Skip to main content

Roadmap

Missing pieces

  • Per-distro build/test/release verification recorded in manifests (build_verified/tests_verified are false)
  • Consistent release manifest entries and release verification blocks for produced MSIX artifacts
  • An evidence bundle (release-evidence) per release, containing filehash.txt and logs
  • Automated reproducible-build guidance and release-note inclusion in installer output
  • A centralized record of installer/MSIX SHA-256 across project manifests

Next steps

  1. Select one child distro and run the full conversion + packaging pipeline end-to-end, producing an MSIX
  2. Record SHA-256, package size, and a per-version verification block in that child's manifest
  3. Create a release-evidence folder for the sample release with build.log, test.log, and filehash.txt
  4. Update WSL.manifest.toml to link the verified child release(s) and reconcile legacy manifests
  5. Add a short reproducible-build note detailing the exact host tools/versions used for that release

Potential improvements

  • Automate the import → test → package pipeline as a single PowerShell wrapper, for repeatable artifacts
  • Embed source ISO and rootfs provenance (source SHA-256) into packaged metadata
  • Centralize developer cert handling and signing status reporting across manifests
  • Smoke-test automation that imports the tar, launches the distro, and records the window title
  • A canonical docs/ folder inclusion step so release docs travel with installers

Creative enhancements (ideas on file, not committed)

  • A provenance metadata injector embedding ISO and rootfs SHA-256 into a machine-readable manifest inside the rootfs before packaging
  • A "frozen-baseline catalog" — a repository of frozen working rootfs tarballs with a quick rollback launcher selecting between baselines
  • A compatibility shim generator appending small wrapper binaries into a rootfs tar to provide missing common utilities
  • An operator dashboard: a simple local UI listing registered WSL distros, artifacts, hashes, and last-verified dates
  • An automated "repair" tool checking an imported distro's health against an integrity matrix and suggesting rootfs overrides