass rate is sufficient to avoid being counted as a failure.
+        public bool PassedOrUnreliable(int requiredNumberOfPasses)
+        {
+            if(Passed)
+            {
+                return true;
+            }
+            else
+            {
+                if(RerunResults.Count == 1)
+                {
+                    return RerunResults[0].Passed;
+                }
+                else
+                {
+                    return RerunResults.Where(r => r.Passed).Count() >= requiredNumberOfPasses;
+                }
+            }
+        }
     }
     
     //
@@ -202,9 +221,7 @@ namespace HelixTestHelpers
                         testsExecuting--;
 
                         // If any inner test fails, we'll still fail the outer
-                        var value = element.Attribute("Result").Value;
-                        currentResult.Passed = value == "Pass";
-                        currentResult.Skipped = value == "Skipped";
+                        currentResult.Passed &= element.Attribute("Result").Value == "Pass";
 
                         // Only gather execution data if this is the outer test we ran initially
                         if (testsExecuting == 0)
@@ -481,7 +498,7 @@ namespace HelixTestHelpers
             return subResultsJsonByMethod;
         }
 
-        public void ConvertWttLogToXUnitLog(string wttInputPath, string wttSingleRerunInputPath, string wttMultipleRerunInputPath, string xunitOutputPath)
+        public void ConvertWttLogToXUnitLog(string wttInputPath, string wttSingleRerunInputPath, string wttMultipleRerunInputPath, string xunitOutputPath, int requiredPassRateThreshold)
         {
             TestPass testPass = TestPass.ParseTestWttFileWithReruns(wttInputPath, wttSingleRerunInputPath, wttMultipleRerunInputPath, cleanupFailuresAreRegressions: true, truncateTestNames: false);
             var results = testPass.TestResults;
@@ -493,8 +510,8 @@ namespace HelixTestHelpers
             // If the test failed sufficiently often enough for it to count as a failed test (determined by a property on the
             // Azure DevOps job), we'll later mark it as failed during test results processing.
 
-            int failedCount = results.Where(r => !r.Passed).Count();
-            int skippedCount = results.Where(r => (!r.Passed && r.Skipped)).Count();
+            int failedCount = results.Where(r => !r.PassedOrUnreliable(requiredPassRateThreshold)).Count();
+            int skippedCount = results.Where(r => !r.Passed && r.PassedOrUnreliable(requiredPassRateThreshold)).Count();
 
             var root = new XElement("assemblies");
 
@@ -540,13 +557,12 @@ namespace HelixTestHelpers
                 
                 string resultString = string.Empty;
                 
-                if (result.Passed && !result.Skipped)
+                if (result.Passed)
                 {
                     resultString = "Pass";
                 }
-                else if (result.Skipped)
+                else if(result.PassedOrUnreliable(requiredPassRateThreshold))
                 {
-
                     resultString = "Skip";
                 }
                 else
@@ -555,25 +571,31 @@ namespace HelixTestHelpers
                 }
 
                 
+                test.SetAttributeValue("result", resultString);
+
                 if (!result.Passed)
                 {
-                    if (result.Skipped)
+                    // If a test failed, we'll have rerun it multiple times.
+                    // We'll save the subresults to a JSON text file that we'll upload to the helix results container -
+                    // this allows it to be as long as we want, whereas the reason field in Azure DevOps has a 4000 character limit.
+                    string subResultsFileName = methodName + "_subresults.json";
+                    string subResultsFilePath = Path.Combine(Path.GetDirectoryName(wttInputPath), subResultsFileName);
+					
+                    if (result.PassedOrUnreliable(requiredPassRateThreshold))
                     {
                         var reason = new XElement("reason");
-                        reason.Add(new XCData("Test skipped"));
+                        reason.Add(new XCData(GetUploadedFileUrl(subResultsFileName, helixResultsContainerUri, helixResultsContainerRsas)));
                         test.Add(reason);
                     }
-                    else {
+                    else
+                    {
                         var failure = new XElement("failure");
                         var message = new XElement("message");
-                        message.Add(new XCData("Test failed"));
+						message.Add(new XCData(GetUploadedFileUrl(subResultsFileName, helixResultsContainerUri, helixResultsContainerRsas)));
                         failure.Add(message);
                         test.Add(failure);
                     }
                 }
-
-                test.SetAttributeValue("result", resultString);
-
                 collection.Add(test);
             }
 

build/Helix/InstallTestAppDependencies.ps1

@@ -0,0 +1,12 @@
+# Displaying progress is unnecessary and is just distracting.
+$ProgressPreference = "SilentlyContinue"
+
+$dependencyFiles = Get-ChildItem -Filter "*Microsoft.VCLibs.*.appx"
+
+foreach ($file in $dependencyFiles)
+{
+    Write-Host "Adding dependency $($file)..."
+
+    Add-AppxPackage $file
+    
+}

build/Helix/OutputFailedTestQuery.ps1

@@ -0,0 +1,8 @@
+Param(
+    [Parameter(Mandatory = $true)] 
+    [string]$WttInputPath
+)
+
+Add-Type -Language CSharp -ReferencedAssemblies System.Xml,System.Xml.Linq,System.Runtime.Serialization,System.Runtime.Serialization.Json (Get-Content $PSScriptRoot\HelixTestHelpers.cs -Raw)
+
+[HelixTestHelpers.FailedTestDetector]::OutputFailedTestQuery($WttInputPath)

build/Helix/OutputSubResultsJsonFiles.ps1

@@ -0,0 +1,32 @@
+Param(
+    [Parameter(Mandatory = $true)] 
+    [string]$WttInputPath,
+
+    [Parameter(Mandatory = $true)] 
+    [string]$WttSingleRerunInputPath,
+
+    [Parameter(Mandatory = $true)] 
+    [string]$WttMultipleRerunInputPath,
+
+    [Parameter(Mandatory = $true)] 
+    [string]$TestNamePrefix
+)
+
+# Ideally these would be passed as parameters to the script. However ps makes it difficult to deal with string literals containing '&', so we just 
+# read the values directly from the environment variables
+$helixResultsContainerUri = $Env:HELIX_RESULTS_CONTAINER_URI
+$helixResultsContainerRsas = $Env:HELIX_RESULTS_CONTAINER_RSAS
+
+Add-Type -Language CSharp -ReferencedAssemblies System.Xml,System.Xml.Linq,System.Runtime.Serialization,System.Runtime.Serialization.Json (Get-Content $PSScriptRoot\HelixTestHelpers.cs -Raw)
+
+$testResultParser = [HelixTestHelpers.TestResultParser]::new($TestNamePrefix, $helixResultsContainerUri, $helixResultsContainerRsas)
+[System.Collections.Generic.Dictionary[string, string]]$subResultsJsonByMethodName = $testResultParser.GetSubResultsJsonByMethodName($WttInputPath, $WttSingleRerunInputPath, $WttMultipleRerunInputPath)
+
+$subResultsJsonDirectory = [System.IO.Path]::GetDirectoryName($WttInputPath)
+
+foreach ($methodName in $subResultsJsonByMethodName.Keys)
+{
+    $subResultsJson = $subResultsJsonByMethodName[$methodName]
+    $subResultsJsonPath = [System.IO.Path]::Combine($subResultsJsonDirectory, $methodName + "_subresults.json")
+    Out-File $subResultsJsonPath -Encoding utf8 -InputObject $subResultsJson
+}

build/Helix/OutputTestErrorsForAzureDevops.ps1

@@ -1,38 +0,0 @@
-Param(
-    [Parameter(Mandatory = $true)]
-    [string]$XUnitOutputPath
-)
-
-# This script is used to parse the XUnit output from the test runs and print out
-# the tests that failed.
-#
-# Why you might ask? Well, it sure seems like Azure DevOps doesn't like the fact
-# that we just call our tests in a powershell script. It can't seemingly find
-# the actual errors in the TAEF logs. That means when you just go to the
-# "Checks" page on GitHub, the Azure DevOps integration doesn't have anything
-# meaningful to say other than "PowerShell exited with code '1'". If we however,
-# just manually emit the test names formatted with "#[error]" in front of them,
-# well, then the integration will all work like magic.
-
-# Load the test results as a XML object
-$testResults = [xml](Get-Content -Path $XUnitOutputPath)
-
-# Our XML looks like:
-# <assemblies>
-#   <assembly name="MUXControls.Test.dll" test-framework="TAEF" run-date="2023-08-14" run-time="11:38:01" total="524" passed="520" failed="4" skipped="1" time="8943" errors="0">
-#     <collection total="524" passed="520" failed="4" skipped="1" name="Test collection" time="8943">
-#       <test name="ControlCoreTests::TestSimpleClickSelection" type="ControlCoreTests" method="TestSimpleClickSelection" time="0.016" result="Fail">
-
-# Iterate over all the assemblies and print all the tests that failed
-foreach ($assembly in $testResults.assemblies.assembly) {
-    foreach ($collection in $assembly.collection) {
-        foreach ($test in $collection.test) {
-            if ($test.result -eq "Fail") {
-                # This particular format is taken from the Azure DevOps documentation:
-                # https://github.com/microsoft/azure-pipelines-tasks/blob/master/docs/authoring/commands.md
-                # This will treat this line as an error message
-                Write-Output "##vso[task.logissue type=error]$($test.name) Failed"
-            }
-        }
-    }
-}

build/Helix/OutputTestResults.ps1

@@ -0,0 +1,131 @@
+Param(
+    [Parameter(Mandatory = $true)] 
+    [int]$MinimumExpectedTestsExecutedCount,
+
+    [string]$AccessToken = $env:SYSTEM_ACCESSTOKEN,
+    [string]$CollectionUri = $env:SYSTEM_COLLECTIONURI,
+    [string]$TeamProject = $env:SYSTEM_TEAMPROJECT,
+    [string]$BuildUri = $env:BUILD_BUILDURI,
+    [bool]$CheckJobAttempt
+)
+
+$azureDevOpsRestApiHeaders = @{
+    "Accept"="application/json"
+    "Authorization"="Basic $([System.Convert]::ToBase64String([System.Text.ASCIIEncoding]::ASCII.GetBytes(":$AccessToken")))"
+}
+
+. "$PSScriptRoot/AzurePipelinesHelperScripts.ps1"
+
+Write-Host "Checking test results..."
+
+$queryUri = GetQueryTestRunsUri -CollectionUri $CollectionUri -TeamProject $TeamProject -BuildUri $BuildUri -IncludeRunDetails
+Write-Host "queryUri = $queryUri"
+
+$testRuns = Invoke-RestMethodWithRetries $queryUri -Headers $azureDevOpsRestApiHeaders
+[System.Collections.Generic.List[string]]$failingTests = @()
+[System.Collections.Generic.List[string]]$unreliableTests = @()
+[System.Collections.Generic.List[string]]$unexpectedResultTest = @()
+
+[System.Collections.Generic.List[string]]$namesOfProcessedTestRuns = @()
+$totalTestsExecutedCount = 0
+
+# We assume that we only have one testRun with a given name that we care about
+# We only process the last testRun with a given name (based on completedDate)
+# The name of a testRun is set to the Helix queue that it was run on (e.g. windows.10.amd64.client21h1.xaml)
+# If we have multiple test runs on the same queue that we care about, we will need to re-visit this logic
+foreach ($testRun in ($testRuns.value | Sort-Object -Property "completedDate" -Descending))
+{
+    if ($CheckJobAttempt)
+    {
+        if ($namesOfProcessedTestRuns -contains $testRun.name)
+        {
+            Write-Host "Skipping test run '$($testRun.name)', since we have already processed a test run of that name."
+            continue
+        }
+    }
+    
+    Write-Host "Processing results from test run '$($testRun.name)'"
+    $namesOfProcessedTestRuns.Add($testRun.name)
+
+    $totalTestsExecutedCount += $testRun.totalTests
+
+    $testRunResultsUri = "$($testRun.url)/results?api-version=5.0"
+    $testResults = Invoke-RestMethodWithRetries "$($testRun.url)/results?api-version=5.0" -Headers $azureDevOpsRestApiHeaders
+        
+    foreach ($testResult in $testResults.value)
+    {
+        $shortTestCaseTitle = $testResult.testCaseTitle -replace "[a-zA-Z0-9]+.[a-zA-Z0-9]+.Windows.UI.Xaml.Tests.MUXControls.",""
+
+        if ($testResult.outcome -eq "Failed")
+        {
+            if (-not $failingTests.Contains($shortTestCaseTitle))
+            {
+                $failingTests.Add($shortTestCaseTitle)
+            }
+        }
+        elseif ($testResult.outcome -eq "Warning")
+        {
+            if (-not $unreliableTests.Contains($shortTestCaseTitle))
+            {
+                $unreliableTests.Add($shortTestCaseTitle)
+            }
+        }
+        elseif ($testResult.outcome -ne "Passed")
+        {
+            # We should only see tests with result "Passed", "Failed" or "Warning"
+            if (-not $unexpectedResultTest.Contains($shortTestCaseTitle))
+            {
+                $unexpectedResultTest.Add($shortTestCaseTitle)
+            }
+        }
+    }
+}
+
+if ($unreliableTests.Count -gt 0)
+{
+    Write-Host @"
+##vso[task.logissue type=warning;]Unreliable tests:
+##vso[task.logissue type=warning;]$($unreliableTests -join "$([Environment]::NewLine)##vso[task.logissue type=warning;]")
+
+"@
+}
+
+if ($failingTests.Count -gt 0)
+{
+    Write-Host @"
+##vso[task.logissue type=error;]Failing tests:
+##vso[task.logissue type=error;]$($failingTests -join "$([Environment]::NewLine)##vso[task.logissue type=error;]")
+
+"@
+}
+
+if ($unexpectedResultTest.Count -gt 0)
+{
+    Write-Host @"
+##vso[task.logissue type=error;]Tests with unexpected results:
+##vso[task.logissue type=error;]$($unexpectedResultTest -join "$([Environment]::NewLine)##vso[task.logissue type=error;]")
+
+"@
+}
+
+if($totalTestsExecutedCount -lt $MinimumExpectedTestsExecutedCount)
+{
+    Write-Host "Expected at least $MinimumExpectedTestsExecutedCount tests to be executed."
+    Write-Host "Actual executed test count is: $totalTestsExecutedCount"
+    Write-Host "##vso[task.complete result=Failed;]"
+}
+elseif ($failingTests.Count -gt 0)
+{
+    Write-Host "At least one test failed."
+    Write-Host "##vso[task.complete result=Failed;]"
+}
+elseif ($unreliableTests.Count -gt 0)
+{
+    Write-Host "All tests eventually passed, but some initially failed."
+    Write-Host "##vso[task.complete result=Succeeded;]"
+}
+else
+{
+    Write-Host "All tests passed."
+    Write-Host "##vso[task.complete result=Succeeded;]"
+}

build/Helix/PrepareHelixPayload.ps1

@@ -0,0 +1,66 @@
+[CmdLetBinding()]
+Param(
+    [string]$Platform,
+    [string]$Configuration,
+    [string]$ArtifactName='drop'
+)
+
+$payloadDir = "HelixPayload\$Configuration\$Platform"
+
+$repoDirectory = Join-Path (Split-Path -Parent $script:MyInvocation.MyCommand.Path) "..\..\"
+$nugetPackagesDir = Join-Path (Split-Path -Parent $script:MyInvocation.MyCommand.Path) "packages"
+
+# Create the payload directory. Remove it if it already exists.
+If(test-path $payloadDir)
+{
+    Remove-Item $payloadDir -Recurse
+}
+New-Item -ItemType Directory -Force -Path $payloadDir
+
+# Copy files from nuget packages
+Copy-Item "$nugetPackagesDir\microsoft.windows.apps.test.1.0.181203002\lib\netcoreapp2.1\*.dll" $payloadDir
+Copy-Item "$nugetPackagesDir\Microsoft.Taef.10.60.210621002\build\Binaries\$Platform\*" $payloadDir
+Copy-Item "$nugetPackagesDir\Microsoft.Taef.10.60.210621002\build\Binaries\$Platform\NetFx4.5\*" $payloadDir
+New-Item -ItemType Directory -Force -Path "$payloadDir\.NETCoreApp2.1\"
+Copy-Item "$nugetPackagesDir\runtime.win-$Platform.microsoft.netcore.app.2.1.0\runtimes\win-$Platform\lib\netcoreapp2.1\*" "$payloadDir\.NETCoreApp2.1\"
+Copy-Item "$nugetPackagesDir\runtime.win-$Platform.microsoft.netcore.app.2.1.0\runtimes\win-$Platform\native\*" "$payloadDir\.NETCoreApp2.1\"
+New-Item -ItemType Directory -Force -Path "$payloadDir\content\"
+Copy-Item "$nugetPackagesDir\Microsoft.Internal.Windows.Terminal.TestContent.1.0.1\content\*" "$payloadDir\content\"
+
+function Copy-If-Exists
+{
+    Param($source, $destinationDir)
+
+    if (Test-Path $source)
+    {
+        Write-Host "Copy from '$source' to '$destinationDir'"
+        Copy-Item -Force $source $destinationDir
+    }
+    else
+    {
+        Write-Host "'$source' does not exist."
+    }
+}
+
+# Copy files from the 'drop' artifact dir
+Copy-Item "$repoDirectory\Artifacts\$ArtifactName\$Configuration\$Platform\Test\*" $payloadDir -Recurse
+
+# Copy files from the repo
+New-Item -ItemType Directory -Force -Path "$payloadDir"
+Copy-Item "build\helix\ConvertWttLogToXUnit.ps1" "$payloadDir"
+Copy-Item "build\helix\OutputFailedTestQuery.ps1" "$payloadDir"
+Copy-Item "build\helix\OutputSubResultsJsonFiles.ps1" "$payloadDir"
+Copy-Item "build\helix\HelixTestHelpers.cs" "$payloadDir"
+Copy-Item "build\helix\runtests.cmd" $payloadDir
+Copy-Item "build\helix\InstallTestAppDependencies.ps1" "$payloadDir"
+Copy-Item "build\Helix\EnsureMachineState.ps1" "$payloadDir"
+
+# Copy the APPX package from the 'drop' artifact dir
+Copy-Item "$repoDirectory\Artifacts\$ArtifactName\appx\CascadiaPackage_0.0.1.0_$Platform.msix" $payloadDir\CascadiaPackage.zip
+
+# Rename it to extension of ZIP because Expand-Archive is real sassy on the build machines
+# and refuses to unzip it because of its file extension while on a desktop, it just
+# does the job without complaining.
+
+# Extract the APPX package
+Expand-Archive -LiteralPath $payloadDir\CascadiaPackage.zip -DestinationPath $payloadDir\appx

build/Helix/ProcessHelixFiles.ps1

@@ -0,0 +1,130 @@
+Param(
+    [string]$AccessToken = $env:SYSTEM_ACCESSTOKEN,
+    [string]$HelixAccessToken = $env:HelixAccessToken,
+    [string]$CollectionUri = $env:SYSTEM_COLLECTIONURI,
+    [string]$TeamProject = $env:SYSTEM_TEAMPROJECT,
+    [string]$BuildUri = $env:BUILD_BUILDURI,
+    [string]$OutputFolder = "HelixOutput"
+)
+
+$helixLinkFile = "$OutputFolder\LinksToHelixTestFiles.html"
+
+
+function Generate-File-Links
+{
+    Param ([Array[]]$files,[string]$sectionName)
+    if($files.Count -gt 0)
+    {
+        Out-File -FilePath $helixLinkFile -Append -InputObject "<div class=$sectionName>"
+        Out-File -FilePath $helixLinkFile -Append -InputObject "<h4>$sectionName</h4>"
+        Out-File -FilePath $helixLinkFile -Append -InputObject "<ul>"
+        foreach($file in $files)
+        {
+            $url = Append-HelixAccessTokenToUrl $file.Link "{Your-Helix-Access-Token-Here}"
+            Out-File -FilePath $helixLinkFile -Append -InputObject "<li>$($url)</li>"
+        }
+        Out-File -FilePath $helixLinkFile -Append -InputObject "</ul>"
+        Out-File -FilePath $helixLinkFile -Append -InputObject "</div>"
+    }
+}
+
+function Append-HelixAccessTokenToUrl
+{
+    Param ([string]$url, [string]$token)
+    if($token)
+    {
+        if($url.Contains("?"))
+        {
+            $url = "$($url)&access_token=$($token)"
+        }
+        else
+        {
+            $url = "$($url)?access_token=$($token)"
+        }
+    }
+    return $url
+}
+
+#Create output directory
+New-Item $OutputFolder -ItemType Directory
+
+$azureDevOpsRestApiHeaders = @{
+    "Accept"="application/json"
+    "Authorization"="Basic $([System.Convert]::ToBase64String([System.Text.ASCIIEncoding]::ASCII.GetBytes(":$AccessToken")))"
+}
+
+. "$PSScriptRoot/AzurePipelinesHelperScripts.ps1"
+
+$queryUri = GetQueryTestRunsUri -CollectionUri $CollectionUri -TeamProject $TeamProject -BuildUri $BuildUri -IncludeRunDetails
+Write-Host "queryUri = $queryUri"
+
+$testRuns = Invoke-RestMethodWithRetries $queryUri -Headers $azureDevOpsRestApiHeaders
+$webClient = New-Object System.Net.WebClient
+[System.Collections.Generic.List[string]]$workItems = @()
+
+foreach ($testRun in $testRuns.value)
+{
+    Write-Host "testRunUri = $testRun.url"
+    $testResults = Invoke-RestMethodWithRetries "$($testRun.url)/results?api-version=5.0" -Headers $azureDevOpsRestApiHeaders
+    $isTestRunNameShown = $false
+
+    foreach ($testResult in $testResults.value)
+    {
+        $info = ConvertFrom-Json $testResult.comment
+        $helixJobId = $info.HelixJobId
+        $helixWorkItemName = $info.HelixWorkItemName
+
+        $workItem = "$helixJobId-$helixWorkItemName"
+
+        Write-Host "Helix Work Item = $workItem"
+
+        if (-not $workItems.Contains($workItem))
+        {
+            $workItems.Add($workItem)
+            $filesQueryUri = "https://helix.dot.net/api/2019-06-17/jobs/$helixJobId/workitems/$helixWorkItemName/files"
+            $filesQueryUri = Append-HelixAccessTokenToUrl $filesQueryUri $helixAccessToken
+            $files = Invoke-RestMethodWithRetries $filesQueryUri
+
+            $screenShots = $files | where { $_.Name.EndsWith(".jpg") }
+            $dumps = $files | where { $_.Name.EndsWith(".dmp") }
+            $pgcFiles = $files | where { $_.Name.EndsWith(".pgc") }
+            if ($screenShots.Count + $dumps.Count + $pgcFiles.Count -gt 0)
+            {
+                if(-Not $isTestRunNameShown)
+                {
+                    Out-File -FilePath $helixLinkFile -Append -InputObject "<h2>$($testRun.name)</h2>"
+                    $isTestRunNameShown = $true
+                }
+                Out-File -FilePath $helixLinkFile -Append -InputObject "<h3>$helixWorkItemName</h3>"
+                Generate-File-Links $screenShots "Screenshots"
+                Generate-File-Links $dumps "CrashDumps"
+                Generate-File-Links $pgcFiles "PGC files"
+                $misc = $files | where { ($screenShots -NotContains $_) -And ($dumps -NotContains $_) -And ($visualTreeVerificationFiles -NotContains $_) -And ($pgcFiles -NotContains $_) }
+                Generate-File-Links $misc "Misc"
+
+                foreach($pgcFile in $pgcFiles)
+                {
+                    $flavorPath = $testResult.automatedTestName.Split('.')[0]
+                    $archPath = $testResult.automatedTestName.Split('.')[1]
+                    $fileName = $pgcFile.Name
+                    $fullPath = "$OutputFolder\PGO\$flavorPath\$archPath"
+                    $destination = "$fullPath\$fileName"
+
+                    Write-Host "Copying $($pgcFile.Name) to $destination"
+
+                    if (-Not (Test-Path $fullPath))
+                    {
+                        New-Item $fullPath -ItemType Directory
+                    }
+
+                    $link = $pgcFile.Link
+
+                    Write-Host "Downloading $link to $destination"
+
+                    $link = Append-HelixAccessTokenToUrl $link $HelixAccessToken
+                    Download-FileWithRetries $link $destination
+                }
+            }
+        }
+    }
+}

