-- Software whitelist: processes that should NEVER be blocked even if matched by blacklist rules. -- This provides a safety net to prevent false positives from killing legitimate applications. CREATE TABLE IF NOT EXISTS software_whitelist ( id INTEGER PRIMARY KEY AUTOINCREMENT, name_pattern TEXT NOT NULL, reason TEXT, is_builtin INTEGER NOT NULL DEFAULT 0, -- 1 = system default, 0 = admin-added enabled INTEGER NOT NULL DEFAULT 1, created_at TEXT NOT NULL DEFAULT (datetime('now')) ); -- Built-in whitelist entries for common safe applications INSERT INTO software_whitelist (name_pattern, reason, is_builtin) VALUES -- Browsers ('chrome.exe', 'Google Chrome browser', 1), ('msedge.exe', 'Microsoft Edge browser', 1), ('firefox.exe', 'Mozilla Firefox browser', 1), ('iexplore.exe', 'Internet Explorer', 1), ('opera.exe', 'Opera browser', 1), ('brave.exe', 'Brave browser', 1), ('vivaldi.exe', 'Vivaldi browser', 1), -- Development tools & IDEs ('code.exe', 'Visual Studio Code', 1), ('devenv.exe', 'Visual Studio', 1), ('idea64.exe', 'IntelliJ IDEA', 1), ('webstorm64.exe', 'WebStorm', 1), ('pycharm64.exe', 'PyCharm', 1), ('goland64.exe', 'GoLand', 1), ('clion64.exe', 'CLion', 1), ('rider64.exe', 'Rider', 1), ('trae.exe', 'Trae IDE', 1), ('windsurf.exe', 'Windsurf IDE', 1), ('cursor.exe', 'Cursor IDE', 1), -- Office & productivity ('winword.exe', 'Microsoft Word', 1), ('excel.exe', 'Microsoft Excel', 1), ('powerpnt.exe', 'Microsoft PowerPoint', 1), ('outlook.exe', 'Microsoft Outlook', 1), ('onenote.exe', 'Microsoft OneNote', 1), ('teams.exe', 'Microsoft Teams', 1), ('wps.exe', 'WPS Office', 1), -- Terminal & system tools ('cmd.exe', 'Command Prompt', 1), ('powershell.exe', 'PowerShell', 1), ('pwsh.exe', 'PowerShell Core', 1), ('WindowsTerminal.exe', 'Windows Terminal', 1), -- Communication ('wechat.exe', 'WeChat', 1), ('dingtalk.exe', 'DingTalk', 1), ('feishu.exe', 'Feishu/Lark', 1), ('qq.exe', 'QQ', 1), ('tim.exe', 'Tencent TIM', 1), -- CSM ('csm-client.exe', 'CSM Client itself', 1);