Best practices: Difference between revisions

From NSIS Wiki
Jump to navigationJump to search
(Added Security section with note about not naming it setup.exe)
 
(13 intermediate revisions by the same user not shown)
Line 2: Line 2:
{{PageAuthor|Anders}}
{{PageAuthor|Anders}}


Installers and the applications they install should aspire to meet the [http://msdn.microsoft.com/en-us/windows/desktop/hh749939.aspx certification requirements for Windows desktop apps] (The technical requirements for the Windows 7 Client Software Logo Program can be found [http://www.microsoft.com/DOWNLOADS/details.aspx?FamilyID=27028822-b172-4cec-91a3-26b610a4da79&displaylang=en here]).
Installers and the applications they install should aspire to meet the [http://msdn.microsoft.com/en-us/windows/desktop/hh749939.aspx certification requirements for Windows desktop apps] (The technical requirements for the Windows 7 Client Software Logo Program can be found [https://web.archive.org/web/20150119033713/http://www.microsoft.com/DOWNLOADS/details.aspx?FamilyID=27028822-b172-4cec-91a3-26b610a4da79&displaylang=en here]).




== Fundamentals ==
== Fundamentals ==
* Must have an opt-out option for any bundled apps.
* Must have an opt-out option for any bundled apps.
* Must not take a dependency on Windows compatibility modes, AppHelp message, and or any other compatibility fixes.
* Must not take a dependency on Windows compatibility modes, [https://docs.microsoft.com/en-us/windows/deployment/planning/creating-an-apphelp-message-in-compatibility-administrator AppHelp message], and or any other compatibility fixes.
** [http://blogs.msdn.com/b/oldnewthing/archive/2010/03/11/9976571.aspx Application compatibility layers are there for the customer, not for the program].
** [https://web.archive.org/web/20100717010649if_/http://blogs.msdn.com/b/oldnewthing/archive/2010/03/11/9976571.aspx Application compatibility layers are there for the customer, not for the program].
* Must have a compatibility [http://nsis.sourceforge.net/Docs/Chapter4.html#amanifestsupportedos manifest], and use the appropriate GUIDs for the supported versions of Windows.
* Must have a compatibility [http://nsis.sourceforge.net/Docs/Chapter4.html#amanifestsupportedos manifest], and use the appropriate GUIDs for the supported versions of Windows.
* Must follow [http://msdn.microsoft.com/en-us/library/windows/desktop/dn742497.aspx User Account Control] guidelines:
* Must follow [http://msdn.microsoft.com/en-us/library/windows/desktop/dn742497.aspx User Account Control] guidelines:
Line 24: Line 24:




== Start Menu/Start Screen ==
== Start Menu/[https://web.archive.org/web/20150217043325/http://windows.microsoft.com/en-us/windows-8/start-screen-tutorial Start Screen] ==
* Provide icons for the four supported Start screen [http://msdn.microsoft.com/en-us/library/windows/desktop/jj673981(v=vs.85).aspx scale values] to ensure that your icons look crisp on all form factors.
* Provide icons for the four supported Start screen [http://msdn.microsoft.com/en-us/library/windows/desktop/jj673981(v=vs.85).aspx scale values] to ensure that your icons look crisp on all form factors.
* If you install a suite of apps rather than a single app, add one shortcut for each app in the suite. (Be aware that while the Apps view groups tiles and shows the folder name, this name isn't visible when a tile is pinned to the Start screen, so make your tile names sufficiently descriptive.)
* If you install a suite of apps rather than a single app, add one shortcut for each app in the suite. (Be aware that while the Apps view groups tiles and shows the folder name, this name isn't visible when a tile is pinned to the Start screen, so make your tile names sufficiently descriptive.)
** Create a single-level product folder for suites that contain three or more tiles.
** Create a single-level product folder for suites that contain three or more tiles.
* Don't create a product folder if your suite contains only a single shortcut. Place your shortcut in the top-level $SMPROGRAMS folder.
* Don't create a product folder if your suite contains only a single shortcut. Place your shortcut in the top-level $SMPROGRAMS folder.
* Don't provide multiple shortcuts to the same app.
* Don't provide multiple shortcuts to the same app (no "safe-mode"/"add-ons disabled" shortcuts).
* Don't create shortcuts to uninstallers, help files, wizards or web sites. (Windows 8+: Shortcuts that don't map to executables, such as shortcuts that launch web sites or help files, are filtered out of the Start screen.)
* [https://docs.microsoft.com/en-us/windows/win32/shell/desktop-app-tiles-on-the-start-screen#decide-the-right-entry-points-to-include-in-the-start-screen Don't create shortcuts to uninstallers, help files, wizards or web sites]. (Windows 8+: Shortcuts that don't map to executables, such as shortcuts that launch web sites or help files, are [https://devblogs.microsoft.com/oldnewthing/20190319-00/?p=102342 filtered out of the Start screen].)
* Don't create shortcuts to features or functionality that can be launched from within the app itself.
* Don't create shortcuts to features or functionality that can be launched from within the app itself.
* Don't create a tile for a host or runtime for applications, like Silverlight or Java. Provide an entry point to uninstall the framework in Add/Remove Programs and provide any settings entry point in Control Panel.
* Don't create a tile for a host or runtime for applications, like Silverlight or Java. Provide an entry point to uninstall the framework in Add/Remove Programs and provide any settings entry point in Control Panel.
* Don't [http://blogs.msdn.com/b/oldnewthing/archive/2014/12/30/10583474.aspx programmatically pin shortcuts], the pin list is a place [http://blogs.msdn.com/b/oldnewthing/archive/2003/09/03/54760.aspx for users] to put their favorite icons.
* [https://web.archive.org/web/20190213053657if_/https://blogs.msdn.microsoft.com/oldnewthing/20141230-00/?p=43273/ Don't programmatically pin shortcuts], the pin list is a place [https://web.archive.org/web/20181213053112if_/https://blogs.msdn.microsoft.com/oldnewthing/20030903-00/?p=42673 for users] to put their favorite icons.
* The Quick Launch bar and Favorites menu [https://web.archive.org/web/20190108141311if_/https://blogs.msdn.microsoft.com/oldnewthing/20061101-03/?p=29153 belong to the user]




Line 54: Line 55:
** [http://msdn.microsoft.com/en-us/library/windows/desktop/cc144162(v=vs.85).aspx Set Program Access and Computer Defaults (SPAD)]
** [http://msdn.microsoft.com/en-us/library/windows/desktop/cc144162(v=vs.85).aspx Set Program Access and Computer Defaults (SPAD)]
** [http://msdn.microsoft.com/en-us/library/windows/desktop/cc144156(v=vs.85).aspx Best Practices for File Associations]
** [http://msdn.microsoft.com/en-us/library/windows/desktop/cc144156(v=vs.85).aspx Best Practices for File Associations]
** [http://msdn.microsoft.com/en-us/library/windows/desktop/cc144104 File Types and File Associations]
* [http://dev.windows.com/en-us/develop/app-certification-kit Windows App Certification Kit]
* [http://dev.windows.com/en-us/develop/app-certification-kit Windows App Certification Kit]
** [http://msdn.microsoft.com/library/windows/desktop/hh749939 Certification requirements for Windows desktop apps]
** [http://msdn.microsoft.com/library/windows/desktop/hh749939 Certification requirements for Windows desktop apps]
Line 63: Line 65:
* [http://msdn.microsoft.com/library/windows/hardware/gg463010 Windows hardware certification (aka Windows Logo Program for Hardware or WHQL)]
* [http://msdn.microsoft.com/library/windows/hardware/gg463010 Windows hardware certification (aka Windows Logo Program for Hardware or WHQL)]
** [http://msdn.microsoft.com/en-us/library/hh848077(v=vs.85).aspx Windows Hardware Certification Kit]
** [http://msdn.microsoft.com/en-us/library/hh848077(v=vs.85).aspx Windows Hardware Certification Kit]
* [http://msdn.microsoft.com/en-us/library/ee417691(v=vs.85).aspx Games for Windows Technical Requirements]
** [https://learn.microsoft.com/en-us/previous-versions/windows/desktop/legacy/ee417684(v=vs.85)#http://web.archive.org/web/20070209022548/http://msdn2.microsoft.com:80/en-us/library/bb173456.aspx#section_1_3 Rich saved games]
** [http://web.archive.org/web/20071017031605/http://msdn2.microsoft.com:80/en-us/library/bb173456.aspx#_1.6 WMC] ([http://github.com/skijump/windows-media-center-sdk SDK])
*** [http://web.archive.org/web/20070225094305/http://msdn2.microsoft.com:80/en-us/library/bb174608.aspx 10-Foot Experience]
** [http://web.archive.org/web/20100816121945/http://msdn.microsoft.com:80/en-us/library/ee417691%28VS.85%29.aspx#_S.1.4 GFWL]
* [http://docs.microsoft.com/en-us/windows/win32/msi/windows-installer-and-logo-requirements Windows Installer and Logo Requirements]
** [http://docs.microsoft.com/en-us/windows/win32/msi/windows-installer-best-practices Windows Installer Best Practices]