build/Helix/RunTestsInHelix.proj

@@ -0,0 +1,20 @@
+<Project Sdk="Microsoft.DotNet.Helix.Sdk" DefaultTargets="Test">
+  <PropertyGroup>
+    <HelixSource>pr/terminal/$(BUILD_SOURCEBRANCH)/</HelixSource>
+    <EnableXUnitReporter>true</EnableXUnitReporter>
+    <EnableAzurePipelinesReporter>true</EnableAzurePipelinesReporter>
+    <FailOnMissionControlTestFailure>true</FailOnMissionControlTestFailure>
+    <HelixPreCommands>$(HelixPreCommands);set testnameprefix=$(Configuration).$(Platform);set testbuildplatform=$(Platform);set rerunPassesRequiredToAvoidFailure=$(rerunPassesRequiredToAvoidFailure)</HelixPreCommands>
+    <OutputPath>..\..\bin\$(Platform)\$(Configuration)\</OutputPath>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <HelixCorrelationPayload Include="..\..\HelixPayload\$(Configuration)\$(Platform)" />
+  </ItemGroup>
+  
+  <!-- These .proj files are generated by the build machine prior to running tests via GenerateTestProjFile.ps1. -->
+  <Import Project="$(ProjFilesPath)\$(Configuration)\$(Platform)\RunTestsInHelix-TerminalAppLocalTests.proj" Condition=" '$(TestSuite)'=='DevTestSuite' " />
+  <Import Project="$(ProjFilesPath)\$(Configuration)\$(Platform)\RunTestsInHelix-SettingsModelLocalTests.proj" Condition=" '$(TestSuite)'=='DevTestSuite' " />
+  <Import Project="$(ProjFilesPath)\$(Configuration)\$(Platform)\RunTestsInHelix-HostTestsUIA.proj" Condition=" '$(TestSuite)'=='DevTestSuite' " />
+  <Import Project="$(ProjFilesPath)\$(Configuration)\$(Platform)\RunTestsInHelix-WindowsTerminalUIATests.proj" Condition=" '$(TestSuite)'=='PgoInstrumentationSuite' " />
+</Project>

build/Helix/UpdateUnreliableTests.ps1

@@ -0,0 +1,136 @@
+[CmdLetBinding()]
+Param(
+    [Parameter(Mandatory = $true)] 
+    [int]$RerunPassesRequiredToAvoidFailure,
+
+    [string]$AccessToken = $env:SYSTEM_ACCESSTOKEN,
+    [string]$CollectionUri = $env:SYSTEM_COLLECTIONURI,
+    [string]$TeamProject = $env:SYSTEM_TEAMPROJECT,
+    [string]$BuildUri = $env:BUILD_BUILDURI
+)
+
+. "$PSScriptRoot/AzurePipelinesHelperScripts.ps1"
+
+
+$azureDevOpsRestApiHeaders = @{
+    "Accept"="application/json"
+    "Authorization"="Basic $([System.Convert]::ToBase64String([System.Text.ASCIIEncoding]::ASCII.GetBytes(":$AccessToken")))"
+}
+
+$queryUri = GetQueryTestRunsUri -CollectionUri $CollectionUri -TeamProject $TeamProject -BuildUri $BuildUri
+Write-Host "queryUri = $queryUri"
+
+# To account for unreliable tests, we'll iterate through all of the tests associated with this build, check to see any tests that were unreliable
+# (denoted by being marked as "skipped"), and if so, we'll instead mark those tests with a warning and enumerate all of the attempted runs
+# with their pass/fail states as well as any relevant error messages for failed attempts.
+$testRuns = Invoke-RestMethodWithRetries $queryUri -Headers $azureDevOpsRestApiHeaders
+
+$timesSeenByRunName = @{}
+      
+foreach ($testRun in $testRuns.value)
+{
+    $testRunResultsUri = "$($testRun.url)/results?api-version=5.0"
+        
+    Write-Host "Marking test run `"$($testRun.name)`" as in progress so we can change its results to account for unreliable tests."
+    Invoke-RestMethod "$($testRun.url)?api-version=5.0" -Method Patch -Body (ConvertTo-Json @{ "state" = "InProgress" }) -Headers $azureDevOpsRestApiHeaders -ContentType "application/json" | Out-Null
+
+    Write-Host "Retrieving test results..."
+    $testResults = Invoke-RestMethodWithRetries $testRunResultsUri -Headers $azureDevOpsRestApiHeaders
+        
+    foreach ($testResult in $testResults.value)
+    {
+        $testNeedsSubResultProcessing = $false
+        if ($testResult.outcome -eq "NotExecuted")
+        {
+            $testNeedsSubResultProcessing = $true
+        }
+        elseif($testResult.outcome -eq "Failed")
+        {
+            $testNeedsSubResultProcessing = $testResult.errorMessage -like "*_subresults.json*"
+        }
+
+        if ($testNeedsSubResultProcessing)
+        {
+            Write-Host "  Test $($testResult.testCaseTitle) was detected as unreliable. Updating..."
+            
+            # The errorMessage field contains a link to the JSON-encoded rerun result data.
+            $resultsJson = Download-StringWithRetries "Error results" $testResult.errorMessage
+            $rerunResults = ConvertFrom-Json $resultsJson
+            [System.Collections.Generic.List[System.Collections.Hashtable]]$rerunDataList = @()
+            $attemptCount = 0
+            $passCount = 0
+            $totalDuration = 0
+            
+            foreach ($rerun in $rerunResults.results)
+            {
+                $rerunData = @{
+                    "displayName" = "Attempt #$($attemptCount + 1) - $($testResult.testCaseTitle)";
+                    "durationInMs" = $rerun.duration;
+                    "outcome" = $rerun.outcome;
+                }
+
+                if ($rerun.outcome -eq "Passed")
+                {
+                    $passCount++
+                }
+                
+                if ($attemptCount -gt 0)
+                {
+                    $rerunData["sequenceId"] = $attemptCount
+                }
+
+                Write-Host "    Attempt #$($attemptCount + 1): $($rerun.outcome)"
+                
+                if ($rerun.outcome -ne "Passed")
+                {
+                    $screenshots = "$($rerunResults.blobPrefix)/$($rerun.screenshots -join @"
+$($rerunResults.blobSuffix)
+$($rerunResults.blobPrefix)
+"@)$($rerunResults.blobSuffix)"
+
+                    # We subtract 1 from the error index because we added 1 so we could use 0
+                    # as a default value not injected into the JSON in order to keep its size down.
+                    # We did this because there's a maximum size enforced for the errorMessage parameter
+                    # in the Azure DevOps REST API.
+                    $fullErrorMessage = @"
+Log: $($rerunResults.blobPrefix)/$($rerun.log)$($rerunResults.blobSuffix)
+
+Screenshots:
+$screenshots
+
+Error log:
+$($rerunResults.errors[$rerun.errorIndex - 1])
+"@
+
+                    $rerunData["errorMessage"] = $fullErrorMessage
+                }
+                
+                $attemptCount++
+                $totalDuration += $rerun.duration
+                $rerunDataList.Add($rerunData)
+            }
+
+            $overallOutcome = "Warning"
+            
+            if ($attemptCount -eq 2)
+            {
+                Write-Host "  Test $($testResult.testCaseTitle) passed on the immediate rerun, so we'll mark it as unreliable."
+            }
+            elseif ($passCount -gt $RerunPassesRequiredToAvoidFailure)
+            {
+                Write-Host "  Test $($testResult.testCaseTitle) passed on $passCount of $attemptCount attempts, which is greater than or equal to the $RerunPassesRequiredToAvoidFailure passes required to avoid being marked as failed. Marking as unreliable."
+            }
+            else
+            {
+                Write-Host "  Test $($testResult.testCaseTitle) passed on only $passCount of $attemptCount attempts, which is less than the $RerunPassesRequiredToAvoidFailure passes required to avoid being marked as failed. Marking as failed."
+                $overallOutcome = "Failed"
+            }
+            
+            $updateBody = ConvertTo-Json @(@{ "id" = $testResult.id; "outcome" = $overallOutcome; "errorMessage" = " "; "durationInMs" = $totalDuration; "subResults" = $rerunDataList; "resultGroupType" = "rerun" }) -Depth 5
+            Invoke-RestMethod -Uri $testRunResultsUri -Method Patch -Headers $azureDevOpsRestApiHeaders -Body $updateBody -ContentType "application/json" | Out-Null
+        }
+    }
+        
+    Write-Host "Finished updates. Re-marking test run `"$($testRun.name)`" as completed."
+    Invoke-RestMethod -Uri "$($testRun.url)?api-version=5.0" -Method Patch -Body (ConvertTo-Json @{ "state" = "Completed" }) -Headers $azureDevOpsRestApiHeaders -ContentType "application/json" | Out-Null
+}

build/Helix/global.json

@@ -0,0 +1,5 @@
+{
+  "msbuild-sdks": {
+    "Microsoft.DotNet.Helix.Sdk": "5.0.0-beta.20277.5"
+  }
+}

build/Helix/packages.config

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8"?>
+<packages>
+  <package id="MUXCustomBuildTasks" version="1.0.48" targetFramework="native" />
+  <package id="Microsoft.Internal.Windows.Terminal.TestContent" version="1.0.1" />
+  <package id="Microsoft.Taef" version="10.60.210621002" targetFramework="native" />
+  <package id="microsoft.windows.apps.test" version="1.0.181203002" targetFramework="native" />
+  <package id="runtime.win-x86.microsoft.netcore.app" version="2.1.0" targetFramework="native" />
+  <package id="runtime.win-x64.microsoft.netcore.app" version="2.1.0" targetFramework="native" />
+</packages>

build/Helix/readme.md

@@ -0,0 +1,32 @@
+This directory contains code and configuration files to run WinUI tests in Helix.
+
+Helix is a cloud hosted test execution environment which is accessed via the Arcade SDK.
+More details:
+* [Arcade](https://github.com/dotnet/arcade)
+* [Helix](https://github.com/dotnet/arcade/tree/master/src/Microsoft.DotNet.Helix/Sdk)
+
+WinUI tests are scheduled in Helix by the Azure DevOps Pipeline: [RunHelixTests.yml](../RunHelixTests.yml).
+
+The workflow is as follows:
+1. NuGet Restore is called on the packages.config in this directory. This downloads any runtime dependencies 
+that are needed to run tests.
+2. PrepareHelixPayload.ps1 is called. This copies the necessary files from various locations into a Helix 
+payload directory. This directory is what will get sent to the Helix machines.
+3. RunTestsInHelix.proj is executed. This proj has a dependency on 
+[Microsoft.DotNet.Helix.Sdk](https://github.com/dotnet/arcade/tree/master/src/Microsoft.DotNet.Helix/Sdk) 
+which it uses to publish the Helix payload directory and to schedule the Helix Work Items. The WinUI tests 
+are parallelized into multiple Helix Work Items.
+4. Each Helix Work Item calls [runtests.cmd](runtests.cmd) with a specific query to pass to 
+[TAEF](https://docs.microsoft.com/en-us/windows-hardware/drivers/taef/) which runs the tests.
+5. If a test is detected to have failed, we run it again, first once, then eight more times if it fails again.
+If it fails all ten times, we report the test as failed; otherwise, we report it as unreliable,
+which will show up as a warning, but which will not fail the build.  When a test is reported as unreliable,
+we include the results for each individual run via a JSON string in the original test's errorMessage field.
+6. TAEF produces logs in WTT format. Helix is able to process logs in XUnit format. We run 
+[ConvertWttLogToXUnit.ps1](ConvertWttLogToXUnit.ps1) to convert the logs into the necessary format.
+7. RunTestsInHelix.proj has EnableAzurePipelinesReporter set to true. This allows the XUnit formatted test 
+results to be reported back to the Azure DevOps Pipeline.
+8. We process unreliable tests once all tests have been reported by reading the JSON string from the
+errorMessage field and calling the Azure DevOps REST API to modify the unreliable tests to have sub-results
+added to the test and to mark the test as "warning", which will enable people to see exactly how the test
+failed in runs where it did.

build/Helix/runtests.cmd

@@ -0,0 +1,105 @@
+setlocal ENABLEDELAYEDEXPANSION
+
+echo %TIME%
+
+robocopy %HELIX_CORRELATION_PAYLOAD% . /s /NP > NUL
+
+echo %TIME%
+
+reg add HKLM\Software\Policies\Microsoft\Windows\Appx /v AllowAllTrustedApps /t REG_DWORD /d 1 /f
+
+rem enable dump collection for our test apps:
+rem note, this script is run from a 32-bit cmd, but we need to set the native reg-key
+FOR %%A IN (TestHostApp.exe,te.exe,te.processhost.exe,conhost.exe,OpenConsole.exe,WindowsTerminal.exe) DO (
+  %systemroot%\sysnative\cmd.exe /c reg add "HKLM\Software\Microsoft\Windows\Windows Error Reporting\LocalDumps\%%A" /v DumpFolder /t REG_EXPAND_SZ /d %HELIX_DUMP_FOLDER% /f
+  %systemroot%\sysnative\cmd.exe /c reg add "HKLM\Software\Microsoft\Windows\Windows Error Reporting\LocalDumps\%%A" /v DumpType /t REG_DWORD /d 2 /f
+  %systemroot%\sysnative\cmd.exe /c reg add "HKLM\Software\Microsoft\Windows\Windows Error Reporting\LocalDumps\%%A" /v DumpCount /t REG_DWORD /d 10 /f
+)
+
+echo %TIME%
+
+:: kill dhandler, which is a tool designed to handle unexpected windows appearing. But since our tests are
+:: expected to show UI we don't want it running.
+taskkill -f -im dhandler.exe
+
+echo %TIME%
+powershell -ExecutionPolicy Bypass .\EnsureMachineState.ps1
+echo %TIME%
+powershell -ExecutionPolicy Bypass .\InstallTestAppDependencies.ps1
+echo %TIME%
+
+set testBinaryCandidates=TerminalApp.LocalTests.dll SettingsModel.LocalTests.dll Conhost.UIA.Tests.dll WindowsTerminal.UIA.Tests.dll
+set testBinaries=
+for %%B in (%testBinaryCandidates%) do (
+    if exist %%B (
+        set "testBinaries=!testBinaries! %%B"
+    )
+)
+
+echo %TIME%
+te.exe %testBinaries% /enablewttlogging /unicodeOutput:false /sessionTimeout:0:15 /testtimeout:0:10 /screenCaptureOnError %*
+echo %TIME%
+
+powershell -ExecutionPolicy Bypass Get-Process
+
+move te.wtl te_original.wtl
+
+copy /y te_original.wtl %HELIX_WORKITEM_UPLOAD_ROOT%
+copy /y WexLogFileOutput\*.jpg %HELIX_WORKITEM_UPLOAD_ROOT%
+copy /y *.pgc %HELIX_WORKITEM_UPLOAD_ROOT%
+
+set FailedTestQuery=
+for /F "tokens=* usebackq" %%I IN (`powershell -ExecutionPolicy Bypass .\OutputFailedTestQuery.ps1 te_original.wtl`) DO (
+  set FailedTestQuery=%%I
+)
+
+rem The first time, we'll just re-run failed tests once.  In many cases, tests fail very rarely, such that
+rem a single re-run will be sufficient to detect many unreliable tests.
+if "%FailedTestQuery%" == "" goto :SkipReruns
+
+echo %TIME%
+te.exe %testBinaries% /enablewttlogging /unicodeOutput:false /sessionTimeout:0:15 /testtimeout:0:10 /screenCaptureOnError /select:"%FailedTestQuery%"
+echo %TIME%
+
+move te.wtl te_rerun.wtl
+
+copy /y te_rerun.wtl %HELIX_WORKITEM_UPLOAD_ROOT%
+copy /y WexLogFileOutput\*.jpg %HELIX_WORKITEM_UPLOAD_ROOT%
+
+rem If there are still failing tests remaining, we'll run them eight more times, so they'll have been run a total of ten times.
+rem If any tests fail all ten times, we can be pretty confident that these are actual test failures rather than unreliable tests.
+if not exist te_rerun.wtl goto :SkipReruns
+
+set FailedTestQuery=
+for /F "tokens=* usebackq" %%I IN (`powershell -ExecutionPolicy Bypass .\OutputFailedTestQuery.ps1 te_rerun.wtl`) DO (
+  set FailedTestQuery=%%I
+)
+
+if "%FailedTestQuery%" == "" goto :SkipReruns
+
+echo %TIME%
+te.exe %testBinaries% /enablewttlogging /unicodeOutput:false /sessionTimeout:0:15 /testtimeout:0:10 /screenCaptureOnError /testmode:Loop /LoopTest:8 /select:"%FailedTestQuery%"
+echo %TIME%
+
+powershell -ExecutionPolicy Bypass Get-Process
+
+move te.wtl te_rerun_multiple.wtl
+
+copy /y te_rerun_multiple.wtl %HELIX_WORKITEM_UPLOAD_ROOT%
+copy /y WexLogFileOutput\*.jpg %HELIX_WORKITEM_UPLOAD_ROOT%
+powershell -ExecutionPolicy Bypass .\CopyVisualTreeVerificationFiles.ps1
+
+:SkipReruns
+
+powershell -ExecutionPolicy Bypass Get-Process
+
+echo %TIME%
+powershell -ExecutionPolicy Bypass .\OutputSubResultsJsonFiles.ps1 te_original.wtl te_rerun.wtl te_rerun_multiple.wtl %testnameprefix%
+powershell -ExecutionPolicy Bypass .\ConvertWttLogToXUnit.ps1 te_original.wtl te_rerun.wtl te_rerun_multiple.wtl testResults.xml %testnameprefix%
+echo %TIME%
+
+copy /y *_subresults.json %HELIX_WORKITEM_UPLOAD_ROOT%
+
+type testResults.xml
+
+echo %TIME%

build/config/ESRPSigning_ConPTY.json

@@ -0,0 +1,51 @@
+{
+    "Version": "1.0.0",
+    "UseMinimatch": false,
+    "SignBatches": [
+        {
+            "MatchedPath": [
+                "conpty.dll",
+                "OpenConsole.exe"
+            ],
+            "SigningInfo": {
+                "Operations": [
+                    {
+                        "KeyCode": "CP-230012",
+                        "OperationSetCode": "SigntoolSign",
+                        "Parameters": [
+                            {
+                                "parameterName": "OpusName",
+                                "parameterValue": "Microsoft"
+                            },
+                            {
+                                "parameterName": "OpusInfo",
+                                "parameterValue": "http://www.microsoft.com"
+                            },
+                            {
+                                "parameterName": "FileDigest",
+                                "parameterValue": "/fd \"SHA256\""
+                            },
+                            {
+                                "parameterName": "PageHash",
+                                "parameterValue": "/NPH"
+                            },
+                            {
+                                "parameterName": "TimeStamp",
+                                "parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
+                            }
+                        ],
+                        "ToolName": "sign",
+                        "ToolVersion": "1.0"
+                    },
+                    {
+                        "KeyCode": "CP-230012",
+                        "OperationSetCode": "SigntoolVerify",
+                        "Parameters": [],
+                        "ToolName": "sign",
+                        "ToolVersion": "1.0"
+                    }
+                ]
+            }
+        }
+    ]
+}

build/config/esrp.build.batch.conpty.json

@@ -1,47 +0,0 @@
-[
-    {
-        "MatchedPath": [
-            "conpty.dll",
-            "OpenConsole.exe"
-        ],
-        "SigningInfo": {
-            "Operations": [
-                {
-                    "KeyCode": "CP-230012",
-                    "OperationSetCode": "SigntoolSign",
-                    "Parameters": [
-                        {
-                            "parameterName": "OpusName",
-                            "parameterValue": "Microsoft"
-                        },
-                        {
-                            "parameterName": "OpusInfo",
-                            "parameterValue": "http://www.microsoft.com"
-                        },
-                        {
-                            "parameterName": "FileDigest",
-                            "parameterValue": "/fd \"SHA256\""
-                        },
-                        {
-                            "parameterName": "PageHash",
-                            "parameterValue": "/NPH"
-                        },
-                        {
-                            "parameterName": "TimeStamp",
-                            "parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
-                        }
-                    ],
-                    "ToolName": "sign",
-                    "ToolVersion": "1.0"
-                },
-                {
-                    "KeyCode": "CP-230012",
-                    "OperationSetCode": "SigntoolVerify",
-                    "Parameters": [],
-                    "ToolName": "sign",
-                    "ToolVersion": "1.0"
-                }
-            ]
-        }
-    }
-]

build/config/esrp.build.batch.terminal_constituents.json

@@ -1,65 +0,0 @@
-[
-    {
-        "MatchedPath": [
-            // Namespaced DLLs
-            "PackageContents/Microsoft.Terminal.*.dll",
-            "PackageContents/Microsoft.Terminal.*.winmd",
-
-            // ConPTY and DefTerm
-            "PackageContents/OpenConsole.exe",
-            "PackageContents/OpenConsoleProxy.dll",
-
-            // Legacy DLLs with old names
-            "PackageContents/TerminalApp.dll",
-            "PackageContents/TerminalApp.winmd",
-            "PackageContents/TerminalConnection.dll",
-            "PackageContents/TerminalThemeHelpers.dll",
-            "PackageContents/WindowsTerminalShellExt.dll",
-
-            // The rest
-            "PackageContents/TerminalAzBridge.exe",
-            "PackageContents/wt.exe",
-            "PackageContents/WindowsTerminal.exe",
-            "PackageContents/elevate-shim.exe"
-        ],
-        "SigningInfo": {
-            "Operations": [
-                {
-                    "KeyCode": "CP-230012",
-                    "OperationSetCode": "SigntoolSign",
-                    "Parameters": [
-                        {
-                            "parameterName": "OpusName",
-                            "parameterValue": "Microsoft"
-                        },
-                        {
-                            "parameterName": "OpusInfo",
-                            "parameterValue": "http://www.microsoft.com"
-                        },
-                        {
-                            "parameterName": "FileDigest",
-                            "parameterValue": "/fd \"SHA256\""
-                        },
-                        {
-                            "parameterName": "PageHash",
-                            "parameterValue": "/NPH"
-                        },
-                        {
-                            "parameterName": "TimeStamp",
-                            "parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
-                        }
-                    ],
-                    "ToolName": "sign",
-                    "ToolVersion": "1.0"
-                },
-                {
-                    "KeyCode": "CP-230012",
-                    "OperationSetCode": "SigntoolVerify",
-                    "Parameters": [],
-                    "ToolName": "sign",
-                    "ToolVersion": "1.0"
-                }
-            ]
-        }
-    }
-]

build/config/esrp.build.batch.wpf.json

@@ -1,46 +0,0 @@
-[
-    {
-        "MatchedPath": [
-            "Microsoft.Terminal.Control/Microsoft.Terminal.Control.dll"
-        ],
-        "SigningInfo": {
-            "Operations": [
-                {
-                    "KeyCode": "CP-230012",
-                    "OperationSetCode": "SigntoolSign",
-                    "Parameters": [
-                        {
-                            "parameterName": "OpusName",
-                            "parameterValue": "Microsoft"
-                        },
-                        {
-                            "parameterName": "OpusInfo",
-                            "parameterValue": "http://www.microsoft.com"
-                        },
-                        {
-                            "parameterName": "FileDigest",
-                            "parameterValue": "/fd \"SHA256\""
-                        },
-                        {
-                            "parameterName": "PageHash",
-                            "parameterValue": "/NPH"
-                        },
-                        {
-                            "parameterName": "TimeStamp",
-                            "parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
-                        }
-                    ],
-                    "ToolName": "sign",
-                    "ToolVersion": "1.0"
-                },
-                {
-                    "KeyCode": "CP-230012",
-                    "OperationSetCode": "SigntoolVerify",
-                    "Parameters": [],
-                    "ToolName": "sign",
-                    "ToolVersion": "1.0"
-                }
-            ]
-        }
-    }
-]

build/config/esrp.build.batch.wpfdotnet.json

@@ -1,47 +0,0 @@
-[
-    {
-        "MatchedPath": [
-            "WpfTerminalControl/net472/Microsoft.Terminal.Wpf.dll",
-            "WpfTerminalControl/net6.0-windows/Microsoft.Terminal.Wpf.dll"
-        ],
-        "SigningInfo": {
-            "Operations": [
-                {
-                    "KeyCode": "CP-230012",
-                    "OperationSetCode": "SigntoolSign",
-                    "Parameters": [
-                        {
-                            "parameterName": "OpusName",
-                            "parameterValue": "Microsoft"
-                        },
-                        {
-                            "parameterName": "OpusInfo",
-                            "parameterValue": "http://www.microsoft.com"
-                        },
-                        {
-                            "parameterName": "FileDigest",
-                            "parameterValue": "/fd \"SHA256\""
-                        },
-                        {
-                            "parameterName": "PageHash",
-                            "parameterValue": "/NPH"
-                        },
-                        {
-                            "parameterName": "TimeStamp",
-                            "parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
-                        }
-                    ],
-                    "ToolName": "sign",
-                    "ToolVersion": "1.0"
-                },
-                {
-                    "KeyCode": "CP-230012",
-                    "OperationSetCode": "SigntoolVerify",
-                    "Parameters": [],
-                    "ToolName": "sign",
-                    "ToolVersion": "1.0"
-                }
-            ]
-        }
-    }
-]

build/config/template.appinstaller

@@ -1,38 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<AppInstaller
-  xmlns="http://schemas.microsoft.com/appx/appinstaller/2017/2"
-  Version="1.0.0.0"
-  Uri="$$ROOT$$$$NAME$$.appinstaller">
-
-  <MainBundle
-    Name="$$NAME$$"
-    Publisher="CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US"
-    Version="$$VERSION$$"
-    Uri="$$ROOT$$$$PACKAGE$$" />
-
-  <Dependencies>
-    <Package
-      Name="Microsoft.UI.Xaml.2.8"
-      Publisher="CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US"
-      Version="8.2305.5001.0"
-      ProcessorArchitecture="x64"
-      Uri="https://github.com/microsoft/microsoft-ui-xaml/releases/download/v2.8.4/Microsoft.UI.Xaml.2.8.x64.appx" />
-    <Package
-      Name="Microsoft.UI.Xaml.2.8"
-      Publisher="CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US"
-      Version="8.2305.5001.0"
-      ProcessorArchitecture="x86"
-      Uri="https://github.com/microsoft/microsoft-ui-xaml/releases/download/v2.8.4/Microsoft.UI.Xaml.2.8.x86.appx" />
-    <Package
-      Name="Microsoft.UI.Xaml.2.8"
-      Publisher="CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US"
-      Version="8.2305.5001.0"
-      ProcessorArchitecture="arm64"
-      Uri="https://github.com/microsoft/microsoft-ui-xaml/releases/download/v2.8.4/Microsoft.UI.Xaml.2.8.arm64.appx" />
-  </Dependencies>
-
-  <UpdateSettings>
-    <OnLaunch
-      HoursBetweenUpdateChecks="6" />
-  </UpdateSettings>
-</AppInstaller>

build/config/tsa.json

@@ -1,6 +0,0 @@
-{
-    "instanceUrl": "https://microsoft.visualstudio.com",
-    "projectName": "OS",
-    "areaPath": "OS\\Windows Client and Services\\ADEPT\\E4D-Engineered for Developers\\SHINE\\Terminal",
-    "notificationAliases": ["condev@microsoft.com", "duhowett@microsoft.com"]
-}

build/packages.config

@@ -3,6 +3,8 @@
   <package id="MUXCustomBuildTasks" version="1.0.48" targetFramework="native" />
   <package id="Microsoft.Taef" version="10.60.210621002" targetFramework="native" />
   <package id="Microsoft.Internal.PGO-Helpers.Cpp" version="0.2.34" targetFramework="native" />
+  <!-- This cannot be included in another project that depends on XAML (as it would be a duplicate package ID) -->
+  <package id="Microsoft.UI.Xaml" version="2.7.3" targetFramework="native" />
   <package id="Microsoft.Debugging.Tools.PdbStr" version="20220617.1556.0" targetFramework="native" />
   <package id="Microsoft.Debugging.Tools.SrcTool" version="20220617.1556.0" targetFramework="native" />
 </packages>

build/pgo/PGO.DB.proj

@@ -1,5 +1,4 @@
 <Project xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <Import Project="Terminal.PGO.props" />
-  <Import Project="$(PkgMicrosoft_PGO_Helpers_Cpp)\build\Microsoft.PGO-Helpers.Cpp.props" />
   <Import Project="$(PkgMicrosoft_PGO_Helpers_Cpp)\build\Microsoft.PGO-Helpers.Cpp.targets" />
-</Project>
+</Project>

build/pgo/Terminal.PGO.DB.nuspec

@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="utf-8"?>
+<?xml version="1.0"?>
 <package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd">
   <metadata>
     <id>Microsoft.Internal.Windows.Terminal.PGODatabase</id>
@@ -12,6 +12,5 @@
   <files>
     <!-- The target directories for pgd files need to remain as is.  PGO optimization pass will rely on this exact directory layout. -->
     <file src="x64\*.pgd" target="tools\x64"/>
-    <file src="arm64\*.pgd" target="tools\arm64"/>
   </files>
 </package>

build/pgo/Terminal.PGO.props

@@ -9,21 +9,21 @@
 
   <PropertyGroup>
     <!-- Optional, defaults to main.  Name of the branch which will be used for calculating branch point. -->
-    <PGOBranch>main</PGOBranch>
+    <PGOBranch>release-1.15</PGOBranch>
 
