Does the launcher auto-updater also allow for installing extra extensions when you publish an update?

Launcher’s update mechanism is explicitly just for launcher and osqueryd. I’m not sure there’s a straightfoward way to run launcher with additional extensions anyhow. It’s certainly possible, but I don’t think there are obvious hooks. Maybe

hmm, is that because launcher is designed to only insert itself as an extension via the socket?

Launcher is a bit more complicated, but yes. It’s not impossible to launcher other extensions, but it’s not part of launchers’s designed use case, so we didn’t write it

my goal was to package the fwctl extension from trailofbits so we have a nice way to read windows/linux firewall status as they don’t have an easy table like we have for macos’s alf

Dows fwctl add notable read abilities? I thought it was mostly oriented around being a writable interface

it does indeed mostly describe that new write table stuff but i’m mostly interested in reading the windows firewall status, which it also does (as well as pf, iptables)

You often need to look at multiple tables to understand the state of a system

yeah, so far i’ve looked at processes, services and the registry, but i’ve also seen states where the process is running the firewall service is running and the registry key says it’s enabled, but

netsh advfirewall show allprofiles state

shows it’s not enabled