Latest revision as of 04:50, 21 November 2022

Author: Anders (talk, contrib)


Installers and the applications they install should aspire to meet the certification requirements for Windows desktop apps (The technical requirements for the Windows 7 Client Software Logo Program can be found here).


Fundamentals

  • Must have an opt-out option for any bundled apps.
  • Must not take a dependency on Windows compatibility modes, AppHelp message, and or any other compatibility fixes.
  • Must have a compatibility manifest, and use the appropriate GUIDs for the supported versions of Windows.
  • Must follow User Account Control guidelines:
    • Must have a manifest that defines the execution level and tells the operating system what privileges the app requires in order to run .
  • Must support a clean, reversible installation and comply with the Install/Uninstall requirements:
    • The installer must create the correct registry entries to allow successful detection and uninstalls.
    • Do not attempt to replace files protected by Windows File Protection.
  • Must install to the correct folders by default:
    • Shared components that are private to a single software vendor should be stored in $COMMONFILES or $PROGRAMFILES\<company name>\Shared Files.
    • Your app data, which must be shared among users on the computer, should be stored within %ProgramData%.
    • Your app’s data that is exclusive to a specific user and that is not to be shared with other users of the computer, must be stored in $APPDATA and/or $LOCALAPPDATA.
    • Your app must write user data at first run and not during the installation in “per-machine” installations.
  • The %PATH% environment variable is a shared resource.
    • Use the App Paths key to prepend information to the %PATH% environment variable on a per-application basis if possible.


Start Menu/Start Screen

  • Provide icons for the four supported Start screen scale values to ensure that your icons look crisp on all form factors.
  • If you install a suite of apps rather than a single app, add one shortcut for each app in the suite. (Be aware that while the Apps view groups tiles and shows the folder name, this name isn't visible when a tile is pinned to the Start screen, so make your tile names sufficiently descriptive.)
    • Create a single-level product folder for suites that contain three or more tiles.
  • Don't create a product folder if your suite contains only a single shortcut. Place your shortcut in the top-level $SMPROGRAMS folder.
  • Don't provide multiple shortcuts to the same app (no "safe-mode"/"add-ons disabled" shortcuts).
  • Don't create shortcuts to uninstallers, help files, wizards or web sites. (Windows 8+: Shortcuts that don't map to executables, such as shortcuts that launch web sites or help files, are filtered out of the Start screen.)
  • Don't create shortcuts to features or functionality that can be launched from within the app itself.
  • Don't create a tile for a host or runtime for applications, like Silverlight or Java. Provide an entry point to uninstall the framework in Add/Remove Programs and provide any settings entry point in Control Panel.
  • Don't programmatically pin shortcuts, the pin list is a place for users to put their favorite icons.
  • The Quick Launch bar and Favorites menu belong to the user


Security

  • Do not give all users write access to $InstDir. Any executable files like .exe and .dll should only be modifiable by trusted users/groups.
  • The installer should not be named "setup.exe" because a bug in the Windows compatibility layer allows a 3rd-party to inject DLLs with certain names.


See also

Retrieved from "https://nsis.sourceforge.io/mediawiki/index.php?title=Best_practices&oldid=25834"