core/php-devops
8
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 4

fix(install): use latest release instead of hardcoded version
Some checks are pending
CodeQL / Analyze (push) Waiting to run
Details
Free Tier Security Scanners / semgrep (push) Waiting to run
Details
Free Tier Security Scanners / trivy (push) Waiting to run
Details
Free Tier Security Scanners / gitleaks (push) Waiting to run
Details
Free Tier Security Scanners / osv-scanner (push) Waiting to run
Details
Free Tier Security Scanners / checkov (push) Waiting to run
Details
Free Tier Security Scanners / aggregate-findings (push) Blocked by required conditions
Details
Bootstrap from Template / bootstrap (push) Waiting to run
Details
Test Setup Scripts / Linux (Ubuntu) (push) Waiting to run
Details
Test Setup Scripts / macOS (push) Waiting to run
Details
Test Setup Scripts / Windows (push) Waiting to run
Details
Test Setup Scripts / All Platforms (push) Blocked by required conditions
Details

Browse source 
- install-core.sh: Auto-detect latest release via gh/curl (was hardcoded v0.1.0)
- install-core.ps1: Add Get-LatestVersion for build-from-source path
- install-deps.sh: Fix bash 3 compatibility (${var,,} → tr)
- README.md: Fix command (core health → core dev health)
- Fix CRLF line endings in shell scripts

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Snider 2026-02-02 02:36:18 +00:00
parent ec2e1c9865
commit 6ec9fa13fc
4 changed files with 52 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -32,7 +32,7 @@ You're now ready to develop. The workspace starts with `core-php` as the active
core doctor
# See workspace status
core health
core dev health
# Run tests in the active package (core-php)
core php test

33
scripts/install-core.ps1
View file

@ -29,6 +29,23 @@ if ($PSVersionTable.PSVersion.Major -lt 4) {
$Repo = "host-uk/core"
$MinDiskSpaceMB = 100 # Minimum required disk space in MB
# Resolve latest release version from GitHub API
function Get-LatestVersion {
try {
if (Test-Command gh) {
$version = gh release view --repo $Repo --json tagName -q '.tagName' 2>$null
if ($version) { return $version }
}
# Fallback to GitHub API
$response = Invoke-RestMethod -Uri "https://api.github.com/repos/$Repo/releases/latest" -UseBasicParsing
if ($response.tag_name) { return $response.tag_name }
} catch {
Write-Warn "Could not determine latest version, using default branch"
}
return $null
}
function Write-Info { Write-Host "[INFO] $args" -ForegroundColor Green }
function Write-Warn { Write-Host "[WARN] $args" -ForegroundColor Yellow }
function Write-Err { Write-Host "[ERROR] $args" -ForegroundColor Red; exit 1 }
@ -339,11 +356,23 @@ function Build-FromSource {
$null = Set-SecureDirectoryAcl -Path $tmpdir -Required
try {
# Resolve latest version for reproducible builds
$version = Get-LatestVersion
if ($version) {
Write-Info "Resolved latest version: $version"
} else {
Write-Warn "Building from default branch (version unknown)"
}
Write-Info "Cloning $Repo..."
$cloneDir = Join-Path $tmpdir "Core"
# Clone default branch
git clone --depth 1 "https://github.com/$Repo.git" $cloneDir
# Clone specific version if available, otherwise default branch
if ($version) {
git clone --depth 1 --branch $version "https://github.com/$Repo.git" $cloneDir
} else {
git clone --depth 1 "https://github.com/$Repo.git" $cloneDir
}
if ($LASTEXITCODE -ne 0) {
Write-Err "Failed to clone repository"
}

20
scripts/install-core.sh
View file

@ -21,10 +21,24 @@ set -e
# - No TLS certificate pinning (relies on system CA store)
REPO="host-uk/core"
VERSION="v0.1.0" # Pinned version - update when releasing new versions
VERSION="${CORE_VERSION:-latest}" # Use latest release, or set CORE_VERSION=dev for dev builds
INSTALL_DIR="${INSTALL_DIR:-$HOME/.local/bin}"
BUILD_FROM_SOURCE="${BUILD_FROM_SOURCE:-auto}"
# Resolve "latest" to actual release tag
resolve_version() {
if [[ "$VERSION" == "latest" ]]; then
if has gh; then
VERSION=$(gh release view --repo "$REPO" --json tagName -q '.tagName' 2>/dev/null) || VERSION="dev"
elif has curl; then
VERSION=$(curl -fsSL "https://api.github.com/repos/$REPO/releases/latest" 2>/dev/null | grep '"tag_name"' | head -1 | cut -d'"' -f4) || VERSION="dev"
else
VERSION="dev"
fi
info "Resolved latest version: $VERSION"
fi
}
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
@ -75,7 +89,8 @@ verify_hash() {
actual_hash=$(compute_sha256 "$file")
if [[ "${actual_hash,,}" != "${expected_hash,,}" ]]; then
# Case-insensitive compare (bash 3 compatible)
if [[ "$(echo "$actual_hash" | tr '[:upper:]' '[:lower:]')" != "$(echo "$expected_hash" | tr '[:upper:]' '[:lower:]')" ]]; then
rm -f "$file"
error "Hash verification failed! Expected: $expected_hash, Got: $actual_hash. The downloaded file may be corrupted or tampered with."
fi
@ -282,6 +297,7 @@ verify() {
}
main() {
resolve_version
info "Installing Core CLI (version $VERSION)..."
# Verify install directory is safe before starting

3
scripts/install-deps.sh
View file

@ -44,7 +44,8 @@ verify_hash() {
actual_hash=$(compute_sha256 "$file")
if [[ "${actual_hash,,}" != "${expected_hash,,}" ]]; then
# Case-insensitive compare (bash 3 compatible)
if [[ "$(echo "$actual_hash" | tr '[:upper:]' '[:lower:]')" != "$(echo "$expected_hash" | tr '[:upper:]' '[:lower:]')" ]]; then
rm -f "$file"
error "Hash verification failed! Expected: $expected_hash, Got: $actual_hash"
fi