build: pass branding into the nuget variable template (#16122)

This fixes a cosmetic issue with the version number in the unpackaged
builds and NuGet packages.

They were showing up as `-preview`, even when they were stable, because
the variable template didn't know about the branding.

(cherry picked from commit 544cdd78af)
Service-Card-Id: 91211923
Service-Version: 1.17

.config/dotnet-tools.json

@@ -3,7 +3,7 @@
   "isRoot": true,
   "tools": {
     "XamlStyler.Console": {
-      "version": "3.2008.4",
+      "version": "3.2206.4",
       "commands": [
         "xstyler"
       ]

.git-blame-ignore-revs

@@ -0,0 +1,15 @@
+# Commits mentioned in this file will automatically
+# be skipped by GitHub's blame view.
+# To use it with "git", run
+# > git blame --ignore-revs-file ./.git-blame-ignore-revs
+
+# Reformatted the entire codebase
+9b92986b49bed8cc41fde4d6ef080921c41e6d9e
+
+# Line Endings changes
+cb7a76d96c92aa9fc7b03f69148fb0c75dff191d
+5bbf61af8c8f12e6c05d07a696bf7d411b330a67
+d07546a6fef73fa4e1fb1c2f01535843d1fcc212
+
+# UTF-8 BOM changes
+ddae2a1d49d604487d3c963e5eacbeb73861d986

.github/ISSUE_TEMPLATE/Bug_Report.yml

@@ -1,6 +1,6 @@
 name: "Bug report 🐛"
 description: Report errors or unexpected behavior
-labels: [Issue-Bug]
+labels: [Issue-Bug, Needs-Triage]
 body:
 - type: markdown
   attributes:
@@ -14,7 +14,7 @@ body:
     label: Windows Terminal version
     placeholder: "1.7.3651.0"
     description: |
-      You can find the version in the about dialog, or by running `wt -v` at the commandline.
+      You can copy the version number from the About dialog. Open the About dialog by opening the menu with the "V" button (to the right of the "+" button that opens a new tab) and choosing About from the end of the list.
   validations:
     required: false
     

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,20 +1,14 @@
-<!-- Enter a brief description/summary of your PR here. What does it fix/what does it change/how was it tested (even manually, if necessary)? -->
 ## Summary of the Pull Request
 
-<!-- Other than the issue solved, is this relevant to any other issues/existing PRs? --> 
-## References
+## References and Relevant Issues
 
-<!-- Please review the items on the PR checklist before submitting-->
-## PR Checklist
-* [ ] Closes #xxx
-* [ ] CLA signed. If not, go over [here](https://cla.opensource.microsoft.com/microsoft/Terminal) and sign the CLA
-* [ ] Tests added/passed
-* [ ] Documentation updated. If checked, please file a pull request on [our docs repo](https://github.com/MicrosoftDocs/terminal) and link it here: #xxx
-* [ ] Schema updated.
-* [ ] I've discussed this with core contributors already. If not checked, I'm ready to accept this work might be rejected in favor of a different grand plan. Issue number where discussion took place: #xxx
-
-<!-- Provide a more detailed description of the PR, other things fixed or any additional comments/features here -->
 ## Detailed Description of the Pull Request / Additional comments
 
-<!-- Describe how you validated the behavior. Add automated tests wherever possible, but list manual validation steps taken as well -->
 ## Validation Steps Performed
+
+## PR Checklist
+- [ ] Closes #xxx
+- [ ] Tests added/passed
+- [ ] Documentation updated
+   - If checked, please file a pull request on [our docs repo](https://github.com/MicrosoftDocs/terminal) and link it here: #xxx
+- [ ] Schema updated (if necessary)

.github/actions/spelling/README.md

@@ -6,6 +6,7 @@ File | Purpose | Format | Info
 [reject.txt](reject.txt) | Remove words from the dictionary (after allow) | grep pattern matching whole dictionary words | [reject](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples%3A-reject)
 [excludes.txt](excludes.txt) | Files to ignore entirely | perl regular expression | [excludes](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples%3A-excludes)
 [patterns/*.txt](patterns/) | Patterns to ignore from checked lines | perl regular expression (order matters, first match wins) | [patterns](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples%3A-patterns)
+[candidate.patterns](candidate.patterns) | Patterns that might be worth adding to [patterns.txt](patterns.txt) | perl regular expression with optional comment block introductions (all matches will be suggested) | [candidates](https://github.com/check-spelling/check-spelling/wiki/Feature:-Suggest-patterns)
 [line_forbidden.patterns](line_forbidden.patterns) | Patterns to flag in checked lines | perl regular expression (order matters, first match wins) | [patterns](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples%3A-patterns)
 [expect/*.txt](expect.txt) | Expected words that aren't in the dictionary | one word per line (sorted, alphabetically) | [expect](https://github.com/check-spelling/check-spelling/wiki/Configuration#expect)
 [advice.md](advice.md) | Supplement for GitHub comment when unrecognized words are found | GitHub Markdown | [advice](https://github.com/check-spelling/check-spelling/wiki/Configuration-Examples%3A-advice)

.github/actions/spelling/advice.md

@@ -21,7 +21,7 @@ See the `README.md` in each directory for more information.
 :microscope: You can test your commits **without** *appending* to a PR by creating a new branch with that extra change and pushing it to your fork. The [check-spelling](https://github.com/marketplace/actions/check-spelling) action will run in response to your **push** -- it doesn't require an open pull request. By using such a branch, you can limit the number of typos your peers see you make. :wink:
 
 
-<details><summary>:clamp: If the flagged items are false positives</summary>
+<details><summary>If the flagged items are :exploding_head: false positives</summary>
 
 If items relate to a ...
 * binary file (or some other file you wouldn't want to check at all).

.github/actions/spelling/allow/allow.txt

@@ -1,7 +1,8 @@
 admins
 allcolors
-apc
 Apc
+apc
+backpressure
 breadcrumb
 breadcrumbs
 bsd
@@ -12,18 +13,23 @@ clickable
 clig
 CMMI
 copyable
+CtrlDToClose
 cybersecurity
 dalet
-dcs
 Dcs
+dcs
+deselection
 dialytika
+diffing
 dje
 downside
 downsides
 dze
 dzhe
+DTo
 EDDB
 EDDC
+Emacspeak
 Enum'd
 Fitt
 formattings
@@ -34,10 +40,12 @@ gantt
 gcc
 geeksforgeeks
 ghe
+github
 gje
 godbolt
 hostname
 hostnames
+https
 hyperlink
 hyperlinking
 hyperlinks
@@ -54,9 +62,11 @@ Llast
 llvm
 Lmid
 locl
+lol
 lorem
 Lorigin
 maxed
+megathread
 minimalistic
 mkmk
 mnt
@@ -81,6 +91,8 @@ runtimes
 shcha
 slnt
 Sos
+ssh
+stakeholders
 timeline
 timelines
 timestamped
@@ -89,6 +101,7 @@ tokenizes
 tonos
 toolset
 tshe
+ubuntu
 uiatextrange
 UIs
 und
@@ -97,5 +110,7 @@ versioned
 vsdevcmd
 We'd
 wildcards
+XBox
+YBox
 yeru
 zhe

.github/actions/spelling/allow/apis.txt

@@ -29,13 +29,14 @@ Dacl
 dataobject
 dcomp
 DERR
+delayimp
 dlldata
 DNE
 DONTADDTORECENT
-DWMWA
-DWORDLONG
 DWMSBT
 DWMWA
+DWMWA
+DWORDLONG
 endfor
 ENDSESSION
 enumset
@@ -55,6 +56,8 @@ GETMOUSEHOVERTIME
 Hashtable
 HIGHCONTRASTON
 HIGHCONTRASTW
+hinternet
+HINTERNET
 hotkeys
 href
 hrgn
@@ -74,6 +77,7 @@ IConnection
 ICustom
 IDialog
 IDirect
+Idn
 IExplorer
 IFACEMETHOD
 IFile
@@ -110,8 +114,8 @@ memchr
 memicmp
 MENUCOMMAND
 MENUDATA
-MENUITEMINFOW
 MENUINFO
+MENUITEMINFOW
 mmeapi
 MOUSELEAVE
 mov
@@ -158,11 +162,12 @@ rcx
 REGCLS
 RETURNCMD
 rfind
-roundf
 ROOTOWNER
+roundf
 RSHIFT
 SACL
 schandle
+SEH
 semver
 serializer
 SETVERSION
@@ -210,9 +215,13 @@ UOI
 UPDATEINIFILE
 userenv
 USEROBJECTFLAGS
+Vcpp
 Viewbox
+virtualalloc
 wcsstr
 wcstoui
+WDJ
+winhttp
 winmain
 winsta
 winstamin
@@ -220,6 +229,7 @@ wmemcmp
 wpc
 WSF
 wsregex
+WWH
 wwinmain
 xchg
 XDocument

.github/actions/spelling/allow/microsoft.txt

@@ -33,6 +33,7 @@ libucrtd
 LKG
 LOCKFILE
 Lxss
+makepri
 mfcribbon
 microsoft
 microsoftonline
@@ -50,12 +51,16 @@ pgo
 pgosweep
 powerrename
 powershell
+priconfig
+PRIINFO
 propkey
 pscustomobject
 QWORD
 regedit
+resfiles
 robocopy
 SACLs
+segoe
 sdkddkver
 Shobjidl
 Skype

.github/actions/spelling/allow/names.txt

@@ -1,6 +1,6 @@
 Anup
-austdi
 arkthur
+austdi
 Ballmer
 bhoj
 Bhojwani
@@ -23,6 +23,7 @@ Griese
 Hernan
 Howett
 Illhardt
+Imms
 iquilezles
 italo
 jantari
@@ -30,10 +31,11 @@ jerrysh
 Kaiyu
 kimwalisch
 KMehrain
-KODELIFE
 Kodelife
+KODELIFE
 Kourosh
 kowalczyk
+leonardder
 leonmsft
 Lepilleur
 lhecker
@@ -59,6 +61,7 @@ oising
 oldnewthing
 opengl
 osgwiki
+Ottosson
 pabhojwa
 panos
 paulcam
@@ -77,15 +80,18 @@ sonpham
 stakx
 talo
 thereses
+Thysell
 Walisch
 WDX
 Wellons
+Westerman
 Wirt
 Wojciech
 zadjii
 Zamor
-Zamora
 zamora
+Zamora
+zljubisic
 Zoey
 zorio
 Zverovich

.github/actions/spelling/candidate.patterns

@@ -0,0 +1,523 @@
+# marker to ignore all code on line
+^.*/\* #no-spell-check-line \*/.*$
+# marker for ignoring a comment to the end of the line
+// #no-spell-check.*$
+
+# patch hunk comments
+^\@\@ -\d+(?:,\d+|) \+\d+(?:,\d+|) \@\@ .*
+# git index header
+index [0-9a-z]{7,40}\.\.[0-9a-z]{7,40}
+
+# cid urls
+(['"])cid:.*?\g{-1}
+
+# data url in parens
+\(data:[^)]*?(?:[A-Z]{3,}|[A-Z][a-z]{2,}|[a-z]{3,})[^)]*\)
+# data url in quotes
+([`'"])data:.*?(?:[A-Z]{3,}|[A-Z][a-z]{2,}|[a-z]{3,}).*\g{-1}
+# data url
+data:[-a-zA-Z=;:/0-9+]*,\S*
+
+# mailto urls
+mailto:[-a-zA-Z=;:/?%&0-9+@.]{3,}
+
+# magnet urls
+magnet:[?=:\w]+
+
+# magnet urls
+"magnet:[^"]+"
+
+# obs:
+"obs:[^"]*"
+
+# The `\b` here means a break, it's the fancy way to handle urls, but it makes things harder to read
+# In this examples content, I'm using a number of different ways to match things to show various approaches
+# asciinema
+\basciinema\.org/a/[0-9a-zA-Z]+
+
+# apple
+\bdeveloper\.apple\.com/[-\w?=/]+
+# Apple music
+\bembed\.music\.apple\.com/fr/playlist/usr-share/[-\w.]+
+
+# appveyor api
+\bci\.appveyor\.com/api/projects/status/[0-9a-z]+
+# appveyor project
+\bci\.appveyor\.com/project/(?:[^/\s"]*/){2}builds?/\d+/job/[0-9a-z]+
+
+# Amazon
+
+# Amazon
+\bamazon\.com/[-\w]+/(?:dp/[0-9A-Z]+|)
+# AWS S3
+\b\w*\.s3[^.]*\.amazonaws\.com/[-\w/&#%_?:=]*
+# AWS execute-api
+\b[0-9a-z]{10}\.execute-api\.[-0-9a-z]+\.amazonaws\.com\b
+# AWS ELB
+\b\w+\.[-0-9a-z]+\.elb\.amazonaws\.com\b
+# AWS SNS
+\bsns\.[-0-9a-z]+.amazonaws\.com/[-\w/&#%_?:=]*
+# AWS VPC
+vpc-\w+
+
+# While you could try to match `http://` and `https://` by using `s?` in `https?://`, sometimes there
+# YouTube url
+\b(?:(?:www\.|)youtube\.com|youtu.be)/(?:channel/|embed/|user/|playlist\?list=|watch\?v=|v/|)[-a-zA-Z0-9?&=_%]*
+# YouTube music
+\bmusic\.youtube\.com/youtubei/v1/browse(?:[?&]\w+=[-a-zA-Z0-9?&=_]*)
+# YouTube tag
+<\s*youtube\s+id=['"][-a-zA-Z0-9?_]*['"]
+# YouTube image
+\bimg\.youtube\.com/vi/[-a-zA-Z0-9?&=_]*
+# Google Accounts
+\baccounts.google.com/[-_/?=.:;+%&0-9a-zA-Z]*
+# Google Analytics
+\bgoogle-analytics\.com/collect.[-0-9a-zA-Z?%=&_.~]*
+# Google APIs
+\bgoogleapis\.(?:com|dev)/[a-z]+/(?:v\d+/|)[a-z]+/[-@:./?=\w+|&]+
+# Google Storage
+\b[-a-zA-Z0-9.]*\bstorage\d*\.googleapis\.com(?:/\S*|)
+# Google Calendar
+\bcalendar\.google\.com/calendar(?:/u/\d+|)/embed\?src=[@./?=\w&%]+
+\w+\@group\.calendar\.google\.com\b
+# Google DataStudio
+\bdatastudio\.google\.com/(?:(?:c/|)u/\d+/|)(?:embed/|)(?:open|reporting|datasources|s)/[-0-9a-zA-Z]+(?:/page/[-0-9a-zA-Z]+|)
+# The leading `/` here is as opposed to the `\b` above
+# ... a short way to match `https://` or `http://` since most urls have one of those prefixes
+# Google Docs
+/docs\.google\.com/[a-z]+/(?:ccc\?key=\w+|(?:u/\d+|d/(?:e/|)[0-9a-zA-Z_-]+/)?(?:edit\?[-\w=#.]*|/\?[\w=&]*|))
+# Google Drive
+\bdrive\.google\.com/(?:file/d/|open)[-0-9a-zA-Z_?=]*
+# Google Groups
+\bgroups\.google\.com/(?:(?:forum/#!|d/)(?:msg|topics?|searchin)|a)/[^/\s"]+/[-a-zA-Z0-9$]+(?:/[-a-zA-Z0-9]+)*
+# Google Maps
+\bmaps\.google\.com/maps\?[\w&;=]*
+# Google themes
+themes\.googleusercontent\.com/static/fonts/[^/\s"]+/v\d+/[^.]+.
+# Google CDN
+\bclients2\.google(?:usercontent|)\.com[-0-9a-zA-Z/.]*
+# Goo.gl
+/goo\.gl/[a-zA-Z0-9]+
+# Google Chrome Store
+\bchrome\.google\.com/webstore/detail/[-\w]*(?:/\w*|)
+# Google Books
+\bgoogle\.(?:\w{2,4})/books(?:/\w+)*\?[-\w\d=&#.]*
+# Google Fonts
+\bfonts\.(?:googleapis|gstatic)\.com/[-/?=:;+&0-9a-zA-Z]*
+# Google Forms
+\bforms\.gle/\w+
+# Google Scholar
+\bscholar\.google\.com/citations\?user=[A-Za-z0-9_]+
+# Google Colab Research Drive
+\bcolab\.research\.google\.com/drive/[-0-9a-zA-Z_?=]*
+
+# GitHub SHAs (api)
+\bapi.github\.com/repos(?:/[^/\s"]+){3}/[0-9a-f]+\b
+# GitHub SHAs (markdown)
+(?:\[`?[0-9a-f]+`?\]\(https:/|)/(?:www\.|)github\.com(?:/[^/\s"]+){2,}(?:/[^/\s")]+)(?:[0-9a-f]+(?:[-0-9a-zA-Z/#.]*|)\b|)
+# GitHub SHAs
+\bgithub\.com(?:/[^/\s"]+){2}[@#][0-9a-f]+\b
+# GitHub wiki
+\bgithub\.com/(?:[^/]+/){2}wiki/(?:(?:[^/]+/|)_history|[^/]+(?:/_compare|)/[0-9a-f.]{40,})\b
+# githubusercontent
+/[-a-z0-9]+\.githubusercontent\.com/[-a-zA-Z0-9?&=_\/.]*
+# githubassets
+\bgithubassets.com/[0-9a-f]+(?:[-/\w.]+)
+# gist github
+\bgist\.github\.com/[^/\s"]+/[0-9a-f]+
+# git.io
+\bgit\.io/[0-9a-zA-Z]+
+# GitHub JSON
+"node_id": "[-a-zA-Z=;:/0-9+]*"
+# Contributor
+\[[^\]]+\]\(https://github\.com/[^/\s"]+\)
+# GHSA
+GHSA(?:-[0-9a-z]{4}){3}
+
+# GitLab commit
+\bgitlab\.[^/\s"]*/\S+/\S+/commit/[0-9a-f]{7,16}#[0-9a-f]{40}\b
+# GitLab merge requests
+\bgitlab\.[^/\s"]*/\S+/\S+/-/merge_requests/\d+/diffs#[0-9a-f]{40}\b
+# GitLab uploads
+\bgitlab\.[^/\s"]*/uploads/[-a-zA-Z=;:/0-9+]*
+# GitLab commits
+\bgitlab\.[^/\s"]*/(?:[^/\s"]+/){2}commits?/[0-9a-f]+\b
+
+# binanace
+accounts.binance.com/[a-z/]*oauth/authorize\?[-0-9a-zA-Z&%]*
+
+# bitbucket diff
+\bapi\.bitbucket\.org/\d+\.\d+/repositories/(?:[^/\s"]+/){2}diff(?:stat|)(?:/[^/\s"]+){2}:[0-9a-f]+
+# bitbucket repositories commits
+\bapi\.bitbucket\.org/\d+\.\d+/repositories/(?:[^/\s"]+/){2}commits?/[0-9a-f]+
+# bitbucket commits
+\bbitbucket\.org/(?:[^/\s"]+/){2}commits?/[0-9a-f]+
+
+# bit.ly
+\bbit\.ly/\w+
+
+# bitrise
+\bapp\.bitrise\.io/app/[0-9a-f]*/[\w.?=&]*
+
+# bootstrapcdn.com
+\bbootstrapcdn\.com/[-./\w]+
+
+# cdn.cloudflare.com
+\bcdnjs\.cloudflare\.com/[./\w]+
+
+# circleci
+\bcircleci\.com/gh(?:/[^/\s"]+){1,5}.[a-z]+\?[-0-9a-zA-Z=&]+
+
+# gitter
+\bgitter\.im(?:/[^/\s"]+){2}\?at=[0-9a-f]+
+
+# gravatar
+\bgravatar\.com/avatar/[0-9a-f]+
+
+# ibm
+[a-z.]*ibm\.com/[-_#=:%!?~.\\/\d\w]*
+
+# imgur
+\bimgur\.com/[^.]+
+
+# Internet Archive
+\barchive\.org/web/\d+/(?:[-\w.?,'/\\+&%$#_:]*)
+
+# discord
+/discord(?:app\.com|\.gg)/(?:invite/)?[a-zA-Z0-9]{7,}
+
+# Disqus
+\bdisqus\.com/[-\w/%.()!?&=_]*
+
+# medium link
+\blink\.medium\.com/[a-zA-Z0-9]+
+# medium
+\bmedium\.com/\@?[^/\s"]+/[-\w]+
+
+# microsoft
+\b(?:https?://|)(?:(?:download\.visualstudio|docs|msdn2?|research)\.microsoft|blogs\.msdn)\.com/[-_a-zA-Z0-9()=./%]*
+# powerbi
+\bapp\.powerbi\.com/reportEmbed/[^"' ]*
+# vs devops
+\bvisualstudio.com(?::443|)/[-\w/?=%&.]*
+# microsoft store
+\bmicrosoft\.com/store/apps/\w+
+
+# mvnrepository.com
+\bmvnrepository\.com/[-0-9a-z./]+
+
+# now.sh
+/[0-9a-z-.]+\.now\.sh\b
+
+# oracle
+\bdocs\.oracle\.com/[-0-9a-zA-Z./_?#&=]*
+
+# chromatic.com
+/\S+.chromatic.com\S*[")]
+
+# codacy
+\bapi\.codacy\.com/project/badge/Grade/[0-9a-f]+
+
+# compai
+\bcompai\.pub/v1/png/[0-9a-f]+
+
+# mailgun api
+\.api\.mailgun\.net/v3/domains/[0-9a-z]+\.mailgun.org/messages/[0-9a-zA-Z=@]*
+# mailgun
+\b[0-9a-z]+.mailgun.org
+
+# /message-id/
+/message-id/[-\w@./%]+
+
+# Reddit
+\breddit\.com/r/[/\w_]*
+
+# requestb.in
+\brequestb\.in/[0-9a-z]+
+
+# sched
+\b[a-z0-9]+\.sched\.com\b
+
+# Slack url
+slack://[a-zA-Z0-9?&=]+
+# Slack
+\bslack\.com/[-0-9a-zA-Z/_~?&=.]*
+# Slack edge
+\bslack-edge\.com/[-a-zA-Z0-9?&=%./]+
+# Slack images
+\bslack-imgs\.com/[-a-zA-Z0-9?&=%.]+
+
+# shields.io
+\bshields\.io/[-\w/%?=&.:+;,]*
+
+# stackexchange -- https://stackexchange.com/feeds/sites
+\b(?:askubuntu|serverfault|stack(?:exchange|overflow)|superuser).com/(?:questions/\w+/[-\w]+|a/)
+
+# Sentry
+[0-9a-f]{32}\@o\d+\.ingest\.sentry\.io\b
+
+# Twitter markdown
+\[\@[^[/\]:]*?\]\(https://twitter.com/[^/\s"')]*(?:/status/\d+(?:\?[-_0-9a-zA-Z&=]*|)|)\)
+# Twitter hashtag
+\btwitter\.com/hashtag/[\w?_=&]*
+# Twitter status
+\btwitter\.com/[^/\s"')]*(?:/status/\d+(?:\?[-_0-9a-zA-Z&=]*|)|)
+# Twitter profile images
+\btwimg\.com/profile_images/[_\w./]*
+# Twitter media
+\btwimg\.com/media/[-_\w./?=]*
+# Twitter link shortened
+\bt\.co/\w+
+
+# facebook
+\bfburl\.com/[0-9a-z_]+
+# facebook CDN
+\bfbcdn\.net/[\w/.,]*
+# facebook watch
+\bfb\.watch/[0-9A-Za-z]+
+
+# dropbox
+\bdropbox\.com/sh?/[^/\s"]+/[-0-9A-Za-z_.%?=&;]+
+
+# ipfs protocol
+ipfs://[0-9a-z]*
+# ipfs url
+/ipfs/[0-9a-z]*
+
+# w3
+\bw3\.org/[-0-9a-zA-Z/#.]+
+
+# loom
+\bloom\.com/embed/[0-9a-f]+
+
+# regex101
+\bregex101\.com/r/[^/\s"]+/\d+
+
+# figma
+\bfigma\.com/file(?:/[0-9a-zA-Z]+/)+
+
+# freecodecamp.org
+\bfreecodecamp\.org/[-\w/.]+
+
+# image.tmdb.org
+\bimage\.tmdb\.org/[/\w.]+
+
+# mermaid
+\bmermaid\.ink/img/[-\w]+|\bmermaid-js\.github\.io/mermaid-live-editor/#/edit/[-\w]+
+
+# Wikipedia
+\ben\.wikipedia\.org/wiki/[-\w%.#]+
+
+# gitweb
+[^"\s]+/gitweb/\S+;h=[0-9a-f]+
+
+# HyperKitty lists
+/archives/list/[^@/]+\@[^/\s"]*/message/[^/\s"]*/
+
+# lists
+/thread\.html/[^"\s]+
+
+# list-management
+\blist-manage\.com/subscribe(?:[?&](?:u|id)=[0-9a-f]+)+
+
+# kubectl.kubernetes.io/last-applied-configuration
+"kubectl.kubernetes.io/last-applied-configuration": ".*"
+
+# pgp
+\bgnupg\.net/pks/lookup[?&=0-9a-zA-Z]*
+
+# Spotify
+\bopen\.spotify\.com/embed/playlist/\w+
+
+# Mastodon
+\bmastodon\.[-a-z.]*/(?:media/|\@)[?&=0-9a-zA-Z_]*
+
+# scastie
+\bscastie\.scala-lang\.org/[^/]+/\w+
+
+# images.unsplash.com
+\bimages\.unsplash\.com/(?:(?:flagged|reserve)/|)[-\w./%?=%&.;]+
+
+# pastebin
+\bpastebin\.com/[\w/]+
+
+# heroku
+\b\w+\.heroku\.com/source/archive/\w+
+
+# quip
+\b\w+\.quip\.com/\w+(?:(?:#|/issues/)\w+)?
+
+# badgen.net
+\bbadgen\.net/badge/[^")\]'\s]+
+
+# statuspage.io
+\w+\.statuspage\.io\b
+
+# media.giphy.com
+\bmedia\.giphy\.com/media/[^/]+/[\w.?&=]+
+
+# tinyurl
+\btinyurl\.com/\w+
+
+# getopts
+\bgetopts\s+(?:"[^"]+"|'[^']+')
+
+# ANSI color codes
+(?:\\(?:u00|x)1b|\x1b)\[\d+(?:;\d+|)m
+
+# URL escaped characters
+\%[0-9A-F][A-F]
+# IPv6
+\b(?:[0-9a-fA-F]{0,4}:){3,7}[0-9a-fA-F]{0,4}\b
+# c99 hex digits (not the full format, just one I've seen)
+0x[0-9a-fA-F](?:\.[0-9a-fA-F]*|)[pP]
+# Punycode
+\bxn--[-0-9a-z]+
+# sha
+sha\d+:[0-9]*[a-f]{3,}[0-9a-f]*
+# sha-... -- uses a fancy capture
+(['"]|&quot;)[0-9a-f]{40,}\g{-1}
+# hex runs
+\b[0-9a-fA-F]{16,}\b
+# hex in url queries
+=[0-9a-fA-F]*?(?:[A-F]{3,}|[a-f]{3,})[0-9a-fA-F]*?&
+# ssh
+(?:ssh-\S+|-nistp256) [-a-zA-Z=;:/0-9+]{12,}
+
+# PGP
+\b(?:[0-9A-F]{4} ){9}[0-9A-F]{4}\b
+# GPG keys
+\b(?:[0-9A-F]{4} ){5}(?: [0-9A-F]{4}){5}\b
+# Well known gpg keys
+.well-known/openpgpkey/[\w./]+
+
+# uuid:
+\b[0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}\b
+# hex digits including css/html color classes:
+(?:[\\0][xX]|\\u|[uU]\+|#x?|\%23)[0-9_a-fA-FgGrR]*?[a-fA-FgGrR]{2,}[0-9_a-fA-FgGrR]*(?:[uUlL]{0,3}|u\d+)\b
+# integrity
+integrity="sha\d+-[-a-zA-Z=;:/0-9+]{40,}"
+
+# https://www.gnu.org/software/groff/manual/groff.html
+# man troff content
+\\f[BCIPR]
+# '
+\\\(aq
+
+# .desktop mime types
+^MimeTypes?=.*$
+# .desktop localized entries
+^[A-Z][a-z]+\[[a-z]+\]=.*$
+# Localized .desktop content
+Name\[[^\]]+\]=.*
+
+# IServiceProvider
+\bI(?=(?:[A-Z][a-z]{2,})+\b)
+
+# crypt
+"\$2[ayb]\$.{56}"
+
+# scrypt / argon
+\$(?:scrypt|argon\d+[di]*)\$\S+
+
+# Input to GitHub JSON
+content: "[-a-zA-Z=;:/0-9+]*="
+
+# Python stringprefix / binaryprefix
+# Note that there's a high false positive rate, remove the `?=` and search for the regex to see if the matches seem like reasonable strings
+(?<!')\b(?:B|BR|Br|F|FR|Fr|R|RB|RF|Rb|Rf|U|UR|Ur|b|bR|br|f|fR|fr|r|rB|rF|rb|rf|u|uR|ur)'(?:[A-Z]{3,}|[A-Z][a-z]{2,}|[a-z]{3,})
+
+# Regular expressions for (P|p)assword
+\([A-Z]\|[a-z]\)[a-z]+
+
+# JavaScript regular expressions
+# javascript test regex
+/.*/[gim]*\.test\(
+# javascript match regex
+\.match\(/[^/\s"]*/[gim]*\s*
+# javascript match regex
+\.match\(/\\[b].*?/[gim]*\s*\)(?:;|$)
+# javascript regex
+^\s*/\\[b].*/[gim]*\s*(?:\)(?:;|$)|,$)
+# javascript replace regex
+\.replace\(/[^/\s"]*/[gim]*\s*,
+
+# Go regular expressions
+regexp?\.MustCompile\(`[^`]*`\)
+
+# sed regular expressions
+sed 's/(?:[^/]*?[a-zA-Z]{3,}[^/]*?/){2}
+
+# go install
+go install(?:\s+[a-z]+\.[-@\w/.]+)+
+
+# kubernetes pod status lists
+# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase
+\w+(?:-\w+)+\s+\d+/\d+\s+(?:Running|Pending|Succeeded|Failed|Unknown)\s+
+
+# kubectl - pods in CrashLoopBackOff
+\w+-[0-9a-f]+-\w+\s+\d+/\d+\s+CrashLoopBackOff\s+
+
+# kubernetes object suffix
+-[0-9a-f]{10}-\w{5}\s
+
+# posthog secrets
+posthog\.init\((['"])phc_[^"',]+\g{-1},
+
+# xcode
+
+# xcodeproject scenes
+(?:Controller|ID|id)="\w{3}-\w{2}-\w{3}"
+
+# xcode api botches
+customObjectInstantitationMethod
+
+# font awesome classes
+\.fa-[-a-z0-9]+
+
+# Update Lorem based on your content (requires `ge` and `w` from https://github.com/jsoref/spelling; and `review` from https://github.com/check-spelling/check-spelling/wiki/Looking-for-items-locally )
+# grep '^[^#].*lorem' .github/actions/spelling/patterns.txt|perl -pne 's/.*i..\?://;s/\).*//' |tr '|' "\n"|sort -f |xargs -n1 ge|perl -pne 's/^[^:]*://'|sort -u|w|sed -e 's/ .*//'|w|review -
+# Warning, while `(?i)` is very neat and fancy, if you have some binary files that aren't proper unicode, you might run into:
+## Operation "substitution (s///)" returns its argument for non-Unicode code point 0x1C19AE (the code point will vary).
+## You could manually change `(?i)X...` to use `[Xx]...`
+## or you could add the files to your `excludes` file (a version after 0.0.19 should identify the file path)
+# Lorem
+(?:\w|\s|[,.])*\b(?i)(?:amet|consectetur|cursus|dolor|eros|ipsum|lacus|libero|ligula|lorem|magna|neque|nulla|suscipit|tempus)\b(?:\w|\s|[,.])*
+
+# Non-English
+[a-zA-Z]*[ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝßàáâãäåæçèéêëìíîïðñòóôõöøùúûüýÿĀāŁłŃńŅņŒœŚśŠšŜŝŸŽžź][a-zA-Z]{3}[a-zA-ZÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝßàáâãäåæçèéêëìíîïðñòóôõöøùúûüýÿĀāŁłŃńŅņŒœŚśŠšŜŝŸŽžź]*
+
+# French
+# This corpus only had capital letters, but you probably want lowercase ones as well.
+\b[LN]'+[a-z]{2,}\b
+
+# latex
+\\(?:n(?:ew|ormal|osub)|r(?:enew)|t(?:able(?:of|)|he|itle))(?=[a-z]+)
+
+# the negative lookahead here is to allow catching 'templatesz' as a misspelling
+# but to otherwise recognize a Windows path with \templates\foo.template or similar:
+\\(?:necessary|r(?:eport|esolve[dr]?|esult)|t(?:arget|emplates?))(?![a-z])
+# ignore long runs of a single character:
+\b([A-Za-z])\g{-1}{3,}\b
+# Note that the next example is no longer necessary if you are using
+# to match a string starting with a `#`, use a character-class:
+[#]backwards
+# version suffix <word>v#
+(?:(?<=[A-Z]{2})V|(?<=[a-z]{2}|[A-Z]{2})v)\d+(?:\b|(?=[a-zA-Z_]))
+# Compiler flags (Scala)
+(?:^|[\t ,>"'`=(])-J-[DPWXY](?=[A-Z]{2,}|[A-Z][a-z]|[a-z]{2,})
+# Compiler flags
+#(?:^|[\t ,"'`=(])-[DPWXYLlf](?=[A-Z]{2,}|[A-Z][a-z]|[a-z]{2,})
+
+# Compiler flags (linker)
+,-B
+# curl arguments
+\b(?:\\n|)curl(?:\s+-[a-zA-Z]{1,2}\b)*(?:\s+-[a-zA-Z]{3,})(?:\s+-[a-zA-Z]+)*
+# set arguments
+\bset(?:\s+-[abefimouxE]{1,2})*\s+-[abefimouxE]{3,}(?:\s+-[abefimouxE]+)*
+# tar arguments
+\b(?:\\n|)g?tar(?:\.exe|)(?:(?:\s+--[-a-zA-Z]+|\s+-[a-zA-Z]+|\s[ABGJMOPRSUWZacdfh-pr-xz]+\b)(?:=[^ ]*|))+
+# tput arguments -- https://man7.org/linux/man-pages/man5/terminfo.5.html -- technically they can be more than 5 chars long...
+\btput\s+(?:(?:-[SV]|-T\s*\w+)\s+)*\w{3,5}\b
+# macOS temp folders
+/var/folders/\w\w/[+\w]+/(?:T|-Caches-)/

.github/actions/spelling/excludes.txt

@@ -2,14 +2,14 @@
 (?:(?i)\.png$)
 (?:^|/)(?i)COPYRIGHT
 (?:^|/)(?i)LICEN[CS]E
+(?:^|/)3rdparty/
 (?:^|/)dirs$
 (?:^|/)go\.mod$
 (?:^|/)go\.sum$
 (?:^|/)package(?:-lock|)\.json$
 (?:^|/)sources(?:|\.dep)$
 (?:^|/)vendor/
-ignore$
-SUMS$
+\.a$
 \.ai$
 \.avi$
 \.bmp$
@@ -20,6 +20,8 @@ SUMS$
 \.crt$
 \.csr$
 \.dll$
+\.docx?$
+\.drawio$
 \.DS_Store$
 \.eot$
 \.eps$
@@ -31,6 +33,7 @@ SUMS$
 \.icns$
 \.ico$
 \.jar$
+\.jks$
 \.jpeg$
 \.jpg$
 \.key$
@@ -41,6 +44,7 @@ SUMS$
 \.mod$
 \.mp3$
 \.mp4$
+\.o$
 \.ocf$
 \.otf$
 \.pbxproj$
@@ -48,22 +52,41 @@ SUMS$
 \.pem$
 \.png$
 \.psd$
+\.pyc$
 \.runsettings$
+\.s$
 \.sig$
 \.so$
 \.svg$
 \.svgz$
+\.svgz?$
 \.tar$
 \.tgz$
+\.tiff?$
 \.ttf$
 \.vsdx$
 \.wav$
+\.webm$
+\.webp$
 \.woff
+\.woff2?$
 \.xcf$
 \.xls
+\.xlsx?$
 \.xpm$
 \.yml$
 \.zip$
+^\.github/actions/spelling/
+^\.github/fabricbot.json$
+^\.gitignore$
+^\Q.git-blame-ignore-revs\E$
+^\Q.github/workflows/spelling.yml\E$
+^\Qdoc/reference/windows-terminal-logo.ans\E$
+^\Qsamples/ConPTY/EchoCon/EchoCon/EchoCon.vcxproj.filters\E$
+^\Qsrc/host/exe/Host.EXE.vcxproj.filters\E$
+^\Qsrc/host/ft_host/chafa.txt\E$
+^\Qsrc/tools/closetest/CloseTest.vcxproj.filters\E$
+^\XamlStyler.json$
 ^build/config/
 ^consolegit2gitfilters\.json$
 ^dep/
@@ -88,14 +111,8 @@ SUMS$
 ^src/tools/pixels/pixels\.bat$
 ^src/tools/texttests/fira\.txt$
 ^src/tools/U8U16Test/(?:fr|ru|zh)\.txt$
+^src/types/ColorFix.cpp
 ^src/types/ut_types/UtilsTests.cpp$
 ^tools/ReleaseEngineering/ServicingPipeline.ps1$
-^\.github/actions/spelling/
-^\.github/fabricbot.json$
-^\.gitignore$
-^\Q.github/workflows/spelling.yml\E$
-^\Qsamples/ConPTY/EchoCon/EchoCon/EchoCon.vcxproj.filters\E$
-^\Qsrc/host/exe/Host.EXE.vcxproj.filters\E$
-^\Qsrc/host/ft_host/chafa.txt\E$
-^\Qsrc/tools/closetest/CloseTest.vcxproj.filters\E$
-^\XamlStyler.json$
+ignore$
+SUMS$

.github/actions/spelling/expect/alphabet.txt

@@ -5,26 +5,19 @@ AAAAAABBBBBBCCC
 AAAAABBBBBBCCC
 abcd
 abcd
-abcde
-abcdef
-ABCDEFG
-ABCDEFGH
 ABCDEFGHIJ
 abcdefghijk
 ABCDEFGHIJKLMNO
 abcdefghijklmnop
 ABCDEFGHIJKLMNOPQRST
-abcdefghijklmnopqrstuvwxyz
 ABCG
 ABE
 abf
 BBBBB
 BBBBBBBB
-BBBBBBBBBBBBBBDDDD
 BBBBBCCC
 BBBBCCCCC
 BBGGRR
-CCE
 EFG
 EFGh
 QQQQQQQQQQABCDEFGHIJ

.github/actions/spelling/expect/web.txt

@@ -1,5 +1,3 @@
-http
-www
 WCAG
 winui
 appshellintegration

.github/actions/spelling/line_forbidden.patterns

@@ -1,3 +1,11 @@
+# reject `m_data` as there's a certain OS which has evil defines that break things if it's used elsewhere
+# \bm_data\b
+
+# If you have a framework that uses `it()` for testing and `fit()` for debugging a specific test,
+# you might not want to check in code where you were debugging w/ `fit()`, in which case, you might want
+# to use this:
+#\bfit\(
+
 # s.b. GitHub
 \bGithub\b
 
