(For context, Microsoft has been trying for 7 years various methods to get developers to please package their apps in some way. Almost nobody has ever bit - to the point the Microsoft Store only has been having some recent success by promising packaging isn't required.)
https://petri.com/microsofts-project-centennial-unsuccessful...
See:
https://learn.microsoft.com/en-us/windows/win32/secauthz/app...
https://learn.microsoft.com/en-us/windows/win32/api/userenv/...
https://scorpiosoftware.net/2019/01/15/fun-with-appcontainer...
IIRC, it used a filesystem driver shim that rerouted all FS writes during installation into an overlay filesystem image; and then generated a self-unpacking executable, embedding that overlay image, that unpacked the core EXE and spawned it shimmed to read from the overlay image.
What did Windows 10X do that was different than that?
See BlueHat IL talk on the matter,
There are no plans for Windows 10, beyond security fixes until 2025, it is done.
EDIT: There is a BUILD 2023 talk on the matter as well.
Modern JavaFX theme: https://github.com/mkpaz/atlantafx
Modern Swing theme: https://github.com/JFormDesigner/FlatLaf
And these days Compose Multiplatform: https://www.jetbrains.com/lp/compose-multiplatform/
I tend to use Kotlin rather than Java but of course Java is perfectly fine too. You can also use Clojure.
If you use any of those frameworks you can distribute to Win/Mac/Linux in one command with Conveyor. It's free for open source apps and can do self-signing for Windows if you don't want to pay for the certificates or the Store (but the Store is super cheap these days, $19 one off payment for an individual). Also supports Electron and Flutter if you want to use those.
From those frameworks you can then access whatever parts of the Windows API you want. Flutter even has WinRT bindings these days! So it's not quite so bad.
Windows is in maintenance mode. Nothing new and substantial they create will ever get to a working state, they just don't have the resources. I have given up.
[0]: https://github.com/microsoft/microsoft-ui-xaml/issues/8141
https://learn.microsoft.com/en-us/virtualization/windowscont...
And while I'm not aware of any way to sandbox Windows Installer itself, I'm curious if AppContainer isolation can be applied to applications and services installed via MSI, which would still be quite useful even if the installation process itself is unrestricted.
Alternatively, now that MSIX supports service installation[2], I wonder whether an MSIX including a Windows service and a collection of client applications can be configured so everything runs within one AppContainer, isolated from the rest of the system, and whether permission to access specific external directories chosen by users in a configuration GUI can be transparently (to the user) delegated to the related service.
Alas, none of this is useful to me unless it's compatible with at least the most recent version of Windows 10: very few of my customers are running Windows 11, and I suspect many won't upgrade until Windows 10 is no longer supported (optimistically; as of last year, I was still getting occasional support requests from customers running older versions of our software on Windows Server 2003 R2).
[2] https://learn.microsoft.com/en-us/windows/msix/supported-pla...
Does it, by default? https://developer.apple.com/documentation/security/app_sandb... [1] doesn't look like it, and there seem to be special features for requesting access to related files which wouldn't be necessary if selecting a file gave you access to the whole directory. Though I've got no Mac, so no idea how this actually works in practice – maybe you're right, though it'd also noticeably weaken the sandbox, which seems strange.
> I'm curious what you mean by customized UX around file I/O?
Simply things like a directory tree control integrated into the UI, IrfanView's directory switcher (when you reach the start or end of a directory while browsing through your pictures, it pops up a dialogue that allows you to easily – and without having to use the mouse – navigate up and down the directory tree to a different folder), or even something as simple text input control that allows direct editing instead of always having to go via an official OS file picker.
[1] It seems like Apple does have some support for storing relative file references after all ("document-scoped bookmarks"), so that picking something like a master project file also gives access to all related documents, no matter how complex the file format is, though I have no idea whether those really work even when moving files between different devices, and they almost certainly won't work for cross-platform file formats, because non-Mac software will of course have no idea about that kind of thing. And last time I looked, Android's and Windows's sandbox implementation didn't have anything comparable, and Linux likely doesn't, either…