Add validation option for portable installer type in archives

[Trenly]

• I have signed the Contributor License Agreement.
• This pull request is related to an issue.

Description

For the portable installer type, the winget-pkgs repository has a policy of not allowing scripts as installers. This includes .bat, .ps1, and .cmd files.

In addition to the policy at winget-pkgs, the client itself is not designed to handle portable files that are not .exe types. Issues have been filed asking for WinGet to support these in the future, but it currently does not -

• Support other portable application formats #5083
• WinGet supports .jar as a portable application #5086
• WinGet supports installing PowerShell modules as a portable application #5087

This PR adds a validation option which validates the RelativeFilePath within a zip file is always a .exe, but can be extended to include additional formats as the requests above are addressed. This was added as a validation option (similar to the Schema Header Validation) as private repositories may want to not have the file type restrictions that winget-pkgs does - as described in these issues -

• WinGet supports .bat as a portable application #5084
• WinGet supports .cmd as a portable application #5085

This should allow for the validation pipeline at winget-pkgs to automatically reject manifests that contain NestedInstallerFiles that are not supported, while allowing maintainers of private repositories to suppress the restriction by turning the validation option to false.

---

Microsoft Reviewers: Open in CodeFlow

[yao-msft]

Basically same comment as the other pr, I think fullValidation should just work instead of a new ValidateOption. (Just to be clear, any new ValidateOption require a winget service side code change to enable the option).
Regarding warning vs error, if there's no existing manifests that violate this rule, error seems ok. Otherwise, maybe use warning to prevent unexpected failures in winget service.

[Trenly]

Basically same comment as the other pr, I think fullValidation should just work instead of a new ValidateOption. (Just to be clear, any new ValidateOption require a winget service side code change to enable the option). Regarding warning vs error, if there's no existing manifests that violate this rule, error seems ok. Otherwise, maybe use warning to prevent unexpected failures in winget service.

Wouldn't ValidateOption be required in order for private repositories to be able to disable the validation of this, similar to how the schema header validation is?

I'll do a run through of winget-pkgs locally using the dev build and verify that there are no manifests that would be impacted by this being an error

[yao-msft]

Basically same comment as the other pr, I think fullValidation should just work instead of a new ValidateOption. (Just to be clear, any new ValidateOption require a winget service side code change to enable the option). Regarding warning vs error, if there's no existing manifests that violate this rule, error seems ok. Otherwise, maybe use warning to prevent unexpected failures in winget service.

Wouldn't ValidateOption be required in order for private repositories to be able to disable the validation of this, similar to how the schema header validation is?

I'll do a run through of winget-pkgs locally using the dev build and verify that there are no manifests that would be impacted by this being an error

For all manifest read operations, fullValidation is false. So private repositories should be fine. ValidateOptions is for granular control of winget service to choose which validation are performed during different steps. Currently I don't see a need to have a special switch just for this specific validation.

[Trenly]

I'll submit corrections to these 9 manifests - Interestingly, not all of the errors are due to the changes in this PR

• Winpaletter 1.0.9.2; No PR needed, Local manifest changes used for validating the build
• Elasticsearch 8.17.1 - Remove: Elastic.Elasticsearch version 8.17.1 winget-pkgs#231990
• Elasticsearch 8.17.2 - Remove: Elastic.Elasticsearch version 8.17.2 winget-pkgs#231992
• fasm 1.73.30 - Update: fasm.fasm version 1.73.30 winget-pkgs#232378
• Ferium 4.6.0 - Update: GorillaDevs.Ferium version 4.6.0 winget-pkgs#232379
• AzureCLI 2.61.0 - Update Microsoft.AzureCLI version 2.61.0 winget-pkgs#231989
• Sysinternals 2024-12-16 - New Version: Microsoft.Sysinternals version 2025-02-13 winget-pkgs#232381
• Dart-Saas 1.83.4 - Remove: Sass.Dart-Sass version 1.83.4 winget-pkgs#232151
• DepotDownloader 2.6.0 - Update: SteamRE.DepotDownloader version 2.6.0 winget-pkgs#232383