microsoft
MWB: Firewall for subnet only should be configured according to setting value
Summary of the Pull Request
We should not configure subnet only if user explicitly set the option to false
PR Checklist
- [X] Closes: #39430
- [ ] Communication: I've discussed this with core contributors already. If work hasn't been agreed, this work might be rejected
- [X] Tests: Added/updated and all pass
- [ ] Localization: All end user facing strings can be localized
- [ ] Dev docs: Added/updated
- [ ] New binaries: Added on the required places
- [ ] JSON for signing for new binaries
- [ ] WXS for installer for new binaries and localization folder
- [ ] YML for CI pipeline for new test projects
- [ ] YML for signed pipeline
- [ ] Documentation updated: If checked, please file a pull request on our docs repo and link it here: #xxx
Detailed Description of the Pull Request / Additional comments
Validation Steps Performed
Subnetonly toggle to off
Subnet only toggle to on:
@check-spelling-bot Report
:red_circle: Please review
See the :open_file_folder: files view, the :scroll:action log, or :memo: job summary for details.
Unrecognized words (1)
samesubnetonly
These words are not needed and should be removed
DEFT iextn localappdata pswd SHELLEXTENSION SHELLNEWVALUE SHGFIICON SHGFILARGEICONSome files were automatically ignored :see_no_evil:
These sample patterns would exclude them:
^\Q.pipelines/272MSSharedLibSN2048.snk\E$
You should consider adding them to:
.github/actions/spell-check/excludes.txt
File matching is via Perl regular expressions.
To check these files, more of their words need to be in the dictionary than not. You can use patterns.txt to exclude portions, add items to the dictionary (e.g. by adding them to allow.txt), or fix typos.
To accept these unrecognized words as correct, update file exclusions, and remove the previously acknowledged and now absent words, you could run the following commands
... in a clone of the [email protected]:microsoft/PowerToys.git repository
on the dev/vanzue/fix-mwb-firewall branch (:information_source: how do I use this?):
curl -s -S -L 'https://raw.githubusercontent.com/check-spelling/check-spelling/67debf50669c7fc76fc8f5d7f996384535a72b77/apply.pl' |
perl - 'https://github.com/microsoft/PowerToys/actions/runs/15064294843/attempts/1'
Errors (3)
See the :open_file_folder: files view, the :scroll:action log, or :memo: job summary for details.
| :x: Errors | Count |
|---|---|
| :warning: binary-file | 1 |
| :x: ignored-expect-variant | 2 |
| :warning: no-newline-at-eof | 1 |
See :x: Event descriptions for more information.
If the flagged items are :exploding_head: false positives
If items relate to a ...
-
binary file (or some other file you wouldn't want to check at all).
Please add a file path to the
excludes.txtfile matching the containing file.File paths are Perl 5 Regular Expressions - you can test yours before committing to verify it will match your files.
^refers to the file's path from the root of the repository, so^README\.md$would exclude README.md (on whichever branch you're using). -
well-formed pattern.
If you can write a pattern that would match it, try adding it to the
patterns.txtfile.Patterns are Perl 5 Regular Expressions - you can test yours before committing to verify it will match your lines.
Note that patterns can't match multiline strings.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
is this respecting the group policy too?
Good catch, you are right, we should use a higher level wrapper instead of the raw property to consider the gpo.
When user clicks the button to switch 'same subnet only' option, we should at least let users know that they need to click another button to make it work in firewall, use #39574 to track
Offline talked with @yeelam-gordon , instead of adding such firewall, and maintain a copy of logic in code to check subnet, we more intend to maintain the subnet control in code, so the fix should be just delete the subnet toggle in firewall set up