SilverLABS/SilverMetal
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

fix(first-boot): branding-online encoding crash + bootstrap cleanup + recovery QR #15

Manually merged
SilverLABS merged 1 commits from fix/branding-encoding-cleanup-qr into main 2026-06-09 22:36:43 +00:00
Conversation 0 Commits 1 Files Changed 7 +226 -26
SilverLABS commented 2026-06-09 21:41:38 +00:00
Owner
Copy Link

Root-caused by mounting the unencrypted VM disk after run #7 (BitLocker hadn't encrypted, so C: was readable) and reading the first-boot logs.

1. Lock/login/wallpaper branding still missing — online re-apply was crashing. Apply-Branding.ps1 had a UTF-8 em-dash inside a Write-Warning string. Windows PowerShell 5.1 (what SetupComplete uses) reads .ps1 as ANSI, mangled the bytes, broke the string terminator → the whole script failed to parse → branding never re-applied online (the firstboot.log showed the parser error). Fix: ASCII-ify it and save the branding scripts UTF-8-with-BOM so PS 5.1 always decodes them correctly (verified parses under PS 5.1 and PS 7).

2. sm-bootstrap never removed. TearDownAsync created the deferred-cleanup task with schtasks /tr + an inline -EncodedCommand, which silently fails past the ~261-char /tr limit — the task was never created (NO_TASK on disk). Fix: Register-ScheduledTask (no length limit).

3. Recovery key UX. Done step now shows a QR code of the recovery key (QRCoder, pure-managed) for phone backup, laid out side-by-side with the key text so the Restart button no longer overflows below the fold. Notes the local copy is deletable after backup.

Verified: welcome solution builds, 29/29 tests; branding Pester 6/6 unit (offline-integration runs in CI as SYSTEM).

Still open (next round, mostly VM environment):

  • BitLocker can't enable in the VMSecure Boot configuration does not meet requirements. The -SkipHardwareTest removal correctly turned the silent recovery-drop into an honest failure; the VM just needs Secure Boot enabled/enrolled (OVMF). On real hardware Secure Boot is on. (Product gap to consider: verify Secure Boot before enrolling so the wizard doesn't report success while C: stays unencrypted.)
  • Network driver E1G6032E.sys blocked = HVCI/Memory Integrity refusing the old Intel e1000 driver (working as designed). VM should use a HVCI-compatible NIC (virtio + injected drivers); real hardware needs HVCI-compatible drivers.
  • Start menu briefly over the wizard at first launch (Explorer-shell trade-off) — suppress/topmost.
  • Recovery-key: optional opt-out of the local file; escrow to SilverSync.

🤖 Generated with Claude Code

Root-caused by mounting the **unencrypted** VM disk after run #7 (BitLocker hadn't encrypted, so C: was readable) and reading the first-boot logs. **1. Lock/login/wallpaper branding still missing — online re-apply was crashing.** `Apply-Branding.ps1` had a UTF-8 **em-dash** inside a `Write-Warning` *string*. Windows PowerShell 5.1 (what `SetupComplete` uses) reads `.ps1` as **ANSI**, mangled the bytes, broke the string terminator → the whole script failed to parse → branding never re-applied online (the `firstboot.log` showed the parser error). Fix: ASCII-ify it **and** save the branding scripts **UTF-8-with-BOM** so PS 5.1 always decodes them correctly (verified parses under PS 5.1 *and* PS 7). **2. `sm-bootstrap` never removed.** `TearDownAsync` created the deferred-cleanup task with `schtasks /tr` + an inline `-EncodedCommand`, which **silently fails past the ~261-char `/tr` limit** — the task was never created (`NO_TASK` on disk). Fix: **`Register-ScheduledTask`** (no length limit). **3. Recovery key UX.** Done step now shows a **QR code** of the recovery key (QRCoder, pure-managed) for phone backup, laid out **side-by-side with the key text** so the **Restart button no longer overflows** below the fold. Notes the local copy is deletable after backup. Verified: welcome solution builds, **29/29** tests; branding Pester 6/6 unit (offline-integration runs in CI as SYSTEM). **Still open (next round, mostly VM environment):** - **BitLocker can't enable in the VM** — `Secure Boot configuration does not meet requirements`. The `-SkipHardwareTest` removal correctly turned the silent recovery-drop into an honest failure; the VM just needs Secure Boot enabled/enrolled (OVMF). On real hardware Secure Boot is on. (Product gap to consider: verify Secure Boot *before* enrolling so the wizard doesn't report success while C: stays unencrypted.) - **Network driver `E1G6032E.sys` blocked** = HVCI/Memory Integrity refusing the old Intel e1000 driver (working as designed). VM should use a HVCI-compatible NIC (virtio + injected drivers); real hardware needs HVCI-compatible drivers. - **Start menu briefly over the wizard** at first launch (Explorer-shell trade-off) — suppress/topmost. - Recovery-key: optional opt-out of the local file; escrow to SilverSync. 🤖 Generated with [Claude Code](https://claude.com/claude-code)
SilverLABS added 1 commit 2026-06-09 21:41:38 +00:00
fix(first-boot): branding-online parse crash (em-dash/encoding) + bootstrap cleanup task + recovery QR
All checks were successful
Build SilverMetal Enhanced - Windows ISO / build (pull_request) Successful in 4m47s
Details
6124448003 
Found by reading the unencrypted VM disk after run #7:
1. Online branding never ran: Apply-Branding.ps1 had a UTF-8 em-dash in a Write-Warning
   STRING; Windows PowerShell 5.1 (SetupComplete) reads .ps1 as ANSI, mangled it, broke
   the string terminator -> whole script failed to parse -> lock/login/wallpaper branding
   never re-applied. Fix: ASCII-ify the em-dash AND save the branding scripts UTF-8-with-BOM
   so PS5.1 always decodes them correctly (verified parses under PS5.1 + PS7).
2. sm-bootstrap never removed: TearDownAsync used schtasks /tr with an inline -EncodedCommand,
   which silently fails past the ~261-char /tr limit, so the cleanup task was never created
   (confirmed NO_TASK on disk). Fix: Register-ScheduledTask (no length limit).
3. Done step: show a QR code of the BitLocker recovery key (QRCoder) for phone backup, and
   lay key+QR side-by-side so the Restart button no longer overflows below the fold.

Verified: welcome solution builds, 29/29 tests; branding Pester 6/6 unit (offline-integration
needs elevation, runs in CI).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
SilverLABS manually merged commit efdf5888ac into main 2026-06-09 22:36:43 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
SilverLABS
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: SilverLABS/SilverMetal#15
Delete Branch "fix/branding-encoding-cleanup-qr"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?