Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for macOS universal binaries #41

Merged
merged 6 commits into from
Jun 25, 2024
Merged

Add support for macOS universal binaries #41

merged 6 commits into from
Jun 25, 2024

Conversation

creativeprojects
Copy link
Owner

@creativeprojects creativeprojects commented Jun 16, 2024
edited by coderabbitai bot
Loading

closes #37

Adds a new config option in selfupdate.Config named UniversalArch which should contain the name of your universal binaries arch (examples: all, universal, etc.)

Summary by CodeRabbit

  • New Features

    • Added support for different versions of ARM architectures and macOS universal binaries.
    • Introduced IsDarwinUniversalBinary function to check for universal binaries on macOS.
    • Enhanced source provider detection and binary update functionalities.

  • Bug Fixes

    • Improved ARM CPU architecture detection.

  • Documentation

    • Updated README to reflect changes in ARM support and macOS universal binaries.

  • Tests

    • Added new test cases for ARM and macOS universal binaries.
    • Introduced parallel execution for test functions and improved error handling.

@coderabbitai coderabbitai
Copy link

coderabbitai bot commented Jun 16, 2024
edited
Loading

Walkthrough

Recent modifications to the go-selfupdate library include support for various ARM architectures and macOS universal binaries, enhancements in source provider detection, and binary update functionalities. Key changes involve refactoring ARM CPU detection, enhancing logging interfaces, and including bzip2 compression support. Additionally, tested paths for executables, adjusted update logic, and new configuration settings were introduced while ensuring thorough validation through added test functions and improved code structure.

Changes

Files/Directories Change Summary
README.md Updated summaries, descriptions, examples, and API function details related to source providers, semver, and more.
arm.go Removed goarm variable and init function; refactored ARM detection logic.
config.go Added field UniversalArch and made minor comment adjustments in Config struct.
detect.go Updated DetectLatest function to reflect changes in compression format (zxip replaced by xz).
internal/path.go, path_test.go Introduced GetExecutablePath function and corresponding test function.
update.go Modified variable assignment and removed os import; updated exec path retrieval logic.
update/apply.go, apply_test.go Refined test functions, added parallel execution, and made minor error handling and constant adjustments.
update/hide_test.go, hide_windows.go Introduced test for hideFile and improved path string handling for Windows.
update/options.go Added Options struct and methods for applying updates, setting PEM, and verifying checksum and signatures.
updater.go Adjusted source handling, error checking for GitHub URLs, and ARM architecture retrieval in NewUpdater and DefaultUpdater functions.
arch_test.go Added universalArch to test data and updated test cases to incorporate architecture variations.
cmd/detect-latest-release/update.go Removed os import and adjusted exec path retrieval logic.
codecov.yml Integrated Codecov settings for notifications and coverage reporting.
detect_test.go Expanded test data to include different architecture asset names and universal Arch support.
universal_binary.go Introduced IsDarwinUniversalBinary function to check if file is a universal binary on Darwin systems.

Assessment against linked issues

Objective Addressed Explanation
Support for MacOS universal binaries (#37)

🐰 In code we trust, with binaries we play,
For ARM and macOS, we've paved the way,
Refactored with care, logic anew,
Update and test, all passing through,
In bytes and lines, our changes shine,
For a brighter codebase, so divine.

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share
Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai generate interesting stats about this repository and render them as a table.
    • @coderabbitai show all the console.log statements in this repository.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@codecov Codecov
Copy link

codecov bot commented Jun 16, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 66.66667% with 27 lines in your changes missing coverage. Please review.

Project coverage is 76.95%. Comparing base (0e5ed1c) to head (53a7583).

Files Patch % Lines
update/options.go 63.64% 8 Missing and 4 partials ⚠️
universal_binary.go 0.00% 6 Missing ⚠️
update/apply.go 16.67% 4 Missing and 1 partial ⚠️
update/hide_windows.go 40.00% 2 Missing and 1 partial ⚠️
update.go 0.00% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main      #41      +/-   ##
==========================================
+ Coverage   75.69%   76.95%   +1.26%     
==========================================
  Files          23       26       +3     
  Lines        1086     1089       +3     
==========================================
+ Hits          822      838      +16     
+ Misses        225      211      -14     
- Partials       39       40       +1
Flag Coverage Δ
unittests 76.95% <66.67%> (+1.26%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

coderabbitai[bot]
coderabbitai bot reviewed Jun 16, 2024
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 7

Outside diff range and nitpick comments (9)
arm.go (1)

Line range hint 15-15: Remove the unnecessary conversion to uint8.

- return uint8(setting.Value[0] - '0')
+ return setting.Value[0] - '0'
update/apply.go (2)

Line range hint 83-83: Optimize error handling by initializing err in the same line as the function call.

- if opts.Checksum != nil {
-   if err = opts.verifyChecksum(newBytes); err != nil {
-     return err
-   }
- }
+ if opts.Checksum != nil && (err := opts.verifyChecksum(newBytes)) != nil {
+   return err
+ }
Tools
golangci-lint

15-15: File is not gofumpt-ed (gofumpt)

Line range hint 89-89: Similarly, streamline the error handling for signature verification.

- if verify {
-   if err = opts.verifySignature(newBytes); err != nil {
-     return err
-   }
- }
+ if verify && (err := opts.verifySignature(newBytes)) != nil {
+   return err
+ }
Tools
golangci-lint

15-15: File is not gofumpt-ed (gofumpt)

detect.go (2)

Line range hint 282-282: Consider defining windows as a constant since it's used multiple times.

+ const osWindows = "windows"
- if up.os == "windows" {
+ if up.os == osWindows {
Tools
golangci-lint

21-21: named return "release" with type "*Release" found (nonamedreturns)

Line range hint 41-41: Both validateReleaseAsset and findAssetFromRelease functions exceed recommended length. Consider breaking these down into smaller, more manageable functions.

Also applies to: 174-174

Tools
golangci-lint

21-21: named return "release" with type "*Release" found (nonamedreturns)

update/apply_test.go (2)

Line range hint 123-290: Private keys are embedded in the test file, which could potentially expose sensitive information if the repository is public.

Consider using environment variables or configuration files for storing sensitive keys.

Tools
golangci-lint

[high] 284-284: G101: Potential hardcoded credentials: SSH (EC) private key (gosec)

Line range hint 1-1: The test package should be named update_test to ensure it only accesses public members of the update package, promoting better encapsulation.

- package update
+ package update_test
Tools
golangci-lint

[medium] 28-28: G306: Expect WriteFile permissions to be 0600 or less (gosec)

27-27: parameter *testing.T should be the first or after context.Context (thelper)

README.md (2)

46-47: Clarify support for macOS universal binaries
The addition of support for macOS universal binaries is significant. However, the documentation could benefit from a more detailed explanation of how this feature is implemented or how users can leverage this new support.

Tools
Markdownlint

46-46: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

47-47: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

58-58: Improve clarity of the semver.Version API description
The description of how the semver.Version type is exposed through the API could be made clearer. Specifically, it would help to specify examples or more detailed use cases to illustrate the functionality of LessThan, Equal, and GreaterThan.

Tools
Markdownlint

58-58: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

58-58: null (MD032, blanks-around-lists)
Lists should be surrounded by blank lines

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 0e5ed1c and fd4f7ea.