@@ -16,6 +24,12 @@
 # s.b. greater than
 \bgreater then\b
 
+# s.b. into
+#\sin to\s
+
+# s.b. opt-in
+\sopt in\s
+
 # s.b. less than
 \bless then\b
 
@@ -27,10 +41,22 @@
 \b[Nn]o[nt][- ]existent\b
 
 # s.b. preexisting
-[Pp]re-existing
+[Pp]re[- ]existing
+
+# s.b. preempt
+[Pp]re[- ]empt\b
 
 # s.b. preemptively
-[Pp]re-emptively
+[Pp]re[- ]emptively
+
+# s.b. reentrancy
+[Rr]e[- ]entrancy
+
+# s.b. reentrant
+[Rr]e[- ]entrant
+
+# s.b. workaround(s)
+#\bwork[- ]arounds?\b
 
 # Reject duplicate words
 \s([A-Z]{3,}|[A-Z][a-z]{2,}|[a-z]{3,})\s\g{-1}\s

.github/actions/spelling/patterns/patterns.txt

@@ -27,13 +27,68 @@ ROY\sG\.\sBIV
 # Python stringprefix / binaryprefix
 \b(?:B|BR|Br|F|FR|Fr|R|RB|RF|Rb|Rf|U|UR|Ur|b|bR|br|f|fR|fr|r|rB|rF|rb|rf|u|uR|ur)'
 
+# Automatically suggested patterns
+# hit-count: 3831 file-count: 582
+# IServiceProvider
+\bI(?=(?:[A-Z][a-z]{2,})+\b)
+
+# hit-count: 71 file-count: 35
+# Compiler flags
+(?:^|[\t ,"'`=(])-[D](?=[A-Z]{2,}|[A-Z][a-z])
+(?:^|[\t ,"'`=(])-[X](?!aml)(?=[A-Z]{2,}|[A-Z][a-z]|[a-z]{2,})
+
+# hit-count: 41 file-count: 28
+# version suffix <word>v#
+(?:(?<=[A-Z]{2})V|(?<=[a-z]{2}|[A-Z]{2})v)\d+(?:\b|(?=[a-zA-Z_]))
+
+# hit-count: 20 file-count: 9
+# hex runs
+\b[0-9a-fA-F]{16,}\b
+
+# hit-count: 10 file-count: 7
+# uuid:
+\b[0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}\b
+
+# hit-count: 4 file-count: 4
+# mailto urls
+mailto:[-a-zA-Z=;:/?%&0-9+@.]{3,}
+
+# hit-count: 4 file-count: 1
+# ANSI color codes
+(?:\\(?:u00|x)1b|\x1b)\[\d+(?:;\d+|)m
+
+# hit-count: 2 file-count: 1
+# latex
+\\(?:n(?:ew|ormal|osub)|r(?:enew)|t(?:able(?:of|)|he|itle))(?=[a-z]+)
+
+# hit-count: 1 file-count: 1
+# hex digits including css/html color classes:
+(?:[\\0][xX]|\\u|[uU]\+|#x?|\%23)[0-9_a-fA-FgGrR]*?[a-fA-FgGrR]{2,}[0-9_a-fA-FgGrR]*(?:[uUlL]{0,3}|u\d+)\b
+
+# hit-count: 1 file-count: 1
+# Non-English
+[a-zA-Z]*[ÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝßàáâãäåæçèéêëìíîïðñòóôõöøùúûüýÿĀāŁłŃńŅņŒœŚśŠšŜŝŸŽžź][a-zA-Z]{3}[a-zA-ZÀÁÂÃÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖØÙÚÛÜÝßàáâãäåæçèéêëìíîïðñòóôõöøùúûüýÿĀāŁłŃńŅņŒœŚśŠšŜŝŸŽžź]*
+
+# hit-count: 1 file-count: 1
+# French
+# This corpus only had capital letters, but you probably want lowercase ones as well.
+\b[LN]'+[a-z]{2,}\b
+
 # acceptable duplicates
 # ls directory listings
 [-bcdlpsw](?:[-r][-w][-sx]){3}\s+\d+\s+(\S+)\s+\g{-1}\s+\d+\s+
 # C/idl types + English ...
 \s(Guid|long|LONG|that) \g{-1}\s
+
 # javadoc / .net
-(?:\@(?:groupname|param)|(?:public|private)(?:\s+static|\s+readonly)*)\s+(\w+)\s+\g{-1}\s
+(?:[\\@](?:groupname|param)|(?:public|private)(?:\s+static|\s+readonly)*)\s+(\w+)\s+\g{-1}\s
+
+# Commit message -- Signed-off-by and friends
+^\s*(?:(?:Based-on-patch|Co-authored|Helped|Mentored|Reported|Reviewed|Signed-off)-by|Thanks-to): (?:[^<]*<[^>]*>|[^<]*)\s*$
+
+# Autogenerated revert commit message
+^This reverts commit [0-9a-f]{40}\.$
+
 # vtmode
 --vtmode\s+(\w+)\s+\g{-1}\s
 

.github/actions/spelling/reject.txt

@@ -1,31 +1,12 @@
-benefitting
-occurences?
-Sorce
 ^attache$
 ^attacher$
 ^attachers$
+benefitting
+occurences?
 ^dependan.*
 ^oer$
-^spae$
-^spae-man$
-^spaebook$
-^spaecraft$
-^spaed$
-^spaedom$
-^spaeing$
-^spaeings$
-^spaeman$
-^spaer$
-^Spaerobee$
-^spaes$
-^spaewife$
-^spaewoman$
-^spaework$
-^spaewright$
+Sorce
+^[Ss]pae.*
 ^untill$
 ^untilling$
-^wether$
 ^wether.*
-^wethers$
-^wetherteg$
-^[Ss]pae.*

.github/workflows/addToProject.yml

@@ -5,7 +5,9 @@ on:
   issues:
     types:
       - labeled
+      - unlabeled
 
+permissions: {}
 jobs:
   add-to-project:
     name: Add issue to project

.github/workflows/spelling2.yml

@@ -1,10 +1,57 @@
 # spelling.yml is blocked per https://github.com/check-spelling/check-spelling/security/advisories/GHSA-g86g-chm8-7r2p
 name: Spell checking
+
+# Comment management is handled through a secondary job, for details see:
+# https://github.com/check-spelling/check-spelling/wiki/Feature%3A-Restricted-Permissions
+#
+# `jobs.comment-push` runs when a push is made to a repository and the `jobs.spelling` job needs to make a comment
+#   (in odd cases, it might actually run just to collapse a commment, but that's fairly rare)
+#   it needs `contents: write` in order to add a comment.
+#
+# `jobs.comment-pr` runs when a pull_request is made to a repository and the `jobs.spelling` job needs to make a comment
+#   or collapse a comment (in the case where it had previously made a comment and now no longer needs to show a comment)
+#   it needs `pull-requests: write` in order to manipulate those comments.
+
+# Updating pull request branches is managed via comment handling.
+# For details, see: https://github.com/check-spelling/check-spelling/wiki/Feature:-Update-expect-list
+#
+# These elements work together to make it happen:
+#
+# `on.issue_comment`
+#   This event listens to comments by users asking to update the metadata.
+#
+# `jobs.update`
+#   This job runs in response to an issue_comment and will push a new commit
+#   to update the spelling metadata.
+#
+# `with.experimental_apply_changes_via_bot`
+#   Tells the action to support and generate messages that enable it
+#   to make a commit to update the spelling metadata.
+#
+# `with.ssh_key`
+#   In order to trigger workflows when the commit is made, you can provide a
+#   secret (typically, a write-enabled github deploy key).
+#
+#   For background, see: https://github.com/check-spelling/check-spelling/wiki/Feature:-Update-with-deploy-key
+
 on:
-  pull_request_target:
   push:
-    branches: ["**"]
-    tags-ignore: ["**"]
+    branches:
+    - "**"
+    tags-ignore:
+    - "**"
+  pull_request_target:
+    branches:
+    - "**"
+    tags-ignore:
+    - "**"
+    types:
+    - 'opened'
+    - 'reopened'
+    - 'synchronize'
+  issue_comment:
+    types:
+    - 'created'
 
 jobs:
   spelling:
@@ -24,23 +71,64 @@ jobs:
     steps:
     - name: check-spelling
       id: spelling
-      uses: check-spelling/check-spelling@v0.0.20
+      uses: check-spelling/check-spelling@v0.0.21
       with:
         suppress_push_for_open_pull_request: 1
         checkout: true
+        check_file_names: 1
+        spell_check_this: check-spelling/spell-check-this@prerelease
         post_comment: 0
+        use_magic_file: 1
+        extra_dictionary_limit: 10
+        extra_dictionaries:
+          cspell:software-terms/src/software-terms.txt
+          cspell:python/src/python/python-lib.txt
+          cspell:node/node.txt
+          cspell:cpp/src/stdlib-c.txt
+          cspell:cpp/src/stdlib-cpp.txt
+          cspell:fullstack/fullstack.txt
+          cspell:filetypes/filetypes.txt
+          cspell:html/html.txt
+          cspell:cpp/src/compiler-msvc.txt
+          cspell:python/src/common/extra.txt
+          cspell:powershell/powershell.txt
+          cspell:aws/aws.txt
+          cspell:cpp/src/lang-keywords.txt
+          cspell:npm/npm.txt
+          cspell:dotnet/dotnet.txt
+          cspell:python/src/python/python.txt
+          cspell:css/css.txt
+          cspell:cpp/src/stdlib-cmath.txt
+        check_extra_dictionaries: ''
 
-  comment:
-    name: Report
+  comment-push:
+    name: Report (Push)
+    # If your workflow isn't running on push, you can remove this job
     runs-on: ubuntu-latest
     needs: spelling
     permissions:
       contents: write
-      pull-requests: write
-    if: (success() || failure()) && needs.spelling.outputs.followup && github.event_name != 'push'
+    if: (success() || failure()) && needs.spelling.outputs.followup && github.event_name == 'push'
     steps:
     - name: comment
-      uses: check-spelling/check-spelling@v0.0.20
+      uses: check-spelling/check-spelling@v0.0.21
       with:
         checkout: true
+        spell_check_this: check-spelling/spell-check-this@prerelease
+        task: ${{ needs.spelling.outputs.followup }}
+
+  comment-pr:
+    name: Report (PR)
+    # If you workflow isn't running on pull_request*, you can remove this job
+    runs-on: ubuntu-latest
+    needs: spelling
+    permissions:
+      pull-requests: write
+    if: (success() || failure()) && needs.spelling.outputs.followup && contains(github.event_name, 'pull_request')
+    steps:
+    - name: comment
+      uses: check-spelling/check-spelling@v0.0.21
+      with:
+        checkout: true
+        spell_check_this: check-spelling/spell-check-this@prerelease
         task: ${{ needs.spelling.outputs.followup }}

.github/workflows/winget.yml

@@ -0,0 +1,24 @@
+name: Publish to Winget
+
+on:
+  release:
+    types: [published]
+
+env:
+  REGEX: 'Microsoft\.WindowsTerminal(?:Preview)?_Win10_([\d.]+)_8wekyb3d8bbwe\.msixbundle$'
+
+jobs:
+  publish:
+    runs-on: windows-latest # Action can only run on Windows
+    steps:
+      - name: Publish Windows Terminal ${{ github.event.release.prerelease && 'Preview' || 'Stable' }}
+        run: |
+          $assets = '${{ toJSON(github.event.release.assets) }}' | ConvertFrom-Json
+          $wingetRelevantAsset = $assets | Where-Object { $_.name -like '*Win10*' } | Select-Object -First 1
+          $regex = [Regex]::New($env:REGEX)
+          $version = $regex.Match($wingetRelevantAsset.name).Groups[1].Value
+
+          $wingetPackage = "Microsoft.WindowsTerminal${{ github.event.release.prerelease && '.Preview' || '' }}"
+
+          & curl.exe -JLO https://aka.ms/wingetcreate/latest
+          & .\wingetcreate.exe update $wingetPackage -s -v $version -u $wingetRelevantAsset.browser_download_url -t "${{ secrets.WINGET_TOKEN }}"

.gitmodules

@@ -1,6 +1,3 @@
 [submodule "dep/gsl"]
 	path = dep/gsl
 	url = https://github.com/microsoft/gsl
-[submodule "dep/wil"]
-	path = dep/wil
-	url = https://github.com/microsoft/wil

.vsconfig

@@ -17,7 +17,7 @@
     "Microsoft.Net.Component.4.5.TargetingPack",
     "Microsoft.VisualStudio.Component.DiagnosticTools",
     "Microsoft.VisualStudio.Component.Debugger.JustInTime",
-    "Microsoft.VisualStudio.Component.Windows11SDK.22000",
+    "Microsoft.VisualStudio.Component.Windows11SDK.22621",
     "Microsoft.VisualStudio.ComponentGroup.UWP.Support",
     "Microsoft.VisualStudio.Component.VC.CoreIde",
     "Microsoft.VisualStudio.ComponentGroup.NativeDesktop.Core",

CONTRIBUTING.md

@@ -101,7 +101,7 @@ If you don't have any additional info/context to add but would like to indicate
 
 If you're able & willing to help fix issues and/or implement features, we'd love your contribution!
 
-The best place to start is the list of ["Easy Starter"](https://github.com/microsoft/terminal/issues?q=is%3Aopen+is%3Aissue+label%3A%22Help+Wanted%22+label%3A%22Easy+Starter%22+) issues. These are bugs or tasks that we on the team believe would be easier to implement for someone without any prior experience in the codebase. Once you're feeling more comfortable in the codebase, feel free to just use the ["Help Wanted"](https://github.com/microsoft/terminal/issues?q=is%3Aopen+is%3Aissue+label%3A%22Help+Wanted%22+) label, or just find an issue your interested in and hop in!
+The best place to start is the list of ["good first issue"](https://github.com/microsoft/terminal/issues?q=is%3Aopen+is%3Aissue+label%3A%22Help+Wanted%22++label%3A%22good+first+issue%22+)s. These are bugs or tasks that we on the team believe would be easier to implement for someone without any prior experience in the codebase. Once you're feeling more comfortable in the codebase, feel free to just use the ["Help Wanted"](https://github.com/microsoft/terminal/issues?q=is%3Aopen+is%3Aissue+label%3A%22Help+Wanted%22+) label, or just find an issue you're interested in and hop in!
 
 Generally, we categorize issues in the following way, which is largely derived from our old internal work tracking system:
 * ["Bugs"](https://github.com/microsoft/terminal/issues?q=is%3Aopen+is%3Aissue+label%3A%22Issue-Bug%22+) are parts of the Terminal & Console that are not quite working the right way. There's code to already support some scenario, but it's not quite working right. Fixing these is generally a matter of debugging the broken functionality and fixing the wrong code.

NOTICE.md

@@ -276,41 +276,28 @@ OTHER DEALINGS IN THE SOFTWARE.
 For more information, please refer to <http://unlicense.org/>
 ```
 
-## ConEmu
-**Source**: [https://github.com/Maximus5/ConEmu](https://github.com/Maximus5/ConEmu)
+## Oklab
+**Source**: [https://bottosson.github.io/posts/oklab/](https://bottosson.github.io/posts/oklab/)
 
 ### License
 
 ```
-BSD 3-Clause License
-
-Copyright (c) 2009-2017, Maximus5 <ConEmu.Maximus5@gmail.com>
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
-
-* Redistributions of source code must retain the above copyright notice, this
-  list of conditions and the following disclaimer.
-
-* Redistributions in binary form must reproduce the above copyright notice,
-  this list of conditions and the following disclaimer in the documentation
-  and/or other materials provided with the distribution.
-
-* Neither the name of the copyright holder nor the names of its
-  contributors may be used to endorse or promote products derived from
-  this software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
-OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+Copyright (c) 2020 Björn Ottosson
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
+of the Software, and to permit persons to whom the Software is furnished to do
+so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
 ```
 
 # Microsoft Open Source

README.md

@@ -67,7 +67,7 @@ the latest Terminal release by installing the `Microsoft.WindowsTerminal`
 package:
 