     <!-- Mandatory.  Name of the NuGet package which will contain PGO databases for consumption by build system. -->
     <PGOPackageName>Microsoft.Internal.Windows.Terminal.PGODatabase</PGOPackageName>
 
-    <!-- Mandatory.  Major version number of the PGO database which should match the version of the product.  This can be hard-coded or obtained from other sources in build system. -->
+    <!-- Mandatory.  Major version number of the PGO database which should match the version of the product.  This can be hardcoded or obtained from other sources in build system. -->
     <PGOPackageVersionMajor>$(VersionMajor)</PGOPackageVersionMajor>
 
-    <!-- Mandatory.  Minor version number of the PGO database which should match the version of the product.  This can be hard-coded or obtained from other sources in build system. -->
+    <!-- Mandatory.  Minor version number of the PGO database which should match the version of the product.  This can be hardcoded or obtained from other sources in build system. -->
     <PGOPackageVersionMinor>$(VersionMinor)</PGOPackageVersionMinor>
 
-    <!-- Mandatory, defaults to 0.  Patch version number of the PGO database which should match the version of the product.  This can be hard-coded or obtained from other sources in build system. -->
+    <!-- Mandatory, defaults to 0.  Patch version number of the PGO database which should match the version of the product.  This can be hardcoded or obtained from other sources in build system. -->
     <PGOPackageVersionPatch>0</PGOPackageVersionPatch>
     
-    <!-- Optional, defaults to empty.  Prerelease version number of the PGO database which should match the version of the product.  This can be hard-coded or obtained from other sources in build system. -->
+    <!-- Optional, defaults to empty.  Prerelease version number of the PGO database which should match the version of the product.  This can be hardcoded or obtained from other sources in build system. -->
     <PGOPackageVersionPrerelease></PGOPackageVersionPrerelease>
 
     <!-- Mandatory.  Path to nuget.config file for the project.  Path is relative to where the props file will be. -->
@@ -46,5 +46,6 @@
     <PGOCopyRuntime Condition="'$(PGOBuildMode)' == 'Instrument'">true</PGOCopyRuntime>
   </PropertyGroup>
 
-  <!-- Do not import PGO-Helpers props here, as it is too early to detect the C++ tools directory -->
+  <!-- Import PGO-Helpers -->
+  <Import Project="$(PkgMicrosoft_PGO_Helpers_Cpp)\build\Microsoft.PGO-Helpers.Cpp.props" />
 </Project>

build/pipelines/ci.yml

@@ -29,80 +29,76 @@ variables:
 #     0.0.1904.0900
 name: 0.0.$(Date:yyMM).$(Date:dd)$(Rev:rr)
 
-parameters:
-  - name: auditMode
-    displayName: "Build in Audit Mode (x64)"
-    type: boolean
-    default: true
-  - name: runTests
-    displayName: "Run Tests"
-    type: boolean
-    default: true
-  - name: buildPlatforms
-    type: object
-    default:
-      - x64
-      - x86
-      - arm64
-
 stages:
-  - ${{ if eq(parameters.auditMode, true) }}:
-    - stage: Audit_x64
-      displayName: Audit Mode
-      dependsOn: []
-      jobs:
-        - template: ./templates-v2/job-build-project.yml
-          parameters:
-            pool:
-              ${{ if eq(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
-                name: SHINE-OSS-L
-              ${{ if ne(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
-                name: SHINE-INT-L
-            buildPlatforms: [x64]
-            buildConfigurations: [AuditMode]
-            buildEverything: true
-            keepAllExpensiveBuildOutputs: false
+  - stage: Audit_x64
+    displayName: Audit Mode
+    dependsOn: []
+    condition: succeeded()
+    jobs:
+      - template: ./templates/build-console-audit-job.yml
+        parameters:
+          platform: x64
 
-  - stage: CodeHealth
-    displayName: Code Health
+  - stage: Build_x64
+    displayName: Build x64
+    dependsOn: []
+    condition: succeeded()
+    jobs:
+      - template: ./templates/build-console-ci.yml
+        parameters:
+          platform: x64
+  - stage: Build_x86
+    displayName: Build x86
     dependsOn: []
     jobs:
-      - template: ./templates-v2/job-check-code-format.yml
+      - template: ./templates/build-console-ci.yml
+        parameters:
+          platform: x86
+  - stage: Build_ARM64
+    displayName: Build ARM64
+    dependsOn: []
+    condition: not(eq(variables['Build.Reason'], 'PullRequest'))
+    jobs:
+      - template: ./templates/build-console-ci.yml
+        parameters:
+          platform: ARM64
 
-  - ${{ each platform in parameters.buildPlatforms }}:
-    - stage: Build_${{ platform }}
-      displayName: Build ${{ platform }}
-      dependsOn: []
-      jobs:
-        - template: ./templates-v2/job-build-project.yml
-          parameters:
-            pool:
-              ${{ if eq(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
-                name: SHINE-OSS-L
-              ${{ if ne(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
-                name: SHINE-INT-L
-            buildPlatforms:
-              - ${{ platform }}
-            buildConfigurations: [Release]
-            buildEverything: true
-            keepAllExpensiveBuildOutputs: false
+  - stage: Test_x64
+    displayName: Test x64
+    dependsOn: [Build_x64]
+    condition: succeeded()
+    jobs:
+      - template: ./templates/test-console-ci.yml
+        parameters:
+          platform: x64
+  - stage: Test_x86
+    displayName: Test x86
+    dependsOn: [Build_x86]
+    jobs:
+      - template: ./templates/test-console-ci.yml
+        parameters:
+          platform: x86
 
-    - ${{ if eq(parameters.runTests, true) }}:
-      - stage: Test_${{ platform }}
-        displayName: Test ${{ platform }}
-        dependsOn:
-          - Build_${{ platform }}
-        condition: succeeded()
-        jobs:
-          - template: ./templates-v2/job-test-project.yml
-            parameters:
-              platform: ${{ platform }}
-              # The tests might be run more than once; log one artifact per attempt.
-              outputArtifactStem: -$(System.JobAttempt)
+  - stage: Helix_x64
+    displayName: Helix x64
+    dependsOn: [Build_x64]
+    condition: and(succeeded(), not(eq(variables['Build.Reason'], 'PullRequest')))
+    jobs:
+      - template: ./templates/console-ci-helix-job.yml
+        parameters:
+          platform: x64
 
-  - ${{ if ne(variables['Build.Reason'], 'PullRequest') }}:
-    - stage: CodeIndexer
-      displayName: GitHub CodeNav Indexer
-      dependsOn: []
-      jobs:
-        - template: ./templates-v2/job-index-github-codenav.yml
+  - stage: Scripts
+    displayName: Code Health Scripts
+    dependsOn: []
+    condition: succeeded()
+    jobs:
+      - template: ./templates/check-formatting.yml
+
+
+  - stage: CodeIndexer
+    displayName: Github CodeNav Indexer
+    dependsOn: [Build_x64]
+    condition: and(succeeded(), not(eq(variables['Build.Reason'], 'PullRequest')))
+    jobs:
+      - template: ./templates/codenav-indexer.yml

build/pipelines/daily-loc-submission.yml

@@ -1,63 +0,0 @@
-trigger: none
-pr: none
-schedules:
-  - cron: "0 3 * * 2-6" # Run at 03:00 UTC Tuesday through Saturday (After the work day in Pacific, Mon-Fri)
-    displayName: "Nightly Localization Build"
-    branches:
-      include:
-        - main
-    always: false # only run if there's code changes!
-
-pool:
-  vmImage: windows-2019
-
-resources:
-  repositories:
-  - repository: self
-    type: git
-    ref: main
-  - repository: internal
-    type: git
-    name: Terminal.Internal
-    ref: main
-
-steps:
-
-- checkout: self
-  clean: true
-  submodules: false
-  fetchDepth: 1 # Don't need a deep checkout for loc files!
-  fetchTags: false # Tags still result in depth > 1 fetch; we don't need them here
-  persistCredentials: true
-  path: s # Adding a second repo made Azure DevOps change where we're checked out.
-
-- checkout: internal
-  clean: true
-  submodules: false
-  fetchDepth: 1
-  persistCredentials: true
-  path: s/Terminal.Internal
-
-- task: MicrosoftTDBuild.tdbuild-task.tdbuild-task.TouchdownBuildTask@1
-  displayName: 'Touchdown Build - 7105, PRODEXT'
-  inputs:
-    teamId: 7105
-    authId: '$(TouchdownApplicationID)'
-    authKey: '$(TouchdownApplicationKey)'
-    resourceFilePath: |
-     **\en-US\*.resw
-     Terminal.Internal\PDPs\Stable\PDPs\en-us\PDP.xml
-     Terminal.Internal\PDPs\Preview\PDPs\en-us\PDP.xml
-    outputDirectoryRoot: LocOutput
-    appendRelativeDir: true
-    pseudoSetting: Included
-
-# Saving one of these makes it really easy to inspect the loc output...
-- powershell: 'tar czf LocOutput.tar.gz LocOutput'
-  displayName: 'Archive Loc Output for Submission'
-
-- task: PublishBuildArtifacts@1
-  displayName: 'Publish Artifact: LocOutput'
-  inputs:
-    PathtoPublish: LocOutput.tar.gz
-    ArtifactName: LocOutput

build/pipelines/feature-flag-ci.yml

@@ -7,7 +7,6 @@ pr:
   paths:
     include:
       - src/features.xml
-      - build/pipelines/feature-flag-ci.yml
 
 variables:
   - name: runCodesignValidationInjectionBG
@@ -22,19 +21,9 @@ parameters:
       # Dev is built automatically
       # WindowsInbox does not typically build with VS.
 
-stages:
+jobs:
   - ${{ each branding in parameters.buildBrandings }}:
-    - stage: Build_${{ branding }}
-      dependsOn: []
-      displayName: Build ${{ branding }}
-      jobs:
-        - template: ./templates-v2/job-build-project.yml
-          parameters:
-            pool: # This only runs in CI
-                name: SHINE-OSS-L
-            buildPlatforms: [x64]
-            buildConfigurations: [Release]
-            buildEverything: true
-            branding: ${{ branding }}
-            keepAllExpensiveBuildOutputs: false
-            artifactStem: -${{ branding }} # Disambiguate artifacts with the same config/platform
+    - template: ./templates/build-console-ci.yml
+      parameters:
+        platform: x64
+        branding: ${{ branding }}

build/pipelines/fuzz.yml

@@ -16,52 +16,44 @@ pr: none
 name: 0.0.$(Date:yyMM).$(Date:dd)$(Rev:rr)
 
 stages:
-  - stage: Build
-    displayName: Fuzzing Build
+  - stage: Build_Fuzz_Config
+    displayName: Build Fuzzers
     dependsOn: []
     condition: succeeded()
     jobs:
-      - template: ./templates-v2/job-build-project.yml
-        parameters:
-          pool:
-            ${{ if eq(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
-              name: SHINE-OSS-L
-            ${{ if ne(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
-              name: SHINE-INT-L
-          buildPlatforms: [x64]
-          buildConfigurations: [Fuzzing]
-          buildEverything: true
-          keepAllExpensiveBuildOutputs: false
-
-  - stage: Submit
-    displayName: Submit to OneFuzz
-    dependsOn: [Build]
+    - template: ./templates/build-console-fuzzing.yml
+      parameters:
+        platform: x64
+  - stage: OneFuzz
+    displayName: Submit OneFuzz Job
+    dependsOn: ['Build_Fuzz_Config']
     condition: succeeded()
+    pool:
+      vmImage: 'ubuntu-latest'
+    variables:
+      artifactName: fuzzingBuildOutput
     jobs:
-      - job:
-        pool:
-          vmImage: 'ubuntu-latest'
-        steps:
-        - task: DownloadPipelineArtifact@2
-          displayName: Download artifacts
-          inputs:
-            artifactName: build-x64-Fuzzing
-            downloadPath: $(Build.ArtifactStagingDirectory)
-        - task: UsePythonVersion@0
-          inputs:
-            versionSpec: '3.x'
-            addToPath: true
-            architecture: 'x64'
-        - bash: |
-            set -ex
-            pip -q install onefuzz
-            onefuzz config --endpoint $(endpoint) --client_id $(client_id) --authority $(authority) --tenant_domain $(tenant_domain) --client_secret $(client_secret)
-            sed -i s/INSERT_PAT_HERE/$(ado_pat)/ build/Fuzz/notifications-ado.json
-            sed -i s/INSERT_ASSIGNED_HERE/$(ado_assigned_to)/ build/Fuzz/notifications-ado.json
-          displayName: Configure OneFuzz
-        - bash: |
-            onefuzz template libfuzzer basic --colocate_all_tasks --vm_count 1 --target_exe $target_exe_path --notification_config @./build/Fuzz/notifications-ado.json OpenConsole $test_name $(Build.SourceVersion) default
-          displayName: Submit OneFuzz Job
-          env:
-            target_exe_path: $(Build.ArtifactStagingDirectory)/OpenConsoleFuzzer.exe
-            test_name: WriteCharsLegacy
+    - job:
+      steps:
+      - task: DownloadBuildArtifacts@0
+        inputs:
+          artifactName: $(artifactName)
+          downloadPath: $(Build.ArtifactStagingDirectory)
+      - task: UsePythonVersion@0
+        inputs:
+          versionSpec: '3.x'
+          addToPath: true
+          architecture: 'x64'
+      - bash: |
+          set -ex
+          pip -q install onefuzz
+          onefuzz config --endpoint $(endpoint) --client_id $(client_id) --authority $(authority) --tenant_domain $(tenant_domain) --client_secret $(client_secret)
+          sed -i s/INSERT_PAT_HERE/$(ado_pat)/ build/Fuzz/notifications-ado.json
+          sed -i s/INSERT_ASSIGNED_HERE/$(ado_assigned_to)/ build/Fuzz/notifications-ado.json
+        displayName: Configure OneFuzz
+      - bash: |
+          onefuzz template libfuzzer basic --colocate_all_tasks --vm_count 1 --target_exe $target_exe_path --notification_config @./build/Fuzz/notifications-ado.json OpenConsole $test_name $(Build.SourceVersion) default
+        displayName: Submit OneFuzz Job
+        env:
+          target_exe_path: $(Build.ArtifactStagingDirectory)/$(artifactName)/Fuzzing/x64/test/OpenConsoleFuzzer.exe
+          test_name: WriteCharsLegacy

build/pipelines/ob-nightly.yml

@@ -1,53 +0,0 @@
-trigger: none
-pr: none
-schedules:
-  - cron: "30 3 * * 2-6" # Run at 03:30 UTC Tuesday through Saturday (After the work day in Pacific, Mon-Fri)
-    displayName: "Nightly Terminal Build"
-    branches:
-      include:
-        - main
-    always: false # only run if there's code changes!
-
-parameters:
-  - name: publishToAzure
-    displayName: "Deploy to **PUBLIC** Azure Storage"
-    type: boolean
-    default: true
-
-name: $(BuildDefinitionName)_$(date:yyMM).$(date:dd)$(rev:rrr)
-
-variables:
-  - template: templates-v2/variables-nuget-package-version.yml
-    parameters:
-      branding: Canary
-  - template: templates-v2/variables-onebranch-config.yml
-
-extends:
-  template: templates-v2/pipeline-onebranch-full-release-build.yml
-  parameters:
-    official: true
-    branding: Canary
-    buildTerminal: true
-    pgoBuildMode: Optimize
-    codeSign: true
-    publishSymbolsToPublic: true
-    publishVpackToWindows: false
-    symbolExpiryTime: 15
-    ${{ if eq(true, parameters.publishToAzure) }}:
-      extraPublishJobs:
-        - template: build/pipelines/templates-v2/job-deploy-to-azure-storage.yml@self
-          parameters:
-            pool: { type: windows }
-            variables:
-              ob_git_checkout: false # This job checks itself out
-              ob_git_skip_checkout_none: true
-              ob_outputDirectory: "$(Build.SourcesDirectory)/_none"
-            dependsOn: [PublishSymbols]
-            storagePublicRootURL: $(AppInstallerRootURL)
-            subscription: $(AzureSubscriptionName)
-            storageAccount: $(AzureStorageAccount)
-            storageContainer: $(AzureStorageContainer)
-            buildConfiguration: Release
-            buildPlatforms: [x64, x86, arm64]
-            environment: production-canary
-

build/pipelines/ob-release.yml

@@ -1,83 +0,0 @@
-trigger: none
-pr: none
-
-# Expose all of these parameters for user configuration.
-parameters:
-  - name: branding
-    displayName: "Branding (Build Type)"
-    type: string
-    default: Release
-    values:
-      - Release
-      - Preview
-      - Canary
-      - Dev
-  - name: buildTerminal
-    displayName: "Build Windows Terminal MSIX"
-    type: boolean
-    default: true
-  - name: buildConPTY
-    displayName: "Build ConPTY NuGet"
-    type: boolean
-    default: false
-  - name: buildWPF
-    displayName: "Build Terminal WPF Control"
-    type: boolean
-    default: false
-  - name: pgoBuildMode
-    displayName: "PGO Build Mode"
-    type: string
-    default: Optimize
-    values:
-      - Optimize
-      - Instrument
-      - None
-  - name: buildConfigurations
-    displayName: "Build Configurations"
-    type: object
-    default:
-      - Release
-  - name: buildPlatforms
-    displayName: "Build Platforms"
-    type: object
-    default:
-      - x64
-      - x86
-      - arm64
-  - name: terminalInternalPackageVersion
-    displayName: "Terminal Internal Package Version"
-    type: string
-    default: '0.0.8'
-
-  - name: publishSymbolsToPublic
-    displayName: "Publish Symbols to MSDL"
-    type: boolean
-    default: true
-  - name: publishVpackToWindows
-    displayName: "Publish VPack to Windows"
-    type: boolean
-    default: false
-
-name: $(BuildDefinitionName)_$(date:yyMM).$(date:dd)$(rev:rrr)
-
-variables:
-  - template: templates-v2/variables-nuget-package-version.yml
-    parameters:
-      branding: ${{ parameters.branding }}
-  - template: templates-v2/variables-onebranch-config.yml
-
-extends:
-  template: templates-v2/pipeline-onebranch-full-release-build.yml
-  parameters:
-    official: true
-    branding: ${{ parameters.branding }}
-    buildTerminal: ${{ parameters.buildTerminal }}
-    buildConPTY: ${{ parameters.buildConPTY }}
-    buildWPF: ${{ parameters.buildWPF }}
-    pgoBuildMode: ${{ parameters.pgoBuildMode }}
-    buildConfigurations: ${{ parameters.buildConfigurations }}
-    buildPlatforms: ${{ parameters.buildPlatforms }}
-    codeSign: true
-    terminalInternalPackageVersion: ${{ parameters.terminalInternalPackageVersion }}
-    publishSymbolsToPublic: ${{ parameters.publishSymbolsToPublic }}
-    publishVpackToWindows: ${{ parameters.publishVpackToWindows }}

build/pipelines/pgo.yml

@@ -1,27 +1,5 @@
 trigger: none
 pr: none
-schedules:
-  - cron: "0 5 * * 2-6" # Run at 05:00 UTC Tuesday through Saturday (Even later than Localization, after the work day in Pacific, Mon-Fri)
-    displayName: "Nightly Instrumentation Build"
-    branches:
-      include:
-        - main
-    always: false # only run if there's code changes!
-
-parameters:
-  - name: branding
-    displayName: "Branding (Build Type)"
-    type: string
-    default: Preview # By default, we'll PGO the Preview builds to get max coverage
-    values:
-      - Release
-      - Preview
-      - Dev
-  - name: buildPlatforms
-    type: object
-    default:
-      - x64
-      - arm64
 
 variables:
   - name: runCodesignValidationInjectionBG
@@ -32,57 +10,18 @@ variables:
 name: 0.0.$(Date:yyMM).$(Date:dd)$(Rev:rr)
 
 stages:
-  - stage: Build
-    displayName: Build
+  - stage: Build_x64
+    displayName: Build x64
     dependsOn: []
     condition: succeeded()
     jobs:
-      - template: ./templates-v2/job-build-project.yml
+      - template: ./templates/build-console-pgo.yml
         parameters:
-          pool:
-            ${{ if eq(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
-              name: SHINE-OSS-L
-            ${{ if ne(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
-              name: SHINE-INT-L
-          branding: ${{ parameters.branding }}
-          buildPlatforms: ${{ parameters.buildPlatforms }}
-          buildConfigurations: [Release]
-          buildEverything: true
-          pgoBuildMode: Instrument
-          artifactStem: -instrumentation
-
-  - stage: RunPGO
-    displayName: Run PGO
-    dependsOn: [Build]
-    condition: succeeded()
+          platform: x64
+  - stage: Publish_PGO_Databases
+    displayName: Publish PGO databases
+    dependsOn: ['Build_x64']
     jobs:
-      - ${{ each platform in parameters.buildPlatforms }}:
-        - template: ./templates-v2/job-run-pgo-tests.yml
-          parameters:
-            # This job chooses its own pools based on platform
-            buildPlatform: ${{ platform }}
-            buildConfiguration: Release
-            artifactStem: -instrumentation
-
-  - stage: FinalizePGO
-    displayName: Finalize PGO and Publish
-    dependsOn: [RunPGO]
-    condition: succeeded()
-    jobs:
-      # This job takes multiple platforms and fans them back in to a single artifact.
-      - template: ./templates-v2/job-pgo-merge-pgd.yml
+      - template: ./templates/pgo-build-and-publish-nuget-job.yml
         parameters:
-          jobName: MergePGD
-          pool:
-            vmImage: 'windows-2022'
-          buildConfiguration: Release
-          buildPlatforms: ${{ parameters.buildPlatforms }}
-          artifactStem: -instrumentation
-
-      - template: ./templates-v2/job-pgo-build-nuget-and-publish.yml
-        parameters:
-          pool:
-            vmImage: 'windows-2022'
-          dependsOn: MergePGD
-          buildConfiguration: Release
-          artifactStem: -instrumentation
+          pgoArtifact: 'PGO'