Files selected for processing (13)
  • README.md (1 hunks)
  • arm.go (1 hunks)
  • config.go (1 hunks)
  • detect.go (1 hunks)
  • internal/path.go (1 hunks)
  • internal/path_test.go (1 hunks)
  • update.go (2 hunks)
  • update/apply.go (4 hunks)
  • update/apply_test.go (14 hunks)
  • update/hide_test.go (1 hunks)
  • update/hide_windows.go (1 hunks)
  • update/options.go (1 hunks)
  • updater.go (4 hunks)
Files skipped from review due to trivial changes (1)
  • internal/path.go
Additional context used
golangci-lint
internal/path_test.go

1-1: package should be internal_test instead of internal (testpackage)

update/hide_test.go

1-1: package should be update_test instead of update (testpackage)

arm.go

15-15: unnecessary conversion (unconvert)

updater.go

45-45: variable name 'os' is too short for the scope of its usage (varnamelen)

update.go

49-49: assignOp: replace cmdPath = cmdPath + ".exe" with cmdPath += ".exe" (gocritic)

41-41: paramTypeCombine: func(ctx context.Context, cmdPath string, current string, repository Repository) (*Release, error) could be replaced with func(ctx context.Context, cmdPath, current string, repository Repository) (*Release, error) (gocritic)

[warning] 144-144: var-naming: method parameter assetId should be assetID (revive)

57-57: shadow: declaration of "err" shadows declaration at line 42 (govet)

127-127: variable name 'va' is too short for the scope of its usage (varnamelen)

update/apply.go

43-43: Function 'Apply' has too many statements (58 > 40) (funlen)

69-69: emptyStringTest: replace len(opts.TargetPath) == 0 with opts.TargetPath == "" (gocritic)

83-83: sloppyReassign: re-assignment to err can be replaced with err := opts.verifyChecksum(newBytes) (gocritic)

89-89: sloppyReassign: re-assignment to err can be replaced with err := opts.verifySignature(newBytes) (gocritic)

15-15: File is not gofumpt-ed (gofumpt)

135-135: File is not gofumpt-ed (gofumpt)

175-175: type assertion on error will fail on wrapped errors. Use errors.As to check for specific errors (errorlint)

detect.go

41-41: Function 'validateReleaseAsset' is too long (76 > 60) (funlen)

174-174: Function 'findAssetFromRelease' is too long (70 > 60) (funlen)

282-282: string windows has 7 occurrences, make it a constant (goconst)

9-9: import 'github.com/Masterminds/semver/v3' is not allowed from list 'Main' (depguard)

54-54: selfupdate.Release is missing field ValidationChain (exhaustruct)

94-94: Magic number: 20, in detected (gomnd)

121-121: findValidationAsset returns interface (github.com/creativeprojects/go-selfupdate.SourceAsset) (ireturn)

131-131: findReleaseAndAsset returns interface (github.com/creativeprojects/go-selfupdate.SourceRelease) (ireturn)

144-144: findReleaseAndAssetForArch returns interface (github.com/creativeprojects/go-selfupdate.SourceRelease) (ireturn)

117-117: naked return in func validateReleaseAsset with 77 lines of code (nakedret)

21-21: named return "release" with type "*Release" found (nonamedreturns)

27-27: named return "release" with type "*Release" found (nonamedreturns)

update/apply_test.go

[medium] 28-28: G306: Expect WriteFile permissions to be 0600 or less (gosec)

[high] 122-122: G101: Potential hardcoded credentials: SSH (EC) private key (gosec)

[high] 142-142: G101: Potential hardcoded credentials: RSA private key (gosec)

[high] 284-284: G101: Potential hardcoded credentials: SSH (EC) private key (gosec)

1-1: package should be update_test instead of update (testpackage)

27-27: parameter *testing.T should be the first or after context.Context (thelper)

33-33: parameter *testing.T should be the first or after context.Context (thelper)

171-171: parameter *testing.T should be the first or after context.Context (thelper)

GitHub Check: codecov/patch
update/options.go

[warning] 48-48: update/options.go#L48
Added line #L48 was not covered by tests

[warning] 53-53: update/options.go#L53
Added line #L53 was not covered by tests

[warning] 62-62: update/options.go#L62
Added line #L62 was not covered by tests

[warning] 74-74: update/options.go#L74
Added line #L74 was not covered by tests

[warning] 81-81: update/options.go#L81
Added line #L81 was not covered by tests

update.go

[warning] 86-86: update.go#L86
Added line #L86 was not covered by tests

update/apply.go

[warning] 70-72: update/apply.go#L70-L72
Added lines #L70 - L72 were not covered by tests

Gitleaks
update/apply_test.go

123-290: Identified a Private Key, which may compromise cryptographic security and sensitive data encryption. (private-key)

LanguageTool
README.md

[misspelling] ~64-~64: This word is normally spelled with a hyphen. (EN_COMPOUNDS_WELL_DEFINED)
Context: ... (Github, Gitea, Gitlab, etc.) - return well defined wrapped errors that can be checked with...

[misspelling] ~133-~133: This word is normally spelled with a hyphen. (EN_COMPOUNDS_LONG_RUNNING)
Context: ...t parameter. You can use it to cancel a long running operation. ## Package functions | v0 ...

[duplication] ~140-~140: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...or) | DetectLatest(ctx context.Context, repository Repository) (*Release, bool, error) | | DetectVers...

[duplication] ~141-~141: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...r) | DetectVersion(ctx context.Context, repository Repository, version string) (*Release, bool, error...

[duplication] ~142-~142: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...ontext, cmdPath string, current string, repository Repository) (*Release, error) | | UpdateSelf(curre...

[duplication] ~143-~143: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...lf(ctx context.Context, current string, repository Repository) (*Release, error) | ## Methods on Sou...

[duplication] ~149-~149: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...or) | ListReleases(ctx context.Context, repository Repository) ([]SourceRelease, error) | | DownloadR...

[duplication] ~156-~156: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...or) | DetectLatest(ctx context.Context, repository Repository) (release *Release, found bool, err err...

[duplication] ~157-~157: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...r) | DetectVersion(ctx context.Context, repository Repository, version string) (release *Release, fou...

[duplication] ~158-~158: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...ontext, cmdPath string, current string, repository Repository) (*Release, error) | | UpdateSelf(curre...

[duplication] ~159-~159: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...lf(ctx context.Context, current string, repository Repository) (*Release, error) | | UpdateTo(rel *Re...

[uncategorized] ~177-~177: Use a comma before ‘and’ if it connects two independent clauses (unless they are closely connected and short). (COMMA_COMPOUND_SENTENCE)
Context: ...zand.tar.xz`. You can also use blank and it means binary is not compressed. If ...

[uncategorized] ~179-~179: Possible missing article found. (AI_HYDRA_LEO_MISSING_THE)
Context: ...ot compressed. If you compress binary, uncompressed directory or file must contain the exec...

[uncategorized] ~207-~207: Possible missing article found. (AI_HYDRA_LEO_MISSING_THE)
Context: ..., you should use the version number for tag of the Git repository (i.e. 1.2.3 or ...

[uncategorized] ~247-~247: Possible missing comma found. (AI_HYDRA_LEO_MISSING_COMMA)
Context: ...sed to build the current binary. Please note it's not detecting the hardware, bu...

[uncategorized] ~281-~281: Possible missing article found. (AI_HYDRA_LEO_MISSING_THE)
Context: ...hin a file which has the same naming as original file with the suffix .sha256. For e.g...

[style] ~281-~281: The phrase ‘for e.g.’ is an tautology (‘e.g.’ means ‘for example’). Consider using just “e.g.” or “for example”. (FOR_EG_REDUNDANCY)
Context: ...riginal file with the suffix .sha256. For e.g. use sha256sum, the file `selfupdate/tes...