 ```powershell
-winget install --id=Microsoft.WindowsTerminal -e
+winget install --id Microsoft.WindowsTerminal -e
 ```
 
 #### Via Chocolatey (unofficial)
@@ -289,7 +289,7 @@ If you would like to ask a question that you feel doesn't warrant an issue
   app](https://docs.microsoft.com/en-us/windows/uwp/get-started/enable-your-device-for-development)
   to locally install and run Windows Terminal
 * You must have [PowerShell 7 or later](https://github.com/PowerShell/PowerShell/releases/latest) installed
-* You must have the [Windows 11 (10.0.22000.0)
+* You must have the [Windows 11 (10.0.22621.0)
   SDK](https://developer.microsoft.com/en-us/windows/downloads/windows-sdk/)
   installed
 * You must have at least [VS

build/Helix/AzurePipelinesHelperScripts.ps1

@@ -1,175 +0,0 @@
-function GetAzureDevOpsBaseUri
-{
-    Param(
-        [string]$CollectionUri,
-        [string]$TeamProject
-    )
-
-    return $CollectionUri + $TeamProject
-}
-
-function GetQueryTestRunsUri
-{
-    Param(
-        [string]$CollectionUri,
-        [string]$TeamProject,
-        [string]$BuildUri,
-        [switch]$IncludeRunDetails
-    )
-
-    if ($IncludeRunDetails)
-    {
-        $includeRunDetailsParameter = "&includeRunDetails=true"
-    }
-    else
-    {
-        $includeRunDetailsParameter = ""
-    }
-
-    $baseUri = GetAzureDevOpsBaseUri -CollectionUri $CollectionUri -TeamProject $TeamProject
-    $queryUri = "$baseUri/_apis/test/runs?buildUri=$BuildUri$includeRunDetailsParameter&api-version=5.0"
-    return $queryUri
-}
-
-function Get-HelixJobTypeFromTestRun
-{
-    Param ($testRun)
-
-    $testRunSingleResultUri = "$($testRun.url)/results?`$top=1&`$skip=0&api-version=5.1"
-    $singleTestResult = Invoke-RestMethod -Uri $testRunSingleResultUri -Method Get -Headers $azureDevOpsRestApiHeaders
-    $count = $singleTestResult.value.Length
-    if($count -eq 0)
-    {
-        # If the count is 0, then results have not yet been reported for this run.
-        # We only care about completed runs with results, so it is ok to just return 'UNKNOWN' for this run.
-        return "UNKNOWN"
-    }
-    else
-    {
-        $info = ConvertFrom-Json $singleTestResult.value.comment
-        $helixJobId = $info.HelixJobId
-        $job = Invoke-RestMethodWithRetries "https://helix.dot.net/api/2019-06-17/jobs/${helixJobId}?access_token=${HelixAccessToken}"
-        return $job.Type
-    }
-}
-
-function Append-HelixAccessTokenToUrl
-{
-    Param ([string]$url, [string]$token)
-    if($url.Contains("?"))
-    {
-        $url = "$($url)&access_token=$($token)"
-    }
-    else
-    {
-        $url = "$($url)?access_token=$($token)"
-    }
-    return $url
-}
-
-
-# The Helix Rest api is sometimes unreliable. So we call these apis with retry logic. 
-# Note: The Azure DevOps apis are stable and do not need to be called with this retry logic.
-$helixApiRetries = 0
-$helixApiRetriesMax = 10 
-
-function Download-StringWithRetries
-{
-    Param ([string]$fileName, [string]$url)
-
-    $result = ""
-    $done = $false
-
-    while(!($done))
-    {
-        try
-        {
-            Write-Host "Downloading $fileName"
-            $result = (New-Object System.Net.WebClient).DownloadString($url)
-            $done = $true
-        }
-        catch
-        {
-            Write-Host "Failed to download $fileName $($PSItem.Exception)"
-
-            $helixApiRetries = $helixApiRetries + 1
-            if($helixApiRetries -lt $helixApiRetriesMax)
-            {
-                Write-Host "Sleep and retry download of $fileName"
-                Start-Sleep 60
-            }
-            else
-            {
-                throw "Failed to download $fileName"
-            }
-        }
-    }
-
-    return $result
-}
-
-function Invoke-RestMethodWithRetries
-{
-    Param ([string]$url,$Headers)
-
-    $result = @()
-    $done = $false
-
-    while(!($done))
-    {
-        try
-        {
-            $result = Invoke-RestMethod -Uri $url -Method Get -Headers $Headers
-            $done = $true
-        }
-        catch
-        {
-            Write-Host "Failed to invoke Rest method $($PSItem.Exception)"
-
-            $helixApiRetries = $helixApiRetries + 1
-            if($helixApiRetries -lt $helixApiRetriesMax)
-            {
-                Write-Host "Sleep and retry invoke"
-                Start-Sleep 60
-            }
-            else
-            {
-                throw "Failed to invoke Rest method"
-            }
-        }
-    }
-
-    return $result
-}
-
-function Download-FileWithRetries
-{
-    Param ([string]$fileurl, [string]$destination)
-
-    $done = $false
-
-    while(!($done))
-    {
-        try
-        {
-            Write-Host "Downloading $destination"
-            $webClient.DownloadFile($fileurl, $destination)
-            $done = $true
-        }
-        catch
-        {
-            Write-Host "Failed to download $destination $($PSItem.Exception)"
-
-            $helixApiRetries = $helixApiRetries + 1
-            if($helixApiRetries -lt $helixApiRetriesMax)
-            {
-                Write-Host "Sleep and retry download of $destination"
-                Start-Sleep 60
-            }
-            else
-            {
-                throw "Failed to download $destination"
-            }
-        }
-    }
-}

build/Helix/EnsureMachineState.ps1

@@ -1,112 +0,0 @@
-$scriptDirectory = $script:MyInvocation.MyCommand.Path | Split-Path -Parent
-
-# List all processes to aid debugging:
-Write-Host "All processes running:"
-Get-Process
-
-tasklist /svc
-
-# Add this test directory as an exclusion for Windows Defender
-Write-Host "Add $scriptDirectory as Exclusion Path"
-Add-MpPreference -ExclusionPath $scriptDirectory
-Write-Host "Add $($env:HELIX_CORRELATION_PAYLOAD) as Exclusion Path"
-Add-MpPreference -ExclusionPath $env:HELIX_CORRELATION_PAYLOAD
-Get-MpPreference
-Get-MpComputerStatus
-
-
-# Minimize all windows:
-$shell = New-Object -ComObject "Shell.Application"
-$shell.minimizeall()
-
-# Kill any instances of Windows Security Alert:
-$windowTitleToMatch = "*Windows Security Alert*"
-$procs = Get-Process | Where {$_.MainWindowTitle -like "*Windows Security Alert*"}
-foreach ($proc in $procs)
-{
-    Write-Host "Found process with '$windowTitleToMatch' title: $proc"
-    $proc.Kill();
-}
-
-# Kill processes by name that are known to interfere with our tests:
-$processNamesToStop = @("Microsoft.Photos", "WinStore.App", "SkypeApp", "SkypeBackgroundHost", "OneDriveSetup", "OneDrive")
-foreach($procName in $processNamesToStop)
-{
-    Write-Host "Attempting to kill $procName if it is running"
-    Stop-Process -ProcessName $procName -Verbose -ErrorAction Ignore   
-}
-Write-Host "All processes running after attempting to kill unwanted processes:"
-Get-Process
-
-tasklist /svc
-
-$platform = $env:testbuildplatform
-if(!$platform)
-{
-    $platform = "x86"
-}
-
-function UninstallApps {
-    Param([string[]]$appsToUninstall)
-
-    foreach($pkgName in $appsToUninstall)
-    {
-        foreach($pkg in (Get-AppxPackage $pkgName).PackageFullName) 
-        {
-            Write-Output "Removing: $pkg" 
-            Remove-AppxPackage $pkg
-        } 
-    }
-}
-
-function UninstallTestApps {
-    Param([string[]]$appsToUninstall)
-
-    foreach($pkgName in $appsToUninstall)
-    {
-        foreach($pkg in (Get-AppxPackage $pkgName).PackageFullName) 
-        {
-            Write-Output "Removing: $pkg" 
-            Remove-AppxPackage $pkg
-        }
-
-        # Sometimes an app can get into a state where it is no longer returned by Get-AppxPackage, but it is still present
-        # which prevents other versions of the app from being installed.
-        # To handle this, we can directly call Remove-AppxPackage against the full name of the package. However, without
-        # Get-AppxPackage to find the PackageFullName, we just have to manually construct the name.
-        $packageFullName = "$($pkgName)_1.0.0.0_$($platform)__8wekyb3d8bbwe" 
-        Write-Host "Removing $packageFullName if installed"
-        Remove-AppPackage $packageFullName -ErrorVariable appxerror -ErrorAction SilentlyContinue 
-        if($appxerror)
-        {
-            foreach($error in $appxerror)
-            {
-                # In most cases, Remove-AppPackage will fail due to the package not being found. Don't treat this as an error.
-                if(!($error.Exception.Message -match "0x80073CF1"))
-                {
-                    Write-Error $error
-                }
-            }
-        }
-        else
-        {
-            Write-Host "Successfully removed $packageFullName"
-        }
-    }
-}
-
-Write-Host "Uninstall AppX packages that are known to cause issues with our tests"
-UninstallApps("*Skype*", "*Windows.Photos*")
-
-Write-Host "Uninstall any of our test apps that may have been left over from previous test runs"
-UninstallTestApps("NugetPackageTestApp", "NugetPackageTestAppCX", "IXMPTestApp", "MUXControlsTestApp")
-
-Write-Host "Uninstall MUX Framework package that may have been left over from previous test runs"
-# We don't want to uninstall all versions of the MUX Framework package, as there may be other apps preinstalled on the system 
-# that depend on it. We only uninstall the Framework package that corresponds to the version of MUX that we are testing.
-[xml]$versionData = (Get-Content "version.props")
-$versionMajor = $versionData.GetElementsByTagName("MUXVersionMajor").'#text'
-$versionMinor = $versionData.GetElementsByTagName("MUXVersionMinor").'#text'
-UninstallApps("Microsoft.UI.Xaml.$versionMajor.$versionMinor")
-
-Get-Process

build/Helix/GenerateTestProjFile.ps1

@@ -1,336 +0,0 @@
-[CmdLetBinding()]
-Param(
-    [Parameter(Mandatory = $true)] 
-    [string]$TestFile,
-
-    [Parameter(Mandatory = $true)] 
-    [string]$OutputProjFile,
-
-    [Parameter(Mandatory = $true)] 
-    [string]$JobTestSuiteName,
-
-    [Parameter(Mandatory = $true)] 
-    [string]$TaefPath,
-
-    [string]$TaefQuery
-)
-
-Class TestCollection
-{
-    [string]$Name
-    [string]$SetupMethodName
-    [string]$TeardownMethodName
-    [System.Collections.Generic.Dictionary[string, string]]$Properties
-
-    TestCollection()
-    {
-        if ($this.GetType() -eq [TestCollection])
-        {
-            throw "This class should never be instantiated directly; it should only be derived from."
-        }
-    }
-
-    TestCollection([string]$name)
-    {
-        $this.Init($name)
-    }
-
-    hidden Init([string]$name)
-    {
-        $this.Name = $name
-        $this.Properties = @{}
-    }
-}
-
-Class Test : TestCollection 
-{
-    Test([string]$name)
-    {
-        $this.Init($name)
-    }
-}
-
-Class TestClass : TestCollection
-{
-    [System.Collections.Generic.List[Test]]$Tests
-
-    TestClass([string]$name)
-    {
-        $this.Init($name)
-        $this.Tests = @{}
-    }
-}
-
-Class TestModule : TestCollection
-{
-    [System.Collections.Generic.List[TestClass]]$TestClasses
-
-    TestModule([string]$name)
-    {
-        $this.Init($name)
-        $this.TestClasses = @{}
-    }
-}
-
-function Parse-TestInfo([string]$taefOutput)
-{
-    enum LineType
-    {
-        None
-        TestModule
-        TestClass
-        Test
-        Setup
-        Teardown
-        Property
-    }
-        
-    [string]$testModuleIndentation = "        "
-    [string]$testClassIndentation = "            "
-    [string]$testIndentation = "                "
-    [string]$setupBeginning = "Setup: "
-    [string]$teardownBeginning = "Teardown: "
-    [string]$propertyBeginning = "Property["
-
-    function Get-LineType([string]$line)
-    {
-        if ($line.Contains($setupBeginning))
-        {
-            return [LineType]::Setup;
-        }
-        elseif ($line.Contains($teardownBeginning))
-        {
-            return [LineType]::Teardown;
-        }
-        elseif ($line.Contains($propertyBeginning))
-        {
-            return [LineType]::Property;
-        }
-        elseif ($line.StartsWith($testModuleIndentation) -and -not $line.StartsWith("$testModuleIndentation "))
-        {
-            return [LineType]::TestModule;
-        }
-        elseif ($line.StartsWith($testClassIndentation) -and -not $line.StartsWith("$testClassIndentation "))
-        {
-            return [LineType]::TestClass;
-        }
-        elseif ($line.StartsWith($testIndentation) -and -not $line.StartsWith("$testIndentation "))
-        {
-            return [LineType]::Test;
-        }
-        else
-        {
-            return [LineType]::None;
-        }
-    }
-
-    [string[]]$lines = $taefOutput.Split(@([Environment]::NewLine, "`n"), [StringSplitOptions]::RemoveEmptyEntries)
-    [System.Collections.Generic.List[TestModule]]$testModules = @()
-
-    [TestModule]$currentTestModule = $null
-    [TestClass]$currentTestClass = $null
-    [Test]$currentTest = $null
-
-    [TestCollection]$lastTestCollection = $null
-
-    foreach ($rawLine in $lines)
-    {
-        [LineType]$lineType = (Get-LineType $rawLine)
-
-        # We don't need the whitespace around the line anymore, so we'll discard it to make things easier.
-        [string]$line = $rawLine.Trim()
-
-        if ($lineType -eq [LineType]::TestModule)
-        {
-            if ($currentTest -ne $null -and $currentTestClass -ne $null)
-            {
-                $currentTestClass.Tests.Add($currentTest)
-            }
-
-            if ($currentTestClass -ne $null -and $currentTestModule -ne $null)
-            {
-                $currentTestModule.TestClasses.Add($currentTestClass)
-            }
-
-            if ($currentTestModule -ne $null)
-            {
-                $testModules.Add($currentTestModule)
-            }
-
-            $currentTestModule = [TestModule]::new($line)
-            $currentTestClass = $null
-            $currentTest = $null
-            $lastTestCollection = $currentTestModule
-        }
-        elseif ($lineType -eq [LineType]::TestClass)
-        {
-            if ($currentTest -ne $null -and $currentTestClass -ne $null)
-            {
-                $currentTestClass.Tests.Add($currentTest)
-            }
-
-            if ($currentTestClass -ne $null -and $currentTestModule -ne $null)
-            {
-                $currentTestModule.TestClasses.Add($currentTestClass)
-            }
-
-            $currentTestClass = [TestClass]::new($line)
-            $currentTest = $null
-            $lastTestCollection = $currentTestClass
-        }
-        elseif ($lineType -eq [LineType]::Test)
-        {
-            if ($currentTest -ne $null -and $currentTestClass -ne $null)
-            {
-                $currentTestClass.Tests.Add($currentTest)
-            }
-
-            $currentTest = [Test]::new($line)
-            $lastTestCollection = $currentTest
-        }
-        elseif ($lineType -eq [LineType]::Setup)
-        {
-            if ($lastTestCollection -ne $null)
-            {
-                $lastTestCollection.SetupMethodName = $line.Replace($setupBeginning, "")
-            }
-        }
-        elseif ($lineType -eq [LineType]::Teardown)
-        {
-            if ($lastTestCollection -ne $null)
-            {
-                $lastTestCollection.TeardownMethodName = $line.Replace($teardownBeginning, "")
-            }
-        }
-        elseif ($lineType -eq [LineType]::Property)
-        {
-            if ($lastTestCollection -ne $null)
-            {
-                foreach ($match in [Regex]::Matches($line, "Property\[(.*)\]\s+=\s+(.*)"))
-                {
-                    [string]$propertyKey = $match.Groups[1].Value;
-                    [string]$propertyValue = $match.Groups[2].Value;
-                    $lastTestCollection.Properties.Add($propertyKey, $propertyValue);
-                }
-            }
-        }
-    }
-
-    if ($currentTest -ne $null -and $currentTestClass -ne $null)
-    {
-        $currentTestClass.Tests.Add($currentTest)
-    }
-
-    if ($currentTestClass -ne $null -and $currentTestModule -ne $null)
-    {
-        $currentTestModule.TestClasses.Add($currentTestClass)
-    }
-
-    if ($currentTestModule -ne $null)
-    {
-        $testModules.Add($currentTestModule)
-    }
-
-    return $testModules
-}
-
-Write-Verbose "TaefQuery = $TaefQuery"
-
-$TaefSelectQuery = ""
-$TaefQueryToAppend = ""
-if($TaefQuery)
-{
-    $TaefSelectQuery = "/select:`"$TaefQuery`""
-    $TaefQueryToAppend = " and $TaefQuery"
-}
-Write-Verbose "TaefSelectQuery = $TaefSelectQuery"
-
-
-$taefExe = "$TaefPath\te.exe"
-[string]$taefOutput = & "$taefExe" /listproperties $TaefSelectQuery $TestFile | Out-String
-
-[System.Collections.Generic.List[TestModule]]$testModules = (Parse-TestInfo $taefOutput)
-
-$projFileContent = @"
-<Project>
-  <ItemGroup>
-"@
-
-foreach ($testModule in $testModules)
-{
-    foreach ($testClass in $testModules.TestClasses)
-    {
-        Write-Host "Generating Helix work item for test class $($testClass.Name)..."
-        [System.Collections.Generic.List[string]]$testSuiteNames = @()
-        
-        $testSuiteExists = $false
-        $suitelessTestExists = $false
-
-        foreach ($test in $testClass.Tests)
-        {
-            # A test method inherits its 'TestSuite' property from its TestClass
-            if (!$test.Properties.ContainsKey("TestSuite") -and $testClass.Properties.ContainsKey("TestSuite"))
-            {
-                $test.Properties["TestSuite"] = $testClass.Properties["TestSuite"]
-            }
-
-            if ($test.Properties.ContainsKey("TestSuite"))
-            {
-                [string]$testSuite = $test.Properties["TestSuite"]
-
-                if (-not $testSuiteNames.Contains($testSuite))
-                {
-                    Write-Host "    Found test suite $testSuite. Generating Helix work item for it as well."
-                    $testSuiteNames.Add($testSuite)
-                }
-
-                $testSuiteExists = $true
-            }
-            else
-            {
-                $suitelessTestExists = $true
-            }
-        }
-        
-        $testClassSelectPattern = "$($testClass.Name).*"
-        if($testClass.Name.Contains("::"))
-        {
-            $testClassSelectPattern = "$($testClass.Name)::*"
-        }
-        $testNameQuery= "(@Name='$testClassSelectPattern')"
-
-        $workItemName = $testClass.Name
-        # Native tests use '::' as a separator, which is not valid for workItem names.
-        $workItemName = $workItemName -replace "::", "-"
-        
-        if ($suitelessTestExists)
-        {
-            $projFileContent += @"
-
-    <HelixWorkItem Include="$($workItemName)" Condition="'`$(TestSuite)'=='$($JobTestSuiteName)'">
-      <Timeout>00:30:00</Timeout>
-      <Command>call %HELIX_CORRELATION_PAYLOAD%\runtests.cmd /select:"(@Name='$($testClass.Name)*'$(if ($testSuiteExists) { "and not @TestSuite='*'" }))$($TaefQueryToAppend)"</Command>
-    </HelixWorkItem>
-"@
-        }
-        
-        foreach ($testSuiteName in $testSuiteNames)
-        {
-            $projFileContent += @"
-
-    <HelixWorkItem Include="$($workItemName)-$testSuiteName" Condition="'`$(TestSuite)'=='$($JobTestSuiteName)'">
-      <Timeout>00:30:00</Timeout>
-      <Command>call %HELIX_CORRELATION_PAYLOAD%\runtests.cmd /select:"(@Name='$($testClass.Name)*' and @TestSuite='$testSuiteName')$($TaefQueryToAppend)"</Command>
-    </HelixWorkItem>
-"@
-        }
-    }
-}
-
-$projFileContent += @"
-
-  </ItemGroup>
-</Project>
-"@
-
-Set-Content $OutputProjFile $projFileContent -NoNewline -Encoding UTF8

build/Helix/InstallTestAppDependencies.ps1

@@ -1,12 +0,0 @@
-# Displaying progress is unnecessary and is just distracting.
-$ProgressPreference = "SilentlyContinue"
-
-$dependencyFiles = Get-ChildItem -Filter "*Microsoft.VCLibs.*.appx"
-
-foreach ($file in $dependencyFiles)
-{
-    Write-Host "Adding dependency $($file)..."
-
-    Add-AppxPackage $file
-    
-}

build/Helix/OutputFailedTestQuery.ps1

@@ -1,8 +0,0 @@
-Param(
-    [Parameter(Mandatory = $true)] 
-    [string]$WttInputPath
-)
-
-Add-Type -Language CSharp -ReferencedAssemblies System.Xml,System.Xml.Linq,System.Runtime.Serialization,System.Runtime.Serialization.Json (Get-Content $PSScriptRoot\HelixTestHelpers.cs -Raw)
-
-[HelixTestHelpers.FailedTestDetector]::OutputFailedTestQuery($WttInputPath)

build/Helix/OutputSubResultsJsonFiles.ps1

@@ -1,32 +0,0 @@
-Param(
-    [Parameter(Mandatory = $true)] 
-    [string]$WttInputPath,
-
-    [Parameter(Mandatory = $true)] 
-    [string]$WttSingleRerunInputPath,
-
-    [Parameter(Mandatory = $true)] 
-    [string]$WttMultipleRerunInputPath,
-
-    [Parameter(Mandatory = $true)] 
-    [string]$TestNamePrefix
-)
-
-# Ideally these would be passed as parameters to the script. However ps makes it difficult to deal with string literals containing '&', so we just 
-# read the values directly from the environment variables
-$helixResultsContainerUri = $Env:HELIX_RESULTS_CONTAINER_URI
-$helixResultsContainerRsas = $Env:HELIX_RESULTS_CONTAINER_RSAS
-
-Add-Type -Language CSharp -ReferencedAssemblies System.Xml,System.Xml.Linq,System.Runtime.Serialization,System.Runtime.Serialization.Json (Get-Content $PSScriptRoot\HelixTestHelpers.cs -Raw)
-
-$testResultParser = [HelixTestHelpers.TestResultParser]::new($TestNamePrefix, $helixResultsContainerUri, $helixResultsContainerRsas)
-[System.Collections.Generic.Dictionary[string, string]]$subResultsJsonByMethodName = $testResultParser.GetSubResultsJsonByMethodName($WttInputPath, $WttSingleRerunInputPath, $WttMultipleRerunInputPath)
-
-$subResultsJsonDirectory = [System.IO.Path]::GetDirectoryName($WttInputPath)
-
-foreach ($methodName in $subResultsJsonByMethodName.Keys)
-{
-    $subResultsJson = $subResultsJsonByMethodName[$methodName]
-    $subResultsJsonPath = [System.IO.Path]::Combine($subResultsJsonDirectory, $methodName + "_subresults.json")
-    Out-File $subResultsJsonPath -Encoding utf8 -InputObject $subResultsJson
-}

build/Helix/OutputTestResults.ps1

@@ -1,131 +0,0 @@
-Param(
-    [Parameter(Mandatory = $true)] 
-    [int]$MinimumExpectedTestsExecutedCount,
-
-    [string]$AccessToken = $env:SYSTEM_ACCESSTOKEN,
-    [string]$CollectionUri = $env:SYSTEM_COLLECTIONURI,
-    [string]$TeamProject = $env:SYSTEM_TEAMPROJECT,
-    [string]$BuildUri = $env:BUILD_BUILDURI,
-    [bool]$CheckJobAttempt
-)
-
-$azureDevOpsRestApiHeaders = @{
-    "Accept"="application/json"
-    "Authorization"="Basic $([System.Convert]::ToBase64String([System.Text.ASCIIEncoding]::ASCII.GetBytes(":$AccessToken")))"
-}
-
-. "$PSScriptRoot/AzurePipelinesHelperScripts.ps1"
-
-Write-Host "Checking test results..."
-
-$queryUri = GetQueryTestRunsUri -CollectionUri $CollectionUri -TeamProject $TeamProject -BuildUri $BuildUri -IncludeRunDetails
-Write-Host "queryUri = $queryUri"
-
-$testRuns = Invoke-RestMethodWithRetries $queryUri -Headers $azureDevOpsRestApiHeaders
-[System.Collections.Generic.List[string]]$failingTests = @()
-[System.Collections.Generic.List[string]]$unreliableTests = @()
-[System.Collections.Generic.List[string]]$unexpectedResultTest = @()
-
-[System.Collections.Generic.List[string]]$namesOfProcessedTestRuns = @()
-$totalTestsExecutedCount = 0
-
-# We assume that we only have one testRun with a given name that we care about
-# We only process the last testRun with a given name (based on completedDate)
-# The name of a testRun is set to the Helix queue that it was run on (e.g. windows.10.amd64.client21h1.xaml)
-# If we have multiple test runs on the same queue that we care about, we will need to re-visit this logic
-foreach ($testRun in ($testRuns.value | Sort-Object -Property "completedDate" -Descending))
-{
-    if ($CheckJobAttempt)
-    {
-        if ($namesOfProcessedTestRuns -contains $testRun.name)
-        {
-            Write-Host "Skipping test run '$($testRun.name)', since we have already processed a test run of that name."
-            continue
-        }
-    }
-    
-    Write-Host "Processing results from test run '$($testRun.name)'"
-    $namesOfProcessedTestRuns.Add($testRun.name)
-
-    $totalTestsExecutedCount += $testRun.totalTests
-
-    $testRunResultsUri = "$($testRun.url)/results?api-version=5.0"
-    $testResults = Invoke-RestMethodWithRetries "$($testRun.url)/results?api-version=5.0" -Headers $azureDevOpsRestApiHeaders
-        
-    foreach ($testResult in $testResults.value)
-    {
-        $shortTestCaseTitle = $testResult.testCaseTitle -replace "[a-zA-Z0-9]+.[a-zA-Z0-9]+.Windows.UI.Xaml.Tests.MUXControls.",""
-
-        if ($testResult.outcome -eq "Failed")
-        {
-            if (-not $failingTests.Contains($shortTestCaseTitle))
-            {
-                $failingTests.Add($shortTestCaseTitle)
-            }
-        }
-        elseif ($testResult.outcome -eq "Warning")
-        {
-            if (-not $unreliableTests.Contains($shortTestCaseTitle))
-            {
-                $unreliableTests.Add($shortTestCaseTitle)
-            }
-        }
-        elseif ($testResult.outcome -ne "Passed")
-        {
-            # We should only see tests with result "Passed", "Failed" or "Warning"
-            if (-not $unexpectedResultTest.Contains($shortTestCaseTitle))
-            {
-                $unexpectedResultTest.Add($shortTestCaseTitle)
-            }
-        }
-    }
-}
-
-if ($unreliableTests.Count -gt 0)
-{
-    Write-Host @"
-##vso[task.logissue type=warning;]Unreliable tests:
-##vso[task.logissue type=warning;]$($unreliableTests -join "$([Environment]::NewLine)##vso[task.logissue type=warning;]")
-
-"@
-}
-
-if ($failingTests.Count -gt 0)
-{
-    Write-Host @"
-##vso[task.logissue type=error;]Failing tests:
-##vso[task.logissue type=error;]$($failingTests -join "$([Environment]::NewLine)##vso[task.logissue type=error;]")
-
-"@
-}
-
-if ($unexpectedResultTest.Count -gt 0)
-{
-    Write-Host @"
-##vso[task.logissue type=error;]Tests with unexpected results:
-##vso[task.logissue type=error;]$($unexpectedResultTest -join "$([Environment]::NewLine)##vso[task.logissue type=error;]")
-
-"@
-}
-
-if($totalTestsExecutedCount -lt $MinimumExpectedTestsExecutedCount)
-{
-    Write-Host "Expected at least $MinimumExpectedTestsExecutedCount tests to be executed."
-    Write-Host "Actual executed test count is: $totalTestsExecutedCount"
-    Write-Host "##vso[task.complete result=Failed;]"
-}
-elseif ($failingTests.Count -gt 0)
-{
-    Write-Host "At least one test failed."
-    Write-Host "##vso[task.complete result=Failed;]"
-}
-elseif ($unreliableTests.Count -gt 0)
-{
-    Write-Host "All tests eventually passed, but some initially failed."
-    Write-Host "##vso[task.complete result=Succeeded;]"
-}
-else
-{
-    Write-Host "All tests passed."
-    Write-Host "##vso[task.complete result=Succeeded;]"
-}

build/Helix/PrepareHelixPayload.ps1

@@ -1,68 +0,0 @@
-[CmdLetBinding()]
-Param(
-    [string]$Platform,
-    [string]$Configuration,
-    [string]$ArtifactName='drop'
-)
-
-$payloadDir = "HelixPayload\$Configuration\$Platform"
-
-$repoDirectory = Join-Path (Split-Path -Parent $script:MyInvocation.MyCommand.Path) "..\..\"
-$nugetPackagesDir = Join-Path (Split-Path -Parent $script:MyInvocation.MyCommand.Path) "packages"
-
-# Create the payload directory. Remove it if it already exists.
-If(test-path $payloadDir)
-{
-    Remove-Item $payloadDir -Recurse
-}
-New-Item -ItemType Directory -Force -Path $payloadDir
-
-# Copy files from nuget packages
-Copy-Item "$nugetPackagesDir\microsoft.windows.apps.test.1.0.181203002\lib\netcoreapp2.1\*.dll" $payloadDir
-Copy-Item "$nugetPackagesDir\Microsoft.Taef.10.60.210621002\build\Binaries\$Platform\*" $payloadDir
-Copy-Item "$nugetPackagesDir\Microsoft.Taef.10.60.210621002\build\Binaries\$Platform\NetFx4.5\*" $payloadDir
-New-Item -ItemType Directory -Force -Path "$payloadDir\.NETCoreApp2.1\"
-Copy-Item "$nugetPackagesDir\runtime.win-$Platform.microsoft.netcore.app.2.1.0\runtimes\win-$Platform\lib\netcoreapp2.1\*" "$payloadDir\.NETCoreApp2.1\"
-Copy-Item "$nugetPackagesDir\runtime.win-$Platform.microsoft.netcore.app.2.1.0\runtimes\win-$Platform\native\*" "$payloadDir\.NETCoreApp2.1\"
-New-Item -ItemType Directory -Force -Path "$payloadDir\content\"
-Copy-Item "$nugetPackagesDir\Microsoft.Internal.Windows.Terminal.TestContent.1.0.1\content\*" "$payloadDir\content\"
-
-function Copy-If-Exists
-{
-    Param($source, $destinationDir)
-
-    if (Test-Path $source)
-    {
-        Write-Host "Copy from '$source' to '$destinationDir'"
-        Copy-Item -Force $source $destinationDir
-    }
-    else
-    {
-        Write-Host "'$source' does not exist."
-    }
-}
-
-# Copy files from the 'drop' artifact dir
-Copy-Item "$repoDirectory\Artifacts\$ArtifactName\$Configuration\$Platform\Test\*" $payloadDir -Recurse
-
-# Copy files from the repo
-New-Item -ItemType Directory -Force -Path "$payloadDir"
-Copy-Item "build\helix\ConvertWttLogToXUnit.ps1" "$payloadDir"
-Copy-Item "build\helix\OutputFailedTestQuery.ps1" "$payloadDir"
-Copy-Item "build\helix\OutputSubResultsJsonFiles.ps1" "$payloadDir"
-Copy-Item "build\helix\HelixTestHelpers.cs" "$payloadDir"
-Copy-Item "build\helix\runtests.cmd" $payloadDir
-Copy-Item "build\helix\InstallTestAppDependencies.ps1" "$payloadDir"
-Copy-Item "build\Helix\EnsureMachineState.ps1" "$payloadDir"
-
-# Copy the APPX package from the 'drop' artifact dir and Windows Kits
-Copy-Item "$repoDirectory\Artifacts\$ArtifactName\appx\CascadiaPackage_0.0.1.0_$Platform.msix" $payloadDir\CascadiaPackage.zip
-Copy-Item "C:\program files (x86)\Microsoft SDKs\Windows Kits\10\ExtensionSDKs\Microsoft.VCLibs.Desktop\14.0\Appx\Retail\x64\Microsoft.VCLibs.x64.14.00.Desktop.appx" $payloadDir\VCLibs.zip
-
-# Rename it to extension of ZIP because Expand-Archive is real sassy on the build machines
-# and refuses to unzip it because of its file extension while on a desktop, it just
-# does the job without complaining.
-
-# Extract the APPX package
-Expand-Archive -LiteralPath $payloadDir\CascadiaPackage.zip -DestinationPath $payloadDir\appx
-Expand-Archive -LiteralPath $payloadDir\VCLibs.zip -DestinationPath $payloadDir\appx -Force

build/Helix/ProcessHelixFiles.ps1

@@ -1,130 +0,0 @@
-Param(
-    [string]$AccessToken = $env:SYSTEM_ACCESSTOKEN,
-    [string]$HelixAccessToken = $env:HelixAccessToken,
-    [string]$CollectionUri = $env:SYSTEM_COLLECTIONURI,
-    [string]$TeamProject = $env:SYSTEM_TEAMPROJECT,
-    [string]$BuildUri = $env:BUILD_BUILDURI,
-    [string]$OutputFolder = "HelixOutput"
-)
-
-$helixLinkFile = "$OutputFolder\LinksToHelixTestFiles.html"
-
-
-function Generate-File-Links
-{
-    Param ([Array[]]$files,[string]$sectionName)
-    if($files.Count -gt 0)
-    {
-        Out-File -FilePath $helixLinkFile -Append -InputObject "<div class=$sectionName>"
-        Out-File -FilePath $helixLinkFile -Append -InputObject "<h4>$sectionName</h4>"
-        Out-File -FilePath $helixLinkFile -Append -InputObject "<ul>"
-        foreach($file in $files)
-        {
-            $url = Append-HelixAccessTokenToUrl $file.Link "{Your-Helix-Access-Token-Here}"
-            Out-File -FilePath $helixLinkFile -Append -InputObject "<li>$($url)</li>"
-        }
-        Out-File -FilePath $helixLinkFile -Append -InputObject "</ul>"
-        Out-File -FilePath $helixLinkFile -Append -InputObject "</div>"
-    }
-}
-
-function Append-HelixAccessTokenToUrl
-{
-    Param ([string]$url, [string]$token)
-    if($token)
-    {
-        if($url.Contains("?"))
-        {
-            $url = "$($url)&access_token=$($token)"
-        }
-        else
-        {
-            $url = "$($url)?access_token=$($token)"
-        }
-    }
-    return $url
-}
-
-#Create output directory
-New-Item $OutputFolder -ItemType Directory
-
-$azureDevOpsRestApiHeaders = @{
-    "Accept"="application/json"
-    "Authorization"="Basic $([System.Convert]::ToBase64String([System.Text.ASCIIEncoding]::ASCII.GetBytes(":$AccessToken")))"
-}
-
-. "$PSScriptRoot/AzurePipelinesHelperScripts.ps1"
-
-$queryUri = GetQueryTestRunsUri -CollectionUri $CollectionUri -TeamProject $TeamProject -BuildUri $BuildUri -IncludeRunDetails
-Write-Host "queryUri = $queryUri"
-
-$testRuns = Invoke-RestMethodWithRetries $queryUri -Headers $azureDevOpsRestApiHeaders
-$webClient = New-Object System.Net.WebClient
-[System.Collections.Generic.List[string]]$workItems = @()
-
-foreach ($testRun in $testRuns.value)
-{
-    Write-Host "testRunUri = $testRun.url"
-    $testResults = Invoke-RestMethodWithRetries "$($testRun.url)/results?api-version=5.0" -Headers $azureDevOpsRestApiHeaders
-    $isTestRunNameShown = $false
-
-    foreach ($testResult in $testResults.value)
-    {
-        $info = ConvertFrom-Json $testResult.comment
-        $helixJobId = $info.HelixJobId
-        $helixWorkItemName = $info.HelixWorkItemName
-
-        $workItem = "$helixJobId-$helixWorkItemName"
-
-        Write-Host "Helix Work Item = $workItem"
-
-        if (-not $workItems.Contains($workItem))
-        {
-            $workItems.Add($workItem)
-            $filesQueryUri = "https://helix.dot.net/api/2019-06-17/jobs/$helixJobId/workitems/$helixWorkItemName/files"
-            $filesQueryUri = Append-HelixAccessTokenToUrl $filesQueryUri $helixAccessToken
-            $files = Invoke-RestMethodWithRetries $filesQueryUri
-
-            $screenShots = $files | where { $_.Name.EndsWith(".jpg") }
-            $dumps = $files | where { $_.Name.EndsWith(".dmp") }
-            $pgcFiles = $files | where { $_.Name.EndsWith(".pgc") }
-            if ($screenShots.Count + $dumps.Count + $pgcFiles.Count -gt 0)
-            {
-                if(-Not $isTestRunNameShown)
-                {
-                    Out-File -FilePath $helixLinkFile -Append -InputObject "<h2>$($testRun.name)</h2>"
-                    $isTestRunNameShown = $true
-                }
-                Out-File -FilePath $helixLinkFile -Append -InputObject "<h3>$helixWorkItemName</h3>"
-                Generate-File-Links $screenShots "Screenshots"
-                Generate-File-Links $dumps "CrashDumps"
-                Generate-File-Links $pgcFiles "PGC files"
-                $misc = $files | where { ($screenShots -NotContains $_) -And ($dumps -NotContains $_) -And ($visualTreeVerificationFiles -NotContains $_) -And ($pgcFiles -NotContains $_) }
-                Generate-File-Links $misc "Misc"
-
-                foreach($pgcFile in $pgcFiles)
-                {
-                    $flavorPath = $testResult.automatedTestName.Split('.')[0]
-                    $archPath = $testResult.automatedTestName.Split('.')[1]
-                    $fileName = $pgcFile.Name
-                    $fullPath = "$OutputFolder\PGO\$flavorPath\$archPath"
-                    $destination = "$fullPath\$fileName"
-
-                    Write-Host "Copying $($pgcFile.Name) to $destination"
-
-                    if (-Not (Test-Path $fullPath))
-                    {
-                        New-Item $fullPath -ItemType Directory
-                    }
-
-                    $link = $pgcFile.Link
-
-                    Write-Host "Downloading $link to $destination"
-
-                    $link = Append-HelixAccessTokenToUrl $link $HelixAccessToken
-                    Download-FileWithRetries $link $destination
-                }
-            }
-        }
-    }
-}

build/Helix/RunTestsInHelix.proj

@@ -1,20 +0,0 @@
-<Project Sdk="Microsoft.DotNet.Helix.Sdk" DefaultTargets="Test">
-  <PropertyGroup>
-    <HelixSource>pr/terminal/$(BUILD_SOURCEBRANCH)/</HelixSource>
-    <EnableXUnitReporter>true</EnableXUnitReporter>
-    <EnableAzurePipelinesReporter>true</EnableAzurePipelinesReporter>
-    <FailOnMissionControlTestFailure>true</FailOnMissionControlTestFailure>
-    <HelixPreCommands>$(HelixPreCommands);set testnameprefix=$(Configuration).$(Platform);set testbuildplatform=$(Platform);set rerunPassesRequiredToAvoidFailure=$(rerunPassesRequiredToAvoidFailure)</HelixPreCommands>
-    <OutputPath>..\..\bin\$(Platform)\$(Configuration)\</OutputPath>
-  </PropertyGroup>
-
-  <ItemGroup>
-    <HelixCorrelationPayload Include="..\..\HelixPayload\$(Configuration)\$(Platform)" />
-  </ItemGroup>
-  
-  <!-- These .proj files are generated by the build machine prior to running tests via GenerateTestProjFile.ps1. -->
-  <Import Project="$(ProjFilesPath)\$(Configuration)\$(Platform)\RunTestsInHelix-TerminalAppLocalTests.proj" Condition=" '$(TestSuite)'=='DevTestSuite' " />
-  <Import Project="$(ProjFilesPath)\$(Configuration)\$(Platform)\RunTestsInHelix-SettingsModelLocalTests.proj" Condition=" '$(TestSuite)'=='DevTestSuite' " />
-  <Import Project="$(ProjFilesPath)\$(Configuration)\$(Platform)\RunTestsInHelix-HostTestsUIA.proj" Condition=" '$(TestSuite)'=='DevTestSuite' " />
-  <Import Project="$(ProjFilesPath)\$(Configuration)\$(Platform)\RunTestsInHelix-WindowsTerminalUIATests.proj" Condition=" '$(TestSuite)'=='PgoInstrumentationSuite' " />
-</Project>

build/Helix/UpdateUnreliableTests.ps1

@@ -1,136 +0,0 @@
-[CmdLetBinding()]
-Param(
-    [Parameter(Mandatory = $true)] 
-    [int]$RerunPassesRequiredToAvoidFailure,
-
-    [string]$AccessToken = $env:SYSTEM_ACCESSTOKEN,
-    [string]$CollectionUri = $env:SYSTEM_COLLECTIONURI,
-    [string]$TeamProject = $env:SYSTEM_TEAMPROJECT,
-    [string]$BuildUri = $env:BUILD_BUILDURI
-)
-
-. "$PSScriptRoot/AzurePipelinesHelperScripts.ps1"
-
-
-$azureDevOpsRestApiHeaders = @{
-    "Accept"="application/json"
-    "Authorization"="Basic $([System.Convert]::ToBase64String([System.Text.ASCIIEncoding]::ASCII.GetBytes(":$AccessToken")))"
-}
-
-$queryUri = GetQueryTestRunsUri -CollectionUri $CollectionUri -TeamProject $TeamProject -BuildUri $BuildUri
-Write-Host "queryUri = $queryUri"
-
-# To account for unreliable tests, we'll iterate through all of the tests associated with this build, check to see any tests that were unreliable
-# (denoted by being marked as "skipped"), and if so, we'll instead mark those tests with a warning and enumerate all of the attempted runs
-# with their pass/fail states as well as any relevant error messages for failed attempts.
-$testRuns = Invoke-RestMethodWithRetries $queryUri -Headers $azureDevOpsRestApiHeaders
-
-$timesSeenByRunName = @{}
-      
-foreach ($testRun in $testRuns.value)
-{
-    $testRunResultsUri = "$($testRun.url)/results?api-version=5.0"
-        
-    Write-Host "Marking test run `"$($testRun.name)`" as in progress so we can change its results to account for unreliable tests."
-    Invoke-RestMethod "$($testRun.url)?api-version=5.0" -Method Patch -Body (ConvertTo-Json @{ "state" = "InProgress" }) -Headers $azureDevOpsRestApiHeaders -ContentType "application/json" | Out-Null
-
-    Write-Host "Retrieving test results..."
-    $testResults = Invoke-RestMethodWithRetries $testRunResultsUri -Headers $azureDevOpsRestApiHeaders
-        
-    foreach ($testResult in $testResults.value)
-    {
-        $testNeedsSubResultProcessing = $false
-        if ($testResult.outcome -eq "NotExecuted")
-        {
-            $testNeedsSubResultProcessing = $true
-        }
-        elseif($testResult.outcome -eq "Failed")