build/pipelines/release.yml

@@ -0,0 +1,729 @@
+# This build should never run as CI or against a pull request.
+trigger: none
+pr: none
+
+pool: 
+  name: WinDevPool-L
+  demands: ImageOverride -equals WinDevVS16-latest
+
+parameters:
+  - name: branding
+    displayName: "Branding (Build Type)"
+    type: string
+    default: Release
+    values:
+      - Release
+      - Preview
+  - name: buildTerminal
+    displayName: "Build Windows Terminal MSIX"
+    type: boolean
+    default: true
+  - name: runCompliance
+    displayName: "Run Compliance and Security Build"
+    type: boolean
+    default: true
+  - name: publishSymbolsToPublic
+    displayName: "Publish Symbols to MSDL"
+    type: boolean
+    default: true
+  - name: buildTerminalVPack
+    displayName: "Build Windows Terminal VPack"
+    type: boolean
+    default: false
+  - name: buildConPTY
+    displayName: "Build ConPTY NuGet"
+    type: boolean
+    default: false
+  - name: buildWPF
+    displayName: "Build Terminal WPF Control"
+    type: boolean
+    default: false
+  - name: pgoBuildMode
+    displayName: "PGO Build Mode"
+    type: string
+    default: Optimize
+    values:
+      - Optimize
+      - Instrument
+      - None
+  - name: buildConfigurations
+    type: object
+    default:
+      - Release
+  - name: buildPlatforms
+    type: object
+    default:
+      - x64
+      - x86
+      - arm64
+  - name: buildWindowsVersions
+    type: object
+    default:
+      - Win10
+      - Win11
+
+variables:
+  TerminalInternalPackageVersion: "0.0.7"
+  # If we are building a branch called "release-*", change the NuGet suffix
+  # to "preview". If we don't do that, XES will set the suffix to "release1"
+  # because it truncates the value after the first period.
+  # We also want to disable the suffix entirely if we're Release branded while
+  # on a release branch.
+  # main is special, however. XES ignores main. Since we never produce actual
+  # shipping builds from main, we want to force it to have a beta label as
+  # well.
+  #
+  # In effect:
+  # BRANCH / BRANDING | Release                    | Preview
+  # ------------------|----------------------------|-----------------------------
+  # release-*         | 1.12.20220427              | 1.13.20220427-preview
+  # main              | 1.14.20220427-experimental | 1.14.20220427-experimental
+  # all others        | 1.14.20220427-mybranch     | 1.14.20220427-mybranch
+  ${{ if startsWith(variables['Build.SourceBranchName'], 'release-') }}:
+    ${{ if eq(parameters.branding, 'Release') }}:
+      NoNuGetPackBetaVersion: true
+    ${{ else }}:
+      NuGetPackBetaVersion: preview
+  ${{ elseif eq(variables['Build.SourceBranchName'], 'main') }}:
+    NuGetPackBetaVersion: experimental
+  # The NuGet packages have to use *somebody's* DLLs. We used to force them to
+  # use the Win10 build outputs, but if there isn't a Win10 build we should use
+  # the Win11 one.
+  ${{ if containsValue(parameters.buildWindowsVersions, 'Win10') }}:
+    TerminalBestVersionForNuGetPackages: Win10
+  ${{ else }}:
+    TerminalBestVersionForNuGetPackages: Win11
+
+name: $(BuildDefinitionName)_$(date:yyMM).$(date:dd)$(rev:rrr)
+resources:
+  repositories:
+  - repository: self
+    type: git
+    ref: main
+jobs:
+- job: Build
+  strategy:
+    matrix:
+      ${{ each config in parameters.buildConfigurations }}:
+        ${{ each platform in parameters.buildPlatforms }}:
+          ${{ each windowsVersion in parameters.buildWindowsVersions }}:
+            ${{ config }}_${{ platform }}_${{ windowsVersion }}:
+              BuildConfiguration: ${{ config }}
+              BuildPlatform: ${{ platform }}
+              TerminalTargetWindowsVersion: ${{ windowsVersion }}
+  displayName: Build
+  timeoutInMinutes: 240
+  cancelTimeoutInMinutes: 1
+  steps:
+  - checkout: self
+    clean: true
+    submodules: true
+    persistCredentials: True
+  - task: PkgESSetupBuild@12
+    displayName: Package ES - Setup Build
+    inputs:
+      disableOutputRedirect: true
+  - task: PowerShell@2
+    displayName: Rationalize Build Platform
+    inputs:
+      targetType: inline
+      script: >-
+        $Arch = "$(BuildPlatform)"
+
+        If ($Arch -Eq "x86") { $Arch = "Win32" }
+
+        Write-Host "##vso[task.setvariable variable=RationalizedBuildPlatform]${Arch}"
+  - template: .\templates\restore-nuget-steps.yml
+  - task: UniversalPackages@0
+    displayName: Download terminal-internal Universal Package
+    inputs:
+      feedListDownload: 2b3f8893-a6e8-411f-b197-a9e05576da48
+      packageListDownload: e82d490c-af86-4733-9dc4-07b772033204
+      versionListDownload: $(TerminalInternalPackageVersion)
+  - task: TouchdownBuildTask@1
+    displayName: Download Localization Files
+    inputs:
+      teamId: 7105
+      authId: $(TouchdownAppId)
+      authKey: $(TouchdownAppKey)
+      resourceFilePath: >-
+        src\cascadia\TerminalApp\Resources\en-US\Resources.resw
+
+        src\cascadia\TerminalApp\Resources\en-US\ContextMenu.resw
+
+        src\cascadia\TerminalControl\Resources\en-US\Resources.resw
+
+        src\cascadia\TerminalConnection\Resources\en-US\Resources.resw
+
+        src\cascadia\TerminalSettingsModel\Resources\en-US\Resources.resw
+
+        src\cascadia\TerminalSettingsEditor\Resources\en-US\Resources.resw
+
+        src\cascadia\CascadiaPackage\Resources\en-US\Resources.resw
+      appendRelativeDir: true
+      localizationTarget: false
+      pseudoSetting: Included
+  - task: PowerShell@2
+    displayName: Move Loc files one level up
+    inputs:
+      targetType: inline
+      script: >-
+        $Files = Get-ChildItem . -R -Filter 'Resources.resw' | ? FullName -Like '*en-US\*\Resources.resw'
+
+        $Files | % { Move-Item -Verbose $_.Directory $_.Directory.Parent.Parent -EA:Ignore }
+      pwsh: true
+  - task: PowerShell@2
+    displayName: Copy the Context Menu Loc Resources to CascadiaPackage
+    inputs:
+      filePath: ./build/scripts/Copy-ContextMenuResourcesToCascadiaPackage.ps1
+      pwsh: true
+  - task: PowerShell@2
+    displayName: Generate NOTICE.html from NOTICE.md
+    inputs:
+      filePath: .\build\scripts\Generate-ThirdPartyNotices.ps1
+      arguments: -MarkdownNoticePath .\NOTICE.md -OutputPath .\src\cascadia\CascadiaPackage\NOTICE.html
+      pwsh: true
+  - ${{ if eq(parameters.buildTerminal, true) }}:
+    - pwsh: |-
+        ./build/scripts/Patch-ManifestsToWindowsVersion.ps1 -NewWindowsVersion "10.0.22000.0"
+      displayName: Update manifest target version to Win11 (if necessary)
+      condition: and(succeeded(), eq(variables['TerminalTargetWindowsVersion'], 'Win11'))
+    - task: VSBuild@1
+      displayName: Build solution **\OpenConsole.sln
+      condition: true
+      inputs:
+        solution: '**\OpenConsole.sln'
+        vsVersion: 16.0
+        msbuildArgs: /p:WindowsTerminalOfficialBuild=true /p:WindowsTerminalBranding=${{ parameters.branding }};PGOBuildMode=${{ parameters.pgoBuildMode }} /t:Terminal\CascadiaPackage /p:WindowsTerminalReleaseBuild=true /bl:$(Build.SourcesDirectory)\msbuild.binlog
+        platform: $(BuildPlatform)
+        configuration: $(BuildConfiguration)
+        clean: true
+        maximumCpuCount: true
+    - task: PublishBuildArtifacts@1
+      displayName: 'Publish Artifact: binlog'
+      condition: failed()
+      continueOnError: True
+      inputs:
+        PathtoPublish: $(Build.SourcesDirectory)\msbuild.binlog
+        ArtifactName: binlog-$(BuildPlatform)-$(TerminalTargetWindowsVersion)
+    - task: PowerShell@2
+      displayName: Check MSIX for common regressions
+      inputs:
+        targetType: inline
+        script: >-
+          $Package = Get-ChildItem -Recurse -Filter "CascadiaPackage_*.msix"
+
+          .\build\scripts\Test-WindowsTerminalPackage.ps1 -Verbose -Path $Package.FullName
+        pwsh: true
+  - ${{ if eq(parameters.buildWPF, true) }}:
+    - task: VSBuild@1
+      displayName: Build solution **\OpenConsole.sln for PublicTerminalCore
+      inputs:
+        solution: '**\OpenConsole.sln'
+        vsVersion: 16.0
+        msbuildArgs: /p:WindowsTerminalOfficialBuild=true /p:WindowsTerminalBranding=${{ parameters.branding }};PGOBuildMode=${{ parameters.pgoBuildMode }} /p:WindowsTerminalReleaseBuild=true /t:Terminal\wpf\PublicTerminalCore
+        platform: $(BuildPlatform)
+        configuration: $(BuildConfiguration)
+  - ${{ if eq(parameters.buildConPTY, true) }}:
+    - task: VSBuild@1
+      displayName: Build solution **\OpenConsole.sln for ConPTY
+      inputs:
+        solution: '**\OpenConsole.sln'
+        vsVersion: 16.0
+        msbuildArgs: /p:WindowsTerminalOfficialBuild=true /p:WindowsTerminalBranding=${{ parameters.branding }};PGOBuildMode=${{ parameters.pgoBuildMode }} /p:WindowsTerminalReleaseBuild=true /t:Conhost\Host_EXE;Conhost\winconpty_DLL
+        platform: $(BuildPlatform)
+        configuration: $(BuildConfiguration)
+  - task: PowerShell@2
+    displayName: Source Index PDBs
+    inputs:
+      filePath: build\scripts\Index-Pdbs.ps1
+      arguments: -SearchDir '$(Build.SourcesDirectory)' -SourceRoot '$(Build.SourcesDirectory)' -recursive -Verbose -CommitId $(Build.SourceVersion)
+      errorActionPreference: silentlyContinue
+      pwsh: true
+  - task: PowerShell@2
+    displayName: Run Unit Tests
+    condition: and(succeeded(), or(eq(variables['BuildPlatform'], 'x64'), eq(variables['BuildPlatform'], 'x86')))
+    enabled: False
+    inputs:
+      filePath: build\scripts\Run-Tests.ps1
+      arguments: -MatchPattern '*unit.test*.dll' -Platform '$(RationalizedBuildPlatform)' -Configuration '$(BuildConfiguration)'
+  - task: PowerShell@2
+    displayName: Run Feature Tests
+    condition: and(succeeded(), eq(variables['BuildPlatform'], 'x64'))
+    enabled: False
+    inputs:
+      filePath: build\scripts\Run-Tests.ps1
+      arguments: -MatchPattern '*feature.test*.dll' -Platform '$(RationalizedBuildPlatform)' -Configuration '$(BuildConfiguration)'
+  - ${{ if eq(parameters.buildTerminal, true) }}:
+    - task: CopyFiles@2
+      displayName: Copy *.appx/*.msix to Artifacts
+      inputs:
+        Contents: >-
+          **/*.appx
+
+          **/*.msix
+
+          **/*.appxsym
+
+          !**/Microsoft.VCLibs*.appx
+        TargetFolder: $(Build.ArtifactStagingDirectory)/appx
+        OverWrite: true
+        flattenFolders: true
+    - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
+      displayName: 'Generate SBOM manifest'
+      inputs:
+       BuildDropPath: '$(System.ArtifactsDirectory)/appx'
+    - task: PublishBuildArtifacts@1
+      displayName: Publish Artifact (appx)
+      inputs:
+        PathtoPublish: $(Build.ArtifactStagingDirectory)/appx
+        ArtifactName: appx-$(BuildPlatform)-$(BuildConfiguration)-$(TerminalTargetWindowsVersion)
+  - ${{ if eq(parameters.buildConPTY, true) }}:
+    - task: CopyFiles@2
+      displayName: Copy ConPTY to Artifacts
+      inputs:
+        Contents: |-
+          $(Build.SourcesDirectory)/bin/**/conpty.dll
+          $(Build.SourcesDirectory)/bin/**/conpty.lib
+          $(Build.SourcesDirectory)/bin/**/conpty.pdb
+          $(Build.SourcesDirectory)/bin/**/OpenConsole.exe
+          $(Build.SourcesDirectory)/bin/**/OpenConsole.pdb
+        TargetFolder: $(Build.ArtifactStagingDirectory)/conpty
+        OverWrite: true
+        flattenFolders: true
+    - task: PublishBuildArtifacts@1
+      displayName: Publish Artifact (ConPTY)
+      inputs:
+        PathtoPublish: $(Build.ArtifactStagingDirectory)/conpty
+        ArtifactName: conpty-dll-$(BuildPlatform)-$(BuildConfiguration)-$(TerminalTargetWindowsVersion)
+  - ${{ if eq(parameters.buildWPF, true) }}:
+    - task: CopyFiles@2
+      displayName: Copy PublicTerminalCore.dll to Artifacts
+      inputs:
+        Contents: >-
+          **/PublicTerminalCore.dll
+
+          **/api-ms-win-core-synch-l1-2-0.dll
+        TargetFolder: $(Build.ArtifactStagingDirectory)/wpf
+        OverWrite: true
+        flattenFolders: true
+    - task: PublishBuildArtifacts@1
+      displayName: Publish Artifact (PublicTerminalCore)
+      inputs:
+        PathtoPublish: $(Build.ArtifactStagingDirectory)/wpf
+        ArtifactName: wpf-dll-$(BuildPlatform)-$(BuildConfiguration)-$(TerminalTargetWindowsVersion)
+
+  - task: PublishSymbols@2
+    displayName: Publish symbols path
+    continueOnError: True
+    inputs:
+      SearchPattern: |
+        $(Build.SourcesDirectory)/bin/**/*.pdb
+        $(Build.SourcesDirectory)/bin/**/*.exe
+        $(Build.SourcesDirectory)/bin/**/*.dll
+      IndexSources: false
+      SymbolServerType: TeamServices
+
+- ${{ if eq(parameters.runCompliance, true) }}:
+  - template: ./templates/build-console-compliance-job.yml
+  
+- ${{ if eq(parameters.buildTerminal, true) }}:
+  - job: BundleAndSign
+    strategy:
+      matrix:
+        ${{ each windowsVersion in parameters.buildWindowsVersions }}:
+          ${{ windowsVersion }}:
+            TerminalTargetWindowsVersion: ${{ windowsVersion }}
+    displayName: Create and sign AppX/MSIX bundles
+    variables:
+      ${{ if eq(parameters.branding, 'Release') }}:
+        BundleStemName: Microsoft.WindowsTerminal
+      ${{ elseif eq(parameters.branding, 'Preview') }}:
+        BundleStemName: Microsoft.WindowsTerminalPreview
+      ${{ else }}:
+        BundleStemName: WindowsTerminalDev
+    dependsOn: Build
+    steps:
+    - checkout: self
+      clean: true
+      fetchDepth: 1
+      submodules: true
+      persistCredentials: True
+    - task: PkgESSetupBuild@12
+      displayName: Package ES - Setup Build
+      inputs:
+        disableOutputRedirect: true
+    - ${{ each platform in parameters.buildPlatforms }}:
+      - task: DownloadBuildArtifacts@0
+        displayName: Download Artifacts ${{ platform }} $(TerminalTargetWindowsVersion)
+        inputs:
+          artifactName: appx-${{ platform }}-Release-$(TerminalTargetWindowsVersion)
+    # Add 3000 to the major version component, but only for the bundle.
+    # This is to ensure that it is newer than "2022.xx.yy.zz" or whatever the original bundle versions were before
+    # we switched to uniform naming.
+    - pwsh: |-
+        $VersionEpoch = 3000
+        $Components = "$(XES_APPXMANIFESTVERSION)" -Split "\."
+        $Components[0] = ([int]$Components[0] + $VersionEpoch)
+        $BundleVersion = $Components -Join "."
+        New-Item -Type Directory "$(System.ArtifactsDirectory)\bundle"
+        .\build\scripts\Create-AppxBundle.ps1 -InputPath "$(System.ArtifactsDirectory)" -ProjectName CascadiaPackage -BundleVersion $BundleVersion -OutputPath "$(System.ArtifactsDirectory)\bundle\$(BundleStemName)_$(TerminalTargetWindowsVersion)_$(XES_APPXMANIFESTVERSION)_8wekyb3d8bbwe.msixbundle"
+      displayName: Create WindowsTerminal*.msixbundle
+    - task: EsrpCodeSigning@1
+      displayName: Submit *.msixbundle to ESRP for code signing
+      inputs:
+        ConnectedServiceName: 9d6d2960-0793-4d59-943e-78dcb434840a
+        FolderPath: $(System.ArtifactsDirectory)\bundle
+        Pattern: $(BundleStemName)*.msixbundle
+        UseMinimatch: true
+        signConfigType: inlineSignParams
+        inlineOperation: >-
+          [
+              {
+                  "KeyCode": "Dynamic",
+                  "CertTemplateName": "WINMSAPP1ST",
+                  "CertSubjectName": "CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US",
+                  "OperationCode": "SigntoolSign",
+                  "Parameters": {
+                      "OpusName": "Microsoft",
+                      "OpusInfo": "http://www.microsoft.com",
+                      "FileDigest": "/fd \"SHA256\"",
+                      "TimeStamp": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
+                  },
+                  "ToolName": "sign",
+                  "ToolVersion": "1.0"
+              },
+              {
+                  "KeyCode": "Dynamic",
+                  "CertTemplateName": "WINMSAPP1ST",
+                  "CertSubjectName": "CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US",
+                  "OperationCode": "SigntoolVerify",
+                  "Parameters": {},
+                  "ToolName": "sign",
+                  "ToolVersion": "1.0"
+              }
+          ]
+
+    - task: PublishBuildArtifacts@1
+      displayName: 'Publish Artifact: appxbundle-signed'
+      inputs:
+        PathtoPublish: $(System.ArtifactsDirectory)\bundle
+        ArtifactName: appxbundle-signed-$(TerminalTargetWindowsVersion)
+
+- ${{ if eq(parameters.buildConPTY, true) }}:
+  - job: PackageAndSignConPTY
+    strategy:
+      matrix:
+        ${{ each config in parameters.buildConfigurations }}:
+          ${{ config }}:
+            BuildConfiguration: ${{ config }}
+    displayName: Create NuGet Package (ConPTY)
+    dependsOn: Build
+    steps:
+    - checkout: self
+      clean: true
+      fetchDepth: 1
+      submodules: true
+      persistCredentials: True
+    - task: PkgESSetupBuild@12
+      displayName: Package ES - Setup Build
+      inputs:
+        disableOutputRedirect: true
+    - ${{ each platform in parameters.buildPlatforms }}:
+      - task: DownloadBuildArtifacts@0
+        displayName: Download ${{ platform }} ConPTY binaries
+        inputs:
+          artifactName: conpty-dll-${{ platform }}-$(BuildConfiguration)-$(TerminalBestVersionForNuGetPackages)
+          downloadPath: bin\${{ platform }}\$(BuildConfiguration)\
+          extractTars: false
+    - task: PowerShell@2
+      displayName: Move downloaded artifacts around
+      inputs:
+        targetType: inline
+        # Find all artifact files and move them up a directory. Ugh.
+        script: |-
+          Get-ChildItem bin -Recurse -Directory -Filter conpty-dll-* | % {
+            $_ | Get-ChildItem -Recurse -File | % {
+              Move-Item -Verbose $_.FullName $_.Directory.Parent.FullName
+            }
+          }
+          Move-Item bin\x86 bin\Win32
+
+    - task: EsrpCodeSigning@1
+      displayName: Submit ConPTY libraries and OpenConsole for code signing
+      inputs:
+        ConnectedServiceName: 9d6d2960-0793-4d59-943e-78dcb434840a
+        FolderPath: '$(Build.SourcesDirectory)/bin'
+        signType: batchSigning
+        batchSignPolicyFile: '$(Build.SourcesDirectory)\build\config\ESRPSigning_ConPTY.json'
+
+    - task: NuGetToolInstaller@1
+      displayName: Use NuGet 5.10.0
+      inputs:
+        versionSpec: 5.10.0
+    - task: NuGetCommand@2
+      displayName: NuGet pack
+      inputs:
+        command: pack
+        packagesToPack: $(Build.SourcesDirectory)\src\winconpty\package\winconpty.nuspec
+        packDestination: '$(Build.ArtifactStagingDirectory)/nupkg'
+        versioningScheme: byEnvVar
+        versionEnvVar: XES_PACKAGEVERSIONNUMBER
+    - task: EsrpCodeSigning@1
+      displayName: Submit *.nupkg to ESRP for code signing
+      inputs:
+        ConnectedServiceName: 9d6d2960-0793-4d59-943e-78dcb434840a
+        FolderPath: $(Build.ArtifactStagingDirectory)/nupkg
+        Pattern: '*.nupkg'
+        UseMinimatch: true
+        signConfigType: inlineSignParams
+        inlineOperation: >-
+          [
+              {
+                  "KeyCode": "CP-401405",
+                  "OperationCode": "NuGetSign",
+                  "Parameters": {},
+                  "ToolName": "sign",
+                  "ToolVersion": "1.0"
+              },
+              {
+                  "KeyCode": "CP-401405",
+                  "OperationCode": "NuGetVerify",
+                  "Parameters": {},
+                  "ToolName": "sign",
+                  "ToolVersion": "1.0"
+              }
+          ]
+    - task: PublishBuildArtifacts@1
+      displayName: Publish Artifact (nupkg)
+      inputs:
+        PathtoPublish: $(Build.ArtifactStagingDirectory)\nupkg
+        ArtifactName: conpty-nupkg-$(BuildConfiguration)
+
+
+- ${{ if eq(parameters.buildWPF, true) }}:
+  - job: PackageAndSignWPF
+    strategy:
+      matrix:
+        ${{ each config in parameters.buildConfigurations }}:
+          ${{ config }}:
+            BuildConfiguration: ${{ config }}
+    displayName: Create NuGet Package (WPF Terminal Control)
+    dependsOn: Build
+    steps:
+    - checkout: self
+      clean: true
+      fetchDepth: 1
+      submodules: true
+      persistCredentials: True
+    - task: PkgESSetupBuild@12
+      displayName: Package ES - Setup Build
+      inputs:
+        disableOutputRedirect: true
+    - ${{ each platform in parameters.buildPlatforms }}:
+      - task: DownloadBuildArtifacts@0
+        displayName: Download ${{ platform }} PublicTerminalCore
+        inputs:
+          artifactName: wpf-dll-${{ platform }}-$(BuildConfiguration)-$(TerminalBestVersionForNuGetPackages)
+          itemPattern: '**/*.dll'
+          downloadPath: bin\${{ platform }}\$(BuildConfiguration)\
+          extractTars: false
+    - task: PowerShell@2
+      displayName: Move downloaded artifacts around
+      inputs:
+        targetType: inline
+        # Find all artifact files and move them up a directory. Ugh.
+        script: |-
+          Get-ChildItem bin -Recurse -Directory -Filter wpf-dll-* | % {
+            $_ | Get-ChildItem -Recurse -File | % {
+              Move-Item -Verbose $_.FullName $_.Directory.Parent.FullName
+            }
+          }
+          Move-Item bin\x86 bin\Win32
+    - task: NuGetToolInstaller@1
+      displayName: Use NuGet 5.10.0
+      inputs:
+        versionSpec: 5.10.0
+    - task: NuGetCommand@2
+      displayName: NuGet restore copy
+      inputs:
+        selectOrConfig: config
+        nugetConfigPath: NuGet.Config
+    - task: VSBuild@1
+      displayName: Build solution **\OpenConsole.sln for WPF Control
+      inputs:
+        solution: '**\OpenConsole.sln'
+        vsVersion: 16.0
+        msbuildArgs: /p:WindowsTerminalReleaseBuild=$(UseReleaseBranding);Version=$(XES_PACKAGEVERSIONNUMBER) /t:Pack
+        platform: Any CPU
+        configuration: $(BuildConfiguration)
+        maximumCpuCount: true
+    - task: PublishSymbols@2
+      displayName: Publish symbols path
+      continueOnError: True
+      inputs:
+        SearchPattern: |
+          $(Build.SourcesDirectory)/bin/**/*.pdb
+          $(Build.SourcesDirectory)/bin/**/*.exe
+          $(Build.SourcesDirectory)/bin/**/*.dll
+        IndexSources: false
+        SymbolServerType: TeamServices
+        SymbolsArtifactName: Symbols_WPF_$(BuildConfiguration)
+    - task: CopyFiles@2
+      displayName: Copy *.nupkg to Artifacts
+      inputs:
+        Contents: '**/*Wpf*.nupkg'
+        TargetFolder: $(Build.ArtifactStagingDirectory)/nupkg
+        OverWrite: true
+        flattenFolders: true
+    - task: EsrpCodeSigning@1
+      displayName: Submit *.nupkg to ESRP for code signing
+      inputs:
+        ConnectedServiceName: 9d6d2960-0793-4d59-943e-78dcb434840a
+        FolderPath: $(Build.ArtifactStagingDirectory)/nupkg
+        Pattern: '*.nupkg'
+        UseMinimatch: true
+        signConfigType: inlineSignParams
+        inlineOperation: >-
+          [
+              {
+                  "KeyCode": "CP-401405",
+                  "OperationCode": "NuGetSign",
+                  "Parameters": {},
+                  "ToolName": "sign",
+                  "ToolVersion": "1.0"
+              },
+              {
+                  "KeyCode": "CP-401405",
+                  "OperationCode": "NuGetVerify",
+                  "Parameters": {},
+                  "ToolName": "sign",
+                  "ToolVersion": "1.0"
+              }
+          ]
+    - task: PublishBuildArtifacts@1
+      displayName: Publish Artifact (nupkg)
+      inputs:
+        PathtoPublish: $(Build.ArtifactStagingDirectory)\nupkg
+        ArtifactName: wpf-nupkg-$(BuildConfiguration)
+
+- ${{ if eq(parameters.publishSymbolsToPublic, true) }}:
+  - job: PublishSymbols
+    displayName: Publish Symbols
+    dependsOn: BundleAndSign
+    steps:
+    - checkout: self
+      clean: true
+      fetchDepth: 1
+      submodules: true
+    - task: PkgESSetupBuild@12
+      displayName: Package ES - Setup Build
+
+    - template: .\templates\restore-nuget-steps.yml
+
+    # Download the appx-PLATFORM-CONFIG-VERSION artifact for every platform/version combo
+    - ${{ each platform in parameters.buildPlatforms }}:
+      - ${{ each windowsVersion in parameters.buildWindowsVersions }}:
+        - task: DownloadBuildArtifacts@0
+          displayName: Download Symbols ${{ platform }} ${{ windowsVersion }}
+          inputs:
+            artifactName: appx-${{ platform }}-Release-${{ windowsVersion }}
+
+    # It seems easier to do this -- download every appxsym -- then enumerate all the PDBs in the build directory for the
+    # public symbol push. Otherwise, we would have to list all of the PDB files one by one.
+    - pwsh: |-
+        mkdir $(Build.SourcesDirectory)/appxsym-temp
+        Get-ChildItem "$(System.ArtifactsDirectory)" -Filter *.appxsym -Recurse | % {
+          $src = $_.FullName
+          $dest = Join-Path "$(Build.SourcesDirectory)/appxsym-temp/" $_.Name
+
+          mkdir $dest
+          Write-Host "Extracting $src to $dest..."
+          tar -x -v -f $src -C $dest
+        }
+      displayName: Extract symbols for public consumption
+
+    - task: PowerShell@2
+      displayName: Source Index PDBs (the public ones)
+      inputs:
+        filePath: build\scripts\Index-Pdbs.ps1
+        arguments: -SearchDir '$(Build.SourcesDirectory)/appxsym-temp' -SourceRoot '$(Build.SourcesDirectory)' -recursive -Verbose -CommitId $(Build.SourceVersion)
+        pwsh: true
+
+    # Publish the app symbols to the public MSDL symbol server
+    # accessible via https://msdl.microsoft.com/download/symbols
+    - task: PublishSymbols@2
+      displayName: 'Publish app symbols to MSDL'
+      inputs:
+        symbolsFolder: '$(Build.SourcesDirectory)/appxsym-temp'
+        searchPattern: '**/*.pdb'
+        SymbolsMaximumWaitTime: 30
+        SymbolServerType: 'TeamServices'
+        SymbolsProduct: 'Windows Terminal Application Binaries'
+        SymbolsVersion: '$(XES_APPXMANIFESTVERSION)'
+        # The ADO task does not support indexing of GitHub sources.
+        indexSources: false
+        detailedLog: true
+      # There is a bug which causes this task to fail if LIB includes an inaccessible path (even though it does not depend on it).
+      # To work around this issue, we just force LIB to be any dir that we know exists.
+      # Copied from https://github.com/microsoft/icu/blob/f869c214adc87415dfe751d81f42f1bca55dcf5f/build/azure-nuget.yml#L564-L583
+      env:
+        LIB: $(Build.SourcesDirectory)
+        ArtifactServices_Symbol_AccountName: microsoftpublicsymbols
+        ArtifactServices_Symbol_PAT: $(ADO_microsoftpublicsymbols_PAT)
+
+
+- ${{ if eq(parameters.buildTerminalVPack, true) }}:
+  - job: VPack
+    displayName: Create Windows vPack
+    dependsOn: BundleAndSign
+    steps:
+    - checkout: self
+      clean: true
+      fetchDepth: 1
+      submodules: true
+    - task: PkgESSetupBuild@12
+      displayName: Package ES - Setup Build
+    - task: DownloadBuildArtifacts@0
+      displayName: Download Build Artifacts
+      inputs:
+        artifactName: appxbundle-signed-Win11
+        extractTars: false
+    - task: PowerShell@2
+      displayName: Rename and stage packages for vpack
+      inputs:
+        targetType: inline
+        script: >-
+          # Rename to known/fixed name for Windows build system
+
+          Get-ChildItem Microsoft.WindowsTerminal_Win11_*.msixbundle | Rename-Item -NewName { 'Microsoft.WindowsTerminal_8wekyb3d8bbwe.msixbundle' }
+
+
+          # Create vpack directory and place item inside
+
+          mkdir WindowsTerminal.app
+
+          mv Microsoft.WindowsTerminal_8wekyb3d8bbwe.msixbundle .\WindowsTerminal.app\
+        workingDirectory: $(System.ArtifactsDirectory)\appxbundle-signed-Win11
+    - task: PkgESVPack@12
+      displayName: 'Package ES - VPack'
+      env:
+        SYSTEM_ACCESSTOKEN: $(System.AccessToken)
+      inputs:
+        sourceDirectory: $(System.ArtifactsDirectory)\appxbundle-signed-Win11\WindowsTerminal.app
+        description: VPack for the Windows Terminal Application
+        pushPkgName: WindowsTerminal.app
+        owner: conhost
+        githubToken: $(GitHubTokenForVpackProvenance)
+    - task: PublishPipelineArtifact@1
+      displayName: 'Copy VPack Manifest to Drop'
+      inputs:
+        targetPath: $(XES_VPACKMANIFESTDIRECTORY)
+        artifactName: VPackManifest
+    - task: PkgESFCIBGit@12
+      displayName: 'Submit VPack Manifest to Windows'
+      inputs:
+        configPath: '$(Build.SourcesDirectory)\build\config\GitCheckin.json'
+        artifactsDirectory: $(XES_VPACKMANIFESTDIRECTORY)
+        prTimeOut: 5
+...

