Specification: PUA Allowlisting with User Warnings#6293
Conversation
Specification for a tiered PUA classification system enabling legitimate software (RustDesk, Malwarebytes, etc.) to be published to winget-pkgs with governed allowlisting, client warnings, and GPO controls. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
| | **Restricted** | Legitimate uses but elevated risk profile | Moderator review required | Strong warning + consent | | ||
| | **Blocked** | Confirmed unwanted/malicious | Rejected | N/A | | ||
|
|
||
| ### Manifest Schema Extension (v1.29.0) |
|
|
||
| ### Allowlist Governance | ||
|
|
||
| Maintained as `policies/pua-allowlist.yaml` in `winget-pkgs`: |
There was a problem hiding this comment.
Clarify if this file is maintained by automation, or manually. What edit restrictions need to be placed on it at pkgs?
| #### `--silent`: | ||
|
|
||
| Warning suppressed entirely. Installation proceeds. | ||
|
|
There was a problem hiding this comment.
--silent does not currently control any CLI behavior as far as I'm aware, it only uses the silent installer switches. Confirm if the two behaviors should be mixed
| #### `--silent`: | ||
|
|
||
| Warning suppressed entirely. Installation proceeds. | ||
|
|
| | `winget upgrade` | Show PUA warning if upgrading a PUA package | | ||
| | `winget show` | Display PUA classification in package details | | ||
| | `winget search` | `--include-security` shows PUA flag in results | | ||
| | `winget list` | `--include-security` shows PUA flag for installed PUA packages | |
|
|
||
| ### Schema Version | ||
|
|
||
| Requires manifest schema version 1.29.0 for the `PuaClassification` field. |
|
|
||
| ## Inspiration | ||
|
|
||
| Microsoft Defender's PUA detection flags software based on behavioral categories. While protective for most users, these heuristics also block legitimate software: |
There was a problem hiding this comment.
Most of the detections I've encountered have been K7 and ESET (via ScanX?), rather than Defender. eg RustDesk is flagged by ESET, Malwarebytes by K7
I'm really glad to see progress on this feature!
| - **AnyDesk**, **TeamViewer** portable editions — Flagged under remote access category | ||
| - Other legitimate tools — Flagged for system-level access patterns | ||
|
|
||
| Their absence from `winget-pkgs` damages credibility and drives users to less-safe acquisition methods (direct downloads from unknown mirrors, Chocolatey community packages without validation). |
There was a problem hiding this comment.
Also, sometimes specific versions slip through. winget-pkgs ends up with old or vulnerable versions
|
|
||
| | Property | Type | Required | Description | | ||
| |----------|------|----------|-------------| | ||
| | `Categories` | string[] | Yes | PUA categories detected (enum: see below) | |
There was a problem hiding this comment.
Does ScanX or something else define these categories? At the moment, public contributors just see the detection name, which seems to vary wildly across vendors
| - Changes require a dedicated PR (not bundled with manifest submissions) | ||
| - Minimum 2 moderator approvals for `Allowed` tier | ||
| - Microsoft security team sign-off required for `Restricted` tier | ||
| - Annual re-review required (ReviewDate must be within 12 months) |
There was a problem hiding this comment.
Would these reviews be triggered automatically, and/or in public?
- Remove version-specific numbers from headings - Rewrite governance to use waiver system (Microsoft human review, not policy bot) - Fix --silent: only affects installer switches, not PUA warnings - Add --ignore-warnings for suppressing PUA warning output - Replace --include-security with --details (existing flag) - Clarify PUA categories come from various AV vendors (not just Defender) - Document waiver flow: label on PR signals Microsoft maintainer to review Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@check-spelling-bot Report🔴 Please reviewSee the 📂 files view, the 📜action log, or 📝 job summary for details.Unrecognized words (8)AGPL These words are not needed and should be removedAAD ABCD abi ACL'd AMap Amd appdata ARMNT asan Baz bitmask bluetooth boundparms brk Buf certs cgi CMSG codepage commandline constexpr Cov cswinrt CTL Dbg Dcom decompressor dedupe DEFT devhome Dns dsc ERANGE errcode errmsg errstr filemode Finalizers FULLWIDTH fuzzer GES github Hackathon HINSTANCE hlocal hmac Hyperlink ICONDIR icu idx img inet Intelli iwr JDK LCID lhs LONGLONG LPBYTE LPCWSTR LPDWORD LPSTR LPVOID LPWSTR MAJORVERSION MAXLENGTH maxvalue MDs MINORVERSION mta nlohmann NONAME NOUPDATE NTFS ofile oid oop OPTOUT outfile OUTOFMEMORY PARAMETERMAP pdb PDWORD pid PKCS pkix placeholders positionals posix pscustomobject pseudocode PSHOST publickey qword redirector regexes remoting reparse REQS rhs rowid RTTI runspace runtimes SARL savepoint Scm sid sqlite subdir subkey trimstart ttl typedef uninitialize uninstallation UNMARSHALING userprofile versioned Webserver website wildcards winreg WMI workaround Wpp wslTo accept these unrecognized words as correct and remove the previously acknowledged and now absent words, you could run the following commands... in a clone of the git@github.com:denelon/winget-cli.git repository curl -s -S -L 'https://raw.githubusercontent.com/check-spelling/check-spelling/v0.0.26/apply.pl' |
perl - 'https://github.com/microsoft/winget-cli/actions/runs/27971972268/attempts/1' &&
git commit -m 'Update check-spelling metadata'Pattern suggestions ✂️ (2)You could add these patterns to Alternatively, if a pattern suggestion doesn't make sense for this project, add a Warnings and Notices
|
| Count | |
|---|---|
| ℹ️ candidate-pattern | 2 |
| 2 |
See
If the flagged items are 🤯 false positives
If items relate to a ...
-
binary file (or some other file you wouldn't want to check at all).
Please add a file path to the
excludes.txtfile matching the containing file.File paths are Perl 5 Regular Expressions - you can test yours before committing to verify it will match your files.
^refers to the file's path from the root of the repository, so^README\.md$would exclude README.md (on whichever branch you're using). -
well-formed pattern.
If you can write a pattern that would match it,
try adding it to thepatterns.txtfile.Patterns are Perl 5 Regular Expressions - you can test yours before committing to verify it will match your lines.
Note that patterns can't match multiline strings.
3 participants
📖 Description
Specification for a tiered PUA classification system enabling legitimate software (RustDesk, Malwarebytes, etc.) to be published to winget-pkgs with governed allowlisting, client-side warnings, and Group Policy controls. Includes manifest schema extension, validation pipeline changes, and enterprise policy management.
Changes addressing review feedback (June 22):
--silentbehavior: only affects installer switches, does not suppress PUA warnings--ignore-warningssupport for suppressing PUA warning output--include-securitywith existing--detailsflag for PUA info in show/search/listAuthored with GitHub Copilot assistance.
🔗 References
Related Issues:
🔍 Validation
Spec document — no code changes to validate.
✅ Checklist
📋 Issue Type
Microsoft Reviewers: Open in CodeFlow