-        {
-            $testNeedsSubResultProcessing = $testResult.errorMessage -like "*_subresults.json*"
-        }
-
-        if ($testNeedsSubResultProcessing)
-        {
-            Write-Host "  Test $($testResult.testCaseTitle) was detected as unreliable. Updating..."
-            
-            # The errorMessage field contains a link to the JSON-encoded rerun result data.
-            $resultsJson = Download-StringWithRetries "Error results" $testResult.errorMessage
-            $rerunResults = ConvertFrom-Json $resultsJson
-            [System.Collections.Generic.List[System.Collections.Hashtable]]$rerunDataList = @()
-            $attemptCount = 0
-            $passCount = 0
-            $totalDuration = 0
-            
-            foreach ($rerun in $rerunResults.results)
-            {
-                $rerunData = @{
-                    "displayName" = "Attempt #$($attemptCount + 1) - $($testResult.testCaseTitle)";
-                    "durationInMs" = $rerun.duration;
-                    "outcome" = $rerun.outcome;
-                }
-
-                if ($rerun.outcome -eq "Passed")
-                {
-                    $passCount++
-                }
-                
-                if ($attemptCount -gt 0)
-                {
-                    $rerunData["sequenceId"] = $attemptCount
-                }
-
-                Write-Host "    Attempt #$($attemptCount + 1): $($rerun.outcome)"
-                
-                if ($rerun.outcome -ne "Passed")
-                {
-                    $screenshots = "$($rerunResults.blobPrefix)/$($rerun.screenshots -join @"
-$($rerunResults.blobSuffix)
-$($rerunResults.blobPrefix)
-"@)$($rerunResults.blobSuffix)"
-
-                    # We subtract 1 from the error index because we added 1 so we could use 0
-                    # as a default value not injected into the JSON in order to keep its size down.
-                    # We did this because there's a maximum size enforced for the errorMessage parameter
-                    # in the Azure DevOps REST API.
-                    $fullErrorMessage = @"
-Log: $($rerunResults.blobPrefix)/$($rerun.log)$($rerunResults.blobSuffix)
-
-Screenshots:
-$screenshots
-
-Error log:
-$($rerunResults.errors[$rerun.errorIndex - 1])
-"@
-
-                    $rerunData["errorMessage"] = $fullErrorMessage
-                }
-                
-                $attemptCount++
-                $totalDuration += $rerun.duration
-                $rerunDataList.Add($rerunData)
-            }
-
-            $overallOutcome = "Warning"
-            
-            if ($attemptCount -eq 2)
-            {
-                Write-Host "  Test $($testResult.testCaseTitle) passed on the immediate rerun, so we'll mark it as unreliable."
-            }
-            elseif ($passCount -gt $RerunPassesRequiredToAvoidFailure)
-            {
-                Write-Host "  Test $($testResult.testCaseTitle) passed on $passCount of $attemptCount attempts, which is greater than or equal to the $RerunPassesRequiredToAvoidFailure passes required to avoid being marked as failed. Marking as unreliable."
-            }
-            else
-            {
-                Write-Host "  Test $($testResult.testCaseTitle) passed on only $passCount of $attemptCount attempts, which is less than the $RerunPassesRequiredToAvoidFailure passes required to avoid being marked as failed. Marking as failed."
-                $overallOutcome = "Failed"
-            }
-            
-            $updateBody = ConvertTo-Json @(@{ "id" = $testResult.id; "outcome" = $overallOutcome; "errorMessage" = " "; "durationInMs" = $totalDuration; "subResults" = $rerunDataList; "resultGroupType" = "rerun" }) -Depth 5
-            Invoke-RestMethod -Uri $testRunResultsUri -Method Patch -Headers $azureDevOpsRestApiHeaders -Body $updateBody -ContentType "application/json" | Out-Null
-        }
-    }
-        
-    Write-Host "Finished updates. Re-marking test run `"$($testRun.name)`" as completed."
-    Invoke-RestMethod -Uri "$($testRun.url)?api-version=5.0" -Method Patch -Body (ConvertTo-Json @{ "state" = "Completed" }) -Headers $azureDevOpsRestApiHeaders -ContentType "application/json" | Out-Null
-}

build/Helix/global.json

@@ -1,5 +0,0 @@
-{
-  "msbuild-sdks": {
-    "Microsoft.DotNet.Helix.Sdk": "5.0.0-beta.20277.5"
-  }
-}

build/Helix/packages.config

@@ -1,9 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<packages>
-  <package id="MUXCustomBuildTasks" version="1.0.48" targetFramework="native" />
-  <package id="Microsoft.Internal.Windows.Terminal.TestContent" version="1.0.1" />
-  <package id="Microsoft.Taef" version="10.60.210621002" targetFramework="native" />
-  <package id="microsoft.windows.apps.test" version="1.0.181203002" targetFramework="native" />
-  <package id="runtime.win-x86.microsoft.netcore.app" version="2.1.0" targetFramework="native" />
-  <package id="runtime.win-x64.microsoft.netcore.app" version="2.1.0" targetFramework="native" />
-</packages>

build/Helix/readme.md

@@ -1,32 +0,0 @@
-This directory contains code and configuration files to run WinUI tests in Helix.
-
-Helix is a cloud hosted test execution environment which is accessed via the Arcade SDK.
-More details:
-* [Arcade](https://github.com/dotnet/arcade)
-* [Helix](https://github.com/dotnet/arcade/tree/master/src/Microsoft.DotNet.Helix/Sdk)
-
-WinUI tests are scheduled in Helix by the Azure DevOps Pipeline: [RunHelixTests.yml](../RunHelixTests.yml).
-
-The workflow is as follows:
-1. NuGet Restore is called on the packages.config in this directory. This downloads any runtime dependencies 
-that are needed to run tests.
-2. PrepareHelixPayload.ps1 is called. This copies the necessary files from various locations into a Helix 
-payload directory. This directory is what will get sent to the Helix machines.
-3. RunTestsInHelix.proj is executed. This proj has a dependency on 
-[Microsoft.DotNet.Helix.Sdk](https://github.com/dotnet/arcade/tree/master/src/Microsoft.DotNet.Helix/Sdk) 
-which it uses to publish the Helix payload directory and to schedule the Helix Work Items. The WinUI tests 
-are parallelized into multiple Helix Work Items.
-4. Each Helix Work Item calls [runtests.cmd](runtests.cmd) with a specific query to pass to 
-[TAEF](https://docs.microsoft.com/en-us/windows-hardware/drivers/taef/) which runs the tests.
-5. If a test is detected to have failed, we run it again, first once, then eight more times if it fails again.
-If it fails all ten times, we report the test as failed; otherwise, we report it as unreliable,
-which will show up as a warning, but which will not fail the build.  When a test is reported as unreliable,
-we include the results for each individual run via a JSON string in the original test's errorMessage field.
-6. TAEF produces logs in WTT format. Helix is able to process logs in XUnit format. We run 
-[ConvertWttLogToXUnit.ps1](ConvertWttLogToXUnit.ps1) to convert the logs into the necessary format.
-7. RunTestsInHelix.proj has EnableAzurePipelinesReporter set to true. This allows the XUnit formatted test 
-results to be reported back to the Azure DevOps Pipeline.
-8. We process unreliable tests once all tests have been reported by reading the JSON string from the
-errorMessage field and calling the Azure DevOps REST API to modify the unreliable tests to have sub-results
-added to the test and to mark the test as "warning", which will enable people to see exactly how the test
-failed in runs where it did.

build/Helix/runtests.cmd

@@ -1,105 +0,0 @@
-setlocal ENABLEDELAYEDEXPANSION
-
-echo %TIME%
-
-robocopy %HELIX_CORRELATION_PAYLOAD% . /s /NP > NUL
-
-echo %TIME%
-
-reg add HKLM\Software\Policies\Microsoft\Windows\Appx /v AllowAllTrustedApps /t REG_DWORD /d 1 /f
-
-rem enable dump collection for our test apps:
-rem note, this script is run from a 32-bit cmd, but we need to set the native reg-key
-FOR %%A IN (TestHostApp.exe,te.exe,te.processhost.exe,conhost.exe,OpenConsole.exe,WindowsTerminal.exe) DO (
-  %systemroot%\sysnative\cmd.exe /c reg add "HKLM\Software\Microsoft\Windows\Windows Error Reporting\LocalDumps\%%A" /v DumpFolder /t REG_EXPAND_SZ /d %HELIX_DUMP_FOLDER% /f
-  %systemroot%\sysnative\cmd.exe /c reg add "HKLM\Software\Microsoft\Windows\Windows Error Reporting\LocalDumps\%%A" /v DumpType /t REG_DWORD /d 2 /f
-  %systemroot%\sysnative\cmd.exe /c reg add "HKLM\Software\Microsoft\Windows\Windows Error Reporting\LocalDumps\%%A" /v DumpCount /t REG_DWORD /d 10 /f
-)
-
-echo %TIME%
-
-:: kill dhandler, which is a tool designed to handle unexpected windows appearing. But since our tests are
-:: expected to show UI we don't want it running.
-taskkill -f -im dhandler.exe
-
-echo %TIME%
-powershell -ExecutionPolicy Bypass .\EnsureMachineState.ps1
-echo %TIME%
-powershell -ExecutionPolicy Bypass .\InstallTestAppDependencies.ps1
-echo %TIME%
-
-set testBinaryCandidates=TerminalApp.LocalTests.dll SettingsModel.LocalTests.dll Conhost.UIA.Tests.dll WindowsTerminal.UIA.Tests.dll
-set testBinaries=
-for %%B in (%testBinaryCandidates%) do (
-    if exist %%B (
-        set "testBinaries=!testBinaries! %%B"
-    )
-)
-
-echo %TIME%
-te.exe %testBinaries% /enablewttlogging /unicodeOutput:false /sessionTimeout:0:15 /testtimeout:0:10 /screenCaptureOnError %*
-echo %TIME%
-
-powershell -ExecutionPolicy Bypass Get-Process
-
-move te.wtl te_original.wtl
-
-copy /y te_original.wtl %HELIX_WORKITEM_UPLOAD_ROOT%
-copy /y WexLogFileOutput\*.jpg %HELIX_WORKITEM_UPLOAD_ROOT%
-copy /y *.pgc %HELIX_WORKITEM_UPLOAD_ROOT%
-
-set FailedTestQuery=
-for /F "tokens=* usebackq" %%I IN (`powershell -ExecutionPolicy Bypass .\OutputFailedTestQuery.ps1 te_original.wtl`) DO (
-  set FailedTestQuery=%%I
-)
-
-rem The first time, we'll just re-run failed tests once.  In many cases, tests fail very rarely, such that
-rem a single re-run will be sufficient to detect many unreliable tests.
-if "%FailedTestQuery%" == "" goto :SkipReruns
-
-echo %TIME%
-te.exe %testBinaries% /enablewttlogging /unicodeOutput:false /sessionTimeout:0:15 /testtimeout:0:10 /screenCaptureOnError /select:"%FailedTestQuery%"
-echo %TIME%
-
-move te.wtl te_rerun.wtl
-
-copy /y te_rerun.wtl %HELIX_WORKITEM_UPLOAD_ROOT%
-copy /y WexLogFileOutput\*.jpg %HELIX_WORKITEM_UPLOAD_ROOT%
-
-rem If there are still failing tests remaining, we'll run them eight more times, so they'll have been run a total of ten times.
-rem If any tests fail all ten times, we can be pretty confident that these are actual test failures rather than unreliable tests.
-if not exist te_rerun.wtl goto :SkipReruns
-
-set FailedTestQuery=
-for /F "tokens=* usebackq" %%I IN (`powershell -ExecutionPolicy Bypass .\OutputFailedTestQuery.ps1 te_rerun.wtl`) DO (
-  set FailedTestQuery=%%I
-)
-
-if "%FailedTestQuery%" == "" goto :SkipReruns
-
-echo %TIME%
-te.exe %testBinaries% /enablewttlogging /unicodeOutput:false /sessionTimeout:0:15 /testtimeout:0:10 /screenCaptureOnError /testmode:Loop /LoopTest:8 /select:"%FailedTestQuery%"
-echo %TIME%
-
-powershell -ExecutionPolicy Bypass Get-Process
-
-move te.wtl te_rerun_multiple.wtl
-
-copy /y te_rerun_multiple.wtl %HELIX_WORKITEM_UPLOAD_ROOT%
-copy /y WexLogFileOutput\*.jpg %HELIX_WORKITEM_UPLOAD_ROOT%
-powershell -ExecutionPolicy Bypass .\CopyVisualTreeVerificationFiles.ps1
-
-:SkipReruns
-
-powershell -ExecutionPolicy Bypass Get-Process
-
-echo %TIME%
-powershell -ExecutionPolicy Bypass .\OutputSubResultsJsonFiles.ps1 te_original.wtl te_rerun.wtl te_rerun_multiple.wtl %testnameprefix%
-powershell -ExecutionPolicy Bypass .\ConvertWttLogToXUnit.ps1 te_original.wtl te_rerun.wtl te_rerun_multiple.wtl testResults.xml %testnameprefix%
-echo %TIME%
-
-copy /y *_subresults.json %HELIX_WORKITEM_UPLOAD_ROOT%
-
-type testResults.xml
-
-echo %TIME%

build/config/ESRPSigning_ConPTY.json

@@ -1,51 +0,0 @@
-{
-    "Version": "1.0.0",
-    "UseMinimatch": false,
-    "SignBatches": [
-        {
-            "MatchedPath": [
-                "conpty.dll",
-                "OpenConsole.exe"
-            ],
-            "SigningInfo": {
-                "Operations": [
-                    {
-                        "KeyCode": "CP-230012",
-                        "OperationSetCode": "SigntoolSign",
-                        "Parameters": [
-                            {
-                                "parameterName": "OpusName",
-                                "parameterValue": "Microsoft"
-                            },
-                            {
-                                "parameterName": "OpusInfo",
-                                "parameterValue": "http://www.microsoft.com"
-                            },
-                            {
-                                "parameterName": "FileDigest",
-                                "parameterValue": "/fd \"SHA256\""
-                            },
-                            {
-                                "parameterName": "PageHash",
-                                "parameterValue": "/NPH"
-                            },
-                            {
-                                "parameterName": "TimeStamp",
-                                "parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
-                            }
-                        ],
-                        "ToolName": "sign",
-                        "ToolVersion": "1.0"
-                    },
-                    {
-                        "KeyCode": "CP-230012",
-                        "OperationSetCode": "SigntoolVerify",
-                        "Parameters": [],
-                        "ToolName": "sign",
-                        "ToolVersion": "1.0"
-                    }
-                ]
-            }
-        }
-    ]
-}

build/config/esrp.build.batch.conpty.json

@@ -0,0 +1,47 @@
+[
+    {
+        "MatchedPath": [
+            "conpty.dll",
+            "OpenConsole.exe"
+        ],
+        "SigningInfo": {
+            "Operations": [
+                {
+                    "KeyCode": "CP-230012",
+                    "OperationSetCode": "SigntoolSign",
+                    "Parameters": [
+                        {
+                            "parameterName": "OpusName",
+                            "parameterValue": "Microsoft"
+                        },
+                        {
+                            "parameterName": "OpusInfo",
+                            "parameterValue": "http://www.microsoft.com"
+                        },
+                        {
+                            "parameterName": "FileDigest",
+                            "parameterValue": "/fd \"SHA256\""
+                        },
+                        {
+                            "parameterName": "PageHash",
+                            "parameterValue": "/NPH"
+                        },
+                        {
+                            "parameterName": "TimeStamp",
+                            "parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
+                        }
+                    ],
+                    "ToolName": "sign",
+                    "ToolVersion": "1.0"
+                },
+                {
+                    "KeyCode": "CP-230012",
+                    "OperationSetCode": "SigntoolVerify",
+                    "Parameters": [],
+                    "ToolName": "sign",
+                    "ToolVersion": "1.0"
+                }
+            ]
+        }
+    }
+]

build/config/esrp.build.batch.terminal_constituents.json

@@ -0,0 +1,65 @@
+[
+    {
+        "MatchedPath": [
+            // Namespaced DLLs
+            "PackageContents/Microsoft.Terminal.*.dll",
+            "PackageContents/Microsoft.Terminal.*.winmd",
+
+            // ConPTY and DefTerm
+            "PackageContents/OpenConsole.exe",
+            "PackageContents/OpenConsoleProxy.dll",
+
+            // Legacy DLLs with old names
+            "PackageContents/TerminalApp.dll",
+            "PackageContents/TerminalApp.winmd",
+            "PackageContents/TerminalConnection.dll",
+            "PackageContents/TerminalThemeHelpers.dll",
+            "PackageContents/WindowsTerminalShellExt.dll",
+
+            // The rest
+            "PackageContents/TerminalAzBridge.exe",
+            "PackageContents/wt.exe",
+            "PackageContents/WindowsTerminal.exe",
+            "PackageContents/elevate-shim.exe"
+        ],
+        "SigningInfo": {
+            "Operations": [
+                {
+                    "KeyCode": "CP-230012",
+                    "OperationSetCode": "SigntoolSign",
+                    "Parameters": [
+                        {
+                            "parameterName": "OpusName",
+                            "parameterValue": "Microsoft"
+                        },
+                        {
+                            "parameterName": "OpusInfo",
+                            "parameterValue": "http://www.microsoft.com"
+                        },
+                        {
+                            "parameterName": "FileDigest",
+                            "parameterValue": "/fd \"SHA256\""
+                        },
+                        {
+                            "parameterName": "PageHash",
+                            "parameterValue": "/NPH"
+                        },
+                        {
+                            "parameterName": "TimeStamp",
+                            "parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
+                        }
+                    ],
+                    "ToolName": "sign",
+                    "ToolVersion": "1.0"
+                },
+                {
+                    "KeyCode": "CP-230012",
+                    "OperationSetCode": "SigntoolVerify",
+                    "Parameters": [],
+                    "ToolName": "sign",
+                    "ToolVersion": "1.0"
+                }
+            ]
+        }
+    }
+]

build/config/esrp.build.batch.wpf.json

@@ -0,0 +1,46 @@
+[
+    {
+        "MatchedPath": [
+            "PublicTerminalCore.dll"
+        ],
+        "SigningInfo": {
+            "Operations": [
+                {
+                    "KeyCode": "CP-230012",
+                    "OperationSetCode": "SigntoolSign",
+                    "Parameters": [
+                        {
+                            "parameterName": "OpusName",
+                            "parameterValue": "Microsoft"
+                        },
+                        {
+                            "parameterName": "OpusInfo",
+                            "parameterValue": "http://www.microsoft.com"
+                        },
+                        {
+                            "parameterName": "FileDigest",
+                            "parameterValue": "/fd \"SHA256\""
+                        },
+                        {
+                            "parameterName": "PageHash",
+                            "parameterValue": "/NPH"
+                        },
+                        {
+                            "parameterName": "TimeStamp",
+                            "parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
+                        }
+                    ],
+                    "ToolName": "sign",
+                    "ToolVersion": "1.0"
+                },
+                {
+                    "KeyCode": "CP-230012",
+                    "OperationSetCode": "SigntoolVerify",
+                    "Parameters": [],
+                    "ToolName": "sign",
+                    "ToolVersion": "1.0"
+                }
+            ]
+        }
+    }
+]

build/config/esrp.build.batch.wpfdotnet.json

@@ -0,0 +1,47 @@
+[
+    {
+        "MatchedPath": [
+            "WpfTerminalControl/net472/Microsoft.Terminal.Wpf.dll",
+            "WpfTerminalControl/net6.0-windows/Microsoft.Terminal.Wpf.dll"
+        ],
+        "SigningInfo": {
+            "Operations": [
+                {
+                    "KeyCode": "CP-230012",
+                    "OperationSetCode": "SigntoolSign",
+                    "Parameters": [
+                        {
+                            "parameterName": "OpusName",
+                            "parameterValue": "Microsoft"
+                        },
+                        {
+                            "parameterName": "OpusInfo",
+                            "parameterValue": "http://www.microsoft.com"
+                        },
+                        {
+                            "parameterName": "FileDigest",
+                            "parameterValue": "/fd \"SHA256\""
+                        },
+                        {
+                            "parameterName": "PageHash",
+                            "parameterValue": "/NPH"
+                        },
+                        {
+                            "parameterName": "TimeStamp",
+                            "parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
+                        }
+                    ],
+                    "ToolName": "sign",
+                    "ToolVersion": "1.0"
+                },
+                {
+                    "KeyCode": "CP-230012",
+                    "OperationSetCode": "SigntoolVerify",
+                    "Parameters": [],
+                    "ToolName": "sign",
+                    "ToolVersion": "1.0"
+                }
+            ]
+        }
+    }
+]

build/config/tsa.json

@@ -0,0 +1,6 @@
+{
+    "instanceUrl": "https://microsoft.visualstudio.com",
+    "projectName": "OS",
+    "areaPath": "OS\\Windows Client and Services\\ADEPT\\E4D-Engineered for Developers\\SHINE\\Terminal",
+    "notificationAliases": ["condev@microsoft.com", "duhowett@microsoft.com"]
+}

build/packages.config

@@ -3,8 +3,6 @@
   <package id="MUXCustomBuildTasks" version="1.0.48" targetFramework="native" />
   <package id="Microsoft.Taef" version="10.60.210621002" targetFramework="native" />
   <package id="Microsoft.Internal.PGO-Helpers.Cpp" version="0.2.34" targetFramework="native" />
-  <!-- This cannot be included in another project that depends on XAML (as it would be a duplicate package ID) -->
-  <package id="Microsoft.UI.Xaml" version="2.7.3" targetFramework="native" />
   <package id="Microsoft.Debugging.Tools.PdbStr" version="20220617.1556.0" targetFramework="native" />
   <package id="Microsoft.Debugging.Tools.SrcTool" version="20220617.1556.0" targetFramework="native" />
 </packages>

build/pgo/PGO.DB.proj

@@ -1,4 +1,5 @@
 <Project xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <Import Project="Terminal.PGO.props" />
+  <Import Project="$(PkgMicrosoft_PGO_Helpers_Cpp)\build\Microsoft.PGO-Helpers.Cpp.props" />
   <Import Project="$(PkgMicrosoft_PGO_Helpers_Cpp)\build\Microsoft.PGO-Helpers.Cpp.targets" />
-</Project>
+</Project>

build/pgo/Terminal.PGO.DB.nuspec

@@ -12,5 +12,6 @@
   <files>
     <!-- The target directories for pgd files need to remain as is.  PGO optimization pass will rely on this exact directory layout. -->
     <file src="x64\*.pgd" target="tools\x64"/>
+    <file src="arm64\*.pgd" target="tools\arm64"/>
   </files>
 </package>

build/pgo/Terminal.PGO.props

@@ -9,21 +9,21 @@
 
   <PropertyGroup>
     <!-- Optional, defaults to main.  Name of the branch which will be used for calculating branch point. -->
-    <PGOBranch>main</PGOBranch>
+    <PGOBranch>release-1.17</PGOBranch>
 
     <!-- Mandatory.  Name of the NuGet package which will contain PGO databases for consumption by build system. -->
     <PGOPackageName>Microsoft.Internal.Windows.Terminal.PGODatabase</PGOPackageName>
 
-    <!-- Mandatory.  Major version number of the PGO database which should match the version of the product.  This can be hardcoded or obtained from other sources in build system. -->
+    <!-- Mandatory.  Major version number of the PGO database which should match the version of the product.  This can be hard-coded or obtained from other sources in build system. -->
     <PGOPackageVersionMajor>$(VersionMajor)</PGOPackageVersionMajor>
 
-    <!-- Mandatory.  Minor version number of the PGO database which should match the version of the product.  This can be hardcoded or obtained from other sources in build system. -->
+    <!-- Mandatory.  Minor version number of the PGO database which should match the version of the product.  This can be hard-coded or obtained from other sources in build system. -->
     <PGOPackageVersionMinor>$(VersionMinor)</PGOPackageVersionMinor>
 
-    <!-- Mandatory, defaults to 0.  Patch version number of the PGO database which should match the version of the product.  This can be hardcoded or obtained from other sources in build system. -->
+    <!-- Mandatory, defaults to 0.  Patch version number of the PGO database which should match the version of the product.  This can be hard-coded or obtained from other sources in build system. -->
     <PGOPackageVersionPatch>0</PGOPackageVersionPatch>
     
-    <!-- Optional, defaults to empty.  Prerelease version number of the PGO database which should match the version of the product.  This can be hardcoded or obtained from other sources in build system. -->
+    <!-- Optional, defaults to empty.  Prerelease version number of the PGO database which should match the version of the product.  This can be hard-coded or obtained from other sources in build system. -->
     <PGOPackageVersionPrerelease></PGOPackageVersionPrerelease>
 
     <!-- Mandatory.  Path to nuget.config file for the project.  Path is relative to where the props file will be. -->
@@ -46,6 +46,5 @@
     <PGOCopyRuntime Condition="'$(PGOBuildMode)' == 'Instrument'">true</PGOCopyRuntime>
   </PropertyGroup>
 
-  <!-- Import PGO-Helpers -->
-  <Import Project="$(PkgMicrosoft_PGO_Helpers_Cpp)\build\Microsoft.PGO-Helpers.Cpp.props" />
+  <!-- Do not import PGO-Helpers props here, as it is too early to detect the C++ tools directory -->
 </Project>

build/pipelines/ci.yml

@@ -29,76 +29,80 @@ variables:
 #     0.0.1904.0900
 name: 0.0.$(Date:yyMM).$(Date:dd)$(Rev:rr)
 
+parameters:
+  - name: auditMode
+    displayName: "Build in Audit Mode (x64)"
+    type: boolean
+    default: true
+  - name: runTests
+    displayName: "Run Tests"
+    type: boolean
+    default: true
+  - name: buildPlatforms
+    type: object
+    default:
+      - x64
+      - x86
+      - arm64
+
 stages:
-  - stage: Audit_x64
-    displayName: Audit Mode
-    dependsOn: []
-    condition: succeeded()
-    jobs:
-      - template: ./templates/build-console-audit-job.yml
-        parameters:
-          platform: x64
+  - ${{ if eq(parameters.auditMode, true) }}:
+    - stage: Audit_x64
+      displayName: Audit Mode
+      dependsOn: []
+      jobs:
+        - template: ./templates-v2/job-build-project.yml
+          parameters:
+            pool:
+              ${{ if eq(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
+                name: SHINE-OSS-L
+              ${{ if ne(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
+                name: SHINE-INT-L
+            buildPlatforms: [x64]
+            buildConfigurations: [AuditMode]
+            buildEverything: true
+            keepAllExpensiveBuildOutputs: false
 
-  - stage: Build_x64
-    displayName: Build x64
-    dependsOn: []
-    condition: succeeded()
-    jobs:
-      - template: ./templates/build-console-ci.yml
-        parameters:
-          platform: x64
-  - stage: Build_x86
-    displayName: Build x86
+  - stage: CodeHealth
+    displayName: Code Health
     dependsOn: []
     jobs:
-      - template: ./templates/build-console-ci.yml
-        parameters:
-          platform: x86
-  - stage: Build_ARM64
-    displayName: Build ARM64
-    dependsOn: []
-    condition: not(eq(variables['Build.Reason'], 'PullRequest'))
-    jobs:
-      - template: ./templates/build-console-ci.yml
-        parameters:
-          platform: ARM64
+      - template: ./templates-v2/job-check-code-format.yml
 
-  - stage: Test_x64
-    displayName: Test x64
-    dependsOn: [Build_x64]
-    condition: succeeded()
-    jobs:
-      - template: ./templates/test-console-ci.yml
-        parameters:
-          platform: x64
-  - stage: Test_x86
-    displayName: Test x86
-    dependsOn: [Build_x86]
-    jobs:
-      - template: ./templates/test-console-ci.yml
-        parameters:
-          platform: x86
+  - ${{ each platform in parameters.buildPlatforms }}:
+    - stage: Build_${{ platform }}
+      displayName: Build ${{ platform }}
+      dependsOn: []
+      jobs:
+        - template: ./templates-v2/job-build-project.yml
+          parameters:
+            pool:
+              ${{ if eq(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
+                name: SHINE-OSS-L
+              ${{ if ne(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
+                name: SHINE-INT-L
+            buildPlatforms:
+              - ${{ platform }}
+            buildConfigurations: [Release]
+            buildEverything: true
+            keepAllExpensiveBuildOutputs: false
 
-  - stage: Helix_x64
-    displayName: Helix x64
-    dependsOn: [Build_x64]
-    condition: and(succeeded(), not(eq(variables['Build.Reason'], 'PullRequest')))
-    jobs:
-      - template: ./templates/console-ci-helix-job.yml
-        parameters:
-          platform: x64
+    - ${{ if eq(parameters.runTests, true) }}:
+      - stage: Test_${{ platform }}
+        displayName: Test ${{ platform }}
+        dependsOn:
+          - Build_${{ platform }}
+        condition: succeeded()
+        jobs:
+          - template: ./templates-v2/job-test-project.yml
+            parameters:
+              platform: ${{ platform }}
+              # The tests might be run more than once; log one artifact per attempt.
+              outputArtifactStem: -$(System.JobAttempt)
 
-  - stage: Scripts
-    displayName: Code Health Scripts
-    dependsOn: []
-    condition: succeeded()
-    jobs:
-      - template: ./templates/check-formatting.yml
-
-
-  - stage: CodeIndexer
-    displayName: Github CodeNav Indexer
-    dependsOn: [Build_x64]
-    condition: and(succeeded(), not(eq(variables['Build.Reason'], 'PullRequest')))
-    jobs:
-      - template: ./templates/codenav-indexer.yml
+  - ${{ if ne(variables['Build.Reason'], 'PullRequest') }}:
+    - stage: CodeIndexer
+      displayName: Github CodeNav Indexer
+      dependsOn: []
+      jobs:
+        - template: ./templates-v2/job-index-github-codenav.yml

build/pipelines/daily-loc-submission.yml

@@ -27,6 +27,7 @@ steps:
   clean: true
   submodules: false
   fetchDepth: 1 # Don't need a deep checkout for loc files!
+  fetchTags: false # Tags still result in depth > 1 fetch; we don't need them here
   persistCredentials: true
   path: s # Adding a second repo made Azure DevOps change where we're checked out.
 

build/pipelines/feature-flag-ci.yml

@@ -7,6 +7,7 @@ pr:
   paths:
     include:
       - src/features.xml
+      - build/pipelines/feature-flag-ci.yml
 
 variables:
   - name: runCodesignValidationInjectionBG
@@ -21,9 +22,19 @@ parameters:
       # Dev is built automatically
       # WindowsInbox does not typically build with VS.
 
-jobs:
+stages:
   - ${{ each branding in parameters.buildBrandings }}:
-    - template: ./templates/build-console-ci.yml
-      parameters:
-        platform: x64
-        branding: ${{ branding }}
+    - stage: Build_${{ branding }}
+      dependsOn: []
+      displayName: Build ${{ branding }}
+      jobs:
+        - template: ./templates-v2/job-build-project.yml
+          parameters:
+            pool: # This only runs in CI
+                name: SHINE-OSS-L
+            buildPlatforms: [x64]
+            buildConfigurations: [Release]
+            buildEverything: true
+            branding: ${{ branding }}
+            keepAllExpensiveBuildOutputs: false
+            artifactStem: -${{ branding }} # Disambiguate artifacts with the same config/platform

build/pipelines/fuzz.yml

@@ -16,44 +16,52 @@ pr: none
 name: 0.0.$(Date:yyMM).$(Date:dd)$(Rev:rr)
 
 stages:
-  - stage: Build_Fuzz_Config
-    displayName: Build Fuzzers
+  - stage: Build
+    displayName: Fuzzing Build
     dependsOn: []
     condition: succeeded()
     jobs:
-    - template: ./templates/build-console-fuzzing.yml
-      parameters:
-        platform: x64
-  - stage: OneFuzz
-    displayName: Submit OneFuzz Job
-    dependsOn: ['Build_Fuzz_Config']
+      - template: ./templates-v2/job-build-project.yml
+        parameters:
+          pool:
+            ${{ if eq(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
+              name: SHINE-OSS-L
+            ${{ if ne(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
+              name: SHINE-INT-L
+          buildPlatforms: [x64]
+          buildConfigurations: [Fuzzing]
+          buildEverything: true
+          keepAllExpensiveBuildOutputs: false
+
+  - stage: Submit
+    displayName: Submit to OneFuzz
+    dependsOn: [Build]
     condition: succeeded()
-    pool:
-      vmImage: 'ubuntu-latest'
-    variables:
-      artifactName: fuzzingBuildOutput
     jobs:
-    - job:
-      steps:
-      - task: DownloadBuildArtifacts@0
-        inputs:
-          artifactName: $(artifactName)
-          downloadPath: $(Build.ArtifactStagingDirectory)
-      - task: UsePythonVersion@0
-        inputs:
-          versionSpec: '3.x'
-          addToPath: true
-          architecture: 'x64'
-      - bash: |
-          set -ex
-          pip -q install onefuzz
-          onefuzz config --endpoint $(endpoint) --client_id $(client_id) --authority $(authority) --tenant_domain $(tenant_domain) --client_secret $(client_secret)
-          sed -i s/INSERT_PAT_HERE/$(ado_pat)/ build/Fuzz/notifications-ado.json
-          sed -i s/INSERT_ASSIGNED_HERE/$(ado_assigned_to)/ build/Fuzz/notifications-ado.json
-        displayName: Configure OneFuzz
-      - bash: |
-          onefuzz template libfuzzer basic --colocate_all_tasks --vm_count 1 --target_exe $target_exe_path --notification_config @./build/Fuzz/notifications-ado.json OpenConsole $test_name $(Build.SourceVersion) default
-        displayName: Submit OneFuzz Job
-        env:
-          target_exe_path: $(Build.ArtifactStagingDirectory)/$(artifactName)/Fuzzing/x64/test/OpenConsoleFuzzer.exe
-          test_name: WriteCharsLegacy
+      - job:
+        pool:
+          vmImage: 'ubuntu-latest'
+        steps:
+        - task: DownloadPipelineArtifact@2
+          displayName: Download artifacts
+          inputs:
+            artifactName: build-x64-Fuzzing
+            downloadPath: $(Build.ArtifactStagingDirectory)
+        - task: UsePythonVersion@0
+          inputs:
+            versionSpec: '3.x'
+            addToPath: true
+            architecture: 'x64'
+        - bash: |
+            set -ex
+            pip -q install onefuzz
+            onefuzz config --endpoint $(endpoint) --client_id $(client_id) --authority $(authority) --tenant_domain $(tenant_domain) --client_secret $(client_secret)
+            sed -i s/INSERT_PAT_HERE/$(ado_pat)/ build/Fuzz/notifications-ado.json
+            sed -i s/INSERT_ASSIGNED_HERE/$(ado_assigned_to)/ build/Fuzz/notifications-ado.json
+          displayName: Configure OneFuzz
+        - bash: |
+            onefuzz template libfuzzer basic --colocate_all_tasks --vm_count 1 --target_exe $target_exe_path --notification_config @./build/Fuzz/notifications-ado.json OpenConsole $test_name $(Build.SourceVersion) default
+          displayName: Submit OneFuzz Job
+          env:
+            target_exe_path: $(Build.ArtifactStagingDirectory)/OpenConsoleFuzzer.exe
+            test_name: WriteCharsLegacy

build/pipelines/nightly.yml

@@ -0,0 +1,23 @@
+trigger: none
+pr: none
+schedules:
+  - cron: "30 3 * * 2-6" # Run at 03:30 UTC Tuesday through Saturday (After the work day in Pacific, Mon-Fri)
+    displayName: "Nightly Terminal Build"
+    branches:
+      include:
+        - main
+    always: false # only run if there's code changes!
+
+name: $(BuildDefinitionName)_$(date:yyMM).$(date:dd)$(rev:rrr)
+
+extends:
+  template: templates-v2\pipeline-full-release-build.yml
+  parameters:
+    branding: Canary
+    buildTerminal: true
+    pgoBuildMode: Optimize
+    codeSign: true
+    generateSbom: true
+    publishSymbolsToPublic: true
+    publishVpackToWindows: false
+    symbolExpiryTime: 15 # Nightly builds do not keep symbols for very long!

build/pipelines/ob-nightly.yml

@@ -0,0 +1,49 @@
+trigger: none
+pr: none
+schedules:
+  - cron: "30 3 * * 2-6" # Run at 03:30 UTC Tuesday through Saturday (After the work day in Pacific, Mon-Fri)
+    displayName: "Nightly Terminal Build"
+    branches:
+      include:
+        - main
+    always: false # only run if there's code changes!
+
+parameters:
+  - name: publishToAzure
+    displayName: "Deploy to **PUBLIC** Azure Storage"
+    type: boolean
+    default: true
+
+name: $(BuildDefinitionName)_$(date:yyMM).$(date:dd)$(rev:rrr)
+
+variables:
+  - template: templates-v2/variables-nuget-package-version.yml
+    parameters:
+      branding: Canary
+  - template: templates-v2/variables-onebranch-config.yml
+
+extends:
+  template: templates-v2/pipeline-onebranch-full-release-build.yml
+  parameters:
+    official: true
+    branding: Canary
+    buildTerminal: true
+    pgoBuildMode: Optimize
+    codeSign: true
+    publishSymbolsToPublic: true
+    publishVpackToWindows: false
+    symbolExpiryTime: 15
+    ${{ if eq(true, parameters.publishToAzure) }}:
+      extraPublishJobs:
+        - template: job-deploy-to-azure-storage.yml
+          parameters:
+            pool: { type: windows }
+            dependsOn: [PublishSymbols]
+            storagePublicRootURL: $(AppInstallerRootURL)
+            subscription: $(AzureSubscriptionName)
+            storageAccount: $(AzureStorageAccount)
+            storageContainer: $(AzureStorageContainer)
+            buildConfiguration: Release
+            buildPlatforms: [x64, x86, arm64]
+            environment: production-canary
+

build/pipelines/ob-release.yml

@@ -0,0 +1,83 @@
+trigger: none
+pr: none
+
+# Expose all of these parameters for user configuration.
+parameters:
+  - name: branding
+    displayName: "Branding (Build Type)"
+    type: string
+    default: Release
+    values:
+      - Release
+      - Preview
+      - Canary
+      - Dev
+  - name: buildTerminal
+    displayName: "Build Windows Terminal MSIX"
+    type: boolean
+    default: true
+  - name: buildConPTY
+    displayName: "Build ConPTY NuGet"
+    type: boolean
+    default: false
+  - name: buildWPF
+    displayName: "Build Terminal WPF Control"
+    type: boolean
+    default: false
+  - name: pgoBuildMode
+    displayName: "PGO Build Mode"
+    type: string
+    default: Optimize
+    values:
+      - Optimize
+      - Instrument
+      - None
+  - name: buildConfigurations
+    displayName: "Build Configurations"
+    type: object
+    default:
+      - Release
+  - name: buildPlatforms
+    displayName: "Build Platforms"
+    type: object
+    default:
+      - x64