build/pipelines/templates-v2/job-build-package-wpf.yml

@@ -1,144 +0,0 @@
-parameters:
-  - name: buildConfigurations
-    type: object
-  - name: buildPlatforms
-    type: object
-  - name: generateSbom
-    type: boolean
-    default: false
-  - name: codeSign
-    type: boolean
-    default: false
-  - name: pool
-    type: object
-    default: []
-  - name: dependsOn
-    type: object
-    default: null
-  - name: artifactStem
-    type: string
-    default: ''
-  - name: jobName
-    type: string
-    default: PackWPF
-  - name: variables
-    type: object
-    default: {}
-  - name: publishArtifacts
-    type: boolean
-    default: true
-
-jobs:
-- job: ${{ parameters.jobName }}
-  ${{ if ne(length(parameters.pool), 0) }}:
-    pool: ${{ parameters.pool }}
-  ${{ if eq(parameters.codeSign, true) }}:
-    displayName: Pack and Sign Microsoft.Terminal.Wpf
-  ${{ else }}:
-    displayName: Pack Microsoft.Terminal.Wpf
-  strategy:
-    matrix:
-      ${{ each config in parameters.buildConfigurations }}:
-        ${{ config }}:
-          BuildConfiguration: ${{ config }}
-  dependsOn: ${{ parameters.dependsOn }}
-  variables:
-    OutputBuildPlatform: AnyCPU
-    Terminal.BinDir: $(Build.SourcesDirectory)/bin/$(OutputBuildPlatform)/$(BuildConfiguration)
-    JobOutputDirectory: $(Build.ArtifactStagingDirectory)\nupkg
-    JobOutputArtifactName: wpf-nupkg-$(BuildConfiguration)${{ parameters.artifactStem }}
-    ${{ insert }}: ${{ parameters.variables }}
-  steps:
-  - checkout: self
-    clean: true
-    fetchDepth: 1
-    fetchTags: false # Tags still result in depth > 1 fetch; we don't need them here
-    submodules: true
-    persistCredentials: True
-
-  - task: PkgESSetupBuild@12
-    displayName: Package ES - Setup Build
-    inputs:
-      disableOutputRedirect: true
-
-  - template: steps-download-bin-dir-artifact.yml
-    parameters:
-      buildPlatforms:
-        - ${{ parameters.buildPlatforms }}
-        - Any CPU # Make sure we grab the precompiled WPF bits
-      # This build is already matrix'd on configuration, so
-      # just pass a single config into the download template.
-      buildConfigurations:
-        - $(BuildConfiguration)
-      artifactStem: ${{ parameters.artifactStem }}
-
-  - template: .\steps-restore-nuget.yml
-
-  - task: VSBuild@1
-    displayName: Build solution OpenConsole.sln for WPF Control (Pack)
-    inputs:
-      solution: 'OpenConsole.sln'
-      msbuildArgs: >-
-        /p:WindowsTerminalReleaseBuild=true;Version=$(XES_PACKAGEVERSIONNUMBER)
-        /p:NoBuild=true
-        /p:IncludeSymbols=true
-        /t:Terminal\wpf\WpfTerminalControl:Pack
-      platform: Any CPU
-      configuration: $(BuildConfiguration)
-      maximumCpuCount: true
-      clean: false
-
-  - task: CopyFiles@2
-    displayName: Copy *.nupkg to Artifacts
-    inputs:
-      Contents: 'bin/**/*Wpf*.nupkg'
-      TargetFolder: $(Build.ArtifactStagingDirectory)/nupkg
-      OverWrite: true
-      flattenFolders: true
-
-  - ${{ if eq(parameters.codeSign, true) }}:
-    - task: EsrpCodeSigning@3
-      displayName: Submit *.nupkg to ESRP for code signing
-      inputs:
-        ConnectedServiceName: 9d6d2960-0793-4d59-943e-78dcb434840a
-        FolderPath: $(Build.ArtifactStagingDirectory)/nupkg
-        Pattern: '*.nupkg'
-        UseMinimatch: true
-        signConfigType: inlineSignParams
-        inlineOperation: >-
-          [
-              {
-                  "KeyCode": "CP-401405",
-                  "OperationCode": "NuGetSign",
-                  "Parameters": {},
-                  "ToolName": "sign",
-                  "ToolVersion": "1.0"
-              },
-              {
-                  "KeyCode": "CP-401405",
-                  "OperationCode": "NuGetVerify",
-                  "Parameters": {},
-                  "ToolName": "sign",
-                  "ToolVersion": "1.0"
-              }
-          ]
-
-  - ${{ if eq(parameters.generateSbom, true) }}:
-    - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
-      displayName: 'Generate SBOM manifest (wpf)'
-      inputs:
-       BuildDropPath: '$(System.ArtifactsDirectory)/nupkg'
-       BuildComponentPath: '$(Build.SourcesDirectory)/bin'
-
-    - task: DropValidatorTask@0
-      displayName: 'Validate wpf SBOM manifest'
-      inputs:
-        BuildDropPath: '$(System.ArtifactsDirectory)/nupkg'
-        OutputPath: 'output.json'
-        ValidateSignature: true
-        Verbosity: 'Verbose'
-
-  - ${{ if eq(parameters.publishArtifacts, true) }}:
-    - publish: $(JobOutputDirectory)
-      artifact: $(JobOutputArtifactName)
-      displayName: Publish nupkg

build/pipelines/templates-v2/job-build-project.yml

@@ -1,298 +0,0 @@
-parameters:
-  - name: branding
-    type: string
-    default: Dev
-  - name: additionalBuildOptions
-    type: string
-    default: ''
-  - name: buildTerminal
-    type: boolean
-    default: true
-  - name: buildConPTY
-    type: boolean
-    default: false
-  - name: buildWPF
-    type: boolean
-    default: false
-  - name: buildWPFDotNetComponents # This weird hack is to make sure we sign and source index the .NET pieces
-    type: boolean
-    default: false
-  - name: buildEverything
-    displayName: "Build Everything (Overrides all other build options)"
-    type: boolean
-    default: false
-  - name: pgoBuildMode
-    type: string
-    default: None
-    values: [Optimize, Instrument, None]
-  - name: buildConfigurations
-    type: object
-    default:
-      - Release
-  - name: buildPlatforms
-    type: object
-    default:
-      - x64
-      - x86
-      - arm64
-  - name: generateSbom
-    type: boolean
-    default: false
-  - name: codeSign
-    type: boolean
-    default: false
-  - name: keepAllExpensiveBuildOutputs
-    type: boolean
-    default: true
-  - name: artifactStem
-    type: string
-    default: ''
-  - name: jobName
-    type: string
-    default: 'Build'
-  - name: pool
-    type: object
-    default: []
-  - name: beforeBuildSteps
-    type: stepList
-    default: []
-  - name: variables
-    type: object
-    default: {}
-  - name: publishArtifacts
-    type: boolean
-    default: true
-  - name: removeAllNonSignedFiles
-    type: boolean
-    default: false
-
-jobs:
-- job: ${{ parameters.jobName }}
-  ${{ if ne(length(parameters.pool), 0) }}:
-    pool: ${{ parameters.pool }}
-  strategy:
-    matrix:
-      ${{ each config in parameters.buildConfigurations }}:
-        ${{ each platform in parameters.buildPlatforms }}:
-          ${{ config }}_${{ platform }}:
-            BuildConfiguration: ${{ config }}
-            BuildPlatform: ${{ platform }}
-            ${{ if eq(platform, 'x86') }}:
-              OutputBuildPlatform: Win32
-            ${{ elseif eq(platform, 'Any CPU') }}:
-              OutputBuildPlatform: AnyCPU
-            ${{ else }}:
-              OutputBuildPlatform: ${{ platform }}
-  variables:
-    MakeAppxPath: 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86\MakeAppx.exe'
-    Terminal.BinDir: $(Build.SourcesDirectory)/bin/$(OutputBuildPlatform)/$(BuildConfiguration)
-    # Azure DevOps abhors a vacuum
-    # If these are blank, expansion will fail later on... which will result in direct substitution of the variable *names*
-    # later on. We'll just... set them to a single space and if we need to, check IsNullOrWhiteSpace.
-    # Yup.
-    BuildTargetParameter: ' '
-    SelectedSigningFragments: ' '
-    # When building the unpackaged distribution, build it in portable mode if it's Canary-branded
-    ${{ if eq(parameters.branding, 'Canary') }}:
-      UnpackagedBuildArguments: -PortableMode
-    ${{ else }}:
-      UnpackagedBuildArguments: ' '
-    JobOutputDirectory: $(Terminal.BinDir)
-    JobOutputArtifactName: build-$(BuildPlatform)-$(BuildConfiguration)${{ parameters.artifactStem }}
-    ${{ insert }}: ${{ parameters.variables }}
-  displayName: Build
-  timeoutInMinutes: 240
-  cancelTimeoutInMinutes: 1
-  steps:
-  - checkout: self
-    clean: true
-    submodules: true
-    persistCredentials: True
-  # This generates either nothing for BuildTargetParameter, or /t:X;Y;Z, to control targets later.
-  - pwsh: |-
-      If (-Not [bool]::Parse("${{ parameters.buildEverything }}")) {
-        $BuildTargets = @()
-        $SignFragments = @()
-        If ([bool]::Parse("${{ parameters.buildTerminal }}")) {
-          $BuildTargets += "Terminal\CascadiaPackage"
-          $SignFragments += "terminal_constituents"
-        }
-        If ([bool]::Parse("${{ parameters.buildWPFDotNetComponents }}")) {
-          $BuildTargets += "Terminal\wpf\WpfTerminalControl"
-          $SignFragments += "wpfdotnet"
-        }
-        If ([bool]::Parse("${{ parameters.buildWPF }}")) {
-          $BuildTargets += "Terminal\Control\Microsoft_Terminal_Control"
-          $SignFragments += "wpf"
-        }
-        If ([bool]::Parse("${{ parameters.buildConPTY }}")) {
-          $BuildTargets += "Conhost\Host_EXE;Conhost\winconpty_DLL"
-          $SignFragments += "conpty"
-        }
-        Write-Host "Targets: $($BuildTargets -Join ";")"
-        Write-Host "Sign targets: $($SignFragments -Join ";")"
-        Write-Host "##vso[task.setvariable variable=BuildTargetParameter]/t:$($BuildTargets -Join ";")"
-        Write-Host "##vso[task.setvariable variable=SelectedSigningFragments]$($SignFragments -Join ";")"
-      }
-    displayName: Prepare Build and Sign Targets
-
-  - pwsh: |-
-      .\build\scripts\Generate-ThirdPartyNotices.ps1 -MarkdownNoticePath .\NOTICE.md -OutputPath .\src\cascadia\CascadiaPackage\NOTICE.html
-    displayName: Generate NOTICE.html from NOTICE.md
-
-  - template: .\steps-restore-nuget.yml
-
-  - ${{ parameters.beforeBuildSteps }}
-
-  - task: VSBuild@1
-    displayName: Build OpenConsole.sln
-    inputs:
-      solution: 'OpenConsole.sln'
-      msbuildArgs: >-
-        /p:WindowsTerminalOfficialBuild=true;WindowsTerminalBranding=${{ parameters.branding }};PGOBuildMode=${{ parameters.pgoBuildMode }}
-        ${{ parameters.additionalBuildOptions }}
-        /bl:$(Build.SourcesDirectory)\msbuild.binlog
-        $(BuildTargetParameter)
-      platform: $(BuildPlatform)
-      configuration: $(BuildConfiguration)
-      maximumCpuCount: true
-
-  - ${{ if eq(parameters.publishArtifacts, true) }}:
-    - publish: $(Build.SourcesDirectory)/msbuild.binlog
-      artifact: logs-$(BuildPlatform)-$(BuildConfiguration)${{ parameters.artifactStem }}
-      condition: always()
-      displayName: Publish Build Log
-  - ${{ else }}:
-    - task: CopyFiles@2
-      displayName: Copy Build Log
-      inputs:
-        contents: $(Build.SourcesDirectory)/msbuild.binlog
-        TargetFolder: $(Terminal.BinDir)
-
-  # This saves ~2GiB per architecture. We won't need these later.
-  # Removes:
-  # - All .lib that do not have an associated .exp (which would indicate that they are import libs)
-  # - All .pdbs from those .libs (which were only used during linking)
-  # - Directories ending in Lib (static lib projects that we fully linked into DLLs which may also contain unnecessary resources)
-  # - All LocalTests_ project outputs, as they were subsumed into TestHostApp
-  # - All PDB files inside the WindowsTerminal/ output, which do not belong there.
-  # - console.dll, which apparently breaks XFGCheck? lol.
-  - pwsh: |-
-      $binDir = '$(Terminal.BinDir)'
-      $ImportLibs = Get-ChildItem $binDir -Recurse -File -Filter '*.exp' | ForEach-Object { $_.FullName -Replace "exp$","lib" }
-      $StaticLibs = Get-ChildItem $binDir -Recurse -File -Filter '*.lib' | Where-Object FullName -NotIn $ImportLibs
-
-      $Items = @()
-      $Items += $StaticLibs
-      $Items += Get-Item ($StaticLibs.FullName -Replace "lib$","pdb") -ErrorAction:Ignore
-      $Items += Get-ChildItem $binDir -Directory -Filter '*Lib'
-      $Items += Get-ChildItem $binDir -Directory -Filter 'LocalTests_*'
-      $Items += Get-ChildItem "${$binDir}\WindowsTerminal" -Filter '*.pdb' -ErrorAction:Ignore
-
-      If (-Not [bool]::Parse('${{ parameters.keepAllExpensiveBuildOutputs }}')) {
-        $Items += Get-ChildItem '$(Terminal.BinDir)' -Filter '*.pdb' -Recurse
-      }
-
-      $Items += Get-ChildItem $binDir -Filter 'console.dll'
-
-      $Items | Remove-Item -Recurse -Force -Verbose -ErrorAction:Ignore
-    displayName: Clean up static libs and extra symbols
-    errorActionPreference: silentlyContinue # It's OK if this silently fails
-
-  # We cannot index PDBs that we have deleted!
-  - ${{ if eq(parameters.keepAllExpensiveBuildOutputs, true) }}:
-    - pwsh: |-
-        build\scripts\Index-Pdbs.ps1 -SearchDir '$(Terminal.BinDir)' -SourceRoot '$(Build.SourcesDirectory)' -recursive -Verbose -CommitId $(Build.SourceVersion)
-      displayName: Source Index PDBs
-      errorActionPreference: silentlyContinue
-
-  - ${{ if or(parameters.buildTerminal, parameters.buildEverything) }}:
-    - pwsh: |-
-        $Package = (Get-ChildItem -Recurse -Filter "CascadiaPackage*.msix" | Select -First 1)
-        $PackageFilename = $Package.FullName
-        Write-Host "##vso[task.setvariable variable=WindowsTerminalPackagePath]${PackageFilename}"
-      displayName: Locate the MSIX
-
-    # CHECK EXCEPTION
-    # PGO requires a desktop CRT
-    - ${{ if ne(parameters.pgoBuildMode, 'Instrument') }}:
-      - pwsh: |-
-          .\build\scripts\Test-WindowsTerminalPackage.ps1 -Verbose -Path "$(WindowsTerminalPackagePath)"
-        displayName: Check MSIX for common regressions
-        condition: and(succeeded(), ne(variables.WindowsTerminalPackagePath, ''))
-      
-    - ${{ if eq(parameters.codeSign, true) }}:
-      - pwsh: |-
-          & "$(MakeAppxPath)" unpack /p "$(WindowsTerminalPackagePath)" /d "$(Terminal.BinDir)/PackageContents"
-        displayName: Unpack the MSIX for signing
-
-  - ${{ if eq(parameters.codeSign, true) }}:
-    - template: steps-create-signing-config.yml
-      parameters:
-        outFile: '$(Build.SourcesDirectory)/ESRPSigningConfig.json'
-        stage: build
-        fragments: $(SelectedSigningFragments)
-
-    # Code-sign everything we just put together.
-    # We run the signing in Terminal.BinDir, because all of the signing batches are relative to the final architecture/configuration output folder.
-    - task: EsrpCodeSigning@3
-      displayName: Submit Signing Request
-      inputs:
-        ConnectedServiceName: 9d6d2960-0793-4d59-943e-78dcb434840a
-        FolderPath: '$(Terminal.BinDir)'
-        signType: batchSigning
-        batchSignPolicyFile: '$(Build.SourcesDirectory)/ESRPSigningConfig.json'
-
-    # We only need to re-pack the MSIX if we actually signed, so this can stay in the codeSign conditional
-    - ${{ if or(parameters.buildTerminal, parameters.buildEverything) }}:
-      - pwsh: |-
-          $outDir = New-Item -Type Directory "$(Terminal.BinDir)/_appx" -ErrorAction:Ignore
-          $PackageFilename = Join-Path $outDir.FullName (Split-Path -Leaf "$(WindowsTerminalPackagePath)")
-          & "$(MakeAppxPath)" pack /h SHA256 /o /p $PackageFilename /d "$(Terminal.BinDir)/PackageContents"
-          Write-Host "##vso[task.setvariable variable=WindowsTerminalPackagePath]${PackageFilename}"
-        displayName: Re-pack the new Terminal package after signing
-
-    # Some of our governed pipelines explicitly fail builds that have *any* non-codesigned filed (!)
-    - ${{ if eq(parameters.removeAllNonSignedFiles, true) }}:
-      - pwsh: |-
-          Get-ChildItem "$(Terminal.BinDir)" -Recurse -Include "*.dll","*.exe" |
-            Where-Object { (Get-AuthenticodeSignature $_).Status -Ne "Valid" } |
-            Remove-Item -Verbose -Force
-        displayName: Remove all non-signed output files
-
-  - ${{ else }}: # No Signing
-    - ${{ if or(parameters.buildTerminal, parameters.buildEverything) }}:
-      - pwsh: |-
-          $outDir = New-Item -Type Directory "$(Terminal.BinDir)/_appx" -ErrorAction:Ignore
-          $PackageFilename = Join-Path $outDir.FullName (Split-Path -Leaf "$(WindowsTerminalPackagePath)")
-          Copy-Item "$(WindowsTerminalPackagePath)" $PackageFilename
-          Write-Host "##vso[task.setvariable variable=WindowsTerminalPackagePath]${PackageFilename}"
-        displayName: Stage the package (unsigned)
-        condition: and(succeeded(), ne(variables.WindowsTerminalPackagePath, ''))
-
-  - ${{ if or(parameters.buildTerminal, parameters.buildEverything) }}:
-    - pwsh: |-
-        $XamlAppxPath = (Get-Item "src\cascadia\CascadiaPackage\AppPackages\*\Dependencies\$(BuildPlatform)\Microsoft.UI.Xaml*.appx").FullName
-        $outDir = New-Item -Type Directory "$(Terminal.BinDir)/_unpackaged" -ErrorAction:Ignore
-        & .\build\scripts\New-UnpackagedTerminalDistribution.ps1 $(UnpackagedBuildArguments) -TerminalAppX $(WindowsTerminalPackagePath) -XamlAppX $XamlAppxPath -Destination $outDir.FullName
-      displayName: Build Unpackaged Distribution (from MSIX)
-      condition: and(succeeded(), ne(variables.WindowsTerminalPackagePath, ''))
-
-  - ${{ if eq(parameters.generateSbom, true) }}:
-    - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
-      displayName: 'Generate SBOM manifest'
-      inputs:
-        BuildDropPath: '$(Terminal.BinDir)'
-
-    - task: DropValidatorTask@0
-      displayName: 'Validate SBOM manifest'
-      inputs:
-        BuildDropPath: '$(Terminal.BinDir)'
-        OutputPath: 'output.json'
-        ValidateSignature: true
-        Verbosity: 'Verbose'
-
-  - ${{ if eq(parameters.publishArtifacts, true) }}:
-    - publish: $(Terminal.BinDir)
-      artifact: $(JobOutputArtifactName)
-      displayName: Publish All Outputs