[style] ~289-~289: The phrase ‘for e.g.’ is an tautology (‘e.g.’ means ‘for example’). Consider using just “e.g.” or “for example”. (FOR_EG_REDUNDANCY)
Context: ...s original file with the suffix .sig. For e.g. use openssl, the file `selfupdate/testd...

[uncategorized] ~295-~295: A comma may be missing after the conjunctive/linking adverb ‘Therefore’. (SENT_START_CONJUNCTIVE_LINKING_ADVERB_COMMA)
Context: ...akes use of go internal crypto package. Therefore the private key has to be compatible wi...

Markdownlint
README.md

36-36: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

66-66: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

97-97: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

101-101: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

107-107: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

115-115: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

123-123: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

131-131: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

135-135: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

145-145: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

152-152: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

163-163: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

204-204: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

222-222: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

240-240: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

258-258: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

278-278: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

287-287: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

298-298: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

306-306: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

314-314: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

331-331: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

369-369: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

42-42: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

43-43: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

44-44: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

45-45: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

46-46: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

47-47: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

48-48: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

49-49: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

50-50: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

53-53: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

54-54: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

55-55: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

58-58: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

59-59: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

60-60: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

61-61: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

62-62: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

63-63: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

64-64: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

186-186: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

187-187: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

188-188: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

189-189: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

190-190: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

194-194: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

195-195: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

196-196: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

226-226: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

227-227: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

228-228: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

229-229: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

230-230: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

231-231: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

232-232: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

233-233: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

234-234: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

235-235: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

236-236: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

237-237: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

238-238: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

243-243: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

244-244: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

245-245: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

252-252: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

253-253: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

254-254: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

310-310: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

311-311: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

312-312: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

374-374: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

376-376: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

309-309: Expected: 0 or 2; Actual: 1 (MD009, no-trailing-spaces)
Trailing spaces

72-72: Column: 1 (MD010, no-hard-tabs)
Hard tabs

73-73: Column: 1 (MD010, no-hard-tabs)
Hard tabs

74-74: Column: 1 (MD010, no-hard-tabs)
Hard tabs

75-75: Column: 1 (MD010, no-hard-tabs)
Hard tabs

76-76: Column: 1 (MD010, no-hard-tabs)
Hard tabs

77-77: Column: 1 (MD010, no-hard-tabs)
Hard tabs

78-78: Column: 1 (MD010, no-hard-tabs)
Hard tabs

80-80: Column: 1 (MD010, no-hard-tabs)
Hard tabs

81-81: Column: 1 (MD010, no-hard-tabs)
Hard tabs

82-82: Column: 1 (MD010, no-hard-tabs)
Hard tabs

83-83: Column: 1 (MD010, no-hard-tabs)
Hard tabs

85-85: Column: 1 (MD010, no-hard-tabs)
Hard tabs

86-86: Column: 1 (MD010, no-hard-tabs)
Hard tabs

87-87: Column: 1 (MD010, no-hard-tabs)
Hard tabs

88-88: Column: 1 (MD010, no-hard-tabs)
Hard tabs

89-89: Column: 1 (MD010, no-hard-tabs)
Hard tabs

90-90: Column: 1 (MD010, no-hard-tabs)
Hard tabs

91-91: Column: 1 (MD010, no-hard-tabs)
Hard tabs

92-92: Column: 1 (MD010, no-hard-tabs)
Hard tabs

93-93: Column: 1 (MD010, no-hard-tabs)
Hard tabs

267-267: Column: 1 (MD010, no-hard-tabs)
Hard tabs

268-268: Column: 1 (MD010, no-hard-tabs)
Hard tabs

269-269: Column: 1 (MD010, no-hard-tabs)
Hard tabs

270-270: Column: 1 (MD010, no-hard-tabs)
Hard tabs

271-271: Column: 1 (MD010, no-hard-tabs)
Hard tabs

272-272: Column: 1 (MD010, no-hard-tabs)
Hard tabs

273-273: Column: 1 (MD010, no-hard-tabs)
Hard tabs

274-274: Column: 1 (MD010, no-hard-tabs)
Hard tabs

335-335: Column: 1 (MD010, no-hard-tabs)
Hard tabs

336-336: Column: 1 (MD010, no-hard-tabs)
Hard tabs

337-337: Column: 1 (MD010, no-hard-tabs)
Hard tabs

338-338: Column: 1 (MD010, no-hard-tabs)
Hard tabs

339-339: Column: 1 (MD010, no-hard-tabs)
Hard tabs

340-340: Column: 1 (MD010, no-hard-tabs)
Hard tabs

341-341: Column: 1 (MD010, no-hard-tabs)
Hard tabs

342-342: Column: 1 (MD010, no-hard-tabs)
Hard tabs

343-343: Column: 1 (MD010, no-hard-tabs)
Hard tabs

344-344: Column: 1 (MD010, no-hard-tabs)
Hard tabs

345-345: Column: 1 (MD010, no-hard-tabs)
Hard tabs

346-346: Column: 1 (MD010, no-hard-tabs)
Hard tabs

347-347: Column: 1 (MD010, no-hard-tabs)
Hard tabs

348-348: Column: 1 (MD010, no-hard-tabs)
Hard tabs

349-349: Column: 1 (MD010, no-hard-tabs)
Hard tabs

350-350: Column: 1 (MD010, no-hard-tabs)
Hard tabs

351-351: Column: 1 (MD010, no-hard-tabs)
Hard tabs

352-352: Column: 1 (MD010, no-hard-tabs)
Hard tabs

353-353: Column: 1 (MD010, no-hard-tabs)
Hard tabs

354-354: Column: 1 (MD010, no-hard-tabs)
Hard tabs

355-355: Column: 1 (MD010, no-hard-tabs)
Hard tabs

356-356: Column: 1 (MD010, no-hard-tabs)
Hard tabs

358-358: Column: 1 (MD010, no-hard-tabs)
Hard tabs

359-359: Column: 1 (MD010, no-hard-tabs)
Hard tabs

360-360: Column: 1 (MD010, no-hard-tabs)
Hard tabs

361-361: Column: 1 (MD010, no-hard-tabs)
Hard tabs

362-362: Column: 1 (MD010, no-hard-tabs)
Hard tabs

363-363: Column: 1 (MD010, no-hard-tabs)
Hard tabs

364-364: Column: 1 (MD010, no-hard-tabs)
Hard tabs

365-365: Column: 1 (MD010, no-hard-tabs)
Hard tabs

162-162: Expected: 1; Actual: 2 (MD012, no-multiple-blanks)
Multiple consecutive blank lines

203-203: Expected: 1; Actual: 2 (MD012, no-multiple-blanks)
Multiple consecutive blank lines

221-221: Expected: 1; Actual: 2 (MD012, no-multiple-blanks)
Multiple consecutive blank lines

373-373: Expected: 1; Actual: 2 (MD012, no-multiple-blanks)
Multiple consecutive blank lines

287-287: Expected: 1; Actual: 0; Below (MD022, blanks-around-headings)
Headings should be surrounded by blank lines

36-36: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

66-66: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

97-97: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

163-163: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

204-204: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

222-222: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

240-240: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

258-258: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

306-306: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

314-314: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

369-369: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

331-331: Punctuation: ':' (MD026, no-trailing-punctuation)
Trailing punctuation in heading

283-283: null (MD031, blanks-around-fences)
Fenced code blocks should be surrounded by blank lines

291-291: null (MD031, blanks-around-fences)
Fenced code blocks should be surrounded by blank lines

53-53: null (MD032, blanks-around-lists)
Lists should be surrounded by blank lines

58-58: null (MD032, blanks-around-lists)
Lists should be surrounded by blank lines

243-243: null (MD032, blanks-around-lists)
Lists should be surrounded by blank lines

252-252: null (MD032, blanks-around-lists)
Lists should be surrounded by blank lines

310-310: null (MD032, blanks-around-lists)
Lists should be surrounded by blank lines

57-57: null (MD034, no-bare-urls)
Bare URL used

170-170: null (MD040, fenced-code-language)
Fenced code blocks should have a language specified

Additional comments not posted (13)
update/hide_windows.go (1)

12-16: The implementation of hideFile properly handles the conversion to UTF-16 and checks for errors, which is crucial for interacting with Windows APIs.

config.go (1)

20-20: The addition of the UniversalArch field is clear and well-documented. This supports the new feature for macOS universal binaries effectively.

updater.go (2)

8-8: Correct import of the internal package for accessing GetExecutablePath().