+      - x86
+      - arm64
+  - name: terminalInternalPackageVersion
+    displayName: "Terminal Internal Package Version"
+    type: string
+    default: '0.0.8'
+
+  - name: publishSymbolsToPublic
+    displayName: "Publish Symbols to MSDL"
+    type: boolean
+    default: true
+  - name: publishVpackToWindows
+    displayName: "Publish VPack to Windows"
+    type: boolean
+    default: false
+
+name: $(BuildDefinitionName)_$(date:yyMM).$(date:dd)$(rev:rrr)
+
+variables:
+  - template: templates-v2/variables-nuget-package-version.yml
+    parameters:
+      branding: ${{ parameters.branding }}
+  - template: templates-v2/variables-onebranch-config.yml
+
+extends:
+  template: templates-v2/pipeline-onebranch-full-release-build.yml
+  parameters:
+    official: true
+    branding: ${{ parameters.branding }}
+    buildTerminal: ${{ parameters.buildTerminal }}
+    buildConPTY: ${{ parameters.buildConPTY }}
+    buildWPF: ${{ parameters.buildWPF }}
+    pgoBuildMode: ${{ parameters.pgoBuildMode }}
+    buildConfigurations: ${{ parameters.buildConfigurations }}
+    buildPlatforms: ${{ parameters.buildPlatforms }}
+    codeSign: true
+    terminalInternalPackageVersion: ${{ parameters.terminalInternalPackageVersion }}
+    publishSymbolsToPublic: ${{ parameters.publishSymbolsToPublic }}
+    publishVpackToWindows: ${{ parameters.publishVpackToWindows }}

build/pipelines/pgo.yml

@@ -1,5 +1,27 @@
 trigger: none
 pr: none
+schedules:
+  - cron: "0 5 * * 2-6" # Run at 05:00 UTC Tuesday through Saturday (Even later than Localization, after the work day in Pacific, Mon-Fri)
+    displayName: "Nightly Instrumentation Build"
+    branches:
+      include:
+        - main
+    always: false # only run if there's code changes!
+
+parameters:
+  - name: branding
+    displayName: "Branding (Build Type)"
+    type: string
+    default: Preview # By default, we'll PGO the Preview builds to get max coverage
+    values:
+      - Release
+      - Preview
+      - Dev
+  - name: buildPlatforms
+    type: object
+    default:
+      - x64
+      - arm64
 
 variables:
   - name: runCodesignValidationInjectionBG
@@ -10,18 +32,57 @@ variables:
 name: 0.0.$(Date:yyMM).$(Date:dd)$(Rev:rr)
 
 stages:
-  - stage: Build_x64
-    displayName: Build x64
+  - stage: Build
+    displayName: Build
     dependsOn: []
     condition: succeeded()
     jobs:
-      - template: ./templates/build-console-pgo.yml
+      - template: ./templates-v2/job-build-project.yml
         parameters:
-          platform: x64
-  - stage: Publish_PGO_Databases
-    displayName: Publish PGO databases
-    dependsOn: ['Build_x64']
+          pool:
+            ${{ if eq(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
+              name: SHINE-OSS-L
+            ${{ if ne(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
+              name: SHINE-INT-L
+          branding: ${{ parameters.branding }}
+          buildPlatforms: ${{ parameters.buildPlatforms }}
+          buildConfigurations: [Release]
+          buildEverything: true
+          pgoBuildMode: Instrument
+          artifactStem: -instrumentation
+
+  - stage: RunPGO
+    displayName: Run PGO
+    dependsOn: [Build]
+    condition: succeeded()
     jobs:
-      - template: ./templates/pgo-build-and-publish-nuget-job.yml
+      - ${{ each platform in parameters.buildPlatforms }}:
+        - template: ./templates-v2/job-run-pgo-tests.yml
+          parameters:
+            # This job chooses its own pools based on platform
+            buildPlatform: ${{ platform }}
+            buildConfiguration: Release
+            artifactStem: -instrumentation
+
+  - stage: FinalizePGO
+    displayName: Finalize PGO and Publish
+    dependsOn: [RunPGO]
+    condition: succeeded()
+    jobs:
+      # This job takes multiple platforms and fans them back in to a single artifact.
+      - template: ./templates-v2/job-pgo-merge-pgd.yml
         parameters:
-          pgoArtifact: 'PGO'
+          jobName: MergePGD
+          pool:
+            vmImage: 'windows-2022'
+          buildConfiguration: Release
+          buildPlatforms: ${{ parameters.buildPlatforms }}
+          artifactStem: -instrumentation
+
+      - template: ./templates-v2/job-pgo-build-nuget-and-publish.yml
+        parameters:
+          pool:
+            vmImage: 'windows-2022'
+          dependsOn: MergePGD
+          buildConfiguration: Release
+          artifactStem: -instrumentation

build/pipelines/release.yml

@@ -1,11 +1,7 @@
-# This build should never run as CI or against a pull request.
 trigger: none
 pr: none
 
-pool:
-  name: WinDevPool-L
-  demands: ImageOverride -equals WinDevVS17-latest
-
+# Expose all of these parameters for user configuration.
 parameters:
   - name: branding
     displayName: "Branding (Build Type)"
@@ -14,22 +10,11 @@ parameters:
     values:
       - Release
       - Preview
+      - Dev
   - name: buildTerminal
     displayName: "Build Windows Terminal MSIX"
     type: boolean
     default: true
-  - name: runCompliance
-    displayName: "Run Compliance and Security Build"
-    type: boolean
-    default: true
-  - name: publishSymbolsToPublic
-    displayName: "Publish Symbols to MSDL"
-    type: boolean
-    default: true
-  - name: buildTerminalVPack
-    displayName: "Build Windows Terminal VPack"
-    type: boolean
-    default: false
   - name: buildConPTY
     displayName: "Build ConPTY NuGet"
     type: boolean
@@ -47,677 +32,57 @@ parameters:
       - Instrument
       - None
   - name: buildConfigurations
+    displayName: "Build Configurations"
     type: object
     default:
       - Release
   - name: buildPlatforms
+    displayName: "Build Platforms"
     type: object
     default:
       - x64
       - x86
       - arm64
-  - name: buildWindowsVersions
-    type: object
-    default:
-      - Win10
-      - Win11
+  - name: codeSign
+    displayName: "Sign all build outputs"
+    type: boolean
+    default: true
+  - name: generateSbom
+    displayName: "Generate a Bill of Materials"
+    type: boolean
+    default: true
+  - name: terminalInternalPackageVersion
+    displayName: "Terminal Internal Package Version"
+    type: string
+    default: '0.0.8'
 
-variables:
-  TerminalInternalPackageVersion: "0.0.7"
-  # If we are building a branch called "release-*", change the NuGet suffix
-  # to "preview". If we don't do that, XES will set the suffix to "release1"
-  # because it truncates the value after the first period.
-  # We also want to disable the suffix entirely if we're Release branded while
-  # on a release branch.
-  # main is special, however. XES ignores main. Since we never produce actual
-  # shipping builds from main, we want to force it to have a beta label as
-  # well.
-  #
-  # In effect:
-  # BRANCH / BRANDING | Release                    | Preview
-  # ------------------|----------------------------|-----------------------------
-  # release-*         | 1.12.20220427              | 1.13.20220427-preview
-  # main              | 1.14.20220427-experimental | 1.14.20220427-experimental
-  # all others        | 1.14.20220427-mybranch     | 1.14.20220427-mybranch
-  ${{ if startsWith(variables['Build.SourceBranchName'], 'release-') }}:
-    ${{ if eq(parameters.branding, 'Release') }}:
-      NoNuGetPackBetaVersion: true
-    ${{ else }}:
-      NuGetPackBetaVersion: preview
-  ${{ elseif eq(variables['Build.SourceBranchName'], 'main') }}:
-    NuGetPackBetaVersion: experimental
-  # The NuGet packages have to use *somebody's* DLLs. We used to force them to
-  # use the Win10 build outputs, but if there isn't a Win10 build we should use
-  # the Win11 one.
-  ${{ if containsValue(parameters.buildWindowsVersions, 'Win10') }}:
-    TerminalBestVersionForNuGetPackages: Win10
-  ${{ else }}:
-    TerminalBestVersionForNuGetPackages: Win11
+  - name: runCompliance
+    displayName: "Run Compliance and Security Build"
+    type: boolean
+    default: true
+  - name: publishSymbolsToPublic
+    displayName: "Publish Symbols to MSDL"
+    type: boolean
+    default: true
+  - name: publishVpackToWindows
+    displayName: "Publish VPack to Windows"
+    type: boolean
+    default: false
 
 name: $(BuildDefinitionName)_$(date:yyMM).$(date:dd)$(rev:rrr)
-resources:
-  repositories:
-  - repository: self
-    type: git
-    ref: main
-jobs:
-- job: Build
-  strategy:
-    matrix:
-      ${{ each config in parameters.buildConfigurations }}:
-        ${{ each platform in parameters.buildPlatforms }}:
-          ${{ each windowsVersion in parameters.buildWindowsVersions }}:
-            ${{ config }}_${{ platform }}_${{ windowsVersion }}:
-              BuildConfiguration: ${{ config }}
-              BuildPlatform: ${{ platform }}
-              TerminalTargetWindowsVersion: ${{ windowsVersion }}
-  displayName: Build
-  timeoutInMinutes: 240
-  cancelTimeoutInMinutes: 1
-  steps:
-  - checkout: self
-    clean: true
-    submodules: true
-    persistCredentials: True
-  - task: PkgESSetupBuild@12
-    displayName: Package ES - Setup Build
-    inputs:
-      disableOutputRedirect: true
-  - task: PowerShell@2
-    displayName: Rationalize Build Platform
-    inputs:
-      targetType: inline
-      script: >-
-        $Arch = "$(BuildPlatform)"
 
-        If ($Arch -Eq "x86") { $Arch = "Win32" }
-
-        Write-Host "##vso[task.setvariable variable=RationalizedBuildPlatform]${Arch}"
-  - template: .\templates\restore-nuget-steps.yml
-  - task: UniversalPackages@0
-    displayName: Download terminal-internal Universal Package
-    inputs:
-      feedListDownload: 2b3f8893-a6e8-411f-b197-a9e05576da48
-      packageListDownload: e82d490c-af86-4733-9dc4-07b772033204
-      versionListDownload: $(TerminalInternalPackageVersion)
-  - task: TouchdownBuildTask@1
-    displayName: Download Localization Files
-    inputs:
-      teamId: 7105
-      authId: $(TouchdownAppId)
-      authKey: $(TouchdownAppKey)
-      resourceFilePath: >-
-        src\cascadia\TerminalApp\Resources\en-US\Resources.resw
-
-        src\cascadia\TerminalApp\Resources\en-US\ContextMenu.resw
-
-        src\cascadia\TerminalControl\Resources\en-US\Resources.resw
-
-        src\cascadia\TerminalConnection\Resources\en-US\Resources.resw
-
-        src\cascadia\TerminalSettingsModel\Resources\en-US\Resources.resw
-
-        src\cascadia\TerminalSettingsEditor\Resources\en-US\Resources.resw
-
-        src\cascadia\CascadiaPackage\Resources\en-US\Resources.resw
-      appendRelativeDir: true
-      localizationTarget: false
-      pseudoSetting: Included
-  - task: PowerShell@2
-    displayName: Move Loc files one level up
-    inputs:
-      targetType: inline
-      script: >-
-        $Files = Get-ChildItem . -R -Filter 'Resources.resw' | ? FullName -Like '*en-US\*\Resources.resw'
-
-        $Files | % { Move-Item -Verbose $_.Directory $_.Directory.Parent.Parent -EA:Ignore }
-      pwsh: true
-  - task: PowerShell@2
-    displayName: Copy the Context Menu Loc Resources to CascadiaPackage
-    inputs:
-      filePath: ./build/scripts/Copy-ContextMenuResourcesToCascadiaPackage.ps1
-      pwsh: true
-  - task: PowerShell@2
-    displayName: Generate NOTICE.html from NOTICE.md
-    inputs:
-      filePath: .\build\scripts\Generate-ThirdPartyNotices.ps1
-      arguments: -MarkdownNoticePath .\NOTICE.md -OutputPath .\src\cascadia\CascadiaPackage\NOTICE.html
-      pwsh: true
-  - ${{ if eq(parameters.buildTerminal, true) }}:
-    - pwsh: |-
-        ./build/scripts/Patch-ManifestsToWindowsVersion.ps1 -NewWindowsVersion "10.0.22000.0"
-      displayName: Update manifest target version to Win11 (if necessary)
-      condition: and(succeeded(), eq(variables['TerminalTargetWindowsVersion'], 'Win11'))
-    - task: VSBuild@1
-      displayName: Build solution **\OpenConsole.sln
-      condition: true
-      inputs:
-        solution: '**\OpenConsole.sln'
-        msbuildArgs: /p:WindowsTerminalOfficialBuild=true /p:WindowsTerminalBranding=${{ parameters.branding }};PGOBuildMode=${{ parameters.pgoBuildMode }} /t:Terminal\CascadiaPackage /p:WindowsTerminalReleaseBuild=true /bl:$(Build.SourcesDirectory)\msbuild.binlog
-        platform: $(BuildPlatform)
-        configuration: $(BuildConfiguration)
-        clean: true
-        maximumCpuCount: true
-    - task: PublishBuildArtifacts@1
-      displayName: 'Publish Artifact: binlog'
-      condition: failed()
-      continueOnError: True
-      inputs:
-        PathtoPublish: $(Build.SourcesDirectory)\msbuild.binlog
-        ArtifactName: binlog-$(BuildPlatform)-$(TerminalTargetWindowsVersion)
-    - task: PowerShell@2
-      displayName: Check MSIX for common regressions
-      inputs:
-        targetType: inline
-        script: >-
-          $Package = Get-ChildItem -Recurse -Filter "CascadiaPackage_*.msix"
-
-          .\build\scripts\Test-WindowsTerminalPackage.ps1 -Verbose -Path $Package.FullName
-        pwsh: true
-  - ${{ if eq(parameters.buildWPF, true) }}:
-    - task: VSBuild@1
-      displayName: Build solution **\OpenConsole.sln for PublicTerminalCore
-      inputs:
-        solution: '**\OpenConsole.sln'
-        msbuildArgs: /p:WindowsTerminalOfficialBuild=true /p:WindowsTerminalBranding=${{ parameters.branding }};PGOBuildMode=${{ parameters.pgoBuildMode }} /p:WindowsTerminalReleaseBuild=true /t:Terminal\wpf\PublicTerminalCore
-        platform: $(BuildPlatform)
-        configuration: $(BuildConfiguration)
-  - ${{ if eq(parameters.buildConPTY, true) }}:
-    - task: VSBuild@1
-      displayName: Build solution **\OpenConsole.sln for ConPTY
-      inputs:
-        solution: '**\OpenConsole.sln'
-        msbuildArgs: /p:WindowsTerminalOfficialBuild=true /p:WindowsTerminalBranding=${{ parameters.branding }};PGOBuildMode=${{ parameters.pgoBuildMode }} /p:WindowsTerminalReleaseBuild=true /t:Conhost\Host_EXE;Conhost\winconpty_DLL
-        platform: $(BuildPlatform)
-        configuration: $(BuildConfiguration)
-  - task: PowerShell@2
-    displayName: Source Index PDBs
-    inputs:
-      filePath: build\scripts\Index-Pdbs.ps1
-      arguments: -SearchDir '$(Build.SourcesDirectory)' -SourceRoot '$(Build.SourcesDirectory)' -recursive -Verbose -CommitId $(Build.SourceVersion)
-      errorActionPreference: silentlyContinue
-      pwsh: true
-  - task: PowerShell@2
-    displayName: Run Unit Tests
-    condition: and(succeeded(), or(eq(variables['BuildPlatform'], 'x64'), eq(variables['BuildPlatform'], 'x86')))
-    enabled: False
-    inputs:
-      filePath: build\scripts\Run-Tests.ps1
-      arguments: -MatchPattern '*unit.test*.dll' -Platform '$(RationalizedBuildPlatform)' -Configuration '$(BuildConfiguration)'
-  - task: PowerShell@2
-    displayName: Run Feature Tests
-    condition: and(succeeded(), eq(variables['BuildPlatform'], 'x64'))
-    enabled: False
-    inputs:
-      filePath: build\scripts\Run-Tests.ps1
-      arguments: -MatchPattern '*feature.test*.dll' -Platform '$(RationalizedBuildPlatform)' -Configuration '$(BuildConfiguration)'
-  - ${{ if eq(parameters.buildTerminal, true) }}:
-    - task: CopyFiles@2
-      displayName: Copy *.appx/*.msix to Artifacts
-      inputs:
-        Contents: >-
-          **/*.appx
-
-          **/*.msix
-
-          **/*.appxsym
-
-          !**/Microsoft.VCLibs*.appx
-        TargetFolder: $(Build.ArtifactStagingDirectory)/appx
-        OverWrite: true
-        flattenFolders: true
-    - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
-      displayName: 'Generate SBOM manifest'
-      inputs:
-       BuildDropPath: '$(System.ArtifactsDirectory)/appx'
-    - task: PublishBuildArtifacts@1
-      displayName: Publish Artifact (appx)
-      inputs:
-        PathtoPublish: $(Build.ArtifactStagingDirectory)/appx
-        ArtifactName: appx-$(BuildPlatform)-$(BuildConfiguration)-$(TerminalTargetWindowsVersion)
-  - ${{ if eq(parameters.buildConPTY, true) }}:
-    - task: CopyFiles@2
-      displayName: Copy ConPTY to Artifacts
-      inputs:
-        Contents: |-
-          $(Build.SourcesDirectory)/bin/**/conpty.dll
-          $(Build.SourcesDirectory)/bin/**/conpty.lib
-          $(Build.SourcesDirectory)/bin/**/conpty.pdb
-          $(Build.SourcesDirectory)/bin/**/OpenConsole.exe
-          $(Build.SourcesDirectory)/bin/**/OpenConsole.pdb
-        TargetFolder: $(Build.ArtifactStagingDirectory)/conpty
-        OverWrite: true
-        flattenFolders: true
-    - task: PublishBuildArtifacts@1
-      displayName: Publish Artifact (ConPTY)
-      inputs:
-        PathtoPublish: $(Build.ArtifactStagingDirectory)/conpty
-        ArtifactName: conpty-dll-$(BuildPlatform)-$(BuildConfiguration)-$(TerminalTargetWindowsVersion)
-  - ${{ if eq(parameters.buildWPF, true) }}:
-    - task: CopyFiles@2
-      displayName: Copy PublicTerminalCore.dll to Artifacts
-      inputs:
-        Contents: >-
-          **/PublicTerminalCore.dll
-        TargetFolder: $(Build.ArtifactStagingDirectory)/wpf
-        OverWrite: true
-        flattenFolders: true
-    - task: PublishBuildArtifacts@1
-      displayName: Publish Artifact (PublicTerminalCore)
-      inputs:
-        PathtoPublish: $(Build.ArtifactStagingDirectory)/wpf
-        ArtifactName: wpf-dll-$(BuildPlatform)-$(BuildConfiguration)-$(TerminalTargetWindowsVersion)
-
-  - task: PublishSymbols@2
-    displayName: Publish symbols path
-    continueOnError: True
-    inputs:
-      SearchPattern: |
-        $(Build.SourcesDirectory)/bin/**/*.pdb
-        $(Build.SourcesDirectory)/bin/**/*.exe
-        $(Build.SourcesDirectory)/bin/**/*.dll
-      IndexSources: false
-      SymbolServerType: TeamServices
-
-- ${{ if eq(parameters.runCompliance, true) }}:
-  - template: ./templates/build-console-compliance-job.yml
-
-- ${{ if eq(parameters.buildTerminal, true) }}:
-  - job: BundleAndSign
-    strategy:
-      matrix:
-        ${{ each windowsVersion in parameters.buildWindowsVersions }}:
-          ${{ windowsVersion }}:
-            TerminalTargetWindowsVersion: ${{ windowsVersion }}
-    displayName: Create and sign AppX/MSIX bundles
-    variables:
-      ${{ if eq(parameters.branding, 'Release') }}:
-        BundleStemName: Microsoft.WindowsTerminal
-      ${{ elseif eq(parameters.branding, 'Preview') }}:
-        BundleStemName: Microsoft.WindowsTerminalPreview
-      ${{ else }}:
-        BundleStemName: WindowsTerminalDev
-    dependsOn: Build
-    steps:
-    - checkout: self
-      clean: true
-      fetchDepth: 1
-      submodules: true
-      persistCredentials: True
-    - task: PkgESSetupBuild@12
-      displayName: Package ES - Setup Build
-      inputs:
-        disableOutputRedirect: true
-    - ${{ each platform in parameters.buildPlatforms }}:
-      - task: DownloadBuildArtifacts@0
-        displayName: Download Artifacts ${{ platform }} $(TerminalTargetWindowsVersion)
-        inputs:
-          artifactName: appx-${{ platform }}-Release-$(TerminalTargetWindowsVersion)
-    # Add 3000 to the major version component, but only for the bundle.
-    # This is to ensure that it is newer than "2022.xx.yy.zz" or whatever the original bundle versions were before
-    # we switched to uniform naming.
-    - pwsh: |-
-        $VersionEpoch = 3000
-        $Components = "$(XES_APPXMANIFESTVERSION)" -Split "\."
-        $Components[0] = ([int]$Components[0] + $VersionEpoch)
-        $BundleVersion = $Components -Join "."
-        New-Item -Type Directory "$(System.ArtifactsDirectory)\bundle"
-        .\build\scripts\Create-AppxBundle.ps1 -InputPath "$(System.ArtifactsDirectory)" -ProjectName CascadiaPackage -BundleVersion $BundleVersion -OutputPath "$(System.ArtifactsDirectory)\bundle\$(BundleStemName)_$(TerminalTargetWindowsVersion)_$(XES_APPXMANIFESTVERSION)_8wekyb3d8bbwe.msixbundle"
-      displayName: Create WindowsTerminal*.msixbundle
-    - task: EsrpCodeSigning@1
-      displayName: Submit *.msixbundle to ESRP for code signing
-      inputs:
-        ConnectedServiceName: 9d6d2960-0793-4d59-943e-78dcb434840a
-        FolderPath: $(System.ArtifactsDirectory)\bundle
-        Pattern: $(BundleStemName)*.msixbundle
-        UseMinimatch: true
-        signConfigType: inlineSignParams
-        inlineOperation: >-
-          [
-              {
-                  "KeyCode": "Dynamic",
-                  "CertTemplateName": "WINMSAPP1ST",
-                  "CertSubjectName": "CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US",
-                  "OperationCode": "SigntoolSign",
-                  "Parameters": {
-                      "OpusName": "Microsoft",
-                      "OpusInfo": "http://www.microsoft.com",
-                      "FileDigest": "/fd \"SHA256\"",
-                      "TimeStamp": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
-                  },
-                  "ToolName": "sign",
-                  "ToolVersion": "1.0"
-              },
-              {
-                  "KeyCode": "Dynamic",
-                  "CertTemplateName": "WINMSAPP1ST",
-                  "CertSubjectName": "CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US",
-                  "OperationCode": "SigntoolVerify",
-                  "Parameters": {},
-                  "ToolName": "sign",
-                  "ToolVersion": "1.0"
-              }
-          ]
-
-    - task: PublishBuildArtifacts@1
-      displayName: 'Publish Artifact: appxbundle-signed'
-      inputs:
-        PathtoPublish: $(System.ArtifactsDirectory)\bundle
-        ArtifactName: appxbundle-signed-$(TerminalTargetWindowsVersion)
-
-- ${{ if eq(parameters.buildConPTY, true) }}:
-  - job: PackageAndSignConPTY
-    strategy:
-      matrix:
-        ${{ each config in parameters.buildConfigurations }}:
-          ${{ config }}:
-            BuildConfiguration: ${{ config }}
-    displayName: Create NuGet Package (ConPTY)
-    dependsOn: Build
-    steps:
-    - checkout: self
-      clean: true
-      fetchDepth: 1
-      submodules: true
-      persistCredentials: True
-    - task: PkgESSetupBuild@12
-      displayName: Package ES - Setup Build
-      inputs:
-        disableOutputRedirect: true
-    - ${{ each platform in parameters.buildPlatforms }}:
-      - task: DownloadBuildArtifacts@0
-        displayName: Download ${{ platform }} ConPTY binaries
-        inputs:
-          artifactName: conpty-dll-${{ platform }}-$(BuildConfiguration)-$(TerminalBestVersionForNuGetPackages)
-          downloadPath: bin\${{ platform }}\$(BuildConfiguration)\
-          extractTars: false
-    - task: PowerShell@2
-      displayName: Move downloaded artifacts around
-      inputs:
-        targetType: inline
-        # Find all artifact files and move them up a directory. Ugh.
-        script: |-
-          Get-ChildItem bin -Recurse -Directory -Filter conpty-dll-* | % {
-            $_ | Get-ChildItem -Recurse -File | % {
-              Move-Item -Verbose $_.FullName $_.Directory.Parent.FullName
-            }
-          }
-          Move-Item bin\x86 bin\Win32
-
-    - task: EsrpCodeSigning@1
-      displayName: Submit ConPTY libraries and OpenConsole for code signing
-      inputs:
-        ConnectedServiceName: 9d6d2960-0793-4d59-943e-78dcb434840a
-        FolderPath: '$(Build.SourcesDirectory)/bin'
-        signType: batchSigning
-        batchSignPolicyFile: '$(Build.SourcesDirectory)\build\config\ESRPSigning_ConPTY.json'
-
-    - task: NuGetToolInstaller@1
-      displayName: Use NuGet 5.10.0
-      inputs:
-        versionSpec: 5.10.0
-    - task: NuGetCommand@2
-      displayName: NuGet pack
-      inputs:
-        command: pack
-        packagesToPack: $(Build.SourcesDirectory)\src\winconpty\package\winconpty.nuspec
-        packDestination: '$(Build.ArtifactStagingDirectory)/nupkg'
-        versioningScheme: byEnvVar
-        versionEnvVar: XES_PACKAGEVERSIONNUMBER
-    - task: EsrpCodeSigning@1
-      displayName: Submit *.nupkg to ESRP for code signing
-      inputs:
-        ConnectedServiceName: 9d6d2960-0793-4d59-943e-78dcb434840a
-        FolderPath: $(Build.ArtifactStagingDirectory)/nupkg
-        Pattern: '*.nupkg'
-        UseMinimatch: true
-        signConfigType: inlineSignParams
-        inlineOperation: >-
-          [
-              {
-                  "KeyCode": "CP-401405",
-                  "OperationCode": "NuGetSign",
-                  "Parameters": {},
-                  "ToolName": "sign",
-                  "ToolVersion": "1.0"
-              },
-              {
-                  "KeyCode": "CP-401405",
-                  "OperationCode": "NuGetVerify",
-                  "Parameters": {},
-                  "ToolName": "sign",
-                  "ToolVersion": "1.0"
-              }
-          ]
-    - task: PublishBuildArtifacts@1
-      displayName: Publish Artifact (nupkg)
-      inputs:
-        PathtoPublish: $(Build.ArtifactStagingDirectory)\nupkg
-        ArtifactName: conpty-nupkg-$(BuildConfiguration)
-
-
-- ${{ if eq(parameters.buildWPF, true) }}:
-  - job: PackageAndSignWPF
-    strategy:
-      matrix:
-        ${{ each config in parameters.buildConfigurations }}:
-          ${{ config }}:
-            BuildConfiguration: ${{ config }}
-    displayName: Create NuGet Package (WPF Terminal Control)
-    dependsOn: Build
-    steps:
-    - checkout: self
-      clean: true
-      fetchDepth: 1
-      submodules: true
-      persistCredentials: True
-    - task: PkgESSetupBuild@12
-      displayName: Package ES - Setup Build
-      inputs:
-        disableOutputRedirect: true
-    - ${{ each platform in parameters.buildPlatforms }}:
-      - task: DownloadBuildArtifacts@0
-        displayName: Download ${{ platform }} PublicTerminalCore
-        inputs:
-          artifactName: wpf-dll-${{ platform }}-$(BuildConfiguration)-$(TerminalBestVersionForNuGetPackages)
-          itemPattern: '**/*.dll'
-          downloadPath: bin\${{ platform }}\$(BuildConfiguration)\
-          extractTars: false
-    - task: PowerShell@2
-      displayName: Move downloaded artifacts around
-      inputs:
-        targetType: inline
-        # Find all artifact files and move them up a directory. Ugh.
-        script: |-
-          Get-ChildItem bin -Recurse -Directory -Filter wpf-dll-* | % {
-            $_ | Get-ChildItem -Recurse -File | % {
-              Move-Item -Verbose $_.FullName $_.Directory.Parent.FullName
-            }
-          }
-          Move-Item bin\x86 bin\Win32
-    - task: NuGetToolInstaller@1
-      displayName: Use NuGet 5.10.0
-      inputs:
-        versionSpec: 5.10.0
-    - task: NuGetCommand@2
-      displayName: NuGet restore copy
-      inputs:
-        selectOrConfig: config
-        nugetConfigPath: NuGet.Config
-    - task: VSBuild@1
-      displayName: Build solution **\OpenConsole.sln for WPF Control
-      inputs:
-        solution: '**\OpenConsole.sln'
-        msbuildArgs: /p:WindowsTerminalReleaseBuild=$(UseReleaseBranding);Version=$(XES_PACKAGEVERSIONNUMBER) /t:Pack
-        platform: Any CPU
-        configuration: $(BuildConfiguration)
-        maximumCpuCount: true
-    - task: PublishSymbols@2
-      displayName: Publish symbols path
-      continueOnError: True
-      inputs:
-        SearchPattern: |
-          $(Build.SourcesDirectory)/bin/**/*.pdb
-          $(Build.SourcesDirectory)/bin/**/*.exe
-          $(Build.SourcesDirectory)/bin/**/*.dll
-        IndexSources: false
-        SymbolServerType: TeamServices
-        SymbolsArtifactName: Symbols_WPF_$(BuildConfiguration)
-    - task: CopyFiles@2
-      displayName: Copy *.nupkg to Artifacts
-      inputs:
-        Contents: '**/*Wpf*.nupkg'
-        TargetFolder: $(Build.ArtifactStagingDirectory)/nupkg
-        OverWrite: true
-        flattenFolders: true
-    - task: EsrpCodeSigning@1
-      displayName: Submit *.nupkg to ESRP for code signing
-      inputs:
-        ConnectedServiceName: 9d6d2960-0793-4d59-943e-78dcb434840a
-        FolderPath: $(Build.ArtifactStagingDirectory)/nupkg
-        Pattern: '*.nupkg'
-        UseMinimatch: true
-        signConfigType: inlineSignParams
-        inlineOperation: >-
-          [
-              {
-                  "KeyCode": "CP-401405",
-                  "OperationCode": "NuGetSign",
-                  "Parameters": {},
-                  "ToolName": "sign",
-                  "ToolVersion": "1.0"
-              },
-              {
-                  "KeyCode": "CP-401405",
-                  "OperationCode": "NuGetVerify",
-                  "Parameters": {},
-                  "ToolName": "sign",
-                  "ToolVersion": "1.0"
-              }
-          ]
-    - task: PublishBuildArtifacts@1
-      displayName: Publish Artifact (nupkg)
-      inputs:
-        PathtoPublish: $(Build.ArtifactStagingDirectory)\nupkg
-        ArtifactName: wpf-nupkg-$(BuildConfiguration)
-
-- ${{ if eq(parameters.publishSymbolsToPublic, true) }}:
-  - job: PublishSymbols
-    displayName: Publish Symbols
-    dependsOn: BundleAndSign
-    steps:
-    - checkout: self
-      clean: true
-      fetchDepth: 1
-      submodules: true
-    - task: PkgESSetupBuild@12
-      displayName: Package ES - Setup Build
-
-    - template: .\templates\restore-nuget-steps.yml
-
-    # Download the appx-PLATFORM-CONFIG-VERSION artifact for every platform/version combo
-    - ${{ each platform in parameters.buildPlatforms }}:
-      - ${{ each windowsVersion in parameters.buildWindowsVersions }}:
-        - task: DownloadBuildArtifacts@0
-          displayName: Download Symbols ${{ platform }} ${{ windowsVersion }}
-          inputs:
-            artifactName: appx-${{ platform }}-Release-${{ windowsVersion }}
-
-    # It seems easier to do this -- download every appxsym -- then enumerate all the PDBs in the build directory for the
-    # public symbol push. Otherwise, we would have to list all of the PDB files one by one.
-    - pwsh: |-
-        mkdir $(Build.SourcesDirectory)/appxsym-temp
-        Get-ChildItem "$(System.ArtifactsDirectory)" -Filter *.appxsym -Recurse | % {
-          $src = $_.FullName
-          $dest = Join-Path "$(Build.SourcesDirectory)/appxsym-temp/" $_.Name
-
-          mkdir $dest
-          Write-Host "Extracting $src to $dest..."
-          tar -x -v -f $src -C $dest
-        }
-      displayName: Extract symbols for public consumption
-
-    - task: PowerShell@2
-      displayName: Source Index PDBs (the public ones)
-      inputs:
-        filePath: build\scripts\Index-Pdbs.ps1
-        arguments: -SearchDir '$(Build.SourcesDirectory)/appxsym-temp' -SourceRoot '$(Build.SourcesDirectory)' -recursive -Verbose -CommitId $(Build.SourceVersion)
-        pwsh: true
-
-    # Publish the app symbols to the public MSDL symbol server
-    # accessible via https://msdl.microsoft.com/download/symbols
-    - task: PublishSymbols@2
-      displayName: 'Publish app symbols to MSDL'
-      inputs:
-        symbolsFolder: '$(Build.SourcesDirectory)/appxsym-temp'
-        searchPattern: '**/*.pdb'
-        SymbolsMaximumWaitTime: 30
-        SymbolServerType: 'TeamServices'
-        SymbolsProduct: 'Windows Terminal Application Binaries'
-        SymbolsVersion: '$(XES_APPXMANIFESTVERSION)'
-        # The ADO task does not support indexing of GitHub sources.
-        indexSources: false
-        detailedLog: true
-      # There is a bug which causes this task to fail if LIB includes an inaccessible path (even though it does not depend on it).
-      # To work around this issue, we just force LIB to be any dir that we know exists.
-      # Copied from https://github.com/microsoft/icu/blob/f869c214adc87415dfe751d81f42f1bca55dcf5f/build/azure-nuget.yml#L564-L583
-      env:
-        LIB: $(Build.SourcesDirectory)
-        ArtifactServices_Symbol_AccountName: microsoftpublicsymbols
-        ArtifactServices_Symbol_PAT: $(ADO_microsoftpublicsymbols_PAT)
-
-
-- ${{ if eq(parameters.buildTerminalVPack, true) }}:
-  - job: VPack
-    displayName: Create Windows vPack
-    dependsOn: BundleAndSign
-    steps:
-    - checkout: self
-      clean: true
-      fetchDepth: 1
-      submodules: true
-    - task: PkgESSetupBuild@12
-      displayName: Package ES - Setup Build
-    - task: DownloadBuildArtifacts@0
-      displayName: Download Build Artifacts
-      inputs:
-        artifactName: appxbundle-signed-Win11
-        extractTars: false
-    - task: PowerShell@2
-      displayName: Rename and stage packages for vpack
-      inputs:
-        targetType: inline
-        script: >-
-          # Rename to known/fixed name for Windows build system
-
-          Get-ChildItem Microsoft.WindowsTerminal_Win11_*.msixbundle | Rename-Item -NewName { 'Microsoft.WindowsTerminal_8wekyb3d8bbwe.msixbundle' }
-
-
-          # Create vpack directory and place item inside
-
-          mkdir WindowsTerminal.app
-
-          mv Microsoft.WindowsTerminal_8wekyb3d8bbwe.msixbundle .\WindowsTerminal.app\
-        workingDirectory: $(System.ArtifactsDirectory)\appxbundle-signed-Win11
-    - task: PkgESVPack@12
-      displayName: 'Package ES - VPack'
-      env:
-        SYSTEM_ACCESSTOKEN: $(System.AccessToken)
-      inputs:
-        sourceDirectory: $(System.ArtifactsDirectory)\appxbundle-signed-Win11\WindowsTerminal.app
-        description: VPack for the Windows Terminal Application
-        pushPkgName: WindowsTerminal.app
-        owner: conhost
-        githubToken: $(GitHubTokenForVpackProvenance)
-    - task: PublishPipelineArtifact@1
-      displayName: 'Copy VPack Manifest to Drop'
-      inputs:
-        targetPath: $(XES_VPACKMANIFESTDIRECTORY)
-        artifactName: VPackManifest
-    - task: PkgESFCIBGit@12
-      displayName: 'Submit VPack Manifest to Windows'
-      inputs:
-        configPath: '$(Build.SourcesDirectory)\build\config\GitCheckin.json'
-        artifactsDirectory: $(XES_VPACKMANIFESTDIRECTORY)
-        prTimeOut: 5
-...
+extends:
+  template: templates-v2/pipeline-full-release-build.yml
+  parameters:
+    branding: ${{ parameters.branding }}
+    buildTerminal: ${{ parameters.buildTerminal }}
+    buildConPTY: ${{ parameters.buildConPTY }}
+    buildWPF: ${{ parameters.buildWPF }}
+    pgoBuildMode: ${{ parameters.pgoBuildMode }}
+    buildConfigurations: ${{ parameters.buildConfigurations }}
+    buildPlatforms: ${{ parameters.buildPlatforms }}
+    codeSign: ${{ parameters.codeSign }}
+    generateSbom: ${{ parameters.generateSbom }}
+    terminalInternalPackageVersion: ${{ parameters.terminalInternalPackageVersion }}
+    publishSymbolsToPublic: ${{ parameters.publishSymbolsToPublic }}
+    publishVpackToWindows: ${{ parameters.publishVpackToWindows }}

build/pipelines/templates-v2/job-build-package-wpf.yml

@@ -0,0 +1,144 @@
+parameters:
+  - name: buildConfigurations
+    type: object
+  - name: buildPlatforms
+    type: object
+  - name: generateSbom
+    type: boolean
+    default: false
+  - name: codeSign
+    type: boolean
+    default: false
+  - name: pool
+    type: object
+    default: []
+  - name: dependsOn
+    type: object
+    default: null
+  - name: artifactStem
+    type: string
+    default: ''
+  - name: jobName
+    type: string
+    default: PackWPF
+  - name: variables
+    type: object
+    default: {}
+  - name: publishArtifacts
+    type: boolean
+    default: true
+
+jobs:
+- job: ${{ parameters.jobName }}
+  ${{ if ne(length(parameters.pool), 0) }}:
+    pool: ${{ parameters.pool }}
+  ${{ if eq(parameters.codeSign, true) }}:
+    displayName: Pack and Sign Microsoft.Terminal.Wpf
+  ${{ else }}:
+    displayName: Pack Microsoft.Terminal.Wpf
+  strategy:
+    matrix:
+      ${{ each config in parameters.buildConfigurations }}:
+        ${{ config }}:
+          BuildConfiguration: ${{ config }}
+  dependsOn: ${{ parameters.dependsOn }}
+  variables:
+    OutputBuildPlatform: AnyCPU
+    Terminal.BinDir: $(Build.SourcesDirectory)/bin/$(OutputBuildPlatform)/$(BuildConfiguration)
+    JobOutputDirectory: $(Build.ArtifactStagingDirectory)\nupkg
+    JobOutputArtifactName: wpf-nupkg-$(BuildConfiguration)${{ parameters.artifactStem }}
+    ${{ insert }}: ${{ parameters.variables }}
+  steps:
+  - checkout: self
+    clean: true
+    fetchDepth: 1
+    fetchTags: false # Tags still result in depth > 1 fetch; we don't need them here
+    submodules: true
+    persistCredentials: True
+
+  - task: PkgESSetupBuild@12
+    displayName: Package ES - Setup Build
+    inputs:
+      disableOutputRedirect: true
+
+  - template: steps-download-bin-dir-artifact.yml
+    parameters:
+      buildPlatforms:
+        - ${{ parameters.buildPlatforms }}
+        - Any CPU # Make sure we grab the precompiled WPF bits
+      # This build is already matrix'd on configuration, so
+      # just pass a single config into the download template.
+      buildConfigurations:
+        - $(BuildConfiguration)
+      artifactStem: ${{ parameters.artifactStem }}
+
+  - template: .\steps-restore-nuget.yml
+
+  - task: VSBuild@1
+    displayName: Build solution OpenConsole.sln for WPF Control (Pack)
+    inputs:
+      solution: 'OpenConsole.sln'
+      msbuildArgs: >-
+        /p:WindowsTerminalReleaseBuild=true;Version=$(XES_PACKAGEVERSIONNUMBER)
+        /p:NoBuild=true
+        /p:IncludeSymbols=true
+        /t:Terminal\wpf\WpfTerminalControl:Pack
+      platform: Any CPU
+      configuration: $(BuildConfiguration)
+      maximumCpuCount: true
+      clean: false
+
+  - task: CopyFiles@2
+    displayName: Copy *.nupkg to Artifacts
+    inputs:
+      Contents: 'bin/**/*Wpf*.nupkg'
+      TargetFolder: $(Build.ArtifactStagingDirectory)/nupkg
+      OverWrite: true
+      flattenFolders: true
+
+  - ${{ if eq(parameters.codeSign, true) }}:
+    - task: EsrpCodeSigning@3
+      displayName: Submit *.nupkg to ESRP for code signing
+      inputs:
+        ConnectedServiceName: 9d6d2960-0793-4d59-943e-78dcb434840a
+        FolderPath: $(Build.ArtifactStagingDirectory)/nupkg
+        Pattern: '*.nupkg'
+        UseMinimatch: true
+        signConfigType: inlineSignParams
+        inlineOperation: >-
+          [
+              {
+                  "KeyCode": "CP-401405",
+                  "OperationCode": "NuGetSign",
+                  "Parameters": {},
+                  "ToolName": "sign",
+                  "ToolVersion": "1.0"
+              },
+              {
+                  "KeyCode": "CP-401405",
+                  "OperationCode": "NuGetVerify",
+                  "Parameters": {},
+                  "ToolName": "sign",
+                  "ToolVersion": "1.0"
+              }
+          ]
+
+  - ${{ if eq(parameters.generateSbom, true) }}:
+    - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
+      displayName: 'Generate SBOM manifest (wpf)'
+      inputs:
+       BuildDropPath: '$(System.ArtifactsDirectory)/nupkg'
+       BuildComponentPath: '$(Build.SourcesDirectory)/bin'
+
+    - task: DropValidatorTask@0
+      displayName: 'Validate wpf SBOM manifest'
+      inputs:
+        BuildDropPath: '$(System.ArtifactsDirectory)/nupkg'
+        OutputPath: 'output.json'
+        ValidateSignature: true
+        Verbosity: 'Verbose'
+
+  - ${{ if eq(parameters.publishArtifacts, true) }}:
+    - publish: $(JobOutputDirectory)