build/pipelines/templates-v2/job-check-code-format.yml

@@ -1,15 +0,0 @@
-jobs:
-- job: CodeFormatCheck
-  displayName: Check Code Format
-  pool: { vmImage: windows-2022 }
-
-  steps:
-  - checkout: self
-    fetchDepth: 1
-    fetchTags: false # Tags still result in depth > 1 fetch; we don't need them here
-    submodules: false
-    clean: true
-
-  - powershell: |-
-      .\build\scripts\Invoke-FormattingCheck.ps1
-    displayName: 'Run formatters'

build/pipelines/templates-v2/job-deploy-to-azure-storage.yml

@@ -1,92 +0,0 @@
-parameters:
-  - name: buildConfiguration
-    type: string
-  - name: buildPlatforms
-    type: object
-  - name: pool
-    type: object
-    default: []
-  - name: dependsOn
-    type: object
-    default: null
-  - name: artifactStem
-    type: string
-    default: ''
-  - name: variables
-    type: object
-    default: {}
-  - name: environment
-    type: string
-  - name: storagePublicRootURL
-    type: string
-  - name: subscription
-    type: string
-  - name: storageAccount
-    type: string
-  - name: storageContainer
-    type: string
-
-jobs:
-- job: DeployAzure
-  ${{ if ne(length(parameters.pool), 0) }}:
-    pool: ${{ parameters.pool }}
-  displayName: Publish to Azure Storage (Prod)
-  dependsOn: ${{ parameters.dependsOn }}
-  variables:
-    ${{ insert }}: ${{ parameters.variables }}
-  steps:
-  - download: none
-
-  - checkout: self
-    clean: true
-    fetchDepth: 1
-    fetchTags: false # Tags still result in depth > 1 fetch; we don't need them here
-    submodules: true
-    persistCredentials: True
-
-  - task: DownloadPipelineArtifact@2
-    displayName: Download MSIX Bundle Artifact
-    inputs:
-      artifactName: appxbundle-${{ parameters.buildConfiguration }}${{ parameters.artifactStem }}
-      downloadPath: '$(Build.SourcesDirectory)/_out'
-      itemPattern: '**/*.msixbundle'
-
-  - ${{ each platform in parameters.buildPlatforms }}:
-    - task: DownloadPipelineArtifact@2
-      displayName: Download unpackaged build for ${{ platform }} ${{ parameters.buildConfiguration }}
-      inputs:
-        artifactName: build-${{ platform }}-${{ parameters.buildConfiguration }}${{ parameters.artifactStem }}
-        downloadPath: '$(Build.SourcesDirectory)/_unpackaged'
-        itemPattern: '**/_unpackaged/*.zip'
-
-  - pwsh: |-
-      $b = Get-Item _out/*.msixbundle
-      ./build/scripts/New-AppInstallerFromTemplateAndBundle.ps1 -BundlePath $b.FullName -AppInstallerTemplatePath ./build/config/template.appinstaller -AppInstallerRoot "${{ parameters.storagePublicRootURL }}" -OutputPath _out/Microsoft.WindowsTerminalCanary.appinstaller
-    displayName: "Produce AppInstaller for MSIX bundle"
-
-  - pwsh: |-
-      $zips = Get-ChildItem -Recurse -Filter *.zip _unpackaged
-      $zips | ForEach-Object {
-        $name = $_.Name
-        $parts = $name.Split('_')
-        $parts[1] = "latest"
-        $name = [String]::Join('_', $parts)
-        $_ | Move-Item -Destination (Join-Path "_out" $name)
-      }
-    displayName: "Wrangle Unpackaged builds into place, rename"
-
-  - powershell: |-
-      Get-PackageProvider -Name NuGet -ForceBootstrap
-      Install-Module -Verbose -AllowClobber -Force Az.Accounts, Az.Storage, Az.Network, Az.Resources, Az.Compute
-    displayName: Install Azure Module Dependencies
-
-  - task: AzureFileCopy@5
-    displayName: Publish to Storage Account
-    inputs:
-      sourcePath: _out/*
-      Destination: AzureBlob
-      azureSubscription: ${{ parameters.subscription }}
-      storage: ${{ parameters.storageAccount }}
-      ContainerName: ${{ parameters.storageContainer }}
-      AdditionalArgumentsForBlobCopy: "--content-type application/octet-stream"
-

build/pipelines/templates-v2/job-index-github-codenav.yml

@@ -1,16 +0,0 @@
-jobs:
-- job: CodeNavIndexer
-  displayName: Run GitHub CodeNav Indexer
-  pool: { vmImage: windows-2022 }
-
-  steps:
-  - checkout: self
-    fetchDepth: 1
-    fetchTags: false # Tags still result in depth > 1 fetch; we don't need them here
-    submodules: false
-    clean: true
-
-  - task: RichCodeNavIndexer@0
-    inputs:
-      languages: 'cpp,csharp'
-    continueOnError: true

build/pipelines/templates-v2/job-merge-msix-into-bundle.yml

@@ -1,152 +0,0 @@
-parameters:
-  - name: branding
-    type: string
-  - name: buildConfigurations
-    type: object
-  - name: buildPlatforms
-    type: object
-  - name: generateSbom
-    type: boolean
-    default: false
-  - name: codeSign
-    type: boolean
-    default: false
-  - name: pool
-    type: object
-    default: []
-  - name: dependsOn
-    type: object
-    default: null
-  - name: artifactStem
-    type: string
-    default: ''
-  - name: jobName
-    type: string
-    default: Bundle
-  - name: variables
-    type: object
-    default: {}
-  - name: publishArtifacts
-    type: boolean
-    default: true
-  - name: afterBuildSteps
-    type: stepList
-    default: []
-
-jobs:
-- job: ${{ parameters.jobName }}
-  ${{ if ne(length(parameters.pool), 0) }}:
-    pool: ${{ parameters.pool }}
-  ${{ if eq(parameters.codeSign, true) }}:
-    displayName: Pack and Sign Terminal MSIXBundle
-  ${{ else }}:
-    displayName: Pack Terminal MSIXBundle
-  strategy:
-    matrix:
-      ${{ each config in parameters.buildConfigurations }}:
-        ${{ config }}:
-          BuildConfiguration: ${{ config }}
-  variables:
-    ${{ if eq(parameters.branding, 'Release') }}:
-      BundleStemName: Microsoft.WindowsTerminal
-    ${{ elseif eq(parameters.branding, 'Preview') }}:
-      BundleStemName: Microsoft.WindowsTerminalPreview
-    ${{ elseif eq(parameters.branding, 'Canary') }}:
-      BundleStemName: Microsoft.WindowsTerminalCanary
-    ${{ else }}:
-      BundleStemName: WindowsTerminalDev
-    JobOutputDirectory: '$(System.ArtifactsDirectory)/bundle'
-    JobOutputArtifactName: appxbundle-$(BuildConfiguration)${{ parameters.artifactStem }}
-    ${{ insert }}: ${{ parameters.variables }}
-  dependsOn: ${{ parameters.dependsOn }}
-  steps:
-  - checkout: self
-    clean: true
-    fetchDepth: 1
-    fetchTags: false # Tags still result in depth > 1 fetch; we don't need them here
-    submodules: true
-    persistCredentials: True
-  - task: PkgESSetupBuild@12
-    displayName: Package ES - Setup Build
-    inputs:
-      disableOutputRedirect: true
-  - template: steps-download-bin-dir-artifact.yml
-    parameters:
-      buildPlatforms: ${{ parameters.buildPlatforms }}
-      # This build is already matrix'd on configuration, so
-      # just pass a single config into the download template.
-      buildConfigurations:
-        - $(BuildConfiguration)
-      artifactStem: ${{ parameters.artifactStem }}
-
-  # Add 3000 to the major version component, but only for the bundle.
-  # This is to ensure that it is newer than "2022.xx.yy.zz" or whatever the original bundle versions were before
-  # we switched to uniform naming.
-  - pwsh: |-
-      $VersionEpoch = 3000
-      $Components = "$(XES_APPXMANIFESTVERSION)" -Split "\."
-      $Components[0] = ([int]$Components[0] + $VersionEpoch)
-      $BundleVersion = $Components -Join "."
-      New-Item -Type Directory "$(System.ArtifactsDirectory)/bundle"
-      $BundlePath = "$(System.ArtifactsDirectory)\bundle\$(BundleStemName)_$(XES_APPXMANIFESTVERSION)_8wekyb3d8bbwe.msixbundle"
-      .\build\scripts\Create-AppxBundle.ps1 -InputPath 'bin/' -ProjectName CascadiaPackage -BundleVersion $BundleVersion -OutputPath $BundlePath
-      Write-Host "##vso[task.setvariable variable=MsixBundlePath]${BundlePath}"
-    displayName: Create msixbundle
-
-  - ${{ if eq(parameters.codeSign, true) }}:
-    - task: EsrpCodeSigning@3
-      displayName: Submit *.msixbundle to ESRP for code signing
-      inputs:
-        ConnectedServiceName: 9d6d2960-0793-4d59-943e-78dcb434840a
-        FolderPath: $(System.ArtifactsDirectory)\bundle
-        Pattern: $(BundleStemName)*.msixbundle
-        UseMinimatch: true
-        signConfigType: inlineSignParams
-        inlineOperation: >-
-          [
-              {
-                  "KeyCode": "Dynamic",
-                  "CertTemplateName": "WINMSAPP1ST",
-                  "CertSubjectName": "CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US",
-                  "OperationCode": "SigntoolSign",
-                  "Parameters": {
-                      "OpusName": "Microsoft",
-                      "OpusInfo": "http://www.microsoft.com",
-                      "FileDigest": "/fd \"SHA256\"",
-                      "TimeStamp": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
-                  },
-                  "ToolName": "sign",
-                  "ToolVersion": "1.0"
-              },
-              {
-                  "KeyCode": "Dynamic",
-                  "CertTemplateName": "WINMSAPP1ST",
-                  "CertSubjectName": "CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US",
-                  "OperationCode": "SigntoolVerify",
-                  "Parameters": {},
-                  "ToolName": "sign",
-                  "ToolVersion": "1.0"
-              }
-          ]
-
-  - ${{ if eq(parameters.generateSbom, true) }}:
-    - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
-      displayName: 'Generate SBOM manifest (bundle)'
-      inputs:
-       BuildDropPath: '$(System.ArtifactsDirectory)/bundle'
-       BuildComponentPath: '$(Build.SourcesDirectory)/bin'
-
-    - task: DropValidatorTask@0
-      displayName: 'Validate bundle SBOM manifest'
-      inputs:
-        BuildDropPath: '$(System.ArtifactsDirectory)/bundle'
-        OutputPath: 'output.json'
-        ValidateSignature: true
-        Verbosity: 'Verbose'
-
-  - ${{ parameters.afterBuildSteps }}
-
-  - ${{ if eq(parameters.publishArtifacts, true) }}:
-    - publish: $(JobOutputDirectory)
-      artifact: $(JobOutputArtifactName)
-      displayName: Publish msixbundle

build/pipelines/templates-v2/job-package-conpty.yml

@@ -1,129 +0,0 @@
-parameters:
-  - name: buildConfigurations
-    type: object
-  - name: buildPlatforms
-    type: object
-  - name: generateSbom
-    type: boolean
-    default: false
-  - name: codeSign
-    type: boolean
-    default: false
-  - name: pool
-    type: object
-    default: []
-  - name: dependsOn
-    type: object
-    default: null
-  - name: artifactStem
-    type: string
-    default: ''
-  - name: jobName
-    type: string
-    default: PackConPTY
-  - name: variables
-    type: object
-    default: {}
-  - name: publishArtifacts
-    type: boolean
-    default: true
-
-jobs:
-- job: ${{ parameters.jobName }}
-  ${{ if ne(length(parameters.pool), 0) }}:
-    pool: ${{ parameters.pool }}
-  ${{ if eq(parameters.codeSign, true) }}:
-    displayName: Pack and Sign Microsoft.Windows.Console.ConPTY
-  ${{ else }}:
-    displayName: Pack Microsoft.Windows.Console.ConPTY
-  strategy:
-    matrix:
-      ${{ each config in parameters.buildConfigurations }}:
-        ${{ config }}:
-          BuildConfiguration: ${{ config }}
-  dependsOn: ${{ parameters.dependsOn }}
-  variables:
-    JobOutputDirectory: $(Build.ArtifactStagingDirectory)\nupkg
-    JobOutputArtifactName: conpty-nupkg-$(BuildConfiguration)${{ parameters.artifactStem }}
-    ${{ insert }}: ${{ parameters.variables }}
-  steps:
-  - checkout: self
-    clean: true
-    fetchDepth: 1
-    fetchTags: false # Tags still result in depth > 1 fetch; we don't need them here
-    submodules: true
-    persistCredentials: True
-
-  - task: PkgESSetupBuild@12
-    displayName: Package ES - Setup Build
-    inputs:
-      disableOutputRedirect: true
-
-  - template: steps-download-bin-dir-artifact.yml
-    parameters:
-      buildPlatforms: ${{ parameters.buildPlatforms }}
-      # This build is already matrix'd on configuration, so
-      # just pass a single config into the download template.
-      buildConfigurations:
-        - $(BuildConfiguration)
-      artifactStem: ${{ parameters.artifactStem }}
-
-  - template: steps-ensure-nuget-version.yml
-
-# In the Microsoft Azure DevOps tenant, NuGetCommand is ambiguous.
-# This should be `task: NuGetCommand@2`
-  - task: 333b11bd-d341-40d9-afcf-b32d5ce6f23b@2
-    displayName: NuGet pack
-    inputs:
-      command: pack
-      packagesToPack: $(Build.SourcesDirectory)\src\winconpty\package\winconpty.nuspec
-      packDestination: '$(Build.ArtifactStagingDirectory)/nupkg'
-      versioningScheme: byEnvVar
-      versionEnvVar: XES_PACKAGEVERSIONNUMBER
-
-  - ${{ if eq(parameters.codeSign, true) }}:
-    - task: EsrpCodeSigning@3
-      displayName: Submit *.nupkg to ESRP for code signing
-      inputs:
-        ConnectedServiceName: 9d6d2960-0793-4d59-943e-78dcb434840a
-        FolderPath: $(Build.ArtifactStagingDirectory)/nupkg
-        Pattern: '*.nupkg'
-        UseMinimatch: true
-        signConfigType: inlineSignParams
-        inlineOperation: >-
-          [
-              {
-                  "KeyCode": "CP-401405",
-                  "OperationCode": "NuGetSign",
-                  "Parameters": {},
-                  "ToolName": "sign",
-                  "ToolVersion": "1.0"
-              },
-              {
-                  "KeyCode": "CP-401405",
-                  "OperationCode": "NuGetVerify",
-                  "Parameters": {},
-                  "ToolName": "sign",
-                  "ToolVersion": "1.0"
-              }
-          ]
-
-  - ${{ if eq(parameters.generateSbom, true) }}:
-    - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
-      displayName: 'Generate SBOM manifest (conpty)'
-      inputs:
-       BuildDropPath: '$(System.ArtifactsDirectory)/nupkg'
-       BuildComponentPath: '$(Build.SourcesDirectory)/bin'
-
-    - task: DropValidatorTask@0
-      displayName: 'Validate conpty SBOM manifest'
-      inputs:
-        BuildDropPath: '$(System.ArtifactsDirectory)/nupkg'
-        OutputPath: 'output.json'
-        ValidateSignature: true
-        Verbosity: 'Verbose'
-
-  - ${{ if eq(parameters.publishArtifacts, true) }}:
-    - publish: $(JobOutputDirectory)
-      artifact: $(JobOutputArtifactName)
-      displayName: Publish nupkg

build/pipelines/templates-v2/job-pgo-merge-pgd.yml

@@ -1,75 +0,0 @@
-parameters:
-  - name: buildConfiguration
-    type: string
-  - name: buildPlatforms
-    type: object
-  - name: pool
-    type: object
-    default: []
-  - name: dependsOn
-    type: object
-    default: null
-  - name: artifactStem
-    type: string
-    default: ''
-  - name: jobName
-    type: string
-    default: MergePGD
-
-jobs:
-- job: ${{ parameters.jobName }}
-  ${{ if ne(length(parameters.pool), 0) }}:
-    pool: ${{ parameters.pool }}
-  dependsOn: ${{ parameters.dependsOn }}
-  displayName: Merge PGO Counts for ${{ parameters.buildConfiguration }}
-
-  steps:
-  # The environment variable VCToolsInstallDir isn't defined on lab machines, so we need to retrieve it ourselves.
-  - script: |
-      "%ProgramFiles(x86)%\Microsoft Visual Studio\Installer\vswhere.exe" -Latest -requires Microsoft.Component.MSBuild -property InstallationPath > %TEMP%\vsinstalldir.txt
-      set /p _VSINSTALLDIR15=<%TEMP%\vsinstalldir.txt
-      del %TEMP%\vsinstalldir.txt
-      call "%_VSINSTALLDIR15%\Common7\Tools\VsDevCmd.bat"
-      echo VCToolsInstallDir = %VCToolsInstallDir%
-      echo ##vso[task.setvariable variable=VCToolsInstallDir]%VCToolsInstallDir%
-    displayName: 'Retrieve VC tools directory'
-
-  - ${{ each platform in parameters.buildPlatforms }}:
-    - task: DownloadPipelineArtifact@2
-      displayName: Download PGO Databases for ${{ platform }}
-      inputs:
-        artifactName: build-${{ platform }}-${{ parameters.buildConfiguration }}${{ parameters.artifactStem }}
-        itemPattern: '**/*.pgd'
-        downloadPath: '$(Build.SourcesDirectory)/pgd/${{ platform }}/${{ parameters.buildConfiguration }}'
-    - task: DownloadPipelineArtifact@2
-      displayName: Download PGO Counts for ${{ platform }}
-      inputs:
-        artifactName: pgc-intermediates-${{ platform }}-${{ parameters.buildConfiguration }}${{ parameters.artifactStem }}
-        downloadPath: '$(Build.SourcesDirectory)/pgc/${{ platform }}/${{ parameters.buildConfiguration }}'
-    - pwsh: |-
-        $Arch = '${{ platform }}'
-        $Conf = '${{ parameters.buildConfiguration }}'
-        $PGCDir = '$(Build.SourcesDirectory)/pgc/${{ platform }}/${{ parameters.buildConfiguration }}'
-        $PGDDir = '$(Build.SourcesDirectory)/pgd/${{ platform }}/${{ parameters.buildConfiguration }}'
-        # Flatten the PGD directory
-        Get-ChildItem $PGDDir -Recurse -Filter *.pgd | Move-Item -Destination $PGDDir -Verbose
-        Get-ChildItem $PGCDir -Filter *.pgc |
-          ForEach-Object {
-            $Parts = $_.Name -Split "!";
-            $_ | Add-Member Module $Parts[0] -PassThru
-          } |
-          Group-Object Module |
-          ForEach-Object {
-            & "$(VCToolsInstallDir)\bin\Hostx64\${{ platform }}\pgomgr.exe" /merge $_.Group.FullName "$PGDDir\$($_.Name).pgd"
-          }
-      displayName: Merge PGO Counts for ${{ platform }}
-    - task: CopyFiles@2
-      displayName: 'Copy merged pgds to artifact staging'
-      inputs:
-        sourceFolder: '$(Build.SourcesDirectory)/pgd/${{ platform }}/${{ parameters.buildConfiguration }}'
-        contents: '**\*.pgd'
-        targetFolder: '$(Build.ArtifactStagingDirectory)\out-pgd\${{ platform }}'
-
-  - publish: $(Build.ArtifactStagingDirectory)\out-pgd
-    artifact: pgd-merged-${{ parameters.buildConfiguration }}${{ parameters.artifactStem }}
-    displayName: "Publish merged PGDs"

build/pipelines/templates-v2/job-publish-symbols.yml

@@ -1,97 +0,0 @@
-parameters:
-  - name: includePublicSymbolServer
-    type: boolean
-    default: false
-  - name: pool
-    type: object
-    default: []
-  - name: dependsOn
-    type: object
-    default: null
-  - name: artifactStem
-    type: string
-    default: ''
-  - name: jobName
-    type: string
-    default: PublishSymbols
-  - name: symbolExpiryTime
-    type: string
-    default: 36530 # This is the default from PublishSymbols@2
-  - name: variables
-    type: object
-    default: {}
-  - name: symbolPatGoesInTaskInputs
-    type: boolean
-    default: false
-
-jobs:
-- job: ${{ parameters.jobName }}
-  ${{ if ne(length(parameters.pool), 0) }}:
-    pool: ${{ parameters.pool }}
-  ${{ if eq(parameters.includePublicSymbolServer, true) }}:
-    displayName: Publish Symbols to Internal and MSDL
-  ${{ else }}:
-    displayName: Publish Symbols Internally
-  dependsOn: ${{ parameters.dependsOn }}
-  variables:
-    ${{ insert }}: ${{ parameters.variables }}
-  steps:
-  - checkout: self
-    clean: true
-    fetchDepth: 1
-    fetchTags: false # Tags still result in depth > 1 fetch; we don't need them here
-    submodules: true
-    persistCredentials: True
-
-  - task: PkgESSetupBuild@12
-    displayName: Package ES - Setup Build
-    inputs:
-      disableOutputRedirect: true
-
-  - task: DownloadPipelineArtifact@2
-    displayName: Download all PDBs from all prior build phases
-    inputs:
-      itemPattern: '**/*.pdb'
-      targetPath: '$(Build.SourcesDirectory)/bin'
-
-  - task: PublishSymbols@2
-    displayName: Publish Symbols (to current Azure DevOps tenant)
-    continueOnError: True
-    inputs:
-      SymbolsFolder: '$(Build.SourcesDirectory)/bin'
-      SearchPattern: '**/*.pdb'
-      IndexSources: false
-      DetailedLog: true
-      SymbolsMaximumWaitTime: 30
-      SymbolServerType: 'TeamServices'
-      SymbolsProduct: 'Windows Terminal Converged Symbols'
-      SymbolsVersion: '$(XES_APPXMANIFESTVERSION)'
-      SymbolExpirationInDays: ${{ parameters.symbolExpiryTime }}
-    env:
-      LIB: $(Build.SourcesDirectory)
-
-  - ${{ if eq(parameters.includePublicSymbolServer, true) }}:
-    - task: PublishSymbols@2
-      displayName: 'Publish symbols to MSDL'
-      continueOnError: True
-      inputs:
-        SymbolsFolder: '$(Build.SourcesDirectory)/bin'
-        SearchPattern: '**/*.pdb'
-        IndexSources: false
-        DetailedLog: true
-        SymbolsMaximumWaitTime: 30
-        SymbolServerType: 'TeamServices'
-        SymbolsProduct: 'Windows Terminal Converged Symbols'
-        SymbolsVersion: '$(XES_APPXMANIFESTVERSION)'
-        SymbolExpirationInDays: ${{ parameters.symbolExpiryTime }}
-        ${{ if eq(parameters.symbolPatGoesInTaskInputs, true) }}:
-          Pat: $(ADO_microsoftpublicsymbols_PAT)
-        # The ADO task does not support indexing of GitHub sources.
-      # There is a bug which causes this task to fail if LIB includes an inaccessible path (even though it does not depend on it).
-      # To work around this issue, we just force LIB to be any dir that we know exists.
-      # Copied from https://github.com/microsoft/icu/blob/f869c214adc87415dfe751d81f42f1bca55dcf5f/build/azure-nuget.yml#L564-L583
-      env:
-        LIB: $(Build.SourcesDirectory)
-        ArtifactServices_Symbol_AccountName: microsoftpublicsymbols
-        ${{ if ne(parameters.symbolPatGoesInTaskInputs, true) }}:
-          ArtifactServices_Symbol_PAT: $(ADO_microsoftpublicsymbols_PAT)

build/pipelines/templates-v2/job-run-pgo-tests.yml

@@ -1,82 +0,0 @@
-parameters:
-  buildConfiguration: 'Release'
-  buildPlatform: ''
-  artifactStem: ''
-  testLogPath: '$(Build.BinariesDirectory)\$(BuildPlatform)\$(BuildConfiguration)\testsOnBuildMachine.wtl'
-
-jobs:
-- job: PGO${{ parameters.buildPlatform }}${{ parameters.buildConfiguration }}
-  displayName: PGO ${{ parameters.buildPlatform }} ${{ parameters.buildConfiguration }}
-  variables:
-    BuildConfiguration: ${{ parameters.buildConfiguration }}
-    BuildPlatform: ${{ parameters.buildPlatform }}
-    OutputBuildPlatform: ${{ parameters.buildPlatform }}
-    Terminal.BinDir: $(Build.SourcesDirectory)/bin/$(OutputBuildPlatform)/$(BuildConfiguration)
-  pool:
-    ${{ if eq(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
-      ${{ if ne(parameters.buildPlatform, 'ARM64') }}:
-        name: SHINE-OSS-Testing-x64
-      ${{ else }}:
-        name: SHINE-OSS-Testing-arm64
-    ${{ if ne(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
-      ${{ if ne(parameters.buildPlatform, 'ARM64') }}:
-        name: SHINE-INT-Testing-x64
-      ${{ else }}:
-        name: SHINE-INT-Testing-arm64
-
-  steps:
-  - checkout: self
-    submodules: false
-    clean: true
-    fetchDepth: 1
-    fetchTags: false # Tags still result in depth > 1 fetch; we don't need them here
-
-  - task: DownloadPipelineArtifact@2
-    displayName: Download artifacts
-    inputs:
-      artifactName: build-${{ parameters.buildPlatform }}-$(BuildConfiguration)${{ parameters.artifactStem }}
-      downloadPath: $(Terminal.BinDir)
-
-  # The tests expect Terminal to be an unpackaged distribution named terminal-0.0.1.0 (after the dev build version scheme)
-  # Extract to that folder explicitly and strip the embedded folder name from the unpackaged archive.
-  - powershell: |-
-      $TargetDirectory = New-Item -Type Directory (Join-Path "$(Terminal.BinDir)" "terminal-0.0.1.0")
-      & tar.exe -x -v -f (Get-Item "$(Terminal.BinDir)/_unpackaged/*.zip") -C $TargetDirectory.FullName --strip-components=1
-    displayName: Extract the unpackaged build for PGO
-
-  - template: steps-ensure-nuget-version.yml
-
-  - powershell: |-
-      $Package = 'Microsoft.Internal.Windows.Terminal.TestContent'
-      $Version = '1.0.1'
-      & nuget.exe install $Package -Version $Version
-      Write-Host "##vso[task.setvariable variable=TerminalTestContentPath]$(Build.SourcesDirectory)\packages\${Package}.${Version}\content"
-    displayName: Install Test Content
-
-  - task: PowerShell@2
-    displayName: 'Run PGO Tests'
-    inputs:
-      targetType: filePath
-      filePath: build\scripts\Run-Tests.ps1
-      arguments: >-
-        -MatchPattern '*UIA.Tests.dll'
-        -Platform '$(OutputBuildPlatform)'
-        -Configuration '$(BuildConfiguration)'
-        -LogPath '${{ parameters.testLogPath }}'
-        -Root "$(Terminal.BinDir)"
-        -AdditionalTaefArguments '/select:(@IsPGO=true)','/p:WTTestContent=$(TerminalTestContentPath)'
-
-  - task: CopyFiles@2
-    displayName: 'Copy PGO outputs to Artifacts'
-    condition: always()
-    inputs:
-      Contents: |
-       **/*.pgc
-       ${{ parameters.testLogPath }}
-      TargetFolder: '$(Build.ArtifactStagingDirectory)/$(BuildConfiguration)/$(BuildPlatform)/pgc'
-      OverWrite: true
-      flattenFolders: true
-
-  - publish: '$(Build.ArtifactStagingDirectory)/$(BuildConfiguration)/$(BuildPlatform)/pgc'
-    artifact: pgc-intermediates-$(BuildPlatform)-$(BuildConfiguration)${{ parameters.artifactStem }}
-    condition: always()

build/pipelines/templates-v2/job-submit-windows-vpack.yml

@@ -1,81 +0,0 @@
-parameters:
-  - name: buildConfiguration
-    type: string
-  - name: generateSbom
-    type: boolean
-    default: false
-  - name: pool
-    type: object
-    default: []
-  - name: dependsOn
-    type: object
-    default: null
-  - name: artifactStem
-    type: string
-    default: ''
-  - name: variables
-    type: object
-    default: {}
-  - name: publishArtifacts
-    type: boolean
-    default: true
-
-jobs:
-- job: VPack
-  ${{ if ne(length(parameters.pool), 0) }}:
-    pool: ${{ parameters.pool }}
-  displayName: Create and Submit Windows vPack
-  dependsOn: ${{ parameters.dependsOn }}
-  variables:
-    JobOutputDirectory: $(XES_VPACKMANIFESTDIRECTORY)
-    JobOutputArtifactName: vpack-manifest${{ parameters.artifactStem }}
-    ${{ insert }}: ${{ parameters.variables }}
-  steps:
-  - checkout: self
-    clean: true
-    fetchDepth: 1
-    fetchTags: false # Tags still result in depth > 1 fetch; we don't need them here
-    submodules: true
-    persistCredentials: True
-
-  - task: PkgESSetupBuild@12
-    displayName: Package ES - Setup Build
-    inputs:
-      disableOutputRedirect: true
-
-  - task: DownloadPipelineArtifact@2
-    displayName: Download MSIX Bundle Artifact
-    inputs:
-      artifactName: appxbundle-${{ parameters.buildConfiguration }}${{ parameters.artifactStem }}
-      downloadPath: '$(Build.SourcesDirectory)/bundle'
-
-  # Rename to known/fixed name for Windows build system
-  - powershell: |-
-      # Create vpack directory and place item inside
-      $TargetFolder = New-Item -Type Directory '$(Build.SourcesDirectory)/WindowsTerminal.app'
-      Get-ChildItem bundle/Microsoft.WindowsTerminal_*.msixbundle | Move-Item (Join-Path $TargetFolder.FullName 'Microsoft.WindowsTerminal_8wekyb3d8bbwe.msixbundle') -Verbose
-    displayName: Stage packages for vpack
-
-  - task: PkgESVPack@12
-    displayName: 'Package ES - VPack'
-    env:
-      SYSTEM_ACCESSTOKEN: $(System.AccessToken)
-    inputs:
-      sourceDirectory: '$(Build.SourcesDirectory)/WindowsTerminal.app'
-      description: VPack for the Windows Terminal Application
-      pushPkgName: WindowsTerminal.app
-      owner: conhost
-      githubToken: $(GitHubTokenForVpackProvenance)
-
-  - ${{ if eq(parameters.publishArtifacts, true) }}:
-    - publish: $(JobOutputDirectory)
-      artifact: $(JobOutputArtifactName)
-      displayName: 'Publish VPack Manifest to Drop'
-
-  - task: PkgESFCIBGit@12
-    displayName: 'Submit VPack Manifest to Windows'
-    inputs:
-      configPath: '$(Build.SourcesDirectory)\build\config\GitCheckin.json'
-      artifactsDirectory: $(XES_VPACKMANIFESTDIRECTORY)
-      prTimeOut: 5
-

build/pipelines/templates-v2/pipeline-full-release-build.yml

@@ -1,181 +0,0 @@
-# This build should never run as CI or against a pull request.
-trigger: none
-
-parameters:
-  - name: branding
-    type: string
-    default: Release
-  - name: buildTerminal
-    type: boolean
-    default: true
-  - name: buildConPTY
-    type: boolean
-    default: false
-  - name: buildWPF
-    type: boolean
-    default: false
-  - name: pgoBuildMode
-    type: string
-    default: Optimize
-    values:
-      - Optimize
-      - Instrument
-      - None
-  - name: buildConfigurations
-    type: object
-    default:
-      - Release
-  - name: buildPlatforms
-    type: object
-    default:
-      - x64
-      - x86
-      - arm64
-  - name: codeSign
-    type: boolean
-    default: true
-  - name: generateSbom
-    type: boolean
-    default: true
-  - name: terminalInternalPackageVersion
-    type: string
-    default: '0.0.8'
-
-  - name: publishSymbolsToPublic
-    type: boolean
-    default: true
-  - name: symbolExpiryTime
-    type: string
-    default: 36530 # This is the default from PublishSymbols@2
-  - name: publishVpackToWindows
-    type: boolean
-    default: false
-
-  - name: extraPublishJobs
-    type: object
-    default: []
-  - name: pool
-    type: object
-    default:
-      name: SHINE-INT-S # By default, send jobs to the small agent pool.
-      demands: ImageOverride -equals SHINE-VS17-Latest
-
-variables:
-  - template: variables-nuget-package-version.yml
-    parameters:
-      branding: ${{ parameters.branding }}
-
-resources:
-  repositories:
-  - repository: self
-    type: git
-    ref: main
-
-stages:
-  - stage: Build
-    displayName: Build
-    pool: ${{ parameters.pool }}
-    dependsOn: []
-    jobs:
-      - template: ./job-build-project.yml
-        parameters:
-          pool:
-            name: SHINE-INT-L # Run the compilation on the large agent pool, rather than the default small one.
-            demands: ImageOverride -equals SHINE-VS17-Latest
-          branding: ${{ parameters.branding }}
-          buildTerminal: ${{ parameters.buildTerminal }}
-          buildConPTY: ${{ parameters.buildConPTY }}
-          buildWPF: ${{ parameters.buildWPF }}
-          pgoBuildMode: ${{ parameters.pgoBuildMode }}
-          buildConfigurations: ${{ parameters.buildConfigurations }}
-          buildPlatforms: ${{ parameters.buildPlatforms }}
-          generateSbom: ${{ parameters.generateSbom }}
-          codeSign: ${{ parameters.codeSign }}
-          beforeBuildSteps: # Right before we build, lay down the universal package and localizations
-            - task: PkgESSetupBuild@12
-              displayName: Package ES - Setup Build
-              inputs:
-                disableOutputRedirect: true
-
-            - task: UniversalPackages@0
-              displayName: Download terminal-internal Universal Package
-              inputs:
-                feedListDownload: 2b3f8893-a6e8-411f-b197-a9e05576da48
-                packageListDownload: e82d490c-af86-4733-9dc4-07b772033204
-                versionListDownload: ${{ parameters.terminalInternalPackageVersion }}
-
-            - template: ./steps-fetch-and-prepare-localizations.yml
-              parameters:
-                includePseudoLoc: true
-
-      - ${{ if eq(parameters.buildWPF, true) }}:
-        # Add an Any CPU build flavor for the WPF control bits
-        - template: ./job-build-project.yml
-          parameters:
-            # This job is allowed to run on the default small pool.
-            jobName: BuildWPF
-            branding: ${{ parameters.branding }}
-            buildTerminal: false
-            buildWPFDotNetComponents: true
-            buildConfigurations: ${{ parameters.buildConfigurations }}
-            buildPlatforms:
-              - Any CPU
-            generateSbom: ${{ parameters.generateSbom }}
-            codeSign: ${{ parameters.codeSign }}
-            beforeBuildSteps:
-              - task: PkgESSetupBuild@12
-                displayName: Package ES - Setup Build
-                inputs:
-                  disableOutputRedirect: true
-              # WPF doesn't need the localizations or the universal package, but if it does... put them here.
-
-  - stage: Package
-    displayName: Package
-    pool: ${{ parameters.pool }}
-    dependsOn: [Build]
-    jobs:
-      - ${{ if eq(parameters.buildTerminal, true) }}:
-        - template: ./job-merge-msix-into-bundle.yml
-          parameters:
-            jobName: Bundle
-            branding: ${{ parameters.branding }}
-            buildConfigurations: ${{ parameters.buildConfigurations }}
-            buildPlatforms: ${{ parameters.buildPlatforms }}
-            generateSbom: ${{ parameters.generateSbom }}
-            codeSign: ${{ parameters.codeSign }}
-
-      - ${{ if eq(parameters.buildConPTY, true) }}:
-        - template: ./job-package-conpty.yml
-          parameters:
-            buildConfigurations: ${{ parameters.buildConfigurations }}
-            buildPlatforms: ${{ parameters.buildPlatforms }}
-            generateSbom: ${{ parameters.generateSbom }}
-            codeSign: ${{ parameters.codeSign }}
-
-      - ${{ if eq(parameters.buildWPF, true) }}:
-        - template: ./job-build-package-wpf.yml
-          parameters:
-            buildConfigurations: ${{ parameters.buildConfigurations }}
-            buildPlatforms: ${{ parameters.buildPlatforms }}
-            generateSbom: ${{ parameters.generateSbom }}
-            codeSign: ${{ parameters.codeSign }}
-
-  - stage: Publish
-    displayName: Publish
-    pool: ${{ parameters.pool }}
-    dependsOn: [Build, Package]
-    jobs:
-      # We only support the vpack for Release builds that include Terminal
-      - ${{ if and(containsValue(parameters.buildConfigurations, 'Release'), parameters.buildTerminal, parameters.publishVpackToWindows) }}:
-        - template: ./job-submit-windows-vpack.yml
-          parameters:
-            buildConfiguration: Release
-            generateSbom: ${{ parameters.generateSbom }}
-
-      - template: ./job-publish-symbols.yml
-        parameters:
-          includePublicSymbolServer: ${{ parameters.publishSymbolsToPublic }}
-          symbolExpiryTime: ${{ parameters.symbolExpiryTime }}
-
-      - ${{ parameters.extraPublishJobs }}
-...

build/pipelines/templates-v2/pipeline-onebranch-full-release-build.yml

@@ -1,265 +0,0 @@
-parameters:
-  - name: official
-    type: boolean
-    default: false
-  - name: branding
-    type: string
-    default: Release
-    values:
-      - Release
-      - Preview
-      - Canary
-      - Dev
-  - name: buildTerminal
-    type: boolean
-    default: true
-  - name: buildConPTY
-    type: boolean
-    default: false
-  - name: buildWPF
-    type: boolean
-    default: false
-  - name: pgoBuildMode
-    type: string
-    default: Optimize
-    values:
-      - Optimize
-      - Instrument
-      - None
-  - name: buildConfigurations
-    type: object
-    default:
-      - Release
-  - name: buildPlatforms
-    type: object
-    default:
-      - x64
-      - x86
-      - arm64
-  - name: codeSign
-    type: boolean
-    default: true
-  - name: terminalInternalPackageVersion
-    type: string
-    default: '0.0.8'
-
-  - name: publishSymbolsToPublic
-    type: boolean
-    default: true
-  - name: symbolExpiryTime
-    type: string
-    default: 36530 # This is the default from PublishSymbols@2
-  - name: publishVpackToWindows
-    type: boolean
-    default: false
-
-  - name: extraPublishJobs
-    type: object
-    default: []
-
-resources:
-  repositories:
-  - repository: templates
-    type: git
-    name: OneBranch.Pipelines/GovernedTemplates
-    ref: refs/heads/main
-
-extends:
-  ${{ if eq(parameters.official, true) }}:
-    template: v2/Microsoft.Official.yml@templates # https://aka.ms/obpipelines/templates
-  ${{ else }}:
-    template: v2/Microsoft.NonOfficial.yml@templates
-  parameters:
-    featureFlags:
-      WindowsHostVersion: 1ESWindows2022
-    platform:
-      name: 'windows_undocked'
-      product: 'Windows Terminal'
-    cloudvault: # https://aka.ms/obpipelines/cloudvault
-      enabled: false
-    globalSdl: # https://aka.ms/obpipelines/sdl
-      tsa:
-        enabled: true
-        configFile: '$(Build.SourcesDirectory)\build\config\tsa.json'
-      binskim:
-        break: false
-        scanOutputDirectoryOnly: true
-      policheck:
-        break: false
-        severity: Note
-      baseline:
-        baselineFile: '$(Build.SourcesDirectory)\build\config\release.gdnbaselines'
-        suppressionSet: default
-
-    stages:
-      - stage: Build
-        displayName: Build
-        dependsOn: []
-        jobs:
-          - template: ./build/pipelines/templates-v2/job-build-project.yml@self
-            parameters:
-              pool: { type: windows }
-              variables:
-                ob_git_checkout: false # This job checks itself out
-                ob_git_skip_checkout_none: true
-                ob_outputDirectory: $(JobOutputDirectory)
-                ob_artifactBaseName: $(JobOutputArtifactName)
-              publishArtifacts: false # Handled by OneBranch
-              branding: ${{ parameters.branding }}
-              buildTerminal: ${{ parameters.buildTerminal }}
-              buildConPTY: ${{ parameters.buildConPTY }}
-              buildWPF: ${{ parameters.buildWPF }}
-              pgoBuildMode: ${{ parameters.pgoBuildMode }}
-              buildConfigurations: ${{ parameters.buildConfigurations }}
-              buildPlatforms: ${{ parameters.buildPlatforms }}
-              generateSbom: false # this is handled by onebranch
-              removeAllNonSignedFiles: true # appease the overlords
-              codeSign: ${{ parameters.codeSign }}
-              beforeBuildSteps: # Right before we build, lay down the universal package and localizations
-                - task: PkgESSetupBuild@12
-                  displayName: Package ES - Setup Build
-                  inputs:
-                    disableOutputRedirect: true
-
-                - task: UniversalPackages@0
-                  displayName: Download terminal-internal Universal Package
-                  inputs:
-                    feedListDownload: 2b3f8893-a6e8-411f-b197-a9e05576da48
-                    packageListDownload: e82d490c-af86-4733-9dc4-07b772033204
-                    versionListDownload: ${{ parameters.terminalInternalPackageVersion }}
-
-                - template: ./build/pipelines/templates-v2/steps-fetch-and-prepare-localizations.yml@self
-                  parameters:
-                    includePseudoLoc: true
-
-          - ${{ if eq(parameters.buildWPF, true) }}:
-            # Add an Any CPU build flavor for the WPF control bits
-            - template: ./build/pipelines/templates-v2/job-build-project.yml@self
-              parameters:
-                pool: { type: windows }
-                variables:
-                  ob_git_checkout: false # This job checks itself out
-                  ob_git_skip_checkout_none: true
-                  ob_outputDirectory: $(JobOutputDirectory)
-                  ob_artifactBaseName: $(JobOutputArtifactName)
-                publishArtifacts: false # Handled by OneBranch
-                jobName: BuildWPF
-                branding: ${{ parameters.branding }}
-                buildTerminal: false
-                buildWPFDotNetComponents: true
-                buildConfigurations: ${{ parameters.buildConfigurations }}
-                buildPlatforms:
-                  - Any CPU
-                generateSbom: false # this is handled by onebranch
-                removeAllNonSignedFiles: true # appease the overlords
-                codeSign: ${{ parameters.codeSign }}
-                beforeBuildSteps:
-                  - task: PkgESSetupBuild@12
-                    displayName: Package ES - Setup Build
-                    inputs:
-                      disableOutputRedirect: true
-                  # WPF doesn't need the localizations or the universal package, but if it does... put them here.
-
-      - stage: Package
-        displayName: Package
-        dependsOn: [Build]
-        jobs:
-          - ${{ if eq(parameters.buildTerminal, true) }}:
-            - template: ./build/pipelines/templates-v2/job-merge-msix-into-bundle.yml@self
-              parameters:
-                pool: { type: windows }
-                variables:
-                  ob_git_checkout: false # This job checks itself out
-                  ob_git_skip_checkout_none: true
-                  ob_outputDirectory: $(JobOutputDirectory)
-                  ob_artifactBaseName: $(JobOutputArtifactName)
-                  ### This job is also in charge of submitting the vpack to Windows if it's enabled
-                  ob_createvpack_enabled: ${{ and(parameters.buildTerminal, parameters.publishVpackToWindows) }}
-                  ob_updateOSManifest_enabled: ${{ and(parameters.buildTerminal, parameters.publishVpackToWindows) }}
-                  ### If enabled above, these options are in play.
-                  ob_createvpack_packagename: 'WindowsTerminal.app'
-                  ob_createvpack_owneralias: 'conhost@microsoft.com'
-                  ob_createvpack_description: 'VPack for the Windows Terminal Application'
-                  ob_createvpack_targetDestinationDirectory: '$(Destination)'
-                  ob_createvpack_propsFile: false
-                  ob_createvpack_provData: true
-                  ob_createvpack_metadata: '$(Build.SourceVersion)'
-                  ob_createvpack_topLevelRetries: 0
-                  ob_createvpack_failOnStdErr: true
-                  ob_createvpack_taskLogVerbosity: Detailed
-                  ob_createvpack_verbose: true
-                  ob_createvpack_vpackdirectory: '$(JobOutputDirectory)\vpack'
-                  ob_updateOSManifest_gitcheckinConfigPath: '$(Build.SourcesDirectory)\build\config\GitCheckin.json'
-                  # We're skipping the 'fetch' part of the OneBranch rules, but that doesn't mean
-                  # that it doesn't expect to have downloaded a manifest directly to some 'destination'
-                  # folder that it can then update and upload.
-                  # Effectively: it says "destination" but it means "source"
-                  # DH: Don't ask why.
-                  ob_updateOSManifest_destination: $(XES_VPACKMANIFESTDIRECTORY)
-                  ob_updateOSManifest_skipFetch: true
-                publishArtifacts: false # Handled by OneBranch
-                jobName: Bundle
-                branding: ${{ parameters.branding }}
-                buildConfigurations: ${{ parameters.buildConfigurations }}
-                buildPlatforms: ${{ parameters.buildPlatforms }}
-                generateSbom: false # Handled by onebranch
-                codeSign: ${{ parameters.codeSign }}
-                afterBuildSteps:
-                  # This directory has to exist, even if we aren't using createvpack, because the Guardian rules demand it.
-                  - pwsh: |-
-                      New-Item "$(JobOutputDirectory)/vpack" -Type Directory
-                    displayName: Make sure the vpack directory exists
-
-                  - ${{ if parameters.publishVpackToWindows }}:
-                    - pwsh: |-
-                        Copy-Item -Verbose -Path "$(MsixBundlePath)" -Destination (Join-Path "$(JobOutputDirectory)/vpack" 'Microsoft.WindowsTerminal_8wekyb3d8bbwe.msixbundle')
-                      displayName: Stage msixbundle for vpack
-
-          - ${{ if eq(parameters.buildConPTY, true) }}:
-            - template: ./build/pipelines/templates-v2/job-package-conpty.yml@self
-              parameters:
-                pool: { type: windows }
-                variables:
-                  ob_git_checkout: false # This job checks itself out
-                  ob_git_skip_checkout_none: true
-                  ob_outputDirectory: $(JobOutputDirectory)
-                  ob_artifactBaseName: $(JobOutputArtifactName)
-                publishArtifacts: false # Handled by OneBranch
-                buildConfigurations: ${{ parameters.buildConfigurations }}
-                buildPlatforms: ${{ parameters.buildPlatforms }}
-                generateSbom: false # this is handled by onebranch
-                codeSign: ${{ parameters.codeSign }}
-
-          - ${{ if eq(parameters.buildWPF, true) }}:
-            - template: ./build/pipelines/templates-v2/job-build-package-wpf.yml@self
-              parameters:
-                pool: { type: windows }
-                variables:
-                  ob_git_checkout: false # This job checks itself out
-                  ob_git_skip_checkout_none: true
-                  ob_outputDirectory: $(JobOutputDirectory)
-                  ob_artifactBaseName: $(JobOutputArtifactName)
-                publishArtifacts: false # Handled by OneBranch
-                buildConfigurations: ${{ parameters.buildConfigurations }}
-                buildPlatforms: ${{ parameters.buildPlatforms }}
-                generateSbom: false # this is handled by onebranch
-                codeSign: ${{ parameters.codeSign }}
-
-      - stage: Publish
-        displayName: Publish
-        dependsOn: [Build, Package]
-        jobs:
-          - template: ./build/pipelines/templates-v2/job-publish-symbols.yml@self
-            parameters:
-              pool: { type: windows }
-              includePublicSymbolServer: ${{ parameters.publishSymbolsToPublic }}
-              symbolPatGoesInTaskInputs: true # onebranch tries to muck with the PAT variable, so we need to change how it get the PAT
-              symbolExpiryTime: ${{ parameters.symbolExpiryTime }}
-              variables:
-                ob_git_checkout: false # This job checks itself out
-                ob_git_skip_checkout_none: true
-                ob_outputDirectory: $(Build.ArtifactStagingDirectory)
-                # Without this, OneBranch will nerf our symbol tasks
-                ob_symbolsPublishing_enabled: true
-
-          - ${{ parameters.extraPublishJobs }}

build/pipelines/templates-v2/steps-create-signing-config.yml

@@ -1,35 +0,0 @@
-parameters:
-  - name: stage
-    type: string
-  - name: outFile
-    type: string
-  - name: fragments
-    type: string
-
-# This build step template takes all files named "esrp.STAGE.batch.*.json"
-# and merges them into a single output signing config.
-#
-# We generate the batch signing config by sticking together multiple "batches".
-# The filter below (with Fragments) works by splitting the filename, esrp.s.batch.x.json,
-# to get 'x' and then checking whether x is in Fragments.
-# We have to manually strip comments out of the batch fragments due to https://github.com/PowerShell/PowerShell/issues/14553
-
-steps:
-  - pwsh: |-
-      $SignBatchFiles = (Get-Item build/config/esrp.${{ parameters.stage }}.batch.*.json)
-      $Fragments = "${{ parameters.fragments }}"
-      If (-Not [String]::IsNullOrWhiteSpace($Fragments)) {
-        $FragmentList = $Fragments -Split ";"
-        If ($FragmentList.Length -Gt 0) {
-          $SignBatchFiles = $SignBatchFiles | Where-Object { ($_.Name -Split '\.')[3] -In $FragmentList }
-        }
-      }
-      Write-Host "Found $(@($SignBatchFiles).Length) Signing Configs"
-      Write-Host ($SignBatchFiles.Name -Join ";")
-      $FinalSignConfig = @{
-        Version = "1.0.0";
-        UseMinimatch = $false;
-        SignBatches = @($SignBatchFiles | ForEach-Object { Get-Content $_ | Where-Object { $_ -NotMatch "^\s*\/\/" } | ConvertFrom-Json -Depth 10 });
-      }
-      $FinalSignConfig | ConvertTo-Json -Depth 10 | Out-File -Encoding utf8 "${{ parameters.outFile }}"
-    displayName: Merge ${{ parameters.stage }} signing configs (${{ parameters.outFile }})

build/pipelines/templates-v2/steps-download-bin-dir-artifact.yml

@@ -1,24 +0,0 @@
-parameters:
-  - name: buildConfigurations
-    type: object
-  - name: buildPlatforms
-    type: object
-  - name: artifactStem
-    type: string
-    default: ''
-
-steps:
-- ${{ each configuration in parameters.buildConfigurations }}:
-  - ${{ each platform in parameters.buildPlatforms }}:
-    - task: DownloadPipelineArtifact@2
-      displayName: Download artifacts for ${{ platform }} ${{ configuration }}
-      inputs:
-        # Make sure to download the entire artifact, because it includes the SPDX SBOM
-        artifactName: build-${{ platform }}-${{ configuration }}${{ parameters.artifactStem }}
-        # Downloading to the source directory should ensure that the later SBOM generator can see the earlier SBOMs.
-        ${{ if eq(platform, 'x86') }}:
-          downloadPath: '$(Build.SourcesDirectory)/bin/Win32/${{ configuration }}'
-        ${{ elseif eq(platform, 'Any CPU') }}:
-          downloadPath: '$(Build.SourcesDirectory)/bin/AnyCPU/${{ configuration }}'
-        ${{ else }}:
-          downloadPath: '$(Build.SourcesDirectory)/bin/${{ platform }}/${{ configuration }}'

build/pipelines/templates-v2/steps-ensure-nuget-version.yml

@@ -1,5 +0,0 @@
-steps:
-- task: NuGetToolInstaller@1
-  displayName: Use NuGet 6.6.1
-  inputs:
-    versionSpec: 6.6.1

build/pipelines/templates-v2/steps-fetch-and-prepare-localizations.yml

@@ -1,27 +0,0 @@
-parameters:
-  - name: includePseudoLoc
-    type: boolean
-    default: true
-
-steps:
-  - task: TouchdownBuildTask@1
-    displayName: Download Localization Files
-    inputs:
-      teamId: 7105
-      authId: $(TouchdownAppId)
-      authKey: $(TouchdownAppKey)
-      resourceFilePath: |
-        src\cascadia\**\en-US\*.resw
-      appendRelativeDir: true
-      localizationTarget: false
-      ${{ if eq(parameters.includePseudoLoc, true) }}:
-        pseudoSetting: Included
-
-  - pwsh: |-
-      $Files = Get-ChildItem . -R -Filter 'Resources.resw' | ? FullName -Like '*en-US\*\Resources.resw'
-      $Files | % { Move-Item -Verbose $_.Directory $_.Directory.Parent.Parent -EA:Ignore }
-    displayName: Move Loc files into final locations
-
-  - pwsh: |-
-      ./build/scripts/Copy-ContextMenuResourcesToCascadiaPackage.ps1
-    displayName: Copy the Context Menu Loc Resources to CascadiaPackage

build/pipelines/templates-v2/variables-nuget-package-version.yml

@@ -1,27 +0,0 @@
-parameters:
-  - name: branding
-    type: string
-
-variables:
-  # If we are building a branch called "release-*", change the NuGet suffix
-  # to "preview". If we don't do that, XES will set the suffix to "release1"
-  # because it truncates the value after the first period.
-  # We also want to disable the suffix entirely if we're Release branded while
-  # on a release branch.
-  # main is special, however. XES ignores main. Since we never produce actual
-  # shipping builds from main, we want to force it to have a beta label as
-  # well.
-  #
-  # In effect:
-  # BRANCH / BRANDING | Release                    | Preview
-  # ------------------|----------------------------|-----------------------------
-  # release-*         | 1.12.20220427              | 1.13.20220427-preview
-  # main              | 1.14.20220427-experimental | 1.14.20220427-experimental
-  # all others        | 1.14.20220427-mybranch     | 1.14.20220427-mybranch
-  ${{ if startsWith(variables['Build.SourceBranchName'], 'release-') }}:
-    ${{ if eq(parameters.branding, 'Release') }}:
-      NoNuGetPackBetaVersion: true
-    ${{ else }}:
-      NuGetPackBetaVersion: preview
-  ${{ elseif eq(variables['Build.SourceBranchName'], 'main') }}:
-    NuGetPackBetaVersion: experimental

build/pipelines/templates-v2/variables-onebranch-config.yml

@@ -1,2 +0,0 @@
-variables:
-  WindowsContainerImage: 'onebranch.azurecr.io/windows/ltsc2022/vse2022:latest'

build/pipelines/templates/build-console-audit-job.yml

@@ -0,0 +1,35 @@
+parameters:
+  platform: ''
+  additionalBuildArguments: ''
+
+jobs:
+- job: Build${{ parameters.platform }}AuditMode
+  displayName: Static Analysis Build ${{ parameters.platform }}
+  variables:
+    BuildConfiguration: AuditMode
+    BuildPlatform: ${{ parameters.platform }}
+  pool:
+    ${{ if eq(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
+      name: WinDevPoolOSS-L
+    ${{ if ne(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
+      name: WinDevPool-L
+    demands: ImageOverride -equals WinDevVS16-latest
+
+  steps:
+  - checkout: self
+    submodules: true
+    clean: true
+    fetchDepth: 1
+
+  - template: restore-nuget-steps.yml
+
+  - task: VSBuild@1
+    displayName: 'Build solution **\OpenConsole.sln'
+    inputs:
+      solution: '**\OpenConsole.sln'
+      vsVersion: 16.0
+      platform: '$(BuildPlatform)'
+      configuration: '$(BuildConfiguration)'
+      msbuildArgs: ${{ parameters.additionalBuildArguments }}
+      clean: true
+      maximumCpuCount: true

build/pipelines/templates/build-console-ci.yml

@@ -0,0 +1,31 @@
+parameters:
+  configuration: 'Release'
+  branding: 'Dev'
+  platform: ''
+  additionalBuildArguments: ''
+
+jobs:
+- job: Build${{ parameters.platform }}${{ parameters.configuration }}${{ parameters.branding }}
+  displayName: Build ${{ parameters.platform }} ${{ parameters.configuration }} ${{ parameters.branding }}
+  variables:
+    BuildConfiguration: ${{ parameters.configuration }}
+    BuildPlatform: ${{ parameters.platform }}
+    WindowsTerminalBranding: ${{ parameters.branding }}
+    EnableRichCodeNavigation: true
+  pool: 
+    ${{ if eq(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
+      name: WinDevPoolOSS-L
+    ${{ if ne(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
+      name: WinDevPool-L
+    demands: ImageOverride -equals WinDevVS16-latest
+
+  steps:
+  - template: build-console-steps.yml
+    parameters:
+      additionalBuildArguments: ${{ parameters.additionalBuildArguments }}
+
+  # It appears that the Component Governance build task that gets automatically injected stopped working
+  # when we renamed our main branch.
+  - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0
+    displayName: 'Component Detection'
+    condition: and(succeededOrFailed(), not(eq(variables['Build.Reason'], 'PullRequest')))

build/pipelines/templates/build-console-compliance-job.yml

@@ -0,0 +1,201 @@
+jobs:
+- job: Compliance
+  # We don't *need* a matrix but there's no other way to set parameters on a "job"
+  # in the AzDO YAML syntax. It would have to be a "stage" or a "template".
+  # Doesn't matter. We're going to do compliance on Release x64 because
+  # that's the one all the tooling works against for sure.
+  strategy:
+    matrix:
+      Release_x64:
+        BuildConfiguration: Release
+        BuildPlatform: x64
+  displayName: Validate Security and Compliance
+  timeoutInMinutes: 240
+  steps:
+  - checkout: self
+    clean: true
+    submodules: true
+    persistCredentials: True
+  - task: PkgESSetupBuild@12
+    displayName: Package ES - Setup Build
+    inputs:
+      disableOutputRedirect: true
+  - task: PowerShell@2
+    displayName: Rationalize Build Platform
+    inputs:
+      targetType: inline
+      script: >-
+        $Arch = "$(BuildPlatform)"
+
+        If ($Arch -Eq "x86") { $Arch = "Win32" }
+
+        Write-Host "##vso[task.setvariable variable=RationalizedBuildPlatform]${Arch}"
+  - template: restore-nuget-steps.yml
+  - task: UniversalPackages@0
+    displayName: Download terminal-internal Universal Package
+    inputs:
+      feedListDownload: 2b3f8893-a6e8-411f-b197-a9e05576da48
+      packageListDownload: e82d490c-af86-4733-9dc4-07b772033204
+      versionListDownload: $(TerminalInternalPackageVersion)
+  - task: TouchdownBuildTask@1
+    displayName: Download Localization Files
+    inputs:
+      teamId: 7105
+      authId: $(TouchdownAppId)
+      authKey: $(TouchdownAppKey)
+      resourceFilePath: >-
+        src\cascadia\TerminalApp\Resources\en-US\Resources.resw
+
+        src\cascadia\TerminalControl\Resources\en-US\Resources.resw
+
+        src\cascadia\TerminalConnection\Resources\en-US\Resources.resw
+
+        src\cascadia\TerminalSettingsModel\Resources\en-US\Resources.resw
+
+        src\cascadia\TerminalSettingsEditor\Resources\en-US\Resources.resw
+
+        src\cascadia\CascadiaPackage\Resources\en-US\Resources.resw
+      appendRelativeDir: true
+      localizationTarget: false
+      pseudoSetting: Included
+  - task: PowerShell@2
+    displayName: Move Loc files one level up
+    inputs:
+      targetType: inline
+      script: >-
+        $Files = Get-ChildItem . -R -Filter 'Resources.resw' | ? FullName -Like '*en-US\*\Resources.resw'
+
+        $Files | % { Move-Item -Verbose $_.Directory $_.Directory.Parent.Parent -EA:Ignore }
+      pwsh: true
+
+  # 1ES Component Governance onboarding (Detects open source components). See https://docs.opensource.microsoft.com/tools/cg.html
+  - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0
+    displayName: Component Detection
+    
+  # # PREfast and PoliCheck need Node. Install that first.
+  - task: NodeTool@0
+
+  # !!! NOTE !!! Run PREfast first. Some of the other tasks are going to run on a completed build.
+  # PREfast is going to build the code as a part of its analysis and the generated sources
+  # and output binaries will be sufficient for the rest of the analysis.
+  # If you disable this, the other tasks won't likely work. You would have to add a build
+  # step instead that builds the code normally before calling them.
+  # Also... PREfast will rebuild anyway so that's why we're not running a normal build first.
+  # Waste of time to build twice.
+  # PREfast. See https://www.1eswiki.com/wiki/SDL_Native_Rules_Build_Task 
+
+  # The following 1ES tasks all operate completely differently and have a different syntax for usage.
+  # Most notable is every one of them has a different way of excluding things.
+  # Go see their 1eswiki.com pages to figure out how to exclude things.
+  # When writing exclusions, try to make them narrow so when new projects/binaries are added, they
+  # cause an error here and have to be explicitly pulled out. Don't write an exclusion so broad
+  # that it will catch other new stuff.
+
+  # https://www.1eswiki.com/wiki/PREfast_Build_Task
+  # Builds the project with C/C++ static analysis tools to find coding flaws and vulnerabilities
+  # !!! WARNING !!! It doesn't work with WAPPROJ packaging projects. Build the sub-projects instead.
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-prefast.SDLNativeRules@3
+    displayName: 'Run the PREfast SDL Native Rules for MSBuild'
+    condition: succeededOrFailed()
+    inputs:
+      msBuildCommandline: msbuild.exe /nologo /m /p:WindowsTerminalOfficialBuild=true /p:WindowsTerminalBranding=${{ parameters.branding }} /p:WindowsTerminalReleaseBuild=true /p:platform=$(BuildPlatform) /p:configuration=$(BuildConfiguration) /t:Terminal\Window\WindowsTerminal /p:VisualStudioVersion=16.0 $(Build.SourcesDirectory)\OpenConsole.sln
+
+  # Copies output from PREfast SDL Native Rules task to expected location for consumption by PkgESSecComp
+  - task: CopyFiles@1
+    displayName: 'Copy PREfast xml files to SDLNativeRulesDir'
+    inputs:
+      SourceFolder: '$(Agent.BuildDirectory)'
+      Contents: |
+        **\*.nativecodeanalysis.xml
+      TargetFolder: '$(Agent.BuildDirectory)\_sdt\logs\SDLNativeRules'
+
+  # https://www.1eswiki.com/index.php?title=PoliCheck_Build_Task
+  # Scans the text of source code, comments, and content for terminology that could be sensitive for legal, cultural, or geopolitical reasons.
+  # (Also finds vulgarities... takes all the fun out of everything.)
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-policheck.PoliCheck@2
+    displayName: 'Run PoliCheck'
+    inputs:
+      targetType: F
+      targetArgument: $(Build.SourcesDirectory)
+      result: PoliCheck.xml
+      optionsFC: 1
+      optionsXS: 1
+      optionsUEPath: $(Build.SourcesDirectory)\build\config\PolicheckExclusions.xml
+      optionsHMENABLE: 0
+    continueOnError: true
+
+  # https://www.1eswiki.com/wiki/CredScan_Azure_DevOps_Build_Task
+  # Searches through source code and build outputs for a credential left behind in the open
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@3
+    displayName: 'Run CredScan'
+    inputs:
+      outputFormat: pre
+      # suppressionsFile: LocalSuppressions.json
+      batchSize: 20
+      debugMode: false
+    continueOnError: true
+
+  # https://www.1eswiki.com/wiki/BinSkim_Build_Task
+  # Searches managed and unmanaged binaries for known security vulnerabilities.
+  - task: securedevelopmentteam.vss-secure-development-tools.build-task-binskim.BinSkim@4
+    displayName: 'Run BinSkim'
+    inputs:
+      TargetPattern: guardianGlob
+      # See https://aka.ms/gdn-globs for how to do match patterns
+      AnalyzeTargetGlob: $(Build.SourcesDirectory)\bin\**\*.dll;$(Build.SourcesDirectory)\bin\**\*.exe;-:file|**\Microsoft.UI.Xaml.dll;-:file|**\Microsoft.Toolkit.Win32.UI.XamlHost.dll;-:file|**\vcruntime*.dll;-:file|**\vcomp*.dll;-:file|**\vccorlib*.dll;-:file|**\vcamp*.dll;-:file|**\msvcp*.dll;-:file|**\concrt*.dll;-:file|**\TerminalThemeHelpers*.dll;-:file|**\cpprest*.dll
+    continueOnError: true
+
+  # Set XES_SERIALPOSTBUILDREADY to run Security and Compliance task once per build
+  - powershell: Write-Host “##vso[task.setvariable variable=XES_SERIALPOSTBUILDREADY;]true”  
+    displayName: 'Set XES_SERIALPOSTBUILDREADY Vars'
+
+  # https://www.osgwiki.com/wiki/Package_ES_Security_and_Compliance
+  # Does a few things:
+  # - Ensures that Windows-required compliance tasks are run either inside this task
+  #   or were run as a previous step prior to this one
+  #   (PREfast, PoliCheck, Credscan)
+  # - Runs Windows-specific compliance tasks inside the task
+  #   + CheckCFlags - ensures that compiler and linker flags meet Windows standards
+  #   + CFGCheck/XFGCheck - ensures that Control Flow Guard (CFG) or 
+  #                         eXtended Flow Guard (XFG) are enabled on binaries
+  #                         NOTE: CFG is deprecated and XFG isn't fully ready yet.
+  #                         NOTE2: CFG fails on an XFG'd binary
+  # - Brokers all security/compliance task logs to "Trust Services Automation (TSA)" (https://aka.ms/tsa)
+  #   which is a system that maps all errors into the appropriate bug database 
+  #   template for each organization since they all vary. It should also suppress
+  #   new bugs when one already exists for the product.
+  #   This one is set up to go to the OS repository and use the given parameters
+  #   to file bugs to our AzDO product path.
+  #   If we don't use PkgESSecComp to do this for us, we need to install the TSA task
+  #   ourselves in this pipeline to finalize data upload and bug creation.
+  # !!! NOTE !!! This task goes *LAST* after any other compliance tasks so it catches their logs
+  - task: PkgESSecComp@10
+    displayName: 'Security and Compliance tasks'
+    inputs:
+      fileNewBugs: false
+      areaPath: 'OS\WDX\DXP\WinDev\Terminal'
+      teamProject: 'OS'
+      iterationPath: 'OS\Future'
+      bugTags: 'TerminalReleaseCompliance'
+      scanAll: true
+      errOnBugs: false
+      failOnStdErr: true
+      taskLogVerbosity: Diagnostic
+      secCompConfigFromTask: |
+        # Overrides default build sources directory
+        sourceTargetOverrideAll: $(Build.SourcesDirectory)
+        # Overrides default build binaries directory when "Scan all" option is specified
+        binariesTargetOverrideAll: $(Build.SourcesDirectory)\bin
+
+        # Set the tools to false if they should not run in the build
+        tools:
+            - toolName: CheckCFlags
+              enable: true
+            - toolName: CFGCheck
+              enable: true
+            - toolName: Policheck
+              enable: false
+            - toolName: CredScan
+              enable: false
+            - toolName: XFGCheck
+              enable: false

build/pipelines/templates/build-console-fuzzing.yml

@@ -0,0 +1,91 @@
+parameters:
+  configuration: 'Fuzzing'
+  platform: ''
+  additionalBuildArguments: ''
+
+jobs:
+- job: Build${{ parameters.platform }}${{ parameters.configuration }}
+  displayName: Build ${{ parameters.platform }} ${{ parameters.configuration }}
+  variables:
+    BuildConfiguration: ${{ parameters.configuration }}
+    BuildPlatform: ${{ parameters.platform }}
+  pool: 
+    ${{ if eq(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
+      name: WinDevPoolOSS-L
+    ${{ if ne(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
+      name: WinDevPool-L
+    demands: ImageOverride -equals WinDevVS16-latest
+
+  steps:
+  - checkout: self
+    submodules: true
+    clean: true
+
+  - template: restore-nuget-steps.yml
+
+  # The environment variable VCToolsInstallDir isn't defined on lab machines, so we need to retrieve it ourselves.
+  - script: |
+      "%ProgramFiles(x86)%\Microsoft Visual Studio\Installer\vswhere.exe" -Latest -requires Microsoft.Component.MSBuild -property InstallationPath > %TEMP%\vsinstalldir.txt
+      set /p _VSINSTALLDIR15=<%TEMP%\vsinstalldir.txt
+      del %TEMP%\vsinstalldir.txt
+      call "%_VSINSTALLDIR15%\Common7\Tools\VsDevCmd.bat"
+      echo VCToolsInstallDir = %VCToolsInstallDir%
+      echo ##vso[task.setvariable variable=VCToolsInstallDir]%VCToolsInstallDir%
+    displayName: 'Retrieve VC tools directory'
+  
+  - task: VSBuild@1
+    displayName: 'Build solution **\OpenConsole.sln'
+    inputs:
+      solution: '**\OpenConsole.sln'
+      vsVersion: 16.0
+      platform: '$(BuildPlatform)'
+      configuration: '$(BuildConfiguration)'
+      msbuildArgs: "${{ parameters.additionalBuildArguments }}"
+      clean: true
+      maximumCpuCount: true
+
+  - task: PowerShell@2
+    displayName: 'Rationalize build platform'
+    inputs:
+      targetType: inline
+      script: |
+        $Arch = "$(BuildPlatform)"
+        If ($Arch -Eq "x86") { $Arch = "Win32" }
+        Write-Host "##vso[task.setvariable variable=RationalizedBuildPlatform]${Arch}"
+
+  - task: CopyFiles@2
+    displayName: 'Copy result logs to Artifacts'
+    inputs:
+      Contents: |
+       **/*.wtl
+       **/*onBuildMachineResults.xml
+       ${{ parameters.testLogPath }}
+      TargetFolder: '$(Build.ArtifactStagingDirectory)/$(BuildConfiguration)/$(BuildPlatform)/test'
+      OverWrite: true
+      flattenFolders: true
+
+  - task: CopyFiles@2
+    displayName: 'Copy outputs needed for test runs to Artifacts'
+    inputs:
+      Contents: |
+       $(Build.SourcesDirectory)/bin/$(RationalizedBuildPlatform)/$(BuildConfiguration)/*.exe
+       $(Build.SourcesDirectory)/bin/$(RationalizedBuildPlatform)/$(BuildConfiguration)/*.dll
+       $(Build.SourcesDirectory)/bin/$(RationalizedBuildPlatform)/$(BuildConfiguration)/*.xml
+       **/Microsoft.VCLibs.*.appx
+       **/TestHostApp/*.exe
+       **/TestHostApp/*.dll
+       **/TestHostApp/*.xml
+       !**/*.pdb
+       !**/*.ipdb
+       !**/*.obj
+       !**/*.pch
+      TargetFolder: '$(Build.ArtifactStagingDirectory)/$(BuildConfiguration)/$(BuildPlatform)/test'
+      OverWrite: true
+      flattenFolders: true
+    condition: succeeded()
+
+  - task: PublishBuildArtifacts@1
+    displayName: 'Publish All Build Artifacts'
+    inputs:
+      PathtoPublish: '$(Build.ArtifactStagingDirectory)'
+      ArtifactName: 'fuzzingBuildOutput'

build/pipelines/templates/build-console-pgo.yml

@@ -0,0 +1,55 @@
+parameters:
+  configuration: 'Release'
+  platform: ''
+  additionalBuildArguments: ''
+  minimumExpectedTestsExecutedCount: 1  # Sanity check for minimum expected tests to be reported
+  rerunPassesRequiredToAvoidFailure: 5
+
+jobs:
+- job: Build${{ parameters.platform }}${{ parameters.configuration }}
+  displayName: Build ${{ parameters.platform }} ${{ parameters.configuration }}
+  variables:
+    BuildConfiguration: ${{ parameters.configuration }}
+    BuildPlatform: ${{ parameters.platform }}
+    PGOBuildMode: 'Instrument'
+  pool: 
+    ${{ if eq(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
+      name: WinDevPoolOSS-L
+    ${{ if ne(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
+      name: WinDevPool-L
+    demands: ImageOverride -equals WinDevVS16-latest
+
+  steps:
+  - template: build-console-steps.yml
+    parameters:
+      additionalBuildArguments: '${{ parameters.additionalBuildArguments }}'
+
+- template: helix-runtests-job.yml
+  parameters:
+    name: 'RunTestsInHelix'
+    dependsOn: Build${{ parameters.platform }}${{ parameters.configuration }}
+    condition: succeeded()
+    testSuite: 'PgoInstrumentationSuite'
+    taefQuery: '@IsPgo=true'
+    configuration: ${{ parameters.configuration }}
+    platform: ${{ parameters.platform }}
+    rerunPassesRequiredToAvoidFailure: ${{ parameters.rerunPassesRequiredToAvoidFailure }}
+    
+- template: helix-processtestresults-job.yml
+  parameters:
+    name: 'ProcessTestResults'
+    pgoArtifact: 'PGO'
+    dependsOn:
+    - RunTestsInHelix
+    condition: succeededOrFailed()
+    rerunPassesRequiredToAvoidFailure: ${{ parameters.rerunPassesRequiredToAvoidFailure }}
+    minimumExpectedTestsExecutedCount: ${{ parameters.minimumExpectedTestsExecutedCount }}
+
+- template: pgo-merge-pgd-job.yml
+  parameters:
+    name: 'MergePGD'
+    dependsOn:
+    - ProcessTestResults
+    pgoArtifact: 'PGO'
+    platform: ${{ parameters.platform }}
+    configuration: ${{ parameters.configuration }}