f44fa150e2
Three regressions surfaced by VM 102 validation, plus the winget reliability fix:
- Hardening never ran. SetupComplete.cmd DEFERS hardening to the toolbox when the
Welcome app is present ("hardening deferred to SilverOS Welcome"), but ApplyService
only did apps->bitlocker->done — the call was dropped in the collector slim-down, so
all 8 modules were staged-but-never-executed. Add IHardeningService/HardeningService
and run it (with the flavour's module selection) as the last Apply step.
- Branding disappeared. Apply-Branding.ps1 -Mode Online crashed looking for
C:\branding.manifest.json (param default's $PSScriptRoot came back unrooted under
-File), so the post-OOBE re-apply never ran and personalization reverted. Resolve the
manifest/assets robustly in the body, falling back to the script's own directory.
- Apps didn't install. The runtime winget bootstrap failed silently on IoT LTSC
(exit 1, no diag). Provision App Installer + VCLibs + UI.Xaml into the offline image
at build time (Add-AppxProvisionedPackage) so winget is present at first boot. The
runtime bootstrap remains as a non-fatal fallback.
- Apply UX looked hung. Add a continuous progress-bar sheen + spinner + "this can take
several minutes" hint, and make the percentages monotonic (apps 30->70, bitlocker 75,
hardening 90, done 100).
Tests: 32 passing (ApplyService now verifies apps->bitlocker->hardening order + that
hardening receives the flavour modules).
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
SilverMetal Windows branding (shared, dual-mode)
Apply-Branding.ps1 writes the four branding layers either OFFLINE into a
mounted WIM (-Mode Offline -MountPath <mount>, used by installer/build.ps1
Invoke-Brand) or ONLINE onto the running system (-Mode Online, self-apply).
Strings live in branding.manifest.json; images in assets/. See
docs/superpowers/specs/2026-06-09-first-boot-branding-design.md.
Layers: BitLocker pre-boot recovery message, lock-screen image (locked), desktop wallpaper+theme (changeable), OEM About.