+      artifact: $(JobOutputArtifactName)
+      displayName: Publish nupkg

build/pipelines/templates-v2/job-build-project.yml

@@ -0,0 +1,293 @@
+parameters:
+  - name: branding
+    type: string
+    default: Dev
+  - name: additionalBuildOptions
+    type: string
+    default: ''
+  - name: buildTerminal
+    type: boolean
+    default: true
+  - name: buildConPTY
+    type: boolean
+    default: false
+  - name: buildWPF
+    type: boolean
+    default: false
+  - name: buildWPFDotNetComponents # This weird hack is to make sure we sign and source index the .NET pieces
+    type: boolean
+    default: false
+  - name: buildEverything
+    displayName: "Build Everything (Overrides all other build options)"
+    type: boolean
+    default: false
+  - name: pgoBuildMode
+    type: string
+    default: None
+    values: [Optimize, Instrument, None]
+  - name: buildConfigurations
+    type: object
+    default:
+      - Release
+  - name: buildPlatforms
+    type: object
+    default:
+      - x64
+      - x86
+      - arm64
+  - name: generateSbom
+    type: boolean
+    default: false
+  - name: codeSign
+    type: boolean
+    default: false
+  - name: keepAllExpensiveBuildOutputs
+    type: boolean
+    default: true
+  - name: artifactStem
+    type: string
+    default: ''
+  - name: jobName
+    type: string
+    default: 'Build'
+  - name: pool
+    type: object
+    default: []
+  - name: beforeBuildSteps
+    type: stepList
+    default: []
+  - name: variables
+    type: object
+    default: {}
+  - name: publishArtifacts
+    type: boolean
+    default: true
+  - name: removeAllNonSignedFiles
+    type: boolean
+    default: false
+
+jobs:
+- job: ${{ parameters.jobName }}
+  ${{ if ne(length(parameters.pool), 0) }}:
+    pool: ${{ parameters.pool }}
+  strategy:
+    matrix:
+      ${{ each config in parameters.buildConfigurations }}:
+        ${{ each platform in parameters.buildPlatforms }}:
+          ${{ config }}_${{ platform }}:
+            BuildConfiguration: ${{ config }}
+            BuildPlatform: ${{ platform }}
+            ${{ if eq(platform, 'x86') }}:
+              OutputBuildPlatform: Win32
+            ${{ elseif eq(platform, 'Any CPU') }}:
+              OutputBuildPlatform: AnyCPU
+            ${{ else }}:
+              OutputBuildPlatform: ${{ platform }}
+  variables:
+    MakeAppxPath: 'C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86\MakeAppx.exe'
+    Terminal.BinDir: $(Build.SourcesDirectory)/bin/$(OutputBuildPlatform)/$(BuildConfiguration)
+    # Azure DevOps abhors a vacuum
+    # If these are blank, expansion will fail later on... which will result in direct substitution of the variable *names*
+    # later on. We'll just... set them to a single space and if we need to, check IsNullOrWhiteSpace.
+    # Yup.
+    BuildTargetParameter: ' '
+    SelectedSigningFragments: ' '
+    JobOutputDirectory: $(Terminal.BinDir)
+    JobOutputArtifactName: build-$(BuildPlatform)-$(BuildConfiguration)${{ parameters.artifactStem }}
+    ${{ insert }}: ${{ parameters.variables }}
+  displayName: Build
+  timeoutInMinutes: 240
+  cancelTimeoutInMinutes: 1
+  steps:
+  - checkout: self
+    clean: true
+    submodules: true
+    persistCredentials: True
+  # This generates either nothing for BuildTargetParameter, or /t:X;Y;Z, to control targets later.
+  - pwsh: |-
+      If (-Not [bool]::Parse("${{ parameters.buildEverything }}")) {
+        $BuildTargets = @()
+        $SignFragments = @()
+        If ([bool]::Parse("${{ parameters.buildTerminal }}")) {
+          $BuildTargets += "Terminal\CascadiaPackage"
+          $SignFragments += "terminal_constituents"
+        }
+        If ([bool]::Parse("${{ parameters.buildWPFDotNetComponents }}")) {
+          $BuildTargets += "Terminal\wpf\WpfTerminalControl"
+          $SignFragments += "wpfdotnet"
+        }
+        If ([bool]::Parse("${{ parameters.buildWPF }}")) {
+          $BuildTargets += "Terminal\wpf\PublicTerminalCore"
+          $SignFragments += "wpf"
+        }
+        If ([bool]::Parse("${{ parameters.buildConPTY }}")) {
+          $BuildTargets += "Conhost\Host_EXE;Conhost\winconpty_DLL"
+          $SignFragments += "conpty"
+        }
+        Write-Host "Targets: $($BuildTargets -Join ";")"
+        Write-Host "Sign targets: $($SignFragments -Join ";")"
+        Write-Host "##vso[task.setvariable variable=BuildTargetParameter]/t:$($BuildTargets -Join ";")"
+        Write-Host "##vso[task.setvariable variable=SelectedSigningFragments]$($SignFragments -Join ";")"
+      }
+    displayName: Prepare Build and Sign Targets
+
+  - pwsh: |-
+      .\build\scripts\Generate-ThirdPartyNotices.ps1 -MarkdownNoticePath .\NOTICE.md -OutputPath .\src\cascadia\CascadiaPackage\NOTICE.html
+    displayName: Generate NOTICE.html from NOTICE.md
+
+  - template: .\steps-restore-nuget.yml
+
+  - ${{ parameters.beforeBuildSteps }}
+
+  - task: VSBuild@1
+    displayName: Build OpenConsole.sln
+    inputs:
+      solution: 'OpenConsole.sln'
+      msbuildArgs: >-
+        /p:WindowsTerminalOfficialBuild=true;WindowsTerminalBranding=${{ parameters.branding }};PGOBuildMode=${{ parameters.pgoBuildMode }}
+        ${{ parameters.additionalBuildOptions }}
+        /bl:$(Build.SourcesDirectory)\msbuild.binlog
+        $(BuildTargetParameter)
+      platform: $(BuildPlatform)
+      configuration: $(BuildConfiguration)
+      maximumCpuCount: true
+
+  - ${{ if eq(parameters.publishArtifacts, true) }}:
+    - publish: $(Build.SourcesDirectory)/msbuild.binlog
+      artifact: logs-$(BuildPlatform)-$(BuildConfiguration)${{ parameters.artifactStem }}
+      condition: always()
+      displayName: Publish Build Log
+  - ${{ else }}:
+    - task: CopyFiles@2
+      displayName: Copy Build Log
+      inputs:
+        contents: $(Build.SourcesDirectory)/msbuild.binlog
+        TargetFolder: $(Terminal.BinDir)
+
+  # This saves ~2GiB per architecture. We won't need these later.
+  # Removes:
+  # - All .lib that do not have an associated .exp (which would indicate that they are import libs)
+  # - All .pdbs from those .libs (which were only used during linking)
+  # - Directories ending in Lib (static lib projects that we fully linked into DLLs which may also contain unnecessary resources)
+  # - All LocalTests_ project outputs, as they were subsumed into TestHostApp
+  # - All PDB files inside the WindowsTerminal/ output, which do not belong there.
+  # - console.dll, which apparently breaks XFGCheck? lol.
+  - pwsh: |-
+      $binDir = '$(Terminal.BinDir)'
+      $ImportLibs = Get-ChildItem $binDir -Recurse -File -Filter '*.exp' | ForEach-Object { $_.FullName -Replace "exp$","lib" }
+      $StaticLibs = Get-ChildItem $binDir -Recurse -File -Filter '*.lib' | Where-Object FullName -NotIn $ImportLibs
+
+      $Items = @()
+      $Items += $StaticLibs
+      $Items += Get-Item ($StaticLibs.FullName -Replace "lib$","pdb") -ErrorAction:Ignore
+      $Items += Get-ChildItem $binDir -Directory -Filter '*Lib'
+      $Items += Get-ChildItem $binDir -Directory -Filter 'LocalTests_*'
+      $Items += Get-ChildItem "${$binDir}\WindowsTerminal" -Filter '*.pdb' -ErrorAction:Ignore
+
+      If (-Not [bool]::Parse('${{ parameters.keepAllExpensiveBuildOutputs }}')) {
+        $Items += Get-ChildItem '$(Terminal.BinDir)' -Filter '*.pdb' -Recurse
+      }
+
+      $Items += Get-ChildItem $binDir -Filter 'console.dll'
+
+      $Items | Remove-Item -Recurse -Force -Verbose -ErrorAction:Ignore
+    displayName: Clean up static libs and extra symbols
+    errorActionPreference: silentlyContinue # It's OK if this silently fails
+
+  # We cannot index PDBs that we have deleted!
+  - ${{ if eq(parameters.keepAllExpensiveBuildOutputs, true) }}:
+    - pwsh: |-
+        build\scripts\Index-Pdbs.ps1 -SearchDir '$(Terminal.BinDir)' -SourceRoot '$(Build.SourcesDirectory)' -recursive -Verbose -CommitId $(Build.SourceVersion)
+      displayName: Source Index PDBs
+      errorActionPreference: silentlyContinue
+
+  - ${{ if or(parameters.buildTerminal, parameters.buildEverything) }}:
+    - pwsh: |-
+        $Package = (Get-ChildItem -Recurse -Filter "CascadiaPackage*.msix" | Select -First 1)
+        $PackageFilename = $Package.FullName
+        Write-Host "##vso[task.setvariable variable=WindowsTerminalPackagePath]${PackageFilename}"
+      displayName: Locate the MSIX
+
+    # CHECK EXCEPTION
+    # PGO requires a desktop CRT
+    - ${{ if ne(parameters.pgoBuildMode, 'Instrument') }}:
+      - pwsh: |-
+          .\build\scripts\Test-WindowsTerminalPackage.ps1 -Verbose -Path "$(WindowsTerminalPackagePath)"
+        displayName: Check MSIX for common regressions
+        condition: and(succeeded(), ne(variables.WindowsTerminalPackagePath, ''))
+      
+    - ${{ if eq(parameters.codeSign, true) }}:
+      - pwsh: |-
+          & "$(MakeAppxPath)" unpack /p "$(WindowsTerminalPackagePath)" /d "$(Terminal.BinDir)/PackageContents"
+        displayName: Unpack the MSIX for signing
+
+  - ${{ if eq(parameters.codeSign, true) }}:
+    - template: steps-create-signing-config.yml
+      parameters:
+        outFile: '$(Build.SourcesDirectory)/ESRPSigningConfig.json'
+        stage: build
+        fragments: $(SelectedSigningFragments)
+
+    # Code-sign everything we just put together.
+    # We run the signing in Terminal.BinDir, because all of the signing batches are relative to the final architecture/configuration output folder.
+    - task: EsrpCodeSigning@3
+      displayName: Submit Signing Request
+      inputs:
+        ConnectedServiceName: 9d6d2960-0793-4d59-943e-78dcb434840a
+        FolderPath: '$(Terminal.BinDir)'
+        signType: batchSigning
+        batchSignPolicyFile: '$(Build.SourcesDirectory)/ESRPSigningConfig.json'
+
+    # We only need to re-pack the MSIX if we actually signed, so this can stay in the codeSign conditional
+    - ${{ if or(parameters.buildTerminal, parameters.buildEverything) }}:
+      - pwsh: |-
+          $outDir = New-Item -Type Directory "$(Terminal.BinDir)/_appx" -ErrorAction:Ignore
+          $PackageFilename = Join-Path $outDir.FullName (Split-Path -Leaf "$(WindowsTerminalPackagePath)")
+          & "$(MakeAppxPath)" pack /h SHA256 /o /p $PackageFilename /d "$(Terminal.BinDir)/PackageContents"
+          Write-Host "##vso[task.setvariable variable=WindowsTerminalPackagePath]${PackageFilename}"
+        displayName: Re-pack the new Terminal package after signing
+
+    # Some of our governed pipelines explicitly fail builds that have *any* non-codesigned filed (!)
+    - ${{ if eq(parameters.removeAllNonSignedFiles, true) }}:
+      - pwsh: |-
+          Get-ChildItem "$(Terminal.BinDir)" -Recurse -Include "*.dll","*.exe" |
+            Where-Object { (Get-AuthenticodeSignature $_).Status -Ne "Valid" } |
+            Remove-Item -Verbose -Force
+        displayName: Remove all non-signed output files
+
+  - ${{ else }}: # No Signing
+    - ${{ if or(parameters.buildTerminal, parameters.buildEverything) }}:
+      - pwsh: |-
+          $outDir = New-Item -Type Directory "$(Terminal.BinDir)/_appx" -ErrorAction:Ignore
+          $PackageFilename = Join-Path $outDir.FullName (Split-Path -Leaf "$(WindowsTerminalPackagePath)")
+          Copy-Item "$(WindowsTerminalPackagePath)" $PackageFilename
+          Write-Host "##vso[task.setvariable variable=WindowsTerminalPackagePath]${PackageFilename}"
+        displayName: Stage the package (unsigned)
+        condition: and(succeeded(), ne(variables.WindowsTerminalPackagePath, ''))
+
+  - ${{ if or(parameters.buildTerminal, parameters.buildEverything) }}:
+    - pwsh: |-
+        $XamlAppxPath = (Get-Item "src\cascadia\CascadiaPackage\AppPackages\*\Dependencies\$(BuildPlatform)\Microsoft.UI.Xaml*.appx").FullName
+        $outDir = New-Item -Type Directory "$(Terminal.BinDir)/_unpackaged" -ErrorAction:Ignore
+        & .\build\scripts\New-UnpackagedTerminalDistribution.ps1 -TerminalAppX $(WindowsTerminalPackagePath) -XamlAppX $XamlAppxPath -Destination $outDir.FullName
+      displayName: Build Unpackaged Distribution (from MSIX)
+      condition: and(succeeded(), ne(variables.WindowsTerminalPackagePath, ''))
+
+  - ${{ if eq(parameters.generateSbom, true) }}:
+    - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
+      displayName: 'Generate SBOM manifest'
+      inputs:
+        BuildDropPath: '$(Terminal.BinDir)'
+
+    - task: DropValidatorTask@0
+      displayName: 'Validate SBOM manifest'
+      inputs:
+        BuildDropPath: '$(Terminal.BinDir)'
+        OutputPath: 'output.json'
+        ValidateSignature: true
+        Verbosity: 'Verbose'
+
+  - ${{ if eq(parameters.publishArtifacts, true) }}:
+    - publish: $(Terminal.BinDir)
+      artifact: $(JobOutputArtifactName)
+      displayName: Publish All Outputs

build/pipelines/templates-v2/job-check-code-format.yml

@@ -0,0 +1,15 @@
+jobs:
+- job: CodeFormatCheck
+  displayName: Check Code Format
+  pool: { vmImage: windows-2022 }
+
+  steps:
+  - checkout: self
+    fetchDepth: 1
+    fetchTags: false # Tags still result in depth > 1 fetch; we don't need them here
+    submodules: false
+    clean: true
+
+  - powershell: |-
+      .\build\scripts\Invoke-FormattingCheck.ps1
+    displayName: 'Run formatters'

build/pipelines/templates-v2/job-index-github-codenav.yml

@@ -1,21 +1,15 @@
-parameters:
-  artifactName: 'drop'
-
 jobs:
 - job: CodeNavIndexer
   displayName: Run Github CodeNav Indexer
-  pool: { vmImage: windows-2019 }
+  pool: { vmImage: windows-2022 }
 
   steps:
   - checkout: self
     fetchDepth: 1
+    fetchTags: false # Tags still result in depth > 1 fetch; we don't need them here
     submodules: false
     clean: true
 
-  - task: DownloadBuildArtifacts@0
-    inputs:
-      artifactName: ${{ parameters.artifactName }}
-
   - task: RichCodeNavIndexer@0
     inputs:
       languages: 'cpp,csharp'

build/pipelines/templates-v2/job-merge-msix-into-bundle.yml

@@ -0,0 +1,150 @@
+parameters:
+  - name: branding
+    type: string
+  - name: buildConfigurations
+    type: object
+  - name: buildPlatforms
+    type: object
+  - name: generateSbom
+    type: boolean
+    default: false
+  - name: codeSign
+    type: boolean
+    default: false
+  - name: pool
+    type: object
+    default: []
+  - name: dependsOn
+    type: object
+    default: null
+  - name: artifactStem
+    type: string
+    default: ''
+  - name: jobName
+    type: string
+    default: Bundle
+  - name: variables
+    type: object
+    default: {}
+  - name: publishArtifacts
+    type: boolean
+    default: true
+  - name: afterBuildSteps
+    type: stepList
+    default: []
+
+jobs:
+- job: ${{ parameters.jobName }}
+  ${{ if ne(length(parameters.pool), 0) }}:
+    pool: ${{ parameters.pool }}
+  ${{ if eq(parameters.codeSign, true) }}:
+    displayName: Pack and Sign Terminal MSIXBundle
+  ${{ else }}:
+    displayName: Pack Terminal MSIXBundle
+  strategy:
+    matrix:
+      ${{ each config in parameters.buildConfigurations }}:
+        ${{ config }}:
+          BuildConfiguration: ${{ config }}
+  variables:
+    ${{ if eq(parameters.branding, 'Release') }}:
+      BundleStemName: Microsoft.WindowsTerminal
+    ${{ elseif eq(parameters.branding, 'Preview') }}:
+      BundleStemName: Microsoft.WindowsTerminalPreview
+    ${{ else }}:
+      BundleStemName: WindowsTerminalDev
+    JobOutputDirectory: '$(System.ArtifactsDirectory)/bundle'
+    JobOutputArtifactName: appxbundle-$(BuildConfiguration)${{ parameters.artifactStem }}
+    ${{ insert }}: ${{ parameters.variables }}
+  dependsOn: ${{ parameters.dependsOn }}
+  steps:
+  - checkout: self
+    clean: true
+    fetchDepth: 1
+    fetchTags: false # Tags still result in depth > 1 fetch; we don't need them here
+    submodules: true
+    persistCredentials: True
+  - task: PkgESSetupBuild@12
+    displayName: Package ES - Setup Build
+    inputs:
+      disableOutputRedirect: true
+  - template: steps-download-bin-dir-artifact.yml
+    parameters:
+      buildPlatforms: ${{ parameters.buildPlatforms }}
+      # This build is already matrix'd on configuration, so
+      # just pass a single config into the download template.
+      buildConfigurations:
+        - $(BuildConfiguration)
+      artifactStem: ${{ parameters.artifactStem }}
+
+  # Add 3000 to the major version component, but only for the bundle.
+  # This is to ensure that it is newer than "2022.xx.yy.zz" or whatever the original bundle versions were before
+  # we switched to uniform naming.
+  - pwsh: |-
+      $VersionEpoch = 3000
+      $Components = "$(XES_APPXMANIFESTVERSION)" -Split "\."
+      $Components[0] = ([int]$Components[0] + $VersionEpoch)
+      $BundleVersion = $Components -Join "."
+      New-Item -Type Directory "$(System.ArtifactsDirectory)/bundle"
+      $BundlePath = "$(System.ArtifactsDirectory)\bundle\$(BundleStemName)_$(XES_APPXMANIFESTVERSION)_8wekyb3d8bbwe.msixbundle"
+      .\build\scripts\Create-AppxBundle.ps1 -InputPath 'bin/' -ProjectName CascadiaPackage -BundleVersion $BundleVersion -OutputPath $BundlePath
+      Write-Host "##vso[task.setvariable variable=MsixBundlePath]${BundlePath}"
+    displayName: Create msixbundle
+
+  - ${{ if eq(parameters.codeSign, true) }}:
+    - task: EsrpCodeSigning@3
+      displayName: Submit *.msixbundle to ESRP for code signing
+      inputs:
+        ConnectedServiceName: 9d6d2960-0793-4d59-943e-78dcb434840a
+        FolderPath: $(System.ArtifactsDirectory)\bundle
+        Pattern: $(BundleStemName)*.msixbundle
+        UseMinimatch: true
+        signConfigType: inlineSignParams
+        inlineOperation: >-
+          [
+              {
+                  "KeyCode": "Dynamic",
+                  "CertTemplateName": "WINMSAPP1ST",
+                  "CertSubjectName": "CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US",
+                  "OperationCode": "SigntoolSign",
+                  "Parameters": {
+                      "OpusName": "Microsoft",
+                      "OpusInfo": "http://www.microsoft.com",
+                      "FileDigest": "/fd \"SHA256\"",
+                      "TimeStamp": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
+                  },
+                  "ToolName": "sign",
+                  "ToolVersion": "1.0"
+              },
+              {
+                  "KeyCode": "Dynamic",
+                  "CertTemplateName": "WINMSAPP1ST",
+                  "CertSubjectName": "CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US",
+                  "OperationCode": "SigntoolVerify",
+                  "Parameters": {},
+                  "ToolName": "sign",
+                  "ToolVersion": "1.0"
+              }
+          ]
+
+  - ${{ if eq(parameters.generateSbom, true) }}:
+    - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
+      displayName: 'Generate SBOM manifest (bundle)'
+      inputs:
+       BuildDropPath: '$(System.ArtifactsDirectory)/bundle'
+       BuildComponentPath: '$(Build.SourcesDirectory)/bin'
+
+    - task: DropValidatorTask@0
+      displayName: 'Validate bundle SBOM manifest'
+      inputs:
+        BuildDropPath: '$(System.ArtifactsDirectory)/bundle'
+        OutputPath: 'output.json'
+        ValidateSignature: true
+        Verbosity: 'Verbose'
+
+  - ${{ parameters.afterBuildSteps }}
+
+  - ${{ if eq(parameters.publishArtifacts, true) }}:
+    - publish: $(JobOutputDirectory)
+      artifact: $(JobOutputArtifactName)
+      displayName: Publish msixbundle

build/pipelines/templates-v2/job-package-conpty.yml

@@ -0,0 +1,129 @@
+parameters:
+  - name: buildConfigurations
+    type: object
+  - name: buildPlatforms
+    type: object
+  - name: generateSbom
+    type: boolean
+    default: false
+  - name: codeSign
+    type: boolean
+    default: false
+  - name: pool
+    type: object
+    default: []
+  - name: dependsOn
+    type: object
+    default: null
+  - name: artifactStem
+    type: string
+    default: ''
+  - name: jobName
+    type: string
+    default: PackConPTY
+  - name: variables
+    type: object
+    default: {}
+  - name: publishArtifacts
+    type: boolean
+    default: true
+
+jobs:
+- job: ${{ parameters.jobName }}
+  ${{ if ne(length(parameters.pool), 0) }}:
+    pool: ${{ parameters.pool }}
+  ${{ if eq(parameters.codeSign, true) }}:
+    displayName: Pack and Sign Microsoft.Windows.Console.ConPTY
+  ${{ else }}:
+    displayName: Pack Microsoft.Windows.Console.ConPTY
+  strategy:
+    matrix:
+      ${{ each config in parameters.buildConfigurations }}:
+        ${{ config }}:
+          BuildConfiguration: ${{ config }}
+  dependsOn: ${{ parameters.dependsOn }}
+  variables:
+    JobOutputDirectory: $(Build.ArtifactStagingDirectory)\nupkg
+    JobOutputArtifactName: conpty-nupkg-$(BuildConfiguration)${{ parameters.artifactStem }}
+    ${{ insert }}: ${{ parameters.variables }}
+  steps:
+  - checkout: self
+    clean: true
+    fetchDepth: 1
+    fetchTags: false # Tags still result in depth > 1 fetch; we don't need them here
+    submodules: true
+    persistCredentials: True
+
+  - task: PkgESSetupBuild@12
+    displayName: Package ES - Setup Build
+    inputs:
+      disableOutputRedirect: true
+
+  - template: steps-download-bin-dir-artifact.yml
+    parameters:
+      buildPlatforms: ${{ parameters.buildPlatforms }}
+      # This build is already matrix'd on configuration, so
+      # just pass a single config into the download template.
+      buildConfigurations:
+        - $(BuildConfiguration)
+      artifactStem: ${{ parameters.artifactStem }}
+
+  - template: steps-ensure-nuget-version.yml
+
+# In the Microsoft Azure DevOps tenant, NuGetCommand is ambiguous.
+# This should be `task: NuGetCommand@2`
+  - task: 333b11bd-d341-40d9-afcf-b32d5ce6f23b@2
+    displayName: NuGet pack
+    inputs:
+      command: pack
+      packagesToPack: $(Build.SourcesDirectory)\src\winconpty\package\winconpty.nuspec
+      packDestination: '$(Build.ArtifactStagingDirectory)/nupkg'
+      versioningScheme: byEnvVar
+      versionEnvVar: XES_PACKAGEVERSIONNUMBER
+
+  - ${{ if eq(parameters.codeSign, true) }}:
+    - task: EsrpCodeSigning@3
+      displayName: Submit *.nupkg to ESRP for code signing
+      inputs:
+        ConnectedServiceName: 9d6d2960-0793-4d59-943e-78dcb434840a
+        FolderPath: $(Build.ArtifactStagingDirectory)/nupkg
+        Pattern: '*.nupkg'
+        UseMinimatch: true
+        signConfigType: inlineSignParams
+        inlineOperation: >-
+          [
+              {
+                  "KeyCode": "CP-401405",
+                  "OperationCode": "NuGetSign",
+                  "Parameters": {},
+                  "ToolName": "sign",
+                  "ToolVersion": "1.0"
+              },
+              {
+                  "KeyCode": "CP-401405",
+                  "OperationCode": "NuGetVerify",
+                  "Parameters": {},
+                  "ToolName": "sign",
+                  "ToolVersion": "1.0"
+              }
+          ]
+
+  - ${{ if eq(parameters.generateSbom, true) }}:
+    - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0
+      displayName: 'Generate SBOM manifest (conpty)'
+      inputs:
+       BuildDropPath: '$(System.ArtifactsDirectory)/nupkg'
+       BuildComponentPath: '$(Build.SourcesDirectory)/bin'
+
+    - task: DropValidatorTask@0
+      displayName: 'Validate conpty SBOM manifest'
+      inputs:
+        BuildDropPath: '$(System.ArtifactsDirectory)/nupkg'
+        OutputPath: 'output.json'
+        ValidateSignature: true
+        Verbosity: 'Verbose'
+
+  - ${{ if eq(parameters.publishArtifacts, true) }}:
+    - publish: $(JobOutputDirectory)
+      artifact: $(JobOutputArtifactName)
+      displayName: Publish nupkg

build/pipelines/templates-v2/job-pgo-build-nuget-and-publish.yml

@@ -1,14 +1,26 @@
-# From our friends at MUX: https://github.com/microsoft/microsoft-ui-xaml/blob/main/build/AzurePipelinesTemplates/MUX-BuildAndPublishPGONuGet-Job.yml
-
 parameters:
-  dependsOn: ''
-  pgoArtifact: PGO
+  - name: buildConfiguration
+    type: string
+  - name: pool
+    type: object
+    default: []
+  - name: dependsOn
+    type: object
+    default: null
+  - name: artifactStem
+    type: string
+    default: ''
+  - name: jobName
+    type: string
+    default: BuildAndPublishPGONuget
 
 jobs:
-- job: BuildAndPublishPGONuGet
+- job: ${{ parameters.jobName }}
+  ${{ if ne(length(parameters.pool), 0) }}:
+    pool: ${{ parameters.pool }}
   dependsOn: ${{ parameters.dependsOn }}
-  pool:
-    vmImage: 'windows-2019'
+  displayName: Package and Publish PGO Databases
+
   variables:
     artifactsPath: $(Build.SourcesDirectory)\Artifacts
     pgoToolsPath: $(Build.SourcesDirectory)\build\PGO
@@ -16,20 +28,25 @@ jobs:
     nuspecFilename: PGO.nuspec
 
   steps:
-  - task: DownloadBuildArtifacts@0
+  - checkout: self
+    clean: true
+    # It is important that this be 0, otherwise git will not fetch the branch ref names that the PGO rules require.
+    fetchDepth: 0
+    submodules: false
+    persistCredentials: false
+
+  - task: DownloadPipelineArtifact@2
+    displayName: Download Final PGO Databases
     inputs:
-      artifactName: ${{ parameters.pgoArtifact }}
+      artifact: pgd-merged-${{ parameters.buildConfiguration }}${{ parameters.artifactStem }}
       downloadPath: $(artifactsPath)
 
+  - template: steps-ensure-nuget-version.yml
+
   - task: NuGetAuthenticate@0
     inputs:
       nuGetServiceConnections: 'Terminal Public Artifact Feed'
 
-  - task: NuGetToolInstaller@0
-    displayName: 'Use NuGet 5.8.0'
-    inputs:
-      versionSpec: 5.8.0
-
   # In the Microsoft Azure DevOps tenant, NuGetCommand is ambiguous.
   # This should be `task: NuGetCommand@2`
   - task: 333b11bd-d341-40d9-afcf-b32d5ce6f23b@2
@@ -45,12 +62,11 @@ jobs:
     displayName: 'Create PGO Nuget'
     inputs:
       solution: $(pgoToolsPath)\PGO.DB.proj
-      msbuildArguments: '/t:CreatePGONuGet /p:PGOBuildMode=Instrument /p:PGDPathForAllArch=$(artifactsPath)\${{ parameters.pgoArtifact }} /p:PGOOutputPath=$(Build.ArtifactStagingDirectory)'
+      msbuildArguments: '/t:CreatePGONuGet /p:PGOBuildMode=Instrument /p:PGDPathForAllArch=$(artifactsPath) /p:PGOOutputPath=$(Build.ArtifactStagingDirectory)'
 
-  - task: PublishBuildArtifacts@1
-    inputs:
-      pathToPublish: $(Build.ArtifactStagingDirectory)
-      artifactName: ${{ parameters.pgoArtifact }}
+  - publish: $(Build.ArtifactStagingDirectory)
+    artifact: pgo-nupkg-${{ parameters.buildConfiguration }}${{ parameters.artifactStem }}
+    displayName: "Publish Pipeline Artifact"
 
   - task: 333b11bd-d341-40d9-afcf-b32d5ce6f23b@2
     displayName: 'NuGet push'

build/pipelines/templates-v2/job-pgo-merge-pgd.yml

@@ -0,0 +1,75 @@
+parameters:
+  - name: buildConfiguration
+    type: string
+  - name: buildPlatforms
+    type: object
+  - name: pool
+    type: object
+    default: []
+  - name: dependsOn
+    type: object
+    default: null
+  - name: artifactStem
+    type: string
+    default: ''
+  - name: jobName
+    type: string
+    default: MergePGD
+
+jobs:
+- job: ${{ parameters.jobName }}
+  ${{ if ne(length(parameters.pool), 0) }}:
+    pool: ${{ parameters.pool }}
+  dependsOn: ${{ parameters.dependsOn }}
+  displayName: Merge PGO Counts for ${{ parameters.buildConfiguration }}
+
+  steps:
+  # The environment variable VCToolsInstallDir isn't defined on lab machines, so we need to retrieve it ourselves.
+  - script: |
+      "%ProgramFiles(x86)%\Microsoft Visual Studio\Installer\vswhere.exe" -Latest -requires Microsoft.Component.MSBuild -property InstallationPath > %TEMP%\vsinstalldir.txt
+      set /p _VSINSTALLDIR15=<%TEMP%\vsinstalldir.txt
+      del %TEMP%\vsinstalldir.txt
+      call "%_VSINSTALLDIR15%\Common7\Tools\VsDevCmd.bat"
+      echo VCToolsInstallDir = %VCToolsInstallDir%
+      echo ##vso[task.setvariable variable=VCToolsInstallDir]%VCToolsInstallDir%
+    displayName: 'Retrieve VC tools directory'
+
+  - ${{ each platform in parameters.buildPlatforms }}:
+    - task: DownloadPipelineArtifact@2
+      displayName: Download PGO Databases for ${{ platform }}
+      inputs:
+        artifactName: build-${{ platform }}-${{ parameters.buildConfiguration }}${{ parameters.artifactStem }}
+        itemPattern: '**/*.pgd'
+        downloadPath: '$(Build.SourcesDirectory)/pgd/${{ platform }}/${{ parameters.buildConfiguration }}'
+    - task: DownloadPipelineArtifact@2
+      displayName: Download PGO Counts for ${{ platform }}
+      inputs:
+        artifactName: pgc-intermediates-${{ platform }}-${{ parameters.buildConfiguration }}${{ parameters.artifactStem }}
+        downloadPath: '$(Build.SourcesDirectory)/pgc/${{ platform }}/${{ parameters.buildConfiguration }}'
+    - pwsh: |-
+        $Arch = '${{ platform }}'
+        $Conf = '${{ parameters.buildConfiguration }}'
+        $PGCDir = '$(Build.SourcesDirectory)/pgc/${{ platform }}/${{ parameters.buildConfiguration }}'
+        $PGDDir = '$(Build.SourcesDirectory)/pgd/${{ platform }}/${{ parameters.buildConfiguration }}'
+        # Flatten the PGD directory
+        Get-ChildItem $PGDDir -Recurse -Filter *.pgd | Move-Item -Destination $PGDDir -Verbose
+        Get-ChildItem $PGCDir -Filter *.pgc |
+          ForEach-Object {
+            $Parts = $_.Name -Split "!";
+            $_ | Add-Member Module $Parts[0] -PassThru
+          } |
+          Group-Object Module |
+          ForEach-Object {
+            & "$(VCToolsInstallDir)\bin\Hostx64\${{ platform }}\pgomgr.exe" /merge $_.Group.FullName "$PGDDir\$($_.Name).pgd"
+          }
+      displayName: Merge PGO Counts for ${{ platform }}
+    - task: CopyFiles@2
+      displayName: 'Copy merged pgds to artifact staging'
+      inputs:
+        sourceFolder: '$(Build.SourcesDirectory)/pgd/${{ platform }}/${{ parameters.buildConfiguration }}'
+        contents: '**\*.pgd'
+        targetFolder: '$(Build.ArtifactStagingDirectory)\out-pgd\${{ platform }}'
+
+  - publish: $(Build.ArtifactStagingDirectory)\out-pgd
+    artifact: pgd-merged-${{ parameters.buildConfiguration }}${{ parameters.artifactStem }}
+    displayName: "Publish merged PGDs"

build/pipelines/templates-v2/job-publish-symbols.yml

@@ -0,0 +1,97 @@
+parameters:
+  - name: includePublicSymbolServer
+    type: boolean
+    default: false
+  - name: pool
+    type: object
+    default: []
+  - name: dependsOn
+    type: object
+    default: null
+  - name: artifactStem
+    type: string
+    default: ''
+  - name: jobName
+    type: string
+    default: PublishSymbols
+  - name: symbolExpiryTime
+    type: string
+    default: 36530 # This is the default from PublishSymbols@2
+  - name: variables
+    type: object
+    default: {}
+  - name: symbolPatGoesInTaskInputs
+    type: boolean
+    default: false
+
+jobs:
+- job: ${{ parameters.jobName }}
+  ${{ if ne(length(parameters.pool), 0) }}:
+    pool: ${{ parameters.pool }}
+  ${{ if eq(parameters.includePublicSymbolServer, true) }}:
+    displayName: Publish Symbols to Internal and MSDL
+  ${{ else }}:
+    displayName: Publish Symbols Internally
+  dependsOn: ${{ parameters.dependsOn }}
+  variables:
+    ${{ insert }}: ${{ parameters.variables }}
+  steps:
+  - checkout: self
+    clean: true
+    fetchDepth: 1
+    fetchTags: false # Tags still result in depth > 1 fetch; we don't need them here
+    submodules: true
+    persistCredentials: True
+
+  - task: PkgESSetupBuild@12
+    displayName: Package ES - Setup Build
+    inputs:
+      disableOutputRedirect: true
+
+  - task: DownloadPipelineArtifact@2
+    displayName: Download all PDBs from all prior build phases
+    inputs:
+      itemPattern: '**/*.pdb'
+      targetPath: '$(Build.SourcesDirectory)/bin'
+
+  - task: PublishSymbols@2
+    displayName: Publish Symbols (to current Azure DevOps tenant)
+    continueOnError: True
+    inputs:
+      SymbolsFolder: '$(Build.SourcesDirectory)/bin'
+      SearchPattern: '**/*.pdb'
+      IndexSources: false
+      DetailedLog: true
+      SymbolsMaximumWaitTime: 30
+      SymbolServerType: 'TeamServices'
+      SymbolsProduct: 'Windows Terminal Converged Symbols'
+      SymbolsVersion: '$(XES_APPXMANIFESTVERSION)'
+      SymbolExpirationInDays: ${{ parameters.symbolExpiryTime }}
+    env:
+      LIB: $(Build.SourcesDirectory)
+
+  - ${{ if eq(parameters.includePublicSymbolServer, true) }}:
+    - task: PublishSymbols@2
+      displayName: 'Publish symbols to MSDL'
+      continueOnError: True
+      inputs:
+        SymbolsFolder: '$(Build.SourcesDirectory)/bin'
+        SearchPattern: '**/*.pdb'
+        IndexSources: false
+        DetailedLog: true
+        SymbolsMaximumWaitTime: 30
+        SymbolServerType: 'TeamServices'
+        SymbolsProduct: 'Windows Terminal Converged Symbols'
+        SymbolsVersion: '$(XES_APPXMANIFESTVERSION)'
+        SymbolExpirationInDays: ${{ parameters.symbolExpiryTime }}
+        ${{ if eq(parameters.symbolPatGoesInTaskInputs, true) }}:
+          Pat: $(ADO_microsoftpublicsymbols_PAT)
+        # The ADO task does not support indexing of GitHub sources.
+      # There is a bug which causes this task to fail if LIB includes an inaccessible path (even though it does not depend on it).
+      # To work around this issue, we just force LIB to be any dir that we know exists.
+      # Copied from https://github.com/microsoft/icu/blob/f869c214adc87415dfe751d81f42f1bca55dcf5f/build/azure-nuget.yml#L564-L583
+      env:
+        LIB: $(Build.SourcesDirectory)
+        ArtifactServices_Symbol_AccountName: microsoftpublicsymbols
+        ${{ if ne(parameters.symbolPatGoesInTaskInputs, true) }}:
+          ArtifactServices_Symbol_PAT: $(ADO_microsoftpublicsymbols_PAT)

build/pipelines/templates-v2/job-run-pgo-tests.yml

@@ -0,0 +1,83 @@
+parameters:
+  buildConfiguration: 'Release'
+  buildPlatform: ''
+  artifactStem: ''
+  testLogPath: '$(Build.BinariesDirectory)\$(BuildPlatform)\$(BuildConfiguration)\testsOnBuildMachine.wtl'
+
+jobs:
+- job: PGO${{ parameters.buildPlatform }}${{ parameters.buildConfiguration }}
+  displayName: PGO ${{ parameters.buildPlatform }} ${{ parameters.buildConfiguration }}
+  variables:
+    BuildConfiguration: ${{ parameters.buildConfiguration }}
+    BuildPlatform: ${{ parameters.buildPlatform }}
+    OutputBuildPlatform: ${{ parameters.buildPlatform }}
+    Terminal.BinDir: $(Build.SourcesDirectory)/bin/$(OutputBuildPlatform)/$(BuildConfiguration)
+  pool:
+    ${{ if eq(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
+      ${{ if ne(parameters.buildPlatform, 'ARM64') }}:
+        name: SHINE-OSS-Testing-x64
+      ${{ else }}:
+        name: SHINE-OSS-Testing-arm64
+    ${{ if ne(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
+      ${{ if ne(parameters.buildPlatform, 'ARM64') }}:
+        name: SHINE-INT-Testing-x64
+      ${{ else }}:
+        name: SHINE-INT-Testing-arm64
+
+  steps:
+  - checkout: self
+    submodules: false
+    clean: true
+    fetchDepth: 1
+    fetchTags: false # Tags still result in depth > 1 fetch; we don't need them here
+
+  - task: DownloadPipelineArtifact@2
+    displayName: Download artifacts
+    inputs:
+      artifactName: build-${{ parameters.buildPlatform }}-$(BuildConfiguration)${{ parameters.artifactStem }}
+      downloadPath: $(Terminal.BinDir)
+
+  # The tests expect Terminal to be an unpackaged distribution named terminal-0.0.1.0 (after the dev build version scheme)
+  # Extract to that folder explicitly and strip the embedded folder name from the unpackaged archive.
+  - powershell: |-
+      $TargetDirectory = New-Item -Type Directory (Join-Path "$(Terminal.BinDir)" "terminal-0.0.1.0")
+      & tar.exe -x -v -f (Get-Item "$(Terminal.BinDir)/_unpackaged/*.zip") -C $TargetDirectory.FullName --strip-components=1
+    displayName: Extract the unpackaged build for PGO
+
+  - template: steps-ensure-nuget-version.yml
+
+  - powershell: |-
+      $Package = 'Microsoft.Internal.Windows.Terminal.TestContent'
+      $Version = '1.0.1'
+      & nuget.exe install $Package -Version $Version
+      Write-Host "##vso[task.setvariable variable=TerminalTestContentPath]$(Build.SourcesDirectory)\packages\${Package}.${Version}\content"
+    displayName: Install Test Content
+
+  - task: PowerShell@2
+    displayName: 'Run PGO Tests'
+    inputs:
+      targetType: filePath
+      filePath: build\scripts\Run-Tests.ps1
+      arguments: >-
+        -MatchPattern '*UIA.Tests.dll'
+        -Platform '$(OutputBuildPlatform)'
+        -Configuration '$(BuildConfiguration)'
+        -LogPath '${{ parameters.testLogPath }}'
+        -Root "$(Terminal.BinDir)"
+        -AdditionalTaefArguments '/select:(@IsPGO=true)','/p:WTTestContent=$(TerminalTestContentPath)'
+    condition: and(succeeded(), ne(variables['PGOBuildMode'], 'Instrument'))
+
+  - task: CopyFiles@2
+    displayName: 'Copy PGO outputs to Artifacts'
+    condition: always()
+    inputs:
+      Contents: |
+       **/*.pgc
+       ${{ parameters.testLogPath }}
+      TargetFolder: '$(Build.ArtifactStagingDirectory)/$(BuildConfiguration)/$(BuildPlatform)/pgc'
+      OverWrite: true
+      flattenFolders: true
+
+  - publish: '$(Build.ArtifactStagingDirectory)/$(BuildConfiguration)/$(BuildPlatform)/pgc'
+    artifact: pgc-intermediates-$(BuildPlatform)-$(BuildConfiguration)${{ parameters.artifactStem }}
+    condition: always()

build/pipelines/templates-v2/job-submit-windows-vpack.yml

@@ -0,0 +1,81 @@
+parameters:
+  - name: buildConfiguration
+    type: string
+  - name: generateSbom
+    type: boolean
+    default: false
+  - name: pool
+    type: object
+    default: []
+  - name: dependsOn
+    type: object
+    default: null
+  - name: artifactStem
+    type: string
+    default: ''
+  - name: variables
+    type: object
+    default: {}
+  - name: publishArtifacts
+    type: boolean
+    default: true
+
+jobs:
+- job: VPack
+  ${{ if ne(length(parameters.pool), 0) }}:
+    pool: ${{ parameters.pool }}
+  displayName: Create and Submit Windows vPack
+  dependsOn: ${{ parameters.dependsOn }}
+  variables:
+    JobOutputDirectory: $(XES_VPACKMANIFESTDIRECTORY)
+    JobOutputArtifactName: vpack-manifest${{ parameters.artifactStem }}
+    ${{ insert }}: ${{ parameters.variables }}
+  steps:
+  - checkout: self
+    clean: true
+    fetchDepth: 1
+    fetchTags: false # Tags still result in depth > 1 fetch; we don't need them here
+    submodules: true
+    persistCredentials: True
+
+  - task: PkgESSetupBuild@12
+    displayName: Package ES - Setup Build
+    inputs:
+      disableOutputRedirect: true
+
+  - task: DownloadPipelineArtifact@2
+    displayName: Download MSIX Bundle Artifact
+    inputs:
+      artifactName: appxbundle-${{ parameters.buildConfiguration }}${{ parameters.artifactStem }}
+      downloadPath: '$(Build.SourcesDirectory)/bundle'
+
+  # Rename to known/fixed name for Windows build system
+  - powershell: |-
+      # Create vpack directory and place item inside
+      $TargetFolder = New-Item -Type Directory '$(Build.SourcesDirectory)/WindowsTerminal.app'
+      Get-ChildItem bundle/Microsoft.WindowsTerminal_*.msixbundle | Move-Item (Join-Path $TargetFolder.FullName 'Microsoft.WindowsTerminal_8wekyb3d8bbwe.msixbundle') -Verbose
