PsPatchMyPC

1.1.3

Enterprise application patching module integrating winget with PatchMyPC-style orchestration and Nudge-inspired progressive enforcement. Supports deferrals, notifications, dual logging, and orchestrator-agnostic deployment.

Minimum PowerShell version

5.1

Installation Options

Copy and Paste the following command to install this package using PowerShellGet More Info

Install-Module -Name PsPatchMyPC

Copy and Paste the following command to install this package using Microsoft.PowerShell.PSResourceGet More Info

Install-PSResource -Name PsPatchMyPC

You can deploy this package directly to Azure Automation. Note that deploying packages with dependencies will deploy all the dependencies to Azure Automation. Learn More

Manually download the .nupkg file to your system's default download location. Note that the file won't be unpacked, and won't include any dependencies. Learn More

Owners

Copyright

(c) 2024 Thomas Tyson. MIT License.

Package Details

Author(s)

  • Thomas Tyson

Tags

Patching Winget Enterprise Updates Intune FleetDM SCCM Notifications Deferrals Compliance

Functions

Get-PatchStatus Start-PatchCycle Get-PatchMyPCConfig Initialize-Winget Test-WingetAvailable Get-WingetUpdates Install-WingetUpdate Show-PatchNotification Show-DeferralDialog Show-ToastNotification Register-PatchSchedule Unregister-PatchSchedule Get-PatchSchedule Get-DeferralState Set-PatchDeferral Reset-DeferralState Test-DeferralAllowed Get-DeferralPhase Export-PatchReport Get-PatchCompliance Get-ManagedApplications Add-ManagedApplication Remove-ManagedApplication Get-PatchMyPCLogs

Dependencies

This module has no dependencies.

Release Notes

## Version 1.1.3
### Bug Fixes
- Fixed array filtering bug in Remove-ManagedApplication that could leave null element in catalog

## Version 1.1.2
### Bug Fixes
- Fixed misleading message when `-InstallMissing` not passed
- Now shows "No updates available (use -InstallMissing to install missing catalog apps)"

## Version 1.1.1
### Improvements
- Event Viewer logging now uses pre-existing "WSH" (Windows Script Host) source
- No admin privileges required to write events to Event Viewer
- Events prefixed with [PsPatchMyPC] for easy filtering
- Query events: `Get-EventLog -LogName Application -Source WSH | Where-Object { $_.Message -match 'PsPatchMyPC' }`

## Version 1.1.0
### New Features
- **Install Missing Applications**: Use `-InstallMissing` parameter to install catalog apps that are not yet installed
- **Version Pinning**: Three modes to control updates:
 - `max`: Allow updates up to a specified version (e.g., don't update Chrome past v130)
 - `exact`: Install and maintain a specific version only (e.g., always keep Python 3.11.9)
 - `freeze`: Never update (keep current version)
- **Per-App Initial Install Deferral**: Configure `deferInitialInstall` to allow users to defer first-time installations
- New catalog fields: `installIfMissing`, `deferInitialInstall`, `versionPin`

### Usage Examples
```powershell
# Install missing apps and update existing ones
Start-PatchCycle -InstallMissing -NoReboot

# Force install all missing apps without deferrals
Start-PatchCycle -InstallMissing -Force
```

## Version 1.0.5
### Bug Fixes
- Fixed non-admin scenarios where deferral state and compliance output could not be persisted (ProgramData not writable)
- Added automatic fallback of Log/State/Config paths to a user-writable TEMP location
- Hardened UTC parsing for deferral timestamps (prevents deadline calculations from drifting)

## Version 1.0.4
### Bug Fixes
- Added defensive validation to prevent empty TargetVersion in DeferralState objects
- Default TargetVersion to 'Latest' in DeferralState constructor
- Validate TargetVersion in state loading and initialization functions

## Version 1.0.3
### Bug Fixes
- Fixed empty AvailableVersion causing Start-PatchCycle to fail
- Normalizes blank winget versions to "Latest" in both detection and state initialization

## Version 1.0.2
### Bug Fixes
- Fixed `Start-PatchCycle` failing when winget returns an empty AvailableVersion (normalizes to `Latest`)
- Hardened winget version selection to pick the first non-empty entry from `AvailableVersions`

## Version 1.0.1
### Bug Fixes
- Fixed WPF dialog requiring STA thread - now uses runspace for MTA compatibility
- Fixed AvailableVersion not populated (uses AvailableVersions array from winget)
- Fixed registry state fallback to file-based state when not running as admin
- Fixed interactive mode now properly shows deferral dialog

## Version 1.0.0
### Initial Release
- Winget integration with auto-installation support
- Progressive deferral system (Nudge-inspired)
- WPF notification dialogs with countdown timers
- BurntToast integration for toast notifications
- Dual logging (CMTrace format + Windows Event Log)
- Registry-based state persistence
- Scheduled task management (SYSTEM + User context)
- Enterprise application catalog
- Intune/FleetDM/SCCM compatible
- Compliance reporting and JSON output

### Environment Variables
- `PSPMPC_LOG_PATH`: Custom log directory
- `PSPMPC_CONFIG_PATH`: Custom config location
- `PSPMPC_EVENT_LOG`: Enable/disable Event Log (true/false)
- `PSPMPC_WINGET_SOURCE`: Private winget source URL

FileList

Version History

Version Downloads Last updated
1.1.3 (current version) 4 12/11/2025
1.1.2 4 12/11/2025
1.1.1 5 12/11/2025
1.1.0 4 12/11/2025
1.0.5 5 12/11/2025
1.0.4 5 12/11/2025
1.0.3 4 12/11/2025
1.0.2 5 12/11/2025
1.0.1 4 12/11/2025
1.0.0 5 12/11/2025
Show more