54-56: Updated ARM detection logic to use GetExecutablePath() enhances accuracy and reliability.

update/options.go (1)

59-69: The verifyChecksum method correctly implements checksum verification. Ensure to add tests for error handling paths, especially for checksum mismatches and hash function availability.

Verification successful

The verifyChecksum method has adequate test coverage for both normal and error paths, including checksum mismatches.

  • Test for correct checksum: TestVerifyChecksum
  • Test for incorrect checksum: TestVerifyChecksumNegative
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify test coverage for `verifyChecksum`.
# Test: Search for test cases covering `verifyChecksum`. Expect: Test cases for error scenarios.

rg --type go $'func TestVerifyChecksum'

Length of output: 170

Script:

#!/bin/bash
# Description: Extract the content of the test functions identified.
# Test: Inspect `TestVerifyChecksum` and `TestVerifyChecksumNegative` for error path coverage.

# Extract the content of TestVerifyChecksum
rg -A 20 'func TestVerifyChecksum' update/apply_test.go

# Extract the content of TestVerifyChecksumNegative
rg -A 20 'func TestVerifyChecksumNegative' update/apply_test.go

Length of output: 1440

Tools
GitHub Check: codecov/patch

[warning] 62-62: update/options.go#L62
Added line #L62 was not covered by tests

update/apply.go (4)

12-12: Importing the internal package here enhances modularity by encapsulating the executable path logic.

64-64: Setting default TargetMode to 0o755 is appropriate for executable files, ensuring they are executable and readable by the user.

43-43: Consider refactoring the Apply function to reduce its complexity and number of statements.
[REFACTOR_Suggestion]
This function could be split into smaller functions, each handling a specific part of the update process.

Tools
golangci-lint

43-43: Function 'Apply' has too many statements (58 > 40) (funlen)

70-72: Ensure added lines are covered by tests to maintain reliability.

Tools
GitHub Check: codecov/patch

[warning] 70-72: update/apply.go#L70-L72
Added lines #L70 - L72 were not covered by tests

detect.go (2)

18-18: Updated comment to include 'xz' compression reflects the support for additional file types.

Line range hint 9-9: The import of semver is flagged as not allowed. Verify if this is an oversight or if an alternative should be used.

Tools
golangci-lint

21-21: named return "release" with type "*Release" found (nonamedreturns)

update/apply_test.go (1)

49-49: Running tests in parallel using t.Parallel() is a good practice to improve test execution speed.

Also applies to: 62-62, 84-84, 98-98, 202-202, 220-220, 241-241, 263-263, 281-281, 311-311, 327-327

README.md (1)

52-52: Update the number of source providers
The documentation now states that there are three source providers available, reflecting the updated capabilities of the library. This change is accurate and aligns with the current state of the library.

internal/path_test.go Outdated Show resolved Hide resolved
update/hide_test.go Show resolved Hide resolved
update/apply.go Outdated Show resolved Hide resolved
update/options.go Show resolved Hide resolved
update/apply_test.go Outdated Show resolved Hide resolved
update.go Show resolved Hide resolved
coderabbitai[bot]
coderabbitai bot reviewed Jun 16, 2024
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 5

Outside diff range and nitpick comments (6)
update/apply.go (2)

Line range hint 83-83: Simplify error re-assignment to enhance readability and reduce potential mistakes.

- if err = opts.verifyChecksum(newBytes); err != nil {
+ if err := opts.verifyChecksum(newBytes); err != nil {
     return err
  }
- if err = opts.verifySignature(newBytes); err != nil {
+ if err := opts.verifySignature(newBytes); err != nil {
     return err
  }

Also applies to: 89-89

Tools
golangci-lint

15-15: File is not gofumpt-ed (gofumpt)

Line range hint 175-175: Use errors.As for type assertions on errors to handle wrapped errors effectively.

- if rerr, ok := err.(*rollbackErr); ok {
+ if rerr := new(rollbackErr); errors.As(err, &rerr) {
Tools
golangci-lint

15-15: File is not gofumpt-ed (gofumpt)

update/apply_test.go (4)

Line range hint 1-1: Change the package name for better test isolation.

- package update
+ package update_test

Line range hint 125-310: Hardcoded credentials detected. Consider storing these in environment variables or secure vaults.

- const ecdsaPrivateKey = `
- -----BEGIN EC PRIVATE KEY-----
- ...
- -----END EC PRIVATE KEY-----`
- const rsaPrivateKey = `
- -----BEGIN RSA PRIVATE KEY-----
- ...
- -----END RSA PRIVATE KEY-----`
+ // Load private keys securely from environment or vault
+ ecdsaPrivateKey := os.Getenv("ECDSA_PRIVATE_KEY")
+ rsaPrivateKey := os.Getenv("RSA_PRIVATE_KEY")

365-365: The openFile function patch should be documented for clarity.

Please add a comment explaining why openFile is patched, especially the simulation of a write error.

Line range hint 35-35: The parameter *testing.T should be the first or right after context.Context.

- func validateUpdate(path string, err error, t *testing.T) {
+ func validateUpdate(t *testing.T, path string, err error) {

Also applies to: 173-173

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between fd4f7ea and abbd566.

Files selected for processing (9)
  • README.md (3 hunks)
  • cmd/detect-latest-release/update.go (2 hunks)
  • codecov.yml (1 hunks)
  • internal/path_test.go (1 hunks)
  • path.go (1 hunks)
  • path_test.go (1 hunks)
  • update/apply.go (4 hunks)
  • update/apply_test.go (15 hunks)
  • update/hide_test.go (1 hunks)
Files skipped from review due to trivial changes (2)
  • path.go
  • path_test.go
Files skipped from review as they are similar to previous changes (1)
  • internal/path_test.go
Additional context used
yamllint
codecov.yml

[error] 15-15: trailing spaces (trailing-spaces)

golangci-lint
update/hide_test.go

[medium] 15-15: G306: Expect WriteFile permissions to be 0600 or less (gosec)

1-1: package should be update_test instead of update (testpackage)

cmd/detect-latest-release/update.go

14-14: func update is unused (unused)

10-10: import 'github.com/creativeprojects/go-selfupdate' is not allowed from list 'Main' (depguard)

update/apply.go

43-43: Function 'Apply' has too many statements (58 > 40) (funlen)

83-83: sloppyReassign: re-assignment to err can be replaced with err := opts.verifyChecksum(newBytes) (gocritic)

89-89: sloppyReassign: re-assignment to err can be replaced with err := opts.verifySignature(newBytes) (gocritic)

15-15: File is not gofumpt-ed (gofumpt)

135-135: File is not gofumpt-ed (gofumpt)

175-175: type assertion on error will fail on wrapped errors. Use errors.As to check for specific errors (errorlint)

update/apply_test.go

[high] 124-124: G101: Potential hardcoded credentials: SSH (EC) private key (gosec)

[high] 144-144: G101: Potential hardcoded credentials: RSA private key (gosec)

[high] 304-304: G101: Potential hardcoded credentials: SSH (EC) private key (gosec)

1-1: package should be update_test instead of update (testpackage)

29-29: parameter *testing.T should be the first or after context.Context (thelper)

35-35: parameter *testing.T should be the first or after context.Context (thelper)

173-173: parameter *testing.T should be the first or after context.Context (thelper)

GitHub Check: codecov/patch
update/apply.go

[warning] 70-73: update/apply.go#L70-L73
Added lines #L70 - L73 were not covered by tests

Gitleaks
update/apply_test.go

125-310: Identified a Private Key, which may compromise cryptographic security and sensitive data encryption. (private-key)

LanguageTool
README.md

[misspelling] ~64-~64: This word is normally spelled with a hyphen. (EN_COMPOUNDS_WELL_DEFINED)
Context: ... (Github, Gitea, Gitlab, etc.) - return well defined wrapped errors that can be checked with...