+    displayName: Stage packages for vpack
+
+  - task: PkgESVPack@12
+    displayName: 'Package ES - VPack'
+    env:
+      SYSTEM_ACCESSTOKEN: $(System.AccessToken)
+    inputs:
+      sourceDirectory: '$(Build.SourcesDirectory)/WindowsTerminal.app'
+      description: VPack for the Windows Terminal Application
+      pushPkgName: WindowsTerminal.app
+      owner: conhost
+      githubToken: $(GitHubTokenForVpackProvenance)
+
+  - ${{ if eq(parameters.publishArtifacts, true) }}:
+    - publish: $(JobOutputDirectory)
+      artifact: $(JobOutputArtifactName)
+      displayName: 'Publish VPack Manifest to Drop'
+
+  - task: PkgESFCIBGit@12
+    displayName: 'Submit VPack Manifest to Windows'
+    inputs:
+      configPath: '$(Build.SourcesDirectory)\build\config\GitCheckin.json'
+      artifactsDirectory: $(XES_VPACKMANIFESTDIRECTORY)
+      prTimeOut: 5
+

build/pipelines/templates-v2/job-test-project.yml

@@ -1,9 +1,9 @@
 parameters:
   configuration: 'Release'
   platform: ''
-  additionalBuildArguments: ''
-  artifactName: 'drop'
   testLogPath: '$(Build.BinariesDirectory)\$(BuildPlatform)\$(BuildConfiguration)\testsOnBuildMachine.wtl'
+  inputArtifactStem: ''
+  outputArtifactStem: ''
 
 jobs:
 - job: Test${{ parameters.platform }}${{ parameters.configuration }}
@@ -11,47 +11,52 @@ jobs:
   variables:
     BuildConfiguration: ${{ parameters.configuration }}
     BuildPlatform: ${{ parameters.platform }}
+    ${{ if eq(parameters.platform, 'x86') }}:
+      OutputBuildPlatform: Win32
+    ${{ else }}:
+      OutputBuildPlatform: ${{ parameters.platform }}
+    Terminal.BinDir: $(Build.SourcesDirectory)/bin/$(OutputBuildPlatform)/$(BuildConfiguration)
   pool:
     ${{ if eq(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
-      name: WinDevPoolOSS-L
+      ${{ if ne(parameters.platform, 'ARM64') }}:
+        name: SHINE-OSS-Testing-x64
+      ${{ else }}:
+        name: SHINE-OSS-Testing-arm64
     ${{ if ne(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
-      name: WinDevPool-L
-    demands: ImageOverride -equals WinDevVS17-latest
+      ${{ if ne(parameters.platform, 'ARM64') }}:
+        name: SHINE-INT-Testing-x64
+      ${{ else }}:
+        name: SHINE-INT-Testing-arm64
 
   steps:
   - checkout: self
-    submodules: true
+    submodules: false
     clean: true
     fetchDepth: 1
+    fetchTags: false # Tags still result in depth > 1 fetch; we don't need them here
 
-  - task: DownloadBuildArtifacts@0
+  - task: DownloadPipelineArtifact@2
+    displayName: Download artifacts
     inputs:
-      artifactName: ${{ parameters.artifactName }}
-
-  - task: PowerShell@2
-    displayName: 'Rationalize build platform'
-    inputs:
-      targetType: inline
-      script: |
-        $Arch = "$(BuildPlatform)"
-        If ($Arch -Eq "x86") { $Arch = "Win32" }
-        Write-Host "##vso[task.setvariable variable=RationalizedBuildPlatform]${Arch}"
+      artifactName: build-${{ parameters.platform }}-$(BuildConfiguration)${{ parameters.inputArtifactStem }}
+      downloadPath: $(Terminal.BinDir)
 
   - task: PowerShell@2
     displayName: 'Run Unit Tests'
     inputs:
       targetType: filePath
       filePath: build\scripts\Run-Tests.ps1
-      arguments: -MatchPattern '*unit.test*.dll' -Platform '$(RationalizedBuildPlatform)' -Configuration '$(BuildConfiguration)' -LogPath '${{ parameters.testLogPath }}' -Root "$(System.ArtifactsDirectory)\\${{ parameters.artifactName }}\\$(BuildConfiguration)\\$(BuildPlatform)\\test"
-    condition: and(and(succeeded(), ne(variables['PGOBuildMode'], 'Instrument')), or(eq(variables['BuildPlatform'], 'x64'), eq(variables['BuildPlatform'], 'x86')))
+      arguments: -MatchPattern '*unit.test*.dll' -Platform '$(OutputBuildPlatform)' -Configuration '$(BuildConfiguration)' -LogPath '${{ parameters.testLogPath }}' -Root "$(Terminal.BinDir)"
+    condition: and(succeeded(), ne(variables['PGOBuildMode'], 'Instrument'))
 
-  - task: PowerShell@2
-    displayName: 'Run Feature Tests (x64 only)'
-    inputs:
-      targetType: filePath
-      filePath: build\scripts\Run-Tests.ps1
-      arguments: -MatchPattern '*feature.test*.dll' -Platform '$(RationalizedBuildPlatform)' -Configuration '$(BuildConfiguration)' -LogPath '${{ parameters.testLogPath }}' -Root "$(System.ArtifactsDirectory)\\${{ parameters.artifactName }}\\$(BuildConfiguration)\\$(BuildPlatform)\\test"
-    condition: and(and(succeeded(), ne(variables['PGOBuildMode'], 'Instrument')), eq(variables['BuildPlatform'], 'x64'))
+  - ${{ if or(eq(parameters.platform, 'x64'), eq(parameters.platform, 'arm64')) }}:
+    - task: PowerShell@2
+      displayName: 'Run Feature Tests'
+      inputs:
+        targetType: filePath
+        filePath: build\scripts\Run-Tests.ps1
+        arguments: -MatchPattern '*feature.test*.dll' -Platform '$(OutputBuildPlatform)' -Configuration '$(BuildConfiguration)' -LogPath '${{ parameters.testLogPath }}' -Root "$(Terminal.BinDir)"
+      condition: and(succeeded(), ne(variables['PGOBuildMode'], 'Instrument'))
 
   - task: PowerShell@2
     displayName: 'Convert Test Logs from WTL to xUnit format'
@@ -59,7 +64,7 @@ jobs:
       targetType: filePath
       filePath: build\Helix\ConvertWttLogToXUnit.ps1
       arguments: -WttInputPath '${{ parameters.testLogPath }}' -WttSingleRerunInputPath 'unused.wtl' -WttMultipleRerunInputPath 'unused2.wtl' -XUnitOutputPath 'onBuildMachineResults.xml' -TestNamePrefix '$(BuildConfiguration).$(BuildPlatform)'
-    condition: and(ne(variables['PGOBuildMode'], 'Instrument'),or(eq(variables['BuildPlatform'], 'x64'), eq(variables['BuildPlatform'], 'x86')))
+    condition: ne(variables['PGOBuildMode'], 'Instrument')
 
   - task: PublishTestResults@2
     displayName: 'Upload converted test logs'
@@ -67,13 +72,9 @@ jobs:
     inputs:
       testResultsFormat: 'xUnit' # Options: JUnit, NUnit, VSTest, xUnit, cTest
       testResultsFiles: '**/onBuildMachineResults.xml'
-      #searchFolder: '$(System.DefaultWorkingDirectory)' # Optional
-      #mergeTestResults: false # Optional
-      #failTaskOnFailedTests: false # Optional
       testRunTitle: 'On Build Machine Tests' # Optional
       buildPlatform: $(BuildPlatform) # Optional
       buildConfiguration: $(BuildConfiguration) # Optional
-      #publishRunAttachments: true # Optional
 
   - task: CopyFiles@2
     displayName: 'Copy result logs to Artifacts'
@@ -87,4 +88,5 @@ jobs:
       flattenFolders: true
 
   - publish: '$(Build.ArtifactStagingDirectory)/$(BuildConfiguration)/$(BuildPlatform)/test-logs'
-    artifact: TestLogs$(BuildPlatform)$(BuildConfiguration)
+    artifact: test-logs-$(BuildPlatform)-$(BuildConfiguration)${{ parameters.outputArtifactStem }}
+    condition: always()

build/pipelines/templates-v2/pipeline-full-release-build.yml

@@ -0,0 +1,177 @@
+# This build should never run as CI or against a pull request.
+trigger: none
+
+parameters:
+  - name: branding
+    type: string
+    default: Release
+  - name: buildTerminal
+    type: boolean
+    default: true
+  - name: buildConPTY
+    type: boolean
+    default: false
+  - name: buildWPF
+    type: boolean
+    default: false
+  - name: pgoBuildMode
+    type: string
+    default: Optimize
+    values:
+      - Optimize
+      - Instrument
+      - None
+  - name: buildConfigurations
+    type: object
+    default:
+      - Release
+  - name: buildPlatforms
+    type: object
+    default:
+      - x64
+      - x86
+      - arm64
+  - name: codeSign
+    type: boolean
+    default: true
+  - name: generateSbom
+    type: boolean
+    default: true
+  - name: terminalInternalPackageVersion
+    type: string
+    default: '0.0.8'
+
+  - name: publishSymbolsToPublic
+    type: boolean
+    default: true
+  - name: symbolExpiryTime
+    type: string
+    default: 36530 # This is the default from PublishSymbols@2
+  - name: publishVpackToWindows
+    type: boolean
+    default: false
+
+  - name: pool
+    type: object
+    default:
+      name: SHINE-INT-S # By default, send jobs to the small agent pool.
+      demands: ImageOverride -equals SHINE-VS17-Latest
+
+variables:
+  - template: variables-nuget-package-version.yml
+    parameters:
+      branding: ${{ parameters.branding }}
+
+resources:
+  repositories:
+  - repository: self
+    type: git
+    ref: main
+
+stages:
+  - stage: Build
+    displayName: Build
+    pool: ${{ parameters.pool }}
+    dependsOn: []
+    jobs:
+      - template: ./job-build-project.yml
+        parameters:
+          pool:
+            name: SHINE-INT-L # Run the compilation on the large agent pool, rather than the default small one.
+            demands: ImageOverride -equals SHINE-VS17-Latest
+          branding: ${{ parameters.branding }}
+          buildTerminal: ${{ parameters.buildTerminal }}
+          buildConPTY: ${{ parameters.buildConPTY }}
+          buildWPF: ${{ parameters.buildWPF }}
+          pgoBuildMode: ${{ parameters.pgoBuildMode }}
+          buildConfigurations: ${{ parameters.buildConfigurations }}
+          buildPlatforms: ${{ parameters.buildPlatforms }}
+          generateSbom: ${{ parameters.generateSbom }}
+          codeSign: ${{ parameters.codeSign }}
+          beforeBuildSteps: # Right before we build, lay down the universal package and localizations
+            - task: PkgESSetupBuild@12
+              displayName: Package ES - Setup Build
+              inputs:
+                disableOutputRedirect: true
+
+            - task: UniversalPackages@0
+              displayName: Download terminal-internal Universal Package
+              inputs:
+                feedListDownload: 2b3f8893-a6e8-411f-b197-a9e05576da48
+                packageListDownload: e82d490c-af86-4733-9dc4-07b772033204
+                versionListDownload: ${{ parameters.terminalInternalPackageVersion }}
+
+            - template: ./steps-fetch-and-prepare-localizations.yml
+              parameters:
+                includePseudoLoc: true
+
+      - ${{ if eq(parameters.buildWPF, true) }}:
+        # Add an Any CPU build flavor for the WPF control bits
+        - template: ./job-build-project.yml
+          parameters:
+            # This job is allowed to run on the default small pool.
+            jobName: BuildWPF
+            branding: ${{ parameters.branding }}
+            buildTerminal: false
+            buildWPFDotNetComponents: true
+            buildConfigurations: ${{ parameters.buildConfigurations }}
+            buildPlatforms:
+              - Any CPU
+            generateSbom: ${{ parameters.generateSbom }}
+            codeSign: ${{ parameters.codeSign }}
+            beforeBuildSteps:
+              - task: PkgESSetupBuild@12
+                displayName: Package ES - Setup Build
+                inputs:
+                  disableOutputRedirect: true
+              # WPF doesn't need the localizations or the universal package, but if it does... put them here.
+
+  - stage: Package
+    displayName: Package
+    pool: ${{ parameters.pool }}
+    dependsOn: [Build]
+    jobs:
+      - ${{ if eq(parameters.buildTerminal, true) }}:
+        - template: ./job-merge-msix-into-bundle.yml
+          parameters:
+            jobName: Bundle
+            branding: ${{ parameters.branding }}
+            buildConfigurations: ${{ parameters.buildConfigurations }}
+            buildPlatforms: ${{ parameters.buildPlatforms }}
+            generateSbom: ${{ parameters.generateSbom }}
+            codeSign: ${{ parameters.codeSign }}
+
+      - ${{ if eq(parameters.buildConPTY, true) }}:
+        - template: ./job-package-conpty.yml
+          parameters:
+            buildConfigurations: ${{ parameters.buildConfigurations }}
+            buildPlatforms: ${{ parameters.buildPlatforms }}
+            generateSbom: ${{ parameters.generateSbom }}
+            codeSign: ${{ parameters.codeSign }}
+
+      - ${{ if eq(parameters.buildWPF, true) }}:
+        - template: ./job-build-package-wpf.yml
+          parameters:
+            buildConfigurations: ${{ parameters.buildConfigurations }}
+            buildPlatforms: ${{ parameters.buildPlatforms }}
+            generateSbom: ${{ parameters.generateSbom }}
+            codeSign: ${{ parameters.codeSign }}
+
+  - stage: Publish
+    displayName: Publish
+    pool: ${{ parameters.pool }}
+    dependsOn: [Build, Package]
+    jobs:
+      # We only support the vpack for Release builds that include Terminal
+      - ${{ if and(containsValue(parameters.buildConfigurations, 'Release'), parameters.buildTerminal, parameters.publishVpackToWindows) }}:
+        - template: ./job-submit-windows-vpack.yml
+          parameters:
+            buildConfiguration: Release
+            generateSbom: ${{ parameters.generateSbom }}
+
+      - template: ./job-publish-symbols.yml
+        parameters:
+          includePublicSymbolServer: ${{ parameters.publishSymbolsToPublic }}
+          symbolExpiryTime: ${{ parameters.symbolExpiryTime }}
+
+...

build/pipelines/templates-v2/pipeline-onebranch-full-release-build.yml

@@ -0,0 +1,256 @@
+parameters:
+  - name: official
+    type: boolean
+    default: false
+  - name: branding
+    type: string
+    default: Release
+    values:
+      - Release
+      - Preview
+      - Canary
+      - Dev
+  - name: buildTerminal
+    type: boolean
+    default: true
+  - name: buildConPTY
+    type: boolean
+    default: false
+  - name: buildWPF
+    type: boolean
+    default: false
+  - name: pgoBuildMode
+    type: string
+    default: Optimize
+    values:
+      - Optimize
+      - Instrument
+      - None
+  - name: buildConfigurations
+    type: object
+    default:
+      - Release
+  - name: buildPlatforms
+    type: object
+    default:
+      - x64
+      - x86
+      - arm64
+  - name: codeSign
+    type: boolean
+    default: true
+  - name: terminalInternalPackageVersion
+    type: string
+    default: '0.0.8'
+
+  - name: publishSymbolsToPublic
+    type: boolean
+    default: true
+  - name: publishVpackToWindows
+    type: boolean
+    default: false
+
+  - name: extraPublishJobs
+    type: object
+    default: []
+
+resources:
+  repositories:
+  - repository: templates
+    type: git
+    name: OneBranch.Pipelines/GovernedTemplates
+    ref: refs/heads/main
+
+extends:
+  ${{ if eq(parameters.official, true) }}:
+    template: v2/Microsoft.Official.yml@templates # https://aka.ms/obpipelines/templates
+  ${{ else }}:
+    template: v2/Microsoft.NonOfficial.yml@templates
+  parameters:
+    featureFlags:
+      WindowsHostVersion: 1ESWindows2022
+    platform:
+      name: 'windows_undocked'
+      product: 'Windows Terminal'
+    cloudvault: # https://aka.ms/obpipelines/cloudvault
+      enabled: false
+    globalSdl: # https://aka.ms/obpipelines/sdl
+      tsa:
+        enabled: true
+        configFile: '$(Build.SourcesDirectory)\build\config\tsa.json'
+      binskim:
+        break: false
+        scanOutputDirectoryOnly: true
+      policheck:
+        break: false
+        severity: Note
+      baseline:
+        baselineFile: '$(Build.SourcesDirectory)\build\config\release.gdnbaselines'
+        suppressionSet: default
+
+    stages:
+      - stage: Build
+        displayName: Build
+        dependsOn: []
+        jobs:
+          - template: ./build/pipelines/templates-v2/job-build-project.yml@self
+            parameters:
+              pool: { type: windows }
+              variables:
+                ob_git_checkout: false # This job checks itself out
+                ob_git_skip_checkout_none: true
+                ob_outputDirectory: $(JobOutputDirectory)
+                ob_artifactBaseName: $(JobOutputArtifactName)
+              publishArtifacts: false # Handled by OneBranch
+              branding: ${{ parameters.branding }}
+              buildTerminal: ${{ parameters.buildTerminal }}
+              buildConPTY: ${{ parameters.buildConPTY }}
+              buildWPF: ${{ parameters.buildWPF }}
+              pgoBuildMode: ${{ parameters.pgoBuildMode }}
+              buildConfigurations: ${{ parameters.buildConfigurations }}
+              buildPlatforms: ${{ parameters.buildPlatforms }}
+              generateSbom: false # this is handled by onebranch
+              removeAllNonSignedFiles: true # appease the overlords
+              codeSign: ${{ parameters.codeSign }}
+              beforeBuildSteps: # Right before we build, lay down the universal package and localizations
+                - task: PkgESSetupBuild@12
+                  displayName: Package ES - Setup Build
+                  inputs:
+                    disableOutputRedirect: true
+
+                - task: UniversalPackages@0
+                  displayName: Download terminal-internal Universal Package
+                  inputs:
+                    feedListDownload: 2b3f8893-a6e8-411f-b197-a9e05576da48
+                    packageListDownload: e82d490c-af86-4733-9dc4-07b772033204
+                    versionListDownload: ${{ parameters.terminalInternalPackageVersion }}
+
+                - template: ./build/pipelines/templates-v2/steps-fetch-and-prepare-localizations.yml@self
+                  parameters:
+                    includePseudoLoc: true
+
+          - ${{ if eq(parameters.buildWPF, true) }}:
+            # Add an Any CPU build flavor for the WPF control bits
+            - template: ./build/pipelines/templates-v2/job-build-project.yml@self
+              parameters:
+                pool: { type: windows }
+                variables:
+                  ob_git_checkout: false # This job checks itself out
+                  ob_git_skip_checkout_none: true
+                  ob_outputDirectory: $(JobOutputDirectory)
+                  ob_artifactBaseName: $(JobOutputArtifactName)
+                publishArtifacts: false # Handled by OneBranch
+                jobName: BuildWPF
+                branding: ${{ parameters.branding }}
+                buildTerminal: false
+                buildWPFDotNetComponents: true
+                buildConfigurations: ${{ parameters.buildConfigurations }}
+                buildPlatforms:
+                  - Any CPU
+                generateSbom: false # this is handled by onebranch
+                removeAllNonSignedFiles: true # appease the overlords
+                codeSign: ${{ parameters.codeSign }}
+                beforeBuildSteps:
+                  - task: PkgESSetupBuild@12
+                    displayName: Package ES - Setup Build
+                    inputs:
+                      disableOutputRedirect: true
+                  # WPF doesn't need the localizations or the universal package, but if it does... put them here.
+
+      - stage: Package
+        displayName: Package
+        dependsOn: [Build]
+        jobs:
+          - ${{ if eq(parameters.buildTerminal, true) }}:
+            - template: ./build/pipelines/templates-v2/job-merge-msix-into-bundle.yml@self
+              parameters:
+                pool: { type: windows }
+                variables:
+                  ob_git_checkout: false # This job checks itself out
+                  ob_git_skip_checkout_none: true
+                  ob_outputDirectory: $(JobOutputDirectory)
+                  ob_artifactBaseName: $(JobOutputArtifactName)
+                  ### This job is also in charge of submitting the vpack to Windows if it's enabled
+                  ob_createvpack_enabled: ${{ and(parameters.buildTerminal, parameters.publishVpackToWindows) }}
+                  ob_updateOSManifest_enabled: ${{ and(parameters.buildTerminal, parameters.publishVpackToWindows) }}
+                  ### If enabled above, these options are in play.
+                  ob_createvpack_packagename: 'WindowsTerminal.app'
+                  ob_createvpack_owneralias: 'conhost@microsoft.com'
+                  ob_createvpack_description: 'VPack for the Windows Terminal Application'
+                  ob_createvpack_targetDestinationDirectory: '$(Destination)'
+                  ob_createvpack_propsFile: false
+                  ob_createvpack_provData: true
+                  ob_createvpack_metadata: '$(Build.SourceVersion)'
+                  ob_createvpack_topLevelRetries: 0
+                  ob_createvpack_failOnStdErr: true
+                  ob_createvpack_taskLogVerbosity: Detailed
+                  ob_createvpack_verbose: true
+                  ob_createvpack_vpackdirectory: '$(JobOutputDirectory)\vpack'
+                  ob_updateOSManifest_gitcheckinConfigPath: '$(Build.SourcesDirectory)\build\config\GitCheckin.json'
+                  # We're skipping the 'fetch' part of the OneBranch rules, but that doesn't mean
+                  # that it doesn't expect to have downloaded a manifest directly to some 'destination'
+                  # folder that it can then update and upload.
+                  # Effectively: it says "destination" but it means "source"
+                  # DH: Don't ask why.
+                  ob_updateOSManifest_destination: $(XES_VPACKMANIFESTDIRECTORY)
+                  ob_updateOSManifest_skipFetch: true
+                publishArtifacts: false # Handled by OneBranch
+                jobName: Bundle
+                branding: ${{ parameters.branding }}
+                buildConfigurations: ${{ parameters.buildConfigurations }}
+                buildPlatforms: ${{ parameters.buildPlatforms }}
+                generateSbom: false # Handled by onebranch
+                codeSign: ${{ parameters.codeSign }}
+                afterBuildSteps:
+                  - pwsh: |-
+                      $d = New-Item "$(JobOutputDirectory)/vpack" -Type Directory
+                      Copy-Item -Verbose -Path "$(MsixBundlePath)" -Destination (Join-Path $d 'Microsoft.WindowsTerminal_8wekyb3d8bbwe.msixbundle')
+                    displayName: Stage msixbundle for vpack
+
+          - ${{ if eq(parameters.buildConPTY, true) }}:
+            - template: ./build/pipelines/templates-v2/job-package-conpty.yml@self
+              parameters:
+                pool: { type: windows }
+                variables:
+                  ob_git_checkout: false # This job checks itself out
+                  ob_git_skip_checkout_none: true
+                  ob_outputDirectory: $(JobOutputDirectory)
+                  ob_artifactBaseName: $(JobOutputArtifactName)
+                publishArtifacts: false # Handled by OneBranch
+                buildConfigurations: ${{ parameters.buildConfigurations }}
+                buildPlatforms: ${{ parameters.buildPlatforms }}
+                generateSbom: false # this is handled by onebranch
+                codeSign: ${{ parameters.codeSign }}
+
+          - ${{ if eq(parameters.buildWPF, true) }}:
+            - template: ./build/pipelines/templates-v2/job-build-package-wpf.yml@self
+              parameters:
+                pool: { type: windows }
+                variables:
+                  ob_git_checkout: false # This job checks itself out
+                  ob_git_skip_checkout_none: true
+                  ob_outputDirectory: $(JobOutputDirectory)
+                  ob_artifactBaseName: $(JobOutputArtifactName)
+                publishArtifacts: false # Handled by OneBranch
+                buildConfigurations: ${{ parameters.buildConfigurations }}
+                buildPlatforms: ${{ parameters.buildPlatforms }}
+                generateSbom: false # this is handled by onebranch
+                codeSign: ${{ parameters.codeSign }}
+
+      - stage: Publish
+        displayName: Publish
+        dependsOn: [Build, Package]
+        jobs:
+          - template: ./build/pipelines/templates-v2/job-publish-symbols.yml@self
+            parameters:
+              pool: { type: windows }
+              includePublicSymbolServer: ${{ parameters.publishSymbolsToPublic }}
+              symbolPatGoesInTaskInputs: true # onebranch tries to muck with the PAT variable, so we need to change how it get the PAT
+              variables:
+                ob_git_checkout: false # This job checks itself out
+                ob_git_skip_checkout_none: true
+                ob_outputDirectory: $(Build.ArtifactStagingDirectory)
+                # Without this, OneBranch will nerf our symbol tasks
+                ob_symbolsPublishing_enabled: true
+
+          - ${{ parameters.extraPublishJobs }}

build/pipelines/templates-v2/steps-create-signing-config.yml

@@ -0,0 +1,35 @@
+parameters:
+  - name: stage
+    type: string
+  - name: outFile
+    type: string
+  - name: fragments
+    type: string
+
+# This build step template takes all files named "esrp.STAGE.batch.*.json"
+# and merges them into a single output signing config.
+#
+# We generate the batch signing config by sticking together multiple "batches".
+# The filter below (with Fragments) works by splitting the filename, esrp.s.batch.x.json,
+# to get 'x' and then checking whether x is in Fragments.
+# We have to manually strip comments out of the batch fragments due to https://github.com/PowerShell/PowerShell/issues/14553
+
+steps:
+  - pwsh: |-
+      $SignBatchFiles = (Get-Item build/config/esrp.${{ parameters.stage }}.batch.*.json)
+      $Fragments = "${{ parameters.fragments }}"
+      If (-Not [String]::IsNullOrWhiteSpace($Fragments)) {
+        $FragmentList = $Fragments -Split ";"
+        If ($FragmentList.Length -Gt 0) {
+          $SignBatchFiles = $SignBatchFiles | Where-Object { ($_.Name -Split '\.')[3] -In $FragmentList }
+        }
+      }
+      Write-Host "Found $(@($SignBatchFiles).Length) Signing Configs"
+      Write-Host ($SignBatchFiles.Name -Join ";")
+      $FinalSignConfig = @{
+        Version = "1.0.0";
+        UseMinimatch = $false;
+        SignBatches = @($SignBatchFiles | ForEach-Object { Get-Content $_ | Where-Object { $_ -NotMatch "^\s*\/\/" } | ConvertFrom-Json -Depth 10 });
+      }
+      $FinalSignConfig | ConvertTo-Json -Depth 10 | Out-File -Encoding utf8 "${{ parameters.outFile }}"
+    displayName: Merge ${{ parameters.stage }} signing configs (${{ parameters.outFile }})

build/pipelines/templates-v2/steps-download-bin-dir-artifact.yml

@@ -0,0 +1,24 @@
+parameters:
+  - name: buildConfigurations
+    type: object
+  - name: buildPlatforms
+    type: object
+  - name: artifactStem
+    type: string
+    default: ''
+
+steps:
+- ${{ each configuration in parameters.buildConfigurations }}:
+  - ${{ each platform in parameters.buildPlatforms }}:
+    - task: DownloadPipelineArtifact@2
+      displayName: Download artifacts for ${{ platform }} ${{ configuration }}
+      inputs:
+        # Make sure to download the entire artifact, because it includes the SPDX SBOM
+        artifactName: build-${{ platform }}-${{ configuration }}${{ parameters.artifactStem }}
+        # Downloading to the source directory should ensure that the later SBOM generator can see the earlier SBOMs.
+        ${{ if eq(platform, 'x86') }}:
+          downloadPath: '$(Build.SourcesDirectory)/bin/Win32/${{ configuration }}'
+        ${{ elseif eq(platform, 'Any CPU') }}:
+          downloadPath: '$(Build.SourcesDirectory)/bin/AnyCPU/${{ configuration }}'
+        ${{ else }}:
+          downloadPath: '$(Build.SourcesDirectory)/bin/${{ platform }}/${{ configuration }}'

build/pipelines/templates-v2/steps-ensure-nuget-version.yml

@@ -0,0 +1,5 @@
+steps:
+- task: NuGetToolInstaller@1
+  displayName: Use NuGet 6.6.1
+  inputs:
+    versionSpec: 6.6.1

build/pipelines/templates-v2/steps-fetch-and-prepare-localizations.yml

@@ -0,0 +1,27 @@
+parameters:
+  - name: includePseudoLoc
+    type: boolean
+    default: true
+
+steps:
+  - task: TouchdownBuildTask@1
+    displayName: Download Localization Files
+    inputs:
+      teamId: 7105
+      authId: $(TouchdownAppId)
+      authKey: $(TouchdownAppKey)
+      resourceFilePath: |
+        src\cascadia\**\en-US\*.resw
+      appendRelativeDir: true
+      localizationTarget: false
+      ${{ if eq(parameters.includePseudoLoc, true) }}:
+        pseudoSetting: Included
+
+  - pwsh: |-
+      $Files = Get-ChildItem . -R -Filter 'Resources.resw' | ? FullName -Like '*en-US\*\Resources.resw'
+      $Files | % { Move-Item -Verbose $_.Directory $_.Directory.Parent.Parent -EA:Ignore }
+    displayName: Move Loc files into final locations
+
+  - pwsh: |-
+      ./build/scripts/Copy-ContextMenuResourcesToCascadiaPackage.ps1
+    displayName: Copy the Context Menu Loc Resources to CascadiaPackage

build/pipelines/templates-v2/steps-restore-nuget.yml

@@ -1,11 +1,13 @@
 steps:
-- task: NuGetToolInstaller@0
-  displayName: 'Use NuGet 5.2.0'
-  inputs:
-    versionSpec: 5.2.0
+- template: steps-ensure-nuget-version.yml
 
 - task: NuGetAuthenticate@0
 
+- script: |-
+    echo ##vso[task.setvariable variable=NUGET_RESTORE_MSBUILD_ARGS]/p:Platform=$(BuildPlatform)
+  displayName: Ensure NuGet restores for $(BuildPlatform)
+  condition: and(succeeded(), ne(variables['BuildPlatform'], 'Any CPU'))
+
 # In the Microsoft Azure DevOps tenant, NuGetCommand is ambiguous.
 # This should be `task: NuGetCommand@2`
 - task: 333b11bd-d341-40d9-afcf-b32d5ce6f23b@2

build/pipelines/templates-v2/variables-nuget-package-version.yml

@@ -0,0 +1,27 @@
+parameters:
+  - name: branding
+    type: string
+
+variables:
+  # If we are building a branch called "release-*", change the NuGet suffix
+  # to "preview". If we don't do that, XES will set the suffix to "release1"
+  # because it truncates the value after the first period.
+  # We also want to disable the suffix entirely if we're Release branded while
+  # on a release branch.
+  # main is special, however. XES ignores main. Since we never produce actual
+  # shipping builds from main, we want to force it to have a beta label as
+  # well.
+  #
+  # In effect:
+  # BRANCH / BRANDING | Release                    | Preview
+  # ------------------|----------------------------|-----------------------------
+  # release-*         | 1.12.20220427              | 1.13.20220427-preview
+  # main              | 1.14.20220427-experimental | 1.14.20220427-experimental
+  # all others        | 1.14.20220427-mybranch     | 1.14.20220427-mybranch
+  ${{ if startsWith(variables['Build.SourceBranchName'], 'release-') }}:
+    ${{ if eq(parameters.branding, 'Release') }}:
+      NoNuGetPackBetaVersion: true
+    ${{ else }}:
+      NuGetPackBetaVersion: preview
+  ${{ elseif eq(variables['Build.SourceBranchName'], 'main') }}:
+    NuGetPackBetaVersion: experimental

build/pipelines/templates-v2/variables-onebranch-config.yml

@@ -0,0 +1,2 @@
+variables:
+  WindowsContainerImage: 'onebranch.azurecr.io/windows/ltsc2022/vse2022:latest'

build/pipelines/templates/build-console-audit-job.yml

@@ -1,34 +0,0 @@
-parameters:
-  platform: ''
-  additionalBuildArguments: ''
-
-jobs:
-- job: Build${{ parameters.platform }}AuditMode
-  displayName: Static Analysis Build ${{ parameters.platform }}
-  variables:
-    BuildConfiguration: AuditMode
-    BuildPlatform: ${{ parameters.platform }}
-  pool:
-    ${{ if eq(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
-      name: WinDevPoolOSS-L
-    ${{ if ne(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
-      name: WinDevPool-L
-    demands: ImageOverride -equals WinDevVS17-latest
-
-  steps:
-  - checkout: self
-    submodules: true
-    clean: true
-    fetchDepth: 1
-
-  - template: restore-nuget-steps.yml
-
-  - task: VSBuild@1
-    displayName: 'Build solution **\OpenConsole.sln'
-    inputs:
-      solution: '**\OpenConsole.sln'
-      platform: '$(BuildPlatform)'
-      configuration: '$(BuildConfiguration)'
-      msbuildArgs: ${{ parameters.additionalBuildArguments }}
-      clean: true
-      maximumCpuCount: true

build/pipelines/templates/build-console-ci.yml

@@ -1,31 +0,0 @@
-parameters:
-  configuration: 'Release'
-  branding: 'Dev'
-  platform: ''
-  additionalBuildArguments: ''
-
-jobs:
-- job: Build${{ parameters.platform }}${{ parameters.configuration }}${{ parameters.branding }}
-  displayName: Build ${{ parameters.platform }} ${{ parameters.configuration }} ${{ parameters.branding }}
-  variables:
-    BuildConfiguration: ${{ parameters.configuration }}
-    BuildPlatform: ${{ parameters.platform }}
-    WindowsTerminalBranding: ${{ parameters.branding }}
-    EnableRichCodeNavigation: true
-  pool:
-    ${{ if eq(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
-      name: WinDevPoolOSS-L
-    ${{ if ne(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
-      name: WinDevPool-L
-    demands: ImageOverride -equals WinDevVS17-latest
-
-  steps:
-  - template: build-console-steps.yml
-    parameters:
-      additionalBuildArguments: ${{ parameters.additionalBuildArguments }}
-
-  # It appears that the Component Governance build task that gets automatically injected stopped working
-  # when we renamed our main branch.
-  - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0
-    displayName: 'Component Detection'
-    condition: and(succeededOrFailed(), not(eq(variables['Build.Reason'], 'PullRequest')))

build/pipelines/templates/build-console-compliance-job.yml

@@ -1,203 +0,0 @@
-jobs:
-- job: Compliance
-  # We don't *need* a matrix but there's no other way to set parameters on a "job"
-  # in the AzDO YAML syntax. It would have to be a "stage" or a "template".
-  # Doesn't matter. We're going to do compliance on Release x64 because
-  # that's the one all the tooling works against for sure.
-  strategy:
-    matrix:
-      Release_x64:
-        BuildConfiguration: Release
-        BuildPlatform: x64
-  displayName: Validate Security and Compliance
-  timeoutInMinutes: 240
-  steps:
-  - checkout: self
-    clean: true
-    submodules: true
-    persistCredentials: True
-  - task: PkgESSetupBuild@12
-    displayName: Package ES - Setup Build
-    inputs:
-      disableOutputRedirect: true
-  - task: PowerShell@2
-    displayName: Rationalize Build Platform
-    inputs:
-      targetType: inline
-      script: >-
-        $Arch = "$(BuildPlatform)"
-
-        If ($Arch -Eq "x86") { $Arch = "Win32" }
-
-        Write-Host "##vso[task.setvariable variable=RationalizedBuildPlatform]${Arch}"
-  - template: restore-nuget-steps.yml
-  - task: UniversalPackages@0
-    displayName: Download terminal-internal Universal Package
-    inputs:
-      feedListDownload: 2b3f8893-a6e8-411f-b197-a9e05576da48
-      packageListDownload: e82d490c-af86-4733-9dc4-07b772033204
-      versionListDownload: $(TerminalInternalPackageVersion)
-  - task: TouchdownBuildTask@1
-    displayName: Download Localization Files
-    inputs:
-      teamId: 7105
-      authId: $(TouchdownAppId)
-      authKey: $(TouchdownAppKey)
-      resourceFilePath: >-
-        src\cascadia\TerminalApp\Resources\en-US\Resources.resw
-
-        src\cascadia\TerminalControl\Resources\en-US\Resources.resw
-
-        src\cascadia\TerminalConnection\Resources\en-US\Resources.resw
-
-        src\cascadia\TerminalSettingsModel\Resources\en-US\Resources.resw
-
-        src\cascadia\TerminalSettingsEditor\Resources\en-US\Resources.resw
-
-        src\cascadia\CascadiaPackage\Resources\en-US\Resources.resw
-      appendRelativeDir: true
-      localizationTarget: false
-      pseudoSetting: Included
-  - task: PowerShell@2
-    displayName: Move Loc files one level up
-    inputs:
-      targetType: inline
-      script: >-
-        $Files = Get-ChildItem . -R -Filter 'Resources.resw' | ? FullName -Like '*en-US\*\Resources.resw'
-
-        $Files | % { Move-Item -Verbose $_.Directory $_.Directory.Parent.Parent -EA:Ignore }
-      pwsh: true
-
-  # 1ES Component Governance onboarding (Detects open source components). See https://docs.opensource.microsoft.com/tools/cg.html
-  - task: ms.vss-governance-buildtask.governance-build-task-component-detection.ComponentGovernanceComponentDetection@0
-    displayName: Component Detection
-
-  # # PREfast and PoliCheck need Node. Install that first.
-  - task: NodeTool@0
-
-  # !!! NOTE !!! Run PREfast first. Some of the other tasks are going to run on a completed build.
-  # PREfast is going to build the code as a part of its analysis and the generated sources
-  # and output binaries will be sufficient for the rest of the analysis.
-  # If you disable this, the other tasks won't likely work. You would have to add a build
-  # step instead that builds the code normally before calling them.
-  # Also... PREfast will rebuild anyway so that's why we're not running a normal build first.
-  # Waste of time to build twice.
-  # PREfast. See https://www.1eswiki.com/wiki/SDL_Native_Rules_Build_Task
-
-  # The following 1ES tasks all operate completely differently and have a different syntax for usage.
-  # Most notable is every one of them has a different way of excluding things.
-  # Go see their 1eswiki.com pages to figure out how to exclude things.
-  # When writing exclusions, try to make them narrow so when new projects/binaries are added, they
-  # cause an error here and have to be explicitly pulled out. Don't write an exclusion so broad
-  # that it will catch other new stuff.
-
-  # https://www.1eswiki.com/wiki/PREfast_Build_Task
-  # Builds the project with C/C++ static analysis tools to find coding flaws and vulnerabilities
-  # !!! WARNING !!! It doesn't work with WAPPROJ packaging projects. Build the sub-projects instead.
-  - task: securedevelopmentteam.vss-secure-development-tools.build-task-prefast.SDLNativeRules@3
-    displayName: 'Run the PREfast SDL Native Rules for MSBuild'
-    condition: succeededOrFailed()
-    inputs:
-      setupCommandlines: '"C:\Program Files\Microsoft Visual Studio\2022\Enterprise\Common7\Tools\VsMSBuildCmd.bat"'
-      msBuildCommandline: msbuild.exe /nologo /m /p:WindowsTerminalOfficialBuild=true /p:WindowsTerminalBranding=${{ parameters.branding }} /p:WindowsTerminalReleaseBuild=true /p:platform=$(BuildPlatform) /p:configuration=$(BuildConfiguration) /t:Terminal\Window\WindowsTerminal /p:VisualStudioVersion=17.0 $(Build.SourcesDirectory)\OpenConsole.sln
-      msBuildVersion: "17.0"
-
-  # Copies output from PREfast SDL Native Rules task to expected location for consumption by PkgESSecComp
-  - task: CopyFiles@1
-    displayName: 'Copy PREfast xml files to SDLNativeRulesDir'
-    inputs:
-      SourceFolder: '$(Agent.BuildDirectory)'
-      Contents: |
-        **\*.nativecodeanalysis.xml
-      TargetFolder: '$(Agent.BuildDirectory)\_sdt\logs\SDLNativeRules'
-
-  # https://www.1eswiki.com/index.php?title=PoliCheck_Build_Task
-  # Scans the text of source code, comments, and content for terminology that could be sensitive for legal, cultural, or geopolitical reasons.
-  # (Also finds vulgarities... takes all the fun out of everything.)
-  - task: securedevelopmentteam.vss-secure-development-tools.build-task-policheck.PoliCheck@2
-    displayName: 'Run PoliCheck'
-    inputs:
-      targetType: F
-      targetArgument: $(Build.SourcesDirectory)
-      result: PoliCheck.xml
-      optionsFC: 1
-      optionsXS: 1
-      optionsUEPath: $(Build.SourcesDirectory)\build\config\PolicheckExclusions.xml
-      optionsHMENABLE: 0
