Add tar archive installer type

[tianon-sso]

📖 Description

Introduces InstallerTypeEnum::Tar as a new archive type alongside InstallerTypeEnum::Zip, allowing manifests to specify InstallerType: tar. Aliases tgz, tbz2, tbz, txz, tzst, tar.gz, tar.bz2, tar.xz, tar.zst, and tar.lz4 all map to the same enum value -- defined once in IsTarInstallerTypeAlias in ManifestCommon.h and shared by both the YAML and REST deserialization paths.

Extraction always routes through tar.exe (libarchive, ships with Windows 10 1803+) rather than the Shell API, which only understands zip. For local-manifest installs, malware scanning is skipped with a visible warning -- ScanZipFile is zip-specific and a tar scanner is out of scope. The remaining archive workflow layers (nested installer validation, path verification, nested installer resolution, repair) reuse the existing IsArchiveType-driven code paths, which are extended here to include Tar.

Updates PackageInstallerType in the COM/WinRT IDL (contract 14), the PowerShell enum, the REST deserializer, and the latest manifest JSON schema.

Assisted-By: "claude my eyes right out"

🔗 References

Implements part of #2899 (not "resolves" because this is only tar and wrapped-tar formats, not 7z or rar as noted in the issue)

🔍 Validation

TBD

✅ Checklist

• Signed the Contributor License Agreement
• Linked to an issue
• Updated Release Notes (if applicable)
• Updated documentation (if applicable)
• Updated Copilot instructions (if build, architecture, or conventions changed)

📋 Issue Type

• Bug fix
• Feature
• Task

Microsoft Reviewers: Open in CodeFlow

[tianon-sso]

I'm opening this as a draft because I'm not sure what the level of interest in it is or whether it's worth doing more work to validate / test / document it further. 🙇 ❤️

(I'm also happy if someone else wants to take it from here -- no pride in authorship here, just scratching an itch and I'm perfectly fine with this being closed if there's no appetite for it 💖)

[tianon-sso]

(what I thought was most interesting was that the "difficult" bits of this change already exist in the codebase -- actually using tar.exe ❤️)

[github-actions]

@check-spelling-bot Report

🔴 Please review

See the 📂 files view, the 📜action log, or 📝 job summary for details.

Unrecognized words (5)

tbz
tgz
txz
tzst
zst

These words are not needed and should be removed

AAD ABCD abi ACL'd AMap Amd appdata ARMNT asan Baz bitmask bluetooth boundparms brk Buf certs cgi CMSG codepage commandline constexpr Cov cswinrt CTL Dbg Dcom decompressor dedupe DEFT devhome Dns dsc ERANGE errcode errmsg errstr filemode Finalizers FULLWIDTH fuzzer GES github Hackathon HINSTANCE hlocal hmac Hyperlink ICONDIR icu idx img inet Intelli iwr JDK LCID lhs LONGLONG LPBYTE LPCWSTR LPDWORD LPSTR LPVOID LPWSTR MAJORVERSION MAXLENGTH maxvalue MDs MINORVERSION mta nlohmann NONAME NOUPDATE NTFS ofile oid oop OPTOUT outfile OUTOFMEMORY PARAMETERMAP pdb PDWORD pid PKCS pkix placeholders positionals posix pscustomobject pseudocode PSHOST publickey qword redirector regexes remoting reparse REQS rhs rowid RTTI runspace runtimes SARL savepoint Scm sid sqlite subdir subkey trimstart ttl typedef uninitialize uninstallation UNMARSHALING userprofile versioned Webserver website wildcards winreg WMI workaround Wpp wsl

To accept these unrecognized words as correct and remove the previously acknowledged and now absent words, you could run the following commands

... in a clone of the git@github.com:tianon-sso/winget-cli.git repository
on the tar branch (ℹ️ how do I use this?):

curl -s -S -L 'https://raw.githubusercontent.com/check-spelling/check-spelling/v0.0.26/apply.pl' |
perl - 'https://github.com/microsoft/winget-cli/actions/runs/27312525964/attempts/1' &&
git commit -m 'Update check-spelling metadata'

Pattern suggestions ✂️ (2)

You could add these patterns to .github/actions/spelling/patterns.txt:

# Automatically suggested patterns

# hit-count: 1 file-count: 1
# assign regex
= /[^*].*?(?:[a-z]{3,}|[A-Z]{3,}|[A-Z][a-z]{2,}).*/[gi]?(?=\W|$)

# hit-count: 1 file-count: 1
# regex choice
\(\?:[^)]+\|[^)]+\)

Alternatively, if a pattern suggestion doesn't make sense for this project, add a # to the beginning of the line in the candidates file with the pattern to stop suggesting it.

Warnings and Notices ⚠️ (2)

See the 📂 files view, the 📜action log, or 📝 job summary for details.

⚠️ Warnings and Notices	Count
ℹ️ candidate-pattern	2
⚠️ unexpected-line-ending	2

See ⚠️ Event descriptions for more information.

If the flagged items are 🤯 false positives

If items relate to a ...

• binary file (or some other file you wouldn't want to check at all).

  Please add a file path to the excludes.txt file matching the containing file.

  File paths are Perl 5 Regular Expressions - you can test yours before committing to verify it will match your files.

  ^ refers to the file's path from the root of the repository, so ^README\.md$ would exclude README.md (on whichever branch you're using).

• well-formed pattern.

  If you can write a pattern that would match it,
  try adding it to the patterns.txt file.

  Patterns are Perl 5 Regular Expressions - you can test yours before committing to verify it will match your lines.

  Note that patterns can't match multiline strings.