[uncategorized] ~68-~68: Possible missing preposition found. (AI_EN_LECTOR_MISSING_PREPOSITION)
Context: ...t error)` # Example Here's an example how to use the library for an application t...

[uncategorized] ~103-~103: Possible missing preposition found. (AI_EN_LECTOR_MISSING_PREPOSITION)
Context: ...ository Some functions needed a couple owner/repo and some other a single st...

[uncategorized] ~103-~103: The grammatical number of this noun doesn’t look right. Consider replacing it. (AI_EN_LECTOR_REPLACEMENT_NOUN_NUMBER)
Context: ...needed a couple owner/repo and some other a single string called slug. These ha...

[misspelling] ~133-~133: This word is normally spelled with a hyphen. (EN_COMPOUNDS_LONG_RUNNING)
Context: ...t parameter. You can use it to cancel a long running operation. ## Package functions | v0 ...

[duplication] ~140-~140: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...or) | DetectLatest(ctx context.Context, repository Repository) (*Release, bool, error) | | DetectVers...

[duplication] ~141-~141: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...r) | DetectVersion(ctx context.Context, repository Repository, version string) (*Release, bool, error...

[duplication] ~142-~142: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...ontext, cmdPath string, current string, repository Repository) (*Release, error) | | UpdateSelf(curre...

[duplication] ~143-~143: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...lf(ctx context.Context, current string, repository Repository) (*Release, error) | ## Methods on Sou...

[duplication] ~149-~149: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...or) | ListReleases(ctx context.Context, repository Repository) ([]SourceRelease, error) | | DownloadR...

[duplication] ~156-~156: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...or) | DetectLatest(ctx context.Context, repository Repository) (release *Release, found bool, err err...

[duplication] ~157-~157: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...r) | DetectVersion(ctx context.Context, repository Repository, version string) (release *Release, fou...

[duplication] ~158-~158: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...ontext, cmdPath string, current string, repository Repository) (*Release, error) | | UpdateSelf(curre...

[duplication] ~159-~159: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...lf(ctx context.Context, current string, repository Repository) (*Release, error) | | UpdateTo(rel *Re...

[uncategorized] ~168-~168: The preposition “in” seems more likely in this position. (AI_EN_LECTOR_REPLACEMENT_PREPOSITION)
Context: ...leaser][] You need to put the binaries with the following format. ``` {cmd}_{goos}...

[uncategorized] ~177-~177: Use a comma before ‘and’ if it connects two independent clauses (unless they are closely connected and short). (COMMA_COMPOUND_SENTENCE)
Context: ...zand.tar.xz`. You can also use blank and it means binary is not compressed. If ...

[uncategorized] ~179-~179: You might be missing the article “a” here. (AI_EN_LECTOR_MISSING_DETERMINER_A)
Context: ...ary is not compressed. If you compress binary, uncompressed directory or file must co...

[uncategorized] ~179-~179: You might be missing the article “the” here. (AI_EN_LECTOR_MISSING_DETERMINER_THE)
Context: ...ot compressed. If you compress binary, uncompressed directory or file must contain the exec...

[uncategorized] ~183-~183: You might be missing the article “the” here. (AI_EN_LECTOR_MISSING_DETERMINER_THE)
Context: ... your command name is foo-bar, one of followings is expected to be put in release page o...

[uncategorized] ~192-~192: The grammatical number of this noun doesn’t look right. Consider replacing it. (AI_EN_LECTOR_REPLACEMENT_NOUN_NUMBER)
Context: ...must contain an executable named one of followings: - foo-bar (only command name) - `fo...

[uncategorized] ~212-~212: A determiner appears to be missing. Consider inserting it. (AI_EN_LECTOR_MISSING_DETERMINER)
Context: ...for comparing versions systematically. Prefix before version number \d+\.\d+\.\d+ i...

[uncategorized] ~224-~224: You might be missing the article “the” here. (AI_EN_LECTOR_MISSING_DETERMINER_THE)
Context: ... # Structure of Releases In summary, structure of releases on GitHub looks like: - `v...

[uncategorized] ~249-~249: A comma might be missing here. (AI_EN_LECTOR_MISSING_PUNCTUATION_COMMA)
Context: ...tures below if available, and as a last resort will try a simple arm architecture ta...

[uncategorized] ~281-~281: You might be missing the article “the” here. (AI_EN_LECTOR_MISSING_DETERMINER_THE)
Context: ...hin a file which has the same naming as original file with the suffix .sha256. For e.g...

[style] ~281-~281: The phrase ‘for e.g.’ is an tautology (‘e.g.’ means ‘for example’). Consider using just “e.g.” or “for example”. (FOR_EG_REDUNDANCY)
Context: ...riginal file with the suffix .sha256. For e.g. use sha256sum, the file `selfupdate/tes...

[uncategorized] ~289-~289: You might be missing the article “the” here. (AI_EN_LECTOR_MISSING_DETERMINER_THE)
Context: ...hin a file which has the same naming as original file with the suffix .sig. For e.g. u...

[style] ~289-~289: The phrase ‘for e.g.’ is an tautology (‘e.g.’ means ‘for example’). Consider using just “e.g.” or “for example”. (FOR_EG_REDUNDANCY)
Context: ...s original file with the suffix .sig. For e.g. use openssl, the file `selfupdate/testd...

[uncategorized] ~290-~290: This verb may not be in the correct form. Consider using a different form for this context. (AI_EN_LECTOR_REPLACEMENT_VERB_FORM)
Context: ...l file with the suffix .sig. For e.g. use openssl, the file `selfupdate/testdata/...

[uncategorized] ~295-~295: A comma may be missing after the conjunctive/linking adverb ‘Therefore’. (SENT_START_CONJUNCTIVE_LINKING_ADVERB_COMMA)
Context: ...akes use of go internal crypto package. Therefore the private key has to be compatible wi...

