- Separate local declaration from assignment to avoid masking errors (SC2155)
- Add exit code check after Homebrew installer execution
- Add exit code check after NodeSource setup script execution
- Add LASTEXITCODE check after Chocolatey installer execution
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add SHA256 checksum verification to install-core.sh binary download
- Add version pinning (v0.1.0) to install-core.sh matching PowerShell version
- Use mktemp for secure temp files instead of predictable /tmp/core
- Add symlink detection to prevent directory traversal attacks
- Add GPG signature verification for git tags when available
- Add checksum verification for Go binary in install-deps.sh
- Add SHA384 signature verification for Composer installer
- Replace Invoke-Expression with download-verify-execute in install-deps.ps1
- Download Homebrew/NodeSource scripts to temp files before execution
- Add security documentation and warnings for external scripts
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add Makefile for make-based workflow
- Add setup.sh / setup.bat for one-command bootstrap
- Add scripts/install-deps.sh for macOS/Linux dependencies
- Add scripts/install-deps.ps1 for Windows (Chocolatey)
- Add scripts/install-core.sh to build/download core CLI
- Add scripts/install-core.ps1 for Windows
- Update README with installation instructions
Developers can now run:
macOS/Linux: ./setup.sh (or make setup)
Windows: .\setup.bat (as Admin)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