-    continueOnError: true
-
-  # https://www.1eswiki.com/wiki/CredScan_Azure_DevOps_Build_Task
-  # Searches through source code and build outputs for a credential left behind in the open
-  - task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@3
-    displayName: 'Run CredScan'
-    inputs:
-      outputFormat: pre
-      # suppressionsFile: LocalSuppressions.json
-      batchSize: 20
-      debugMode: false
-    continueOnError: true
-
-  # https://www.1eswiki.com/wiki/BinSkim_Build_Task
-  # Searches managed and unmanaged binaries for known security vulnerabilities.
-  - task: securedevelopmentteam.vss-secure-development-tools.build-task-binskim.BinSkim@4
-    displayName: 'Run BinSkim'
-    inputs:
-      TargetPattern: guardianGlob
-      # See https://aka.ms/gdn-globs for how to do match patterns
-      AnalyzeTargetGlob: $(Build.SourcesDirectory)\bin\**\*.dll;$(Build.SourcesDirectory)\bin\**\*.exe;-:file|**\Microsoft.UI.Xaml.dll;-:file|**\Microsoft.Toolkit.Win32.UI.XamlHost.dll;-:file|**\vcruntime*.dll;-:file|**\vcomp*.dll;-:file|**\vccorlib*.dll;-:file|**\vcamp*.dll;-:file|**\msvcp*.dll;-:file|**\concrt*.dll;-:file|**\TerminalThemeHelpers*.dll;-:file|**\cpprest*.dll
-    continueOnError: true
-
-  # Set XES_SERIALPOSTBUILDREADY to run Security and Compliance task once per build
-  - powershell: Write-Host "##vso[task.setvariable variable=XES_SERIALPOSTBUILDREADY;]true"
-    displayName: 'Set XES_SERIALPOSTBUILDREADY Vars'
-
-  # https://www.osgwiki.com/wiki/Package_ES_Security_and_Compliance
-  # Does a few things:
-  # - Ensures that Windows-required compliance tasks are run either inside this task
-  #   or were run as a previous step prior to this one
-  #   (PREfast, PoliCheck, Credscan)
-  # - Runs Windows-specific compliance tasks inside the task
-  #   + CheckCFlags - ensures that compiler and linker flags meet Windows standards
-  #   + CFGCheck/XFGCheck - ensures that Control Flow Guard (CFG) or
-  #                         eXtended Flow Guard (XFG) are enabled on binaries
-  #                         NOTE: CFG is deprecated and XFG isn't fully ready yet.
-  #                         NOTE2: CFG fails on an XFG'd binary
-  # - Brokers all security/compliance task logs to "Trust Services Automation (TSA)" (https://aka.ms/tsa)
-  #   which is a system that maps all errors into the appropriate bug database
-  #   template for each organization since they all vary. It should also suppress
-  #   new bugs when one already exists for the product.
-  #   This one is set up to go to the OS repository and use the given parameters
-  #   to file bugs to our AzDO product path.
-  #   If we don't use PkgESSecComp to do this for us, we need to install the TSA task
-  #   ourselves in this pipeline to finalize data upload and bug creation.
-  # !!! NOTE !!! This task goes *LAST* after any other compliance tasks so it catches their logs
-  - task: PkgESSecComp@10
-    displayName: 'Security and Compliance tasks'
-    inputs:
-      fileNewBugs: false
-      areaPath: 'OS\WDX\DXP\WinDev\Terminal'
-      teamProject: 'OS'
-      iterationPath: 'OS\Future'
-      bugTags: 'TerminalReleaseCompliance'
-      scanAll: true
-      errOnBugs: false
-      failOnStdErr: true
-      taskLogVerbosity: Diagnostic
-      secCompConfigFromTask: |
-        # Overrides default build sources directory
-        sourceTargetOverrideAll: $(Build.SourcesDirectory)
-        # Overrides default build binaries directory when "Scan all" option is specified
-        binariesTargetOverrideAll: $(Build.SourcesDirectory)\bin
-
-        # Set the tools to false if they should not run in the build
-        tools:
-            - toolName: CheckCFlags
-              enable: true
-            - toolName: CFGCheck
-              enable: true
-            - toolName: Policheck
-              enable: false
-            - toolName: CredScan
-              enable: false
-            - toolName: XFGCheck
-              enable: false

build/pipelines/templates/build-console-fuzzing.yml

@@ -1,90 +0,0 @@
-parameters:
-  configuration: 'Fuzzing'
-  platform: ''
-  additionalBuildArguments: ''
-
-jobs:
-- job: Build${{ parameters.platform }}${{ parameters.configuration }}
-  displayName: Build ${{ parameters.platform }} ${{ parameters.configuration }}
-  variables:
-    BuildConfiguration: ${{ parameters.configuration }}
-    BuildPlatform: ${{ parameters.platform }}
-  pool:
-    ${{ if eq(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
-      name: WinDevPoolOSS-L
-    ${{ if ne(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
-      name: WinDevPool-L
-    demands: ImageOverride -equals WinDevVS17-latest
-
-  steps:
-  - checkout: self
-    submodules: true
-    clean: true
-
-  - template: restore-nuget-steps.yml
-
-  # The environment variable VCToolsInstallDir isn't defined on lab machines, so we need to retrieve it ourselves.
-  - script: |
-      "%ProgramFiles(x86)%\Microsoft Visual Studio\Installer\vswhere.exe" -Latest -requires Microsoft.Component.MSBuild -property InstallationPath > %TEMP%\vsinstalldir.txt
-      set /p _VSINSTALLDIR15=<%TEMP%\vsinstalldir.txt
-      del %TEMP%\vsinstalldir.txt
-      call "%_VSINSTALLDIR15%\Common7\Tools\VsDevCmd.bat"
-      echo VCToolsInstallDir = %VCToolsInstallDir%
-      echo ##vso[task.setvariable variable=VCToolsInstallDir]%VCToolsInstallDir%
-    displayName: 'Retrieve VC tools directory'
-
-  - task: VSBuild@1
-    displayName: 'Build solution **\OpenConsole.sln'
-    inputs:
-      solution: '**\OpenConsole.sln'
-      platform: '$(BuildPlatform)'
-      configuration: '$(BuildConfiguration)'
-      msbuildArgs: "${{ parameters.additionalBuildArguments }}"
-      clean: true
-      maximumCpuCount: true
-
-  - task: PowerShell@2
-    displayName: 'Rationalize build platform'
-    inputs:
-      targetType: inline
-      script: |
-        $Arch = "$(BuildPlatform)"
-        If ($Arch -Eq "x86") { $Arch = "Win32" }
-        Write-Host "##vso[task.setvariable variable=RationalizedBuildPlatform]${Arch}"
-
-  - task: CopyFiles@2
-    displayName: 'Copy result logs to Artifacts'
-    inputs:
-      Contents: |
-       **/*.wtl
-       **/*onBuildMachineResults.xml
-       ${{ parameters.testLogPath }}
-      TargetFolder: '$(Build.ArtifactStagingDirectory)/$(BuildConfiguration)/$(BuildPlatform)/test'
-      OverWrite: true
-      flattenFolders: true
-
-  - task: CopyFiles@2
-    displayName: 'Copy outputs needed for test runs to Artifacts'
-    inputs:
-      Contents: |
-       $(Build.SourcesDirectory)/bin/$(RationalizedBuildPlatform)/$(BuildConfiguration)/*.exe
-       $(Build.SourcesDirectory)/bin/$(RationalizedBuildPlatform)/$(BuildConfiguration)/*.dll
-       $(Build.SourcesDirectory)/bin/$(RationalizedBuildPlatform)/$(BuildConfiguration)/*.xml
-       **/Microsoft.VCLibs.*.appx
-       **/TestHostApp/*.exe
-       **/TestHostApp/*.dll
-       **/TestHostApp/*.xml
-       !**/*.pdb
-       !**/*.ipdb
-       !**/*.obj
-       !**/*.pch
-      TargetFolder: '$(Build.ArtifactStagingDirectory)/$(BuildConfiguration)/$(BuildPlatform)/test'
-      OverWrite: true
-      flattenFolders: true
-    condition: succeeded()
-
-  - task: PublishBuildArtifacts@1
-    displayName: 'Publish All Build Artifacts'
-    inputs:
-      PathtoPublish: '$(Build.ArtifactStagingDirectory)'
-      ArtifactName: 'fuzzingBuildOutput'

build/pipelines/templates/build-console-pgo.yml

@@ -1,55 +0,0 @@
-parameters:
-  configuration: 'Release'
-  platform: ''
-  additionalBuildArguments: ''
-  minimumExpectedTestsExecutedCount: 1  # Sanity check for minimum expected tests to be reported
-  rerunPassesRequiredToAvoidFailure: 5
-
-jobs:
-- job: Build${{ parameters.platform }}${{ parameters.configuration }}
-  displayName: Build ${{ parameters.platform }} ${{ parameters.configuration }}
-  variables:
-    BuildConfiguration: ${{ parameters.configuration }}
-    BuildPlatform: ${{ parameters.platform }}
-    PGOBuildMode: 'Instrument'
-  pool:
-    ${{ if eq(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
-      name: WinDevPoolOSS-L
-    ${{ if ne(variables['System.CollectionUri'], 'https://dev.azure.com/ms/') }}:
-      name: WinDevPool-L
-    demands: ImageOverride -equals WinDevVS17-latest
-
-  steps:
-  - template: build-console-steps.yml
-    parameters:
-      additionalBuildArguments: '${{ parameters.additionalBuildArguments }}'
-
-- template: helix-runtests-job.yml
-  parameters:
-    name: 'RunTestsInHelix'
-    dependsOn: Build${{ parameters.platform }}${{ parameters.configuration }}
-    condition: succeeded()
-    testSuite: 'PgoInstrumentationSuite'
-    taefQuery: '@IsPgo=true'
-    configuration: ${{ parameters.configuration }}
-    platform: ${{ parameters.platform }}
-    rerunPassesRequiredToAvoidFailure: ${{ parameters.rerunPassesRequiredToAvoidFailure }}
-
-- template: helix-processtestresults-job.yml
-  parameters:
-    name: 'ProcessTestResults'
-    pgoArtifact: 'PGO'
-    dependsOn:
-    - RunTestsInHelix
-    condition: succeededOrFailed()
-    rerunPassesRequiredToAvoidFailure: ${{ parameters.rerunPassesRequiredToAvoidFailure }}
-    minimumExpectedTestsExecutedCount: ${{ parameters.minimumExpectedTestsExecutedCount }}
-
-- template: pgo-merge-pgd-job.yml
-  parameters:
-    name: 'MergePGD'
-    dependsOn:
-    - ProcessTestResults
-    pgoArtifact: 'PGO'
-    platform: ${{ parameters.platform }}
-    configuration: ${{ parameters.configuration }}

build/pipelines/templates/build-console-steps.yml

@@ -1,130 +0,0 @@
-parameters:
-  additionalBuildArguments: ''
-
-steps:
-- checkout: self
-  submodules: true
-  clean: true
-  fetchDepth: 1
-
-- template: restore-nuget-steps.yml
-
-# The environment variable VCToolsInstallDir isn't defined on lab machines, so we need to retrieve it ourselves.
-- script: |
-    "%ProgramFiles(x86)%\Microsoft Visual Studio\Installer\vswhere.exe" -Latest -requires Microsoft.Component.MSBuild -property InstallationPath > %TEMP%\vsinstalldir.txt
-    set /p _VSINSTALLDIR15=<%TEMP%\vsinstalldir.txt
-    del %TEMP%\vsinstalldir.txt
-    call "%_VSINSTALLDIR15%\Common7\Tools\VsDevCmd.bat"
-    echo VCToolsInstallDir = %VCToolsInstallDir%
-    echo ##vso[task.setvariable variable=VCToolsInstallDir]%VCToolsInstallDir%
-  displayName: 'Retrieve VC tools directory'
-
-- task: CmdLine@1
-  displayName: 'Display build machine environment variables'
-  inputs:
-    filename: 'set'
-
-- task: VSBuild@1
-  displayName: 'Build solution **\OpenConsole.sln'
-  inputs:
-    solution: '**\OpenConsole.sln'
-    platform: '$(BuildPlatform)'
-    configuration: '$(BuildConfiguration)'
-    msbuildArgs: "${{ parameters.additionalBuildArguments }} /p:PGOBuildMode=$(PGOBuildMode) /bl:$(Build.SourcesDirectory)\\msbuild.binlog"
-    clean: true
-    maximumCpuCount: true
-
-- task: PowerShell@2
-  displayName: 'Check MSIX for common regressions'
-  # PGO runtime needs its own CRT and it's in the package for convenience.
-  # That will make this script mad so skip since we're not shipping the PGO Instrumentation one anyway.
-  condition: ne(variables['PGOBuildMode'], 'Instrument')
-  inputs:
-    targetType: inline
-    script: |
-      $Package = Get-ChildItem -Recurse -Filter "CascadiaPackage_*.msix"
-      .\build\scripts\Test-WindowsTerminalPackage.ps1 -Verbose -Path $Package.FullName
-
-- task: powershell@2
-  displayName: 'Source Index PDBs'
-  condition: ne(variables['PGOBuildMode'], 'Instrument')
-  inputs:
-    targetType: filePath
-    filePath: build\scripts\Index-Pdbs.ps1
-    arguments: -SearchDir '$(Build.SourcesDirectory)' -SourceRoot '$(Build.SourcesDirectory)' -recursive -Verbose -CommitId $(Build.SourceVersion)
-    errorActionPreference: silentlyContinue
-
-- task: PowerShell@2
-  displayName: 'Rationalize build platform'
-  inputs:
-    targetType: inline
-    script: |
-      $Arch = "$(BuildPlatform)"
-      If ($Arch -Eq "x86") { $Arch = "Win32" }
-      Write-Host "##vso[task.setvariable variable=RationalizedBuildPlatform]${Arch}"
-
-- task: CopyFiles@2
-  displayName: 'Copy *.appx/*.msix to Artifacts (Non-PR builds only)'
-  inputs:
-    Contents: |
-     **/*.appx
-     **/*.msix
-     **/*.appxsym
-     !**/Microsoft.VCLibs*.appx
-    TargetFolder: '$(Build.ArtifactStagingDirectory)/appx'
-    OverWrite: true
-    flattenFolders: true
-  condition: succeeded()
-
-- task: CopyFiles@2
-  displayName: 'Copy outputs needed for test runs to Artifacts'
-  inputs:
-    Contents: |
-     $(Build.SourcesDirectory)/bin/$(RationalizedBuildPlatform)/$(BuildConfiguration)/*.exe
-     $(Build.SourcesDirectory)/bin/$(RationalizedBuildPlatform)/$(BuildConfiguration)/*.dll
-     $(Build.SourcesDirectory)/bin/$(RationalizedBuildPlatform)/$(BuildConfiguration)/*.xml
-     **/Microsoft.VCLibs.*.appx
-     **/*unit.test*.dll
-     **/*unit.test*.manifest
-     **/TestHostApp/*.exe
-     **/TestHostApp/*.dll
-     **/TestHostApp/*.xml
-     !**/*.pdb
-     !**/*.ipdb
-     !**/*.obj
-     !**/*.pch
-    TargetFolder: '$(Build.ArtifactStagingDirectory)/$(BuildConfiguration)/$(BuildPlatform)/test'
-    OverWrite: true
-    flattenFolders: true
-  condition: succeeded()
-
-- task: PublishBuildArtifacts@1
-  displayName: 'Publish All Build Artifacts'
-  inputs:
-    PathtoPublish: '$(Build.ArtifactStagingDirectory)'
-    ArtifactName: 'drop'
-
-- task: CopyFiles@2
-  displayName: 'Copy PGO databases needed for PGO instrumentation run'
-  inputs:
-    Contents: |
-     **/*.pgd
-    TargetFolder: '$(Build.ArtifactStagingDirectory)/$(BuildConfiguration)/PGO/$(BuildPlatform)'
-    OverWrite: true
-    flattenFolders: true
-  condition: and(succeeded(), eq(variables['PGOBuildMode'], 'Instrument'))
-
-- task: PublishBuildArtifacts@1
-  displayName: 'Publish All PGO Artifacts'
-  inputs:
-    PathtoPublish: '$(Build.ArtifactStagingDirectory)/$(BuildConfiguration)/PGO'
-    ArtifactName: 'PGO'
-  condition: and(succeeded(), eq(variables['PGOBuildMode'], 'Instrument'))
-
-- task: PublishBuildArtifacts@1
-  displayName: 'Publish Artifact: binlog'
-  condition: always()
-  continueOnError: True
-  inputs:
-    PathtoPublish: $(Build.SourcesDirectory)\msbuild.binlog
-    ArtifactName: binlog-$(BuildPlatform)

build/pipelines/templates/check-formatting.yml

@@ -1,17 +0,0 @@
-
-jobs:
-- job: CodeFormatCheck
-  displayName: Proper Code Formatting Check
-  pool: { vmImage: windows-2019 }
-
-  steps:
-  - checkout: self
-    fetchDepth: 1
-    submodules: false
-    clean: true
-
-  - task: PowerShell@2
-    displayName: 'Code Formatting Check'
-    inputs:
-      targetType: filePath
-      filePath: '.\build\scripts\Invoke-FormattingCheck.ps1'

build/pipelines/templates/console-ci-helix-job.yml

@@ -1,25 +0,0 @@
-parameters:
-  configuration: 'Release'
-  platform: ''
-  minimumExpectedTestsExecutedCount: 10  # Sanity check for minimum expected tests to be reported
-  rerunPassesRequiredToAvoidFailure: 5
-
-jobs:
-- template: helix-runtests-job.yml
-  parameters:
-    name: 'RunTestsInHelix'
-    # We're not setting dependsOn as we want to rely on the "stage" dependency above us
-    testSuite: 'DevTestSuite'
-    platform: ${{ parameters.platform }}
-    configuration: ${{ parameters.configuration }}
-    rerunPassesRequiredToAvoidFailure: ${{ parameters.rerunPassesRequiredToAvoidFailure }}
-    
-- template: helix-processtestresults-job.yml
-  parameters:
-    dependsOn:
-    - RunTestsInHelix
-    # the default condition is succeededOrFailed(), and the "stage" condition ensures we only run as needed
-    platform: ${{ parameters.platform }}
-    configuration: ${{ parameters.configuration }}
-    rerunPassesRequiredToAvoidFailure: ${{ parameters.rerunPassesRequiredToAvoidFailure }}
-    minimumExpectedTestsExecutedCount: ${{ parameters.minimumExpectedTestsExecutedCount }}

build/pipelines/templates/helix-createprojfile-steps.yml

@@ -1,15 +0,0 @@
-parameters:
-  condition: ''
-  testFilePath: ''
-  outputProjFileName: ''
-  testSuite: ''
-  taefQuery: ''
-
-steps:
-  - task: powershell@2
-    displayName: 'Create ${{ parameters.outputProjFileName }}'
-    condition: ${{ parameters.condition }}
-    inputs:
-      targetType: filePath
-      filePath: build\Helix\GenerateTestProjFile.ps1
-      arguments: -TestFile '${{ parameters.testFilePath }}' -OutputProjFile '$(Build.ArtifactStagingDirectory)\$(BuildConfiguration)\$(BuildPlatform)\${{ parameters.outputProjFileName }}' -JobTestSuiteName '${{ parameters.testSuite }}' -TaefPath '$(Build.SourcesDirectory)\build\Helix\packages\Microsoft.Taef.10.60.210621002\build\Binaries\x86' -TaefQuery '${{ parameters.taefQuery }}'

build/pipelines/templates/helix-processtestresults-job.yml

@@ -1,71 +0,0 @@
-parameters:
-  condition: 'succeededOrFailed()'
-  dependsOn: ''
-  rerunPassesRequiredToAvoidFailure: 5
-  minimumExpectedTestsExecutedCount: 10
-  checkJobAttempt: false
-  pgoArtifact: ''
-
-jobs:
-- job: ProcessTestResults
-  displayName: Process Helix Results ${{ parameters.platform }} ${{ parameters.configuration }}
-  condition: ${{ parameters.condition }}
-  dependsOn: ${{ parameters.dependsOn }}
-  pool:
-    vmImage: 'windows-2019'
-  timeoutInMinutes: 120
-  variables:
-    helixOutputFolder: $(Build.SourcesDirectory)\HelixOutput
-
-  steps:
-  - task: powershell@2
-    displayName: 'UpdateUnreliableTests.ps1'
-    condition: succeededOrFailed()
-    env:
-      SYSTEM_ACCESSTOKEN: $(System.AccessToken)
-      HelixAccessToken: $(HelixApiAccessToken)
-    inputs:
-      targetType: filePath
-      filePath: build\Helix\UpdateUnreliableTests.ps1
-      arguments: -RerunPassesRequiredToAvoidFailure '${{ parameters.rerunPassesRequiredToAvoidFailure }}'
-
-  - task: powershell@2
-    displayName: 'OutputTestResults.ps1'
-    condition: succeededOrFailed()
-    env:
-      SYSTEM_ACCESSTOKEN: $(System.AccessToken)
-      HelixAccessToken: $(HelixApiAccessToken)
-    inputs:
-      targetType: filePath
-      filePath: build\Helix\OutputTestResults.ps1
-      arguments: -MinimumExpectedTestsExecutedCount '${{ parameters.minimumExpectedTestsExecutedCount }}' -CheckJobAttempt $${{ parameters.checkJobAttempt }}
-
-  - task: powershell@2
-    displayName: 'ProcessHelixFiles.ps1'
-    condition: succeededOrFailed()
-    env:
-      SYSTEM_ACCESSTOKEN: $(System.AccessToken)
-      HelixAccessToken: $(HelixApiAccessToken)
-    inputs:
-      targetType: filePath
-      filePath: build\Helix\ProcessHelixFiles.ps1
-      arguments: -OutputFolder '$(helixOutputFolder)'
-
-  - ${{if ne(parameters.pgoArtifact, '') }}:
-    - script: move /y $(helixOutputFolder)\PGO $(Build.ArtifactStagingDirectory)
-      displayName: 'Move pgc files to PGO artifact'
-
-  - task: PublishBuildArtifacts@1
-    displayName: 'Publish Helix files'
-    condition: succeededOrFailed()
-    inputs:
-      PathtoPublish: $(helixOutputFolder)
-      artifactName: drop
-
-  - ${{if ne(parameters.pgoArtifact, '') }}:
-    - task: PublishBuildArtifacts@1
-      displayName: 'Publish pgc files'
-      condition: succeededOrFailed()
-      inputs:
-        PathtoPublish: $(Build.ArtifactStagingDirectory)\PGO\Release
-        artifactName: ${{ parameters.pgoArtifact }}

build/pipelines/templates/helix-runtests-job.yml

@@ -1,164 +0,0 @@
-parameters:
-  name: 'RunTestsInHelix'
-  dependsOn: ''
-  condition: ''
-  testSuite: ''
-  # If a Pipeline runs this template more than once, this parameter should be unique per build flavor to differentiate the
-  # the different test runs:
-  helixType: 'test/devtest'
-  artifactName: 'drop'
-  maxParallel: 4
-  rerunPassesRequiredToAvoidFailure: 5
-  taefQuery: ''
-  configuration: ''
-  platform: ''
-  # if 'useBuildOutputFromBuildId' is set, we will default to using a build from this pipeline:
-  useBuildOutputFromPipeline: $(System.DefinitionId)
-  openHelixTargetQueues: 'windows.10.amd64.client21h1.open.xaml'
-  closedHelixTargetQueues: 'windows.10.amd64.client21h1.xaml'
-
-jobs:
-- job: ${{ parameters.name }}
-  displayName: Submit Helix ${{ parameters.platform }} ${{ parameters.configuration }}
-  dependsOn: ${{ parameters.dependsOn }}
-  condition: ${{ parameters.condition }}
-  pool:
-    vmImage: 'windows-2019'
-  timeoutInMinutes: 120
-  strategy:
-    maxParallel: ${{ parameters.maxParallel }}
-  variables:
-    buildConfiguration: ${{ parameters.configuration }}
-    buildPlatform: ${{ parameters.platform }}
-    openHelixTargetQueues: ${{ parameters.openHelixTargetQueues }}
-    closedHelixTargetQueues: ${{ parameters.closedHelixTargetQueues }}
-    artifactsDir: $(Build.SourcesDirectory)\Artifacts
-    taefPath: $(Build.SourcesDirectory)\build\Helix\packages\Microsoft.Taef.10.60.210621002\build\Binaries\$(buildPlatform)
-    helixCommonArgs: '/binaryLogger:$(Build.SourcesDirectory)/${{parameters.name}}.$(buildPlatform).$(buildConfiguration).binlog /p:HelixBuild=$(Build.BuildId).$(buildPlatform).$(buildConfiguration) /p:Platform=$(buildPlatform) /p:Configuration=$(buildConfiguration) /p:HelixType=${{parameters.helixType}} /p:TestSuite=${{parameters.testSuite}} /p:ProjFilesPath=$(Build.ArtifactStagingDirectory) /p:rerunPassesRequiredToAvoidFailure=${{parameters.rerunPassesRequiredToAvoidFailure}}'
-
-  steps:
-  - task: CmdLine@1
-    displayName: 'Display build machine environment variables'
-    inputs:
-      filename: 'set'
-
-  - task: NuGetToolInstaller@0
-    displayName: 'Use NuGet 5.2.0'
-    inputs:
-      versionSpec: 5.2.0
-
-  - task: 333b11bd-d341-40d9-afcf-b32d5ce6f23b@2
-    displayName: 'NuGet restore build/Helix/packages.config'
-    inputs:
-      restoreSolution: build/Helix/packages.config
-      feedsToUse: config
-      nugetConfigPath: nuget.config
-      restoreDirectory: packages
-
-  - task: DownloadBuildArtifacts@0
-    condition:
-      and(succeeded(),eq(variables['useBuildOutputFromBuildId'],''))
-    inputs:
-      artifactName: ${{ parameters.artifactName }}
-      downloadPath: '$(artifactsDir)'
-
-  - task: DownloadBuildArtifacts@0
-    condition:
-      and(succeeded(),ne(variables['useBuildOutputFromBuildId'],''))
-    inputs:
-      buildType: specific
-      buildVersionToDownload: specific
-      project: $(System.TeamProjectId)
-      pipeline: ${{ parameters.useBuildOutputFromPipeline }}
-      buildId: $(useBuildOutputFromBuildId)
-      artifactName: ${{ parameters.artifactName }}
-      downloadPath: '$(artifactsDir)'
-
-  - task: CmdLine@1
-    displayName: 'Display Artifact Directory payload contents'
-    inputs:
-      filename: 'dir'
-      arguments: '/s $(artifactsDir)'
-
-  - task: powershell@2
-    displayName: 'PrepareHelixPayload.ps1'
-    inputs:
-      targetType: filePath
-      filePath: build\Helix\PrepareHelixPayload.ps1
-      arguments: -Platform '$(buildPlatform)' -Configuration '$(buildConfiguration)' -ArtifactName '${{ parameters.artifactName }}'
-
-  - task: CmdLine@1
-    displayName: 'Display Helix payload contents'
-    inputs:
-      filename: 'dir'
-      arguments: '/s $(Build.SourcesDirectory)\HelixPayload'
-
-  - task: PowerShell@2
-    displayName: 'Make artifact directories'
-    inputs:
-      targetType: inline
-      script: |
-        New-Item -ItemType Directory -Force -Path "$(Build.ArtifactStagingDirectory)\$(BuildConfiguration)\"
-        New-Item -ItemType Directory -Force -Path "$(Build.ArtifactStagingDirectory)\$(BuildConfiguration)\$(BuildPlatform)\"
-
-  - template: helix-createprojfile-steps.yml
-    parameters:
-      condition: and(succeeded(),eq('${{ parameters.testSuite }}','DevTestSuite'))
-      testFilePath: '$(artifactsDir)\${{ parameters.artifactName }}\$(buildConfiguration)\$(buildPlatform)\Test\TerminalApp.LocalTests.dll'
-      outputProjFileName: 'RunTestsInHelix-TerminalAppLocalTests.proj'
-      testSuite: '${{ parameters.testSuite }}'
-      taefQuery: ${{ parameters.taefQuery }}
-
-  - template: helix-createprojfile-steps.yml
-    parameters:
-      condition: and(succeeded(),eq('${{ parameters.testSuite }}','DevTestSuite'))
-      testFilePath: '$(artifactsDir)\${{ parameters.artifactName }}\$(buildConfiguration)\$(buildPlatform)\Test\SettingsModel.LocalTests.dll'
-      outputProjFileName: 'RunTestsInHelix-SettingsModelLocalTests.proj'
-      testSuite: '${{ parameters.testSuite }}'
-      taefQuery: ${{ parameters.taefQuery }}
-
-
-  - template: helix-createprojfile-steps.yml
-    parameters:
-      condition: and(succeeded(),eq('${{ parameters.testSuite }}','DevTestSuite'))
-      testFilePath: '$(artifactsDir)\${{ parameters.artifactName }}\$(buildConfiguration)\$(buildPlatform)\Test\Conhost.UIA.Tests.dll'
-      outputProjFileName: 'RunTestsInHelix-HostTestsUIA.proj'
-      testSuite: '${{ parameters.testSuite }}'
-      taefQuery: ${{ parameters.taefQuery }}
-
-  - template: helix-createprojfile-steps.yml
-    parameters:
-      condition: and(succeeded(),or(eq('${{ parameters.testSuite }}','PgoInstrumentationSuite'),eq('${{ parameters.testSuite }}','DevTestSuite')))
-      testFilePath: '$(artifactsDir)\${{ parameters.artifactName }}\$(buildConfiguration)\$(buildPlatform)\Test\WindowsTerminal.UIA.Tests.dll'
-      outputProjFileName: 'RunTestsInHelix-WindowsTerminalUIATests.proj'
-      testSuite: '${{ parameters.testSuite }}'
-      taefQuery: ${{ parameters.taefQuery }}
-
-  - task: PublishBuildArtifacts@1
-    displayName: 'Publish generated .proj files'
-    inputs:
-      PathtoPublish: $(Build.ArtifactStagingDirectory)
-      artifactName: ${{ parameters.artifactName }}
-
-  - task: DotNetCoreCLI@2
-    displayName: 'Run tests in Helix (open queues)'
-    condition: and(succeeded(),eq(variables['System.CollectionUri'],'https://dev.azure.com/ms/'))
-    env:
-      SYSTEM_ACCESSTOKEN: $(System.AccessToken)
-    inputs:
-      command: custom
-      projects: build\Helix\RunTestsInHelix.proj
-      custom: msbuild
-      arguments: '$(helixCommonArgs) /p:IsExternal=true /p:Creator=Terminal /p:HelixTargetQueues=$(openHelixTargetQueues)'
-
-  - task: DotNetCoreCLI@2
-    displayName: 'Run tests in Helix (closed queues)'
-    condition: and(succeeded(),ne(variables['System.CollectionUri'],'https://dev.azure.com/ms/'))
-    env:
-      SYSTEM_ACCESSTOKEN: $(System.AccessToken)
-      HelixAccessToken: $(HelixApiAccessToken)
-    inputs:
-      command: custom
-      projects: build\Helix\RunTestsInHelix.proj
-      custom: msbuild
-      arguments: '$(helixCommonArgs) /p:HelixTargetQueues=$(closedHelixTargetQueues)'

build/pipelines/templates/pgo-merge-pgd-job.yml

@@ -1,70 +0,0 @@
-parameters:
-  dependsOn: ''
-  pgoArtifact: PGO
-  platform: ''
-  configuration: ''
-
-jobs:
-- job: MergePGD
-  dependsOn: ${{ parameters.dependsOn }}
-  pool:
-    vmImage: 'windows-2019'
-  variables:
-    artifactsPath: $(Build.SourcesDirectory)\Artifacts
-    pgoArtifactsPath: $(artifactsPath)\${{ parameters.pgoArtifact }}
-    buildPlatform: ${{ parameters.platform }}
-    buildConfiguration: ${{ parameters.configuration }}
-
-  steps:
-  # The environment variable VCToolsInstallDir isn't defined on lab machines, so we need to retrieve it ourselves.
-  - script: |
-      "%ProgramFiles(x86)%\Microsoft Visual Studio\Installer\vswhere.exe" -Latest -requires Microsoft.Component.MSBuild -property InstallationPath > %TEMP%\vsinstalldir.txt
-      set /p _VSINSTALLDIR15=<%TEMP%\vsinstalldir.txt
-      del %TEMP%\vsinstalldir.txt
-      call "%_VSINSTALLDIR15%\Common7\Tools\VsDevCmd.bat"
-      echo VCToolsInstallDir = %VCToolsInstallDir%
-      echo ##vso[task.setvariable variable=VCToolsInstallDir]%VCToolsInstallDir%
-    displayName: 'Retrieve VC tools directory'
-
-  - task: NuGetToolInstaller@0
-    displayName: 'Use NuGet 5.2.0'
-    inputs:
-      versionSpec: 5.2.0
-
-  - task: NuGetAuthenticate@0
-
-  # In the Microsoft Azure DevOps tenant, NuGetCommand is ambiguous.
-  # This should be `task: NuGetCommand@2`
-  - task: 333b11bd-d341-40d9-afcf-b32d5ce6f23b@2
-    displayName: Restore NuGet packages for extraneous build actions
-    inputs:
-      command: restore
-      feedsToUse: config
-      configPath: NuGet.config
-      restoreSolution: build/packages.config
-      restoreDirectory: '$(Build.SourcesDirectory)\packages'
-
-  - task: DownloadBuildArtifacts@0
-    inputs:
-      artifactName: ${{ parameters.pgoArtifact }}
-      downloadPath: $(artifactsPath)
-
-  - task: MSBuild@1
-    displayName: Merge counts into PGD
-    inputs:
-      solution: $(Build.SourcesDirectory)\OpenConsole.sln
-      platform: $(buildPlatform)
-      configuration: $(buildConfiguration)
-      msbuildArguments: '/t:MergePGOCounts /p:PGOBuildMode=Instrument /p:PGDPath=$(pgoArtifactsPath)\$(buildPlatform) /p:PGCRootPath=$(pgoArtifactsPath)\$(buildPlatform)'
-
-  - task: CopyFiles@2
-    displayName: 'Copy merged pgd to artifact staging'
-    inputs:
-      sourceFolder: $(pgoArtifactsPath)
-      contents: '**\$(buildPlatform)\*.pgd'
-      targetFolder: $(Build.ArtifactStagingDirectory)
-
-  - task: PublishBuildArtifacts@1
-    inputs:
-      pathToPublish: $(Build.ArtifactStagingDirectory)
-      artifactName: ${{ parameters.pgoArtifact }}

build/scripts/Create-AppxBundle.ps1

@@ -22,7 +22,7 @@ Param(
     [Parameter(HelpMessage="Path to makeappx.exe")]
     [ValidateScript({Test-Path $_ -Type Leaf})]
     [string]
-    $MakeAppxPath = "C:\Program Files (x86)\Windows Kits\10\bin\10.0.22000.0\x86\MakeAppx.exe"
+    $MakeAppxPath = "C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x86\MakeAppx.exe"
 )
 
 If ($null -Eq (Get-Item $MakeAppxPath -EA:SilentlyContinue)) {

build/scripts/Merge-PriFiles.ps1

@@ -0,0 +1,78 @@
+Param(
+    [Parameter(Mandatory,
+      HelpMessage="List of PRI files or XML dumps (detailed only) to merge")]
+    [string[]]
+    $Path,
+
+    [Parameter(Mandatory,
+      HelpMessage="Output Path")]
+    [string]
+    $OutputPath,
+
+    [Parameter(HelpMessage="Name of index in output file; defaults to 'Application'")]
+    [string]
+    $IndexName = "Application",
+
+    [Parameter(HelpMessage="Path to makepri.exe")]
+    [ValidateScript({Test-Path $_ -Type Leaf})]
+    [string]
+    $MakePriPath = "C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x64\MakePri.exe"
+)
+
+$ErrorActionPreference = 'Stop'
+
+$tempDir = Join-Path ([System.IO.Path]::GetTempPath()) "tmp$([Convert]::ToString((Get-Random 65535),16).PadLeft(4,'0')).tmp"
+New-Item -ItemType Directory -Path $tempDir | Out-Null
+$priConfig = Join-Path $tempDir "priconfig.xml"
+$priListFile = Join-Path $tempDir "pri.resfiles"
+$dumpListFile = Join-Path $tempDir "dump.resfiles"
+
+@"
+<?xml version="1.0" encoding="utf-8"?>
+<resources targetOsVersion="10.0.0" majorVersion="1">
+  <index root="\" startIndexAt="dump.resfiles">
+    <default>
+      <qualifier name="Language" value="en-US" />
+      <qualifier name="Contrast" value="standard" />
+      <qualifier name="Scale" value="200" />
+      <qualifier name="HomeRegion" value="001" />
+      <qualifier name="TargetSize" value="256" />
+      <qualifier name="LayoutDirection" value="LTR" />
+      <qualifier name="DXFeatureLevel" value="DX9" />
+      <qualifier name="Configuration" value="" />
+      <qualifier name="AlternateForm" value="" />
+      <qualifier name="Platform" value="UAP" />
+    </default>
+    <indexer-config type="PRIINFO" />
+    <indexer-config type="RESFILES" qualifierDelimiter="." />
+  </index>
+  <index root="\" startIndexAt="pri.resfiles">
+    <default>
+      <qualifier name="Language" value="en-US" />
+      <qualifier name="Contrast" value="standard" />
+      <qualifier name="Scale" value="200" />
+      <qualifier name="HomeRegion" value="001" />
+      <qualifier name="TargetSize" value="256" />
+      <qualifier name="LayoutDirection" value="LTR" />
+      <qualifier name="DXFeatureLevel" value="DX9" />
+      <qualifier name="Configuration" value="" />
+      <qualifier name="AlternateForm" value="" />
+      <qualifier name="Platform" value="UAP" />
+    </default>
+    <indexer-config type="PRI" />
+    <indexer-config type="RESFILES" qualifierDelimiter="." />
+  </index>
+</resources>
+"@ | Out-File -Encoding:utf8NoBOM $priConfig
+
+$Path | Where { $_ -Like "*.pri" } | ForEach-Object {
+    Get-Item $_ | Select -Expand FullName
+} | Out-File -Encoding:utf8NoBOM $priListFile
+
+$Path | Where { $_ -Like "*.xml" } | ForEach-Object {
+    Get-Item $_ | Select -Expand FullName
+} | Out-File -Encoding:utf8NoBOM $dumpListFile
+
+& $MakePriPath new /pr $tempDir /cf $priConfig /o /in $IndexName /of $OutputPath
+
+Remove-Item -Recurse -Force $tempDir

build/scripts/Merge-TerminalAndXamlResources.ps1

@@ -0,0 +1,47 @@
+Param(
+    [Parameter(Mandatory,
+      HelpMessage="Root directory of extracted Terminal AppX")]
+    [string[]]
+    $TerminalRoot,
+
+    [Parameter(Mandatory,
+      HelpMessage="Root directory of extracted Xaml AppX")]
+    [string[]]
+    $XamlRoot,
+
+    [Parameter(Mandatory,
+      HelpMessage="Output Path")]
+    [string]
+    $OutputPath,
+
+    [Parameter(HelpMessage="Path to makepri.exe")]
+    [ValidateScript({Test-Path $_ -Type Leaf})]
+    [string]
+    $MakePriPath = "C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x64\MakePri.exe"
+)
+
+$ErrorActionPreference = 'Stop'
+
+$tempDir = Join-Path ([System.IO.Path]::GetTempPath()) "tmp$([Convert]::ToString((Get-Random 65535),16).PadLeft(4,'0')).tmp"
+New-Item -ItemType Directory -Path $tempDir | Out-Null
+
+$terminalDump = Join-Path $tempDir "terminal.pri.xml"
+
+& $MakePriPath dump /if (Join-Path $TerminalRoot "resources.pri") /of $terminalDump /dt detailed
+
+Write-Verbose "Removing Microsoft.UI.Xaml node from Terminal to prevent a collision with XAML"
+$terminalXMLDocument = [xml](Get-Content $terminalDump)
+$resourceMap = $terminalXMLDocument.PriInfo.ResourceMap
+$fileSubtree = $resourceMap.ResourceMapSubtree | Where-Object { $_.Name -eq "Files" }
+$subtrees = $fileSubtree.ResourceMapSubtree
+$xamlSubtreeChild = ($subtrees | Where-Object { $_.Name -eq "Microsoft.UI.Xaml" })
+if ($Null -Ne $xamlSubtreeChild) {
+    $null = $fileSubtree.RemoveChild($xamlSubtreeChild)
+    $terminalXMLDocument.Save($terminalDump)
+}
+
+$indexName = $terminalXMLDocument.PriInfo.ResourceMap.name
+
+& (Join-Path $PSScriptRoot "Merge-PriFiles.ps1") -Path $terminalDump, (Join-Path $XamlRoot "resources.pri") -IndexName $indexName -OutputPath $OutputPath -MakePriPath $MakePriPath
+
+Remove-Item -Recurse -Force $tempDir

build/scripts/New-UnpackagedTerminalDistribution.ps1

@@ -0,0 +1,117 @@
+Param(
+    [Parameter(Mandatory,
+      HelpMessage="Path to Terminal AppX")]
+    [ValidateScript({Test-Path $_ -Type Leaf})]
+    [string]
+    $TerminalAppX,
+
+    [Parameter(Mandatory,
+      HelpMessage="Path to Xaml AppX")]
+    [ValidateScript({Test-Path $_ -Type Leaf})]
+    [string]
+    $XamlAppX,
+
+    [Parameter(HelpMessage="Output Directory")]
+    [string]
+    $Destination = ".",
+
+    [Parameter(HelpMessage="Path to makeappx.exe")]
+    [ValidateScript({Test-Path $_ -Type Leaf})]
+    [string]
+    $MakeAppxPath = "C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x64\MakeAppx.exe"
+)
+
+$filesToRemove = @("*.xml", "*.winmd", "Appx*", "Images/*Tile*", "Images/*Logo*") # Remove from Terminal
+$filesToKeep = @("Microsoft.Terminal.Remoting.winmd") # ... except for these
+$filesToCopyFromXaml = @("Microsoft.UI.Xaml.dll", "Microsoft.UI.Xaml") # We don't need the .winmd
+
+$ErrorActionPreference = 'Stop'
+
+If ($null -Eq (Get-Item $MakeAppxPath -EA:SilentlyContinue)) {
+    Write-Error "Could not find MakeAppx.exe at `"$MakeAppxPath`".`nMake sure that -MakeAppxPath points to a valid SDK."
+    Exit 1
+}
+
+$tempDir = Join-Path ([System.IO.Path]::GetTempPath()) "tmp$([Convert]::ToString((Get-Random 65535),16).PadLeft(4,'0')).tmp"
+New-Item -ItemType Directory -Path $tempDir | Out-Null
+
+$XamlAppX = Get-Item $XamlAppX | Select-Object -Expand FullName
+$TerminalAppX = Get-Item $TerminalAppX | Select-Object -Expand FullName
+
+########
+# Reading the AppX Manifest for preliminary info
+########
+
+$appxManifestPath = Join-Path $tempDir AppxManifest.xml
+& tar.exe -x -f "$TerminalAppX" -C $tempDir AppxManifest.xml
+$manifest = [xml](Get-Content $appxManifestPath)
+$pfn = $manifest.Package.Identity.Name
+$version = $manifest.Package.Identity.Version
+$architecture = $manifest.Package.Identity.ProcessorArchitecture
+
+$distributionName = "{0}_{1}_{2}" -f ($pfn, $version, $architecture)
+$terminalDir = "terminal-{0}" -f ($version)
+
+########
+# Unpacking Terminal and XAML
+########
+
+$terminalAppPath = Join-Path $tempdir $terminalDir
+$xamlAppPath = Join-Path $tempdir "xaml"
+New-Item -ItemType Directory -Path $terminalAppPath | Out-Null
+New-Item -ItemType Directory -Path $xamlAppPath | Out-Null
+& $MakeAppxPath unpack /p $TerminalAppX /d $terminalAppPath /o | Out-Null
+If ($LASTEXITCODE -Ne 0) {
+    Throw "Unpacking $TerminalAppX failed"
+}
+& $MakeAppxPath unpack /p $XamlAppX /d $xamlAppPath /o | Out-Null
+If ($LASTEXITCODE -Ne 0) {
+    Throw "Unpacking $XamlAppX failed"
+}
+
+########
+# Some sanity checking
+########
+
+$xamlManifest = [xml](Get-Content (Join-Path $xamlAppPath "AppxManifest.xml"))
+If ($xamlManifest.Package.Identity.Name -NotLike "Microsoft.UI.Xaml*") {
+    Throw "$XamlAppX is not a XAML package (instead, it looks like $($xamlManifest.Package.Identity.Name))"
+}
+If ($xamlManifest.Package.Identity.ProcessorArchitecture -Ne $architecture) {
+    Throw "$XamlAppX is not built for $architecture (instead, it is built for $($xamlManifest.Package.Identity.ProcessorArchitecture))"
+}
+
+########
+# Preparation of source files
+########
+
+$itemsToRemove = $filesToRemove | ForEach-Object {
+    Get-Item (Join-Path $terminalAppPath $_) -EA:SilentlyContinue | Where-Object {
+        $filesToKeep -NotContains $_.Name
+    }
+} | Sort-Object FullName -Unique
+$itemsToRemove | Remove-Item -Recurse
+
+$filesToCopyFromXaml | ForEach-Object {
+    Get-Item (Join-Path $xamlAppPath $_)
+} | Copy-Item -Recurse -Destination $terminalAppPath
+
+########
+# Resource Management
+########
+
+$finalTerminalPriFile = Join-Path $terminalAppPath "resources.pri"
+& (Join-Path $PSScriptRoot "Merge-TerminalAndXamlResources.ps1") `
+    -TerminalRoot $terminalAppPath `
+    -XamlRoot $xamlAppPath `
+    -OutputPath $finalTerminalPriFile `
+    -Verbose:$Verbose
+
+########
+# Packaging
+########
+
+New-Item -ItemType Directory -Path $Destination -ErrorAction:SilentlyContinue | Out-Null
+$outputZip = (Join-Path $Destination ("{0}.zip" -f ($distributionName)))
+& tar -c --format=zip -f $outputZip -C $tempDir $terminalDir
+Get-Item $outputZip

build/scripts/Patch-ManifestsToWindowsVersion.ps1

@@ -1,14 +0,0 @@
-# Copyright (c) Microsoft Corporation.
-# Licensed under the MIT license.
-
-Param(
-	[string]$NewWindowsVersion = "10.0.22000.0"
-)
-
-Get-ChildItem src/cascadia/CascadiaPackage -Recurse -Filter *.appxmanifest | ForEach-Object {
-	$xml = [xml](Get-Content $_.FullName)
-	$xml.Package.Dependencies.TargetDeviceFamily | Where-Object Name -Like "Windows*" | ForEach-Object {
-		$_.MinVersion = $NewWindowsVersion
-	}
-	$xml.Save($_.FullName)
-}