Markdownlint
README.md

36-36: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

66-66: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

97-97: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

101-101: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

107-107: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

115-115: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

123-123: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

131-131: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

135-135: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

145-145: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

152-152: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

163-163: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

204-204: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

222-222: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

240-240: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

258-258: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

278-278: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

287-287: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

298-298: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

306-306: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

314-314: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

331-331: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

369-369: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

42-42: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

43-43: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

44-44: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

45-45: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

46-46: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

47-47: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

48-48: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

49-49: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

50-50: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

53-53: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

54-54: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

55-55: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

58-58: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

59-59: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

60-60: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

61-61: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

62-62: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

63-63: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

64-64: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

186-186: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

187-187: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

188-188: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

189-189: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

190-190: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

194-194: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

195-195: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

196-196: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

226-226: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

227-227: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

228-228: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

229-229: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

230-230: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

231-231: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

232-232: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

233-233: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

234-234: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

235-235: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

236-236: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

237-237: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

238-238: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

243-243: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

244-244: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

245-245: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

252-252: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

253-253: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

254-254: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

310-310: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

311-311: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

312-312: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

374-374: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

376-376: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

309-309: Expected: 0 or 2; Actual: 1 (MD009, no-trailing-spaces)
Trailing spaces

72-72: Column: 1 (MD010, no-hard-tabs)
Hard tabs

73-73: Column: 1 (MD010, no-hard-tabs)
Hard tabs

74-74: Column: 1 (MD010, no-hard-tabs)
Hard tabs

75-75: Column: 1 (MD010, no-hard-tabs)
Hard tabs

76-76: Column: 1 (MD010, no-hard-tabs)
Hard tabs

77-77: Column: 1 (MD010, no-hard-tabs)
Hard tabs

78-78: Column: 1 (MD010, no-hard-tabs)
Hard tabs

80-80: Column: 1 (MD010, no-hard-tabs)
Hard tabs

81-81: Column: 1 (MD010, no-hard-tabs)
Hard tabs

82-82: Column: 1 (MD010, no-hard-tabs)
Hard tabs

83-83: Column: 1 (MD010, no-hard-tabs)
Hard tabs

85-85: Column: 1 (MD010, no-hard-tabs)
Hard tabs

86-86: Column: 1 (MD010, no-hard-tabs)
Hard tabs

87-87: Column: 1 (MD010, no-hard-tabs)
Hard tabs

88-88: Column: 1 (MD010, no-hard-tabs)
Hard tabs

89-89: Column: 1 (MD010, no-hard-tabs)
Hard tabs

90-90: Column: 1 (MD010, no-hard-tabs)
Hard tabs

91-91: Column: 1 (MD010, no-hard-tabs)
Hard tabs

92-92: Column: 1 (MD010, no-hard-tabs)
Hard tabs

93-93: Column: 1 (MD010, no-hard-tabs)
Hard tabs

267-267: Column: 1 (MD010, no-hard-tabs)
Hard tabs

268-268: Column: 1 (MD010, no-hard-tabs)
Hard tabs

269-269: Column: 1 (MD010, no-hard-tabs)
Hard tabs

270-270: Column: 1 (MD010, no-hard-tabs)
Hard tabs

271-271: Column: 1 (MD010, no-hard-tabs)
Hard tabs

272-272: Column: 1 (MD010, no-hard-tabs)
Hard tabs

273-273: Column: 1 (MD010, no-hard-tabs)
Hard tabs

274-274: Column: 1 (MD010, no-hard-tabs)
Hard tabs

335-335: Column: 1 (MD010, no-hard-tabs)
Hard tabs

336-336: Column: 1 (MD010, no-hard-tabs)
Hard tabs

337-337: Column: 1 (MD010, no-hard-tabs)
Hard tabs

338-338: Column: 1 (MD010, no-hard-tabs)
Hard tabs

339-339: Column: 1 (MD010, no-hard-tabs)
Hard tabs

340-340: Column: 1 (MD010, no-hard-tabs)
Hard tabs

341-341: Column: 1 (MD010, no-hard-tabs)
Hard tabs

342-342: Column: 1 (MD010, no-hard-tabs)
Hard tabs

343-343: Column: 1 (MD010, no-hard-tabs)
Hard tabs

344-344: Column: 1 (MD010, no-hard-tabs)
Hard tabs

345-345: Column: 1 (MD010, no-hard-tabs)
Hard tabs

346-346: Column: 1 (MD010, no-hard-tabs)
Hard tabs

347-347: Column: 1 (MD010, no-hard-tabs)
Hard tabs

348-348: Column: 1 (MD010, no-hard-tabs)
Hard tabs

349-349: Column: 1 (MD010, no-hard-tabs)
Hard tabs

350-350: Column: 1 (MD010, no-hard-tabs)
Hard tabs

351-351: Column: 1 (MD010, no-hard-tabs)
Hard tabs

352-352: Column: 1 (MD010, no-hard-tabs)
Hard tabs

353-353: Column: 1 (MD010, no-hard-tabs)
Hard tabs

354-354: Column: 1 (MD010, no-hard-tabs)
Hard tabs

355-355: Column: 1 (MD010, no-hard-tabs)
Hard tabs

356-356: Column: 1 (MD010, no-hard-tabs)
Hard tabs

358-358: Column: 1 (MD010, no-hard-tabs)
Hard tabs

359-359: Column: 1 (MD010, no-hard-tabs)
Hard tabs

360-360: Column: 1 (MD010, no-hard-tabs)
Hard tabs

361-361: Column: 1 (MD010, no-hard-tabs)
Hard tabs

362-362: Column: 1 (MD010, no-hard-tabs)
Hard tabs

363-363: Column: 1 (MD010, no-hard-tabs)
Hard tabs

364-364: Column: 1 (MD010, no-hard-tabs)
Hard tabs

365-365: Column: 1 (MD010, no-hard-tabs)
Hard tabs

162-162: Expected: 1; Actual: 2 (MD012, no-multiple-blanks)
Multiple consecutive blank lines

203-203: Expected: 1; Actual: 2 (MD012, no-multiple-blanks)
Multiple consecutive blank lines

221-221: Expected: 1; Actual: 2 (MD012, no-multiple-blanks)
Multiple consecutive blank lines

373-373: Expected: 1; Actual: 2 (MD012, no-multiple-blanks)
Multiple consecutive blank lines

287-287: Expected: 1; Actual: 0; Below (MD022, blanks-around-headings)
Headings should be surrounded by blank lines

36-36: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

66-66: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

97-97: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

163-163: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

204-204: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

222-222: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

240-240: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

258-258: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

306-306: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

314-314: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

369-369: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

331-331: Punctuation: ':' (MD026, no-trailing-punctuation)
Trailing punctuation in heading

283-283: null (MD031, blanks-around-fences)
Fenced code blocks should be surrounded by blank lines

291-291: null (MD031, blanks-around-fences)
Fenced code blocks should be surrounded by blank lines

53-53: null (MD032, blanks-around-lists)
Lists should be surrounded by blank lines

58-58: null (MD032, blanks-around-lists)
Lists should be surrounded by blank lines

243-243: null (MD032, blanks-around-lists)
Lists should be surrounded by blank lines

252-252: null (MD032, blanks-around-lists)
Lists should be surrounded by blank lines

310-310: null (MD032, blanks-around-lists)
Lists should be surrounded by blank lines

57-57: null (MD034, no-bare-urls)
Bare URL used

170-170: null (MD040, fenced-code-language)
Fenced code blocks should have a language specified

Additional comments not posted (8)
update/hide_test.go (1)

1-1: Change the package name to update_test to maintain a proper separation between the test files and the implementation.

Tools
golangci-lint

1-1: package should be update_test instead of update (testpackage)

update/apply.go (1)

69-69: Replace len(opts.TargetPath) == 0 with opts.TargetPath == "" for clarity.

update/apply_test.go (3)

51-51: Using t.Parallel() is good for test concurrency, but ensure all tests are designed to run in parallel without interference.

Also applies to: 64-64, 86-86, 100-100, 222-222, 240-240, 261-261, 283-283, 302-302, 331-331, 347-347, 364-364

53-53: Using dynamic function names for test isolation is a good practice.

Also applies to: 66-66, 88-88, 102-102, 224-224, 242-242, 263-263, 285-285, 304-304, 333-333, 349-349, 367-367

204-204: Parallel execution of tests is well implemented.

Also applies to: 212-212, 222-222, 240-240, 263-263, 283-283, 302-302, 331-331, 347-347

README.md (3)

46-47: Great addition to support macOS universal binaries.

Tools
Markdownlint

46-46: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

47-47: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

52-52: Update to reflect the addition of a third source provider.

58-58: Ensure the description of API changes is clear and concise.

Tools
Markdownlint

58-58: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

58-58: null (MD032, blanks-around-lists)
Lists should be surrounded by blank lines

codecov.yml Outdated Show resolved Hide resolved
update/hide_test.go Show resolved Hide resolved
cmd/detect-latest-release/update.go Show resolved Hide resolved
update/apply_test.go Show resolved Hide resolved
coderabbitai[bot]
coderabbitai bot reviewed Jun 16, 2024
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 4

Outside diff range and nitpick comments (15)
cmd/detect-latest-release/update.go (1)

Line range hint 9-29: The function update is unused, and there is an import that is not allowed from the list 'Main'.

Consider removing the unused function to clean up the codebase. Additionally, review the project's dependency management strategy regarding the import from 'github.com/creativeprojects/go-selfupdate'.

arch_test.go (1)

Line range hint 1-31: The test cases in TestAdditionalArch are well-constructed. However, using the same package for tests and implementation can obscure some integration issues.

Consider using a separate package for testing by naming it selfupdate_test. This approach is a best practice for ensuring that your tests only access the public interfaces of the package they are testing.

updater.go (1)

46-46: Consider using a more descriptive variable name than 'os' for better readability, especially given its broader scope in this context.

Tools
golangci-lint

46-46: variable name 'os' is too short for the scope of its usage (varnamelen)

detect.go (4)

Line range hint 41-41: Consider refactoring validateReleaseAsset and findAssetFromRelease to reduce complexity and improve readability. Splitting these functions into smaller, more focused functions could enhance maintainability.

Also applies to: 174-174

Tools
golangci-lint

21-21: named return "release" with type "*Release" found (nonamedreturns)

Line range hint 282-282: Define "windows" as a constant to avoid magic strings and improve maintainability.

+ const osWindows = "windows"
- if up.os == "windows" {
+ if up.os == osWindows {
Tools
golangci-lint

21-21: named return "release" with type "*Release" found (nonamedreturns)

Line range hint 94-94: Replace magic number '20' with a named constant to clarify its purpose.

+ const maxValidationDepth = 20
- if len(release.ValidationChain) > 20 {
+ if len(release.ValidationChain) > maxValidationDepth {
Tools
golangci-lint

21-21: named return "release" with type "*Release" found (nonamedreturns)

Line range hint 117-117: Avoid using naked returns in long functions like validateReleaseAsset to improve readability and reduce potential errors. Also, consider simplifying named returns.

Also applies to: 21-21, 27-27

Tools
golangci-lint

21-21: named return "release" with type "*Release" found (nonamedreturns)

update/apply_test.go (3)

Line range hint 129-314: Avoid hardcoding private keys directly in the test files. Consider using environment variables or secure vaults to manage keys for testing.

Line range hint 1-1: Change the package name to update_test to adhere to Go conventions for test packages, which can help in avoiding package-level side-effects and improve test isolation.

Line range hint 177-177: Reorder the parameters in test helper functions to align with best practices, placing *testing.T as the first parameter.

- func validateUpdate(path string, t *testing.T, err error) {
+ func validateUpdate(t *testing.T, path string, err error) {

Also applies to: 182-182, 187-187

detect_test.go (5)

Line range hint 113-113: Use assert.ErrorIs instead of assert.True for error type assertions.

- assert.True(t, errors.Is(err, ErrValidationAssetNotFound))
+ assert.ErrorIs(t, err, ErrValidationAssetNotFound)

Using assert.ErrorIs provides clearer intent and is more idiomatic in Go for checking specific error types.

Line range hint 937-937: Use assert.Len for checking the length of collections.

- assert.Equal(t, 2, len(release.ValidationChain))
+ assert.Len(t, release.ValidationChain, 2)

Using assert.Len provides a clearer and more idiomatic way to check the length of slices in tests.

Line range hint 186-186: Use require instead of assert for immediate test failures.

- assert.NoError(t, err)
+ require.NoError(t, err)

Using require.NoError will stop the test immediately if an error is encountered, which is typically the desired behavior when an error would prevent further meaningful test execution.

Line range hint 21-21: Invoke t.Helper() at the beginning of the helper function.

+ t.Helper()
  updater, err := NewUpdater(config)
  require.NoError(t, err)

Adding t.Helper() marks the function as a test helper, which improves error reporting by not including this function in the stack trace of failing assertions.

Line range hint 168-168: Consider using more descriptive variable names instead of short names like tc and r.

Using more descriptive names would make the code more readable and maintainable. For example, testConfig could replace tc and result could replace r.

Also applies to: 183-183, 156-156

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between abbd566 and 85c6f13.

Files selected for processing (9)
  • arch.go (1 hunks)
  • arch_test.go (1 hunks)
  • cmd/detect-latest-release/update.go (2 hunks)
  • codecov.yml (1 hunks)
  • detect.go (2 hunks)
  • detect_test.go (2 hunks)
  • universal_binary.go (1 hunks)
  • update/apply_test.go (13 hunks)
  • updater.go (4 hunks)
Files skipped from review as they are similar to previous changes (1)
  • codecov.yml
Additional context used
GitHub Check: codecov/patch
universal_binary.go

[warning] 6-10: universal_binary.go#L6-L10
Added lines #L6 - L10 were not covered by tests

[warning] 12-12: universal_binary.go#L12
Added line #L12 was not covered by tests

golangci-lint
arch.go

23-23: Magic number: 3, in detected (gomnd)

cmd/detect-latest-release/update.go

13-13: func update is unused (unused)

9-9: import 'github.com/creativeprojects/go-selfupdate' is not allowed from list 'Main' (depguard)

arch_test.go

1-1: package should be selfupdate_test instead of selfupdate (testpackage)

updater.go

46-46: variable name 'os' is too short for the scope of its usage (varnamelen)

detect.go

41-41: Function 'validateReleaseAsset' is too long (76 > 60) (funlen)

174-174: Function 'findAssetFromRelease' is too long (70 > 60) (funlen)

282-282: string windows has 7 occurrences, make it a constant (goconst)

9-9: import 'github.com/Masterminds/semver/v3' is not allowed from list 'Main' (depguard)

54-54: selfupdate.Release is missing field ValidationChain (exhaustruct)

94-94: Magic number: 20, in detected (gomnd)

121-121: findValidationAsset returns interface (github.com/creativeprojects/go-selfupdate.SourceAsset) (ireturn)

131-131: findReleaseAndAsset returns interface (github.com/creativeprojects/go-selfupdate.SourceRelease) (ireturn)

144-144: findReleaseAndAssetForArch returns interface (github.com/creativeprojects/go-selfupdate.SourceRelease) (ireturn)

117-117: naked return in func validateReleaseAsset with 77 lines of code (nakedret)

21-21: named return "release" with type "*Release" found (nonamedreturns)

27-27: named return "release" with type "*Release" found (nonamedreturns)

update/apply_test.go

[high] 128-128: G101: Potential hardcoded credentials: SSH (EC) private key (gosec)

[high] 148-148: G101: Potential hardcoded credentials: RSA private key (gosec)

[high] 308-308: G101: Potential hardcoded credentials: SSH (EC) private key (gosec)

1-1: package should be update_test instead of update (testpackage)

177-177: parameter *testing.T should be the first or after context.Context (thelper)

182-182: parameter *testing.T should be the first or after context.Context (thelper)

187-187: parameter *testing.T should be the first or after context.Context (thelper)

detect_test.go

244-244: 244-265 lines are duplicate of detect_test.go:267-288 (dupl)

267-267: 267-288 lines are duplicate of detect_test.go:244-265 (dupl)

290-290: Function 'TestFindAssetFromRelease' is too long (228 > 60) (funlen)

521-521: Function 'TestFindReleaseAndAsset' is too long (399 > 60) (funlen)

302-302: string 1.0.0 has 5 occurrences, make it a constant (goconst)

67-67: string v0.10.0 has 4 occurrences, make it a constant (goconst)

113-113: error-is-as: use assert.ErrorIs (testifylint)

937-937: len: use assert.Len (testifylint)

186-186: require-error: for error assertions use require (testifylint)

21-21: test helper function should start from t.Helper() (thelper)

168-168: variable name 'tc' is too short for the scope of its usage (varnamelen)

183-183: variable name 'r' is too short for the scope of its usage (varnamelen)

156-156: variable name 'r' is too short for the scope of its usage (varnamelen)

Gitleaks
update/apply_test.go

129-314: Identified a Private Key, which may compromise cryptographic security and sensitive data encryption. (private-key)

Additional comments not posted (2)
detect_test.go (2)

529-539: Refactor the test data struct to avoid repetition.
[REFACTOR_Suggestion]

- assetLinuxX86 := "asset_linux_x86_64.tgz"
- assetLinuxARM := "asset_linux_arm.tgz"
- assetLinuxARMv5 := "asset_linux_armv5.tgz"
- assetLinuxARMv6 := "asset_linux_armv6.tgz"
- assetLinuxARMv7 := "asset_linux_armv7.tgz"
- assetLinuxARM64 := "asset_linux_arm64.tgz"
- assetLinuxAll := "asset_linux_all.tgz"
- assetDarwinAMD64 := "asset_darwin_amd64.tgz"
- assetDarwinARM64 := "asset_darwin_arm64.tgz"
- assetDarwinAll := "asset_darwin_all.tgz"
+ const (
+   assetLinuxX86 = "asset_linux_x86_64.tgz"
+   assetLinuxARM = "asset_linux_arm.tgz"
+   assetLinuxARMv5 = "asset_linux_armv5.tgz"
+   assetLinuxARMv6 = "asset_linux_armv6.tgz"
+   assetLinuxARMv7 = "asset_linux_armv7.tgz"
+   assetLinuxARM64 = "asset_linux_arm64.tgz"
+   assetLinuxAll = "asset_linux_all.tgz"
+   assetDarwinAMD64 = "asset_darwin_amd64.tgz"
+   assetDarwinARM64 = "asset_darwin_arm64.tgz"
+   assetDarwinAll = "asset_darwin_all.tgz"
+ )

This change will make the asset names constants, reducing redundancy and improving maintainability.

Line range hint 902-937: Consider refactoring the TestFindReleaseAndAsset function to reduce its length.
[REFACTOR_Suggestion]
This function is quite long, which makes it hard to maintain. Consider breaking it into smaller, more manageable functions or using helper functions to handle repetitive logic.

universal_binary.go Show resolved Hide resolved
arch.go Outdated Show resolved Hide resolved
updater.go Show resolved Hide resolved
updater.go Show resolved Hide resolved
coderabbitai[bot]
coderabbitai bot reviewed Jun 16, 2024
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 4

Outside diff range and nitpick comments (1)
update/apply.go (1)

Line range hint 175-175: Use errors.As instead of a type assertion for error handling to properly handle wrapped errors.

- if rerr, ok := err.(*rollbackErr); ok {
+ if rerr := new(rollbackErr); errors.As(err, &rerr) {
    return rerr.rollbackErr
  }
Tools
golangci-lint

15-15: File is not gofumpt-ed (gofumpt)

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 85c6f13 and 1d62feb.

Files selected for processing (3)
  • arch.go (1 hunks)
  • arm.go (2 hunks)
  • update/apply.go (5 hunks)
Files skipped from review as they are similar to previous changes (2)
  • arch.go
  • arm.go
Additional context used
golangci-lint
update/apply.go

43-43: Function 'Apply' has too many statements (58 > 40) (funlen)

15-15: File is not gofumpt-ed (gofumpt)

135-135: File is not gofumpt-ed (gofumpt)

175-175: type assertion on error will fail on wrapped errors. Use errors.As to check for specific errors (errorlint)

83-83: shadow: declaration of "err" shadows declaration at line 68 (govet)

89-89: shadow: declaration of "err" shadows declaration at line 68 (govet)

GitHub Check: codecov/patch
update/apply.go

[warning] 70-73: update/apply.go#L70-L73
Added lines #L70 - L73 were not covered by tests

Additional comments not posted (2)
update/apply.go (2)

69-73: Ensure error from GetExecutablePath is handled immediately after its call to prevent operations on potentially undefined paths.

Tools
GitHub Check: codecov/patch

[warning] 70-73: update/apply.go#L70-L73
Added lines #L70 - L73 were not covered by tests

64-64: Setting default file permissions directly in the function can lead to security risks if not handled properly elsewhere. Ensure that this value does not expose sensitive files inadvertently.

update/apply.go Outdated Show resolved Hide resolved
update/apply.go Show resolved Hide resolved
update/apply.go Outdated Show resolved Hide resolved
coderabbitai[bot]
coderabbitai bot reviewed Jun 16, 2024
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

Outside diff range and nitpick comments (2)
update/apply.go (2)

Line range hint 83-83: Avoid re-assignment to err to enhance code clarity.

- if err = opts.verifyChecksum(newBytes); err != nil {
+ if checksumErr := opts.verifyChecksum(newBytes); checksumErr != nil {
    return checksumErr
  }

Using a distinct variable for the error from verifyChecksum improves clarity and avoids shadowing the err variable defined earlier.

Tools
golangci-lint

15-15: File is not gofumpt-ed (gofumpt)

Line range hint 89-89: Use a separate variable for errors returned by verifySignature to avoid shadowing.

- if err = opts.verifySignature(newBytes); err != nil {
+ if signatureErr := opts.verifySignature(newBytes); signatureErr != nil {
    return signatureErr
  }

This change prevents the err variable from being shadowed, which can reduce errors and improve code readability.

Tools
golangci-lint

15-15: File is not gofumpt-ed (gofumpt)

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 1d62feb and 53a7583.

Files selected for processing (3)
  • README.md (5 hunks)
  • config.go (1 hunks)
  • update/apply.go (4 hunks)
Files skipped from review as they are similar to previous changes (1)
  • config.go
Additional context used
golangci-lint
update/apply.go

43-43: Function 'Apply' has too many statements (58 > 40) (funlen)

83-83: sloppyReassign: re-assignment to err can be replaced with err := opts.verifyChecksum(newBytes) (gocritic)

89-89: sloppyReassign: re-assignment to err can be replaced with err := opts.verifySignature(newBytes) (gocritic)

15-15: File is not gofumpt-ed (gofumpt)

135-135: File is not gofumpt-ed (gofumpt)

175-175: type assertion on error will fail on wrapped errors. Use errors.As to check for specific errors (errorlint)

LanguageTool
README.md

[misspelling] ~65-~65: This word is normally spelled with a hyphen. (EN_COMPOUNDS_WELL_DEFINED)
Context: ... (Github, Gitea, Gitlab, etc.) - return well defined wrapped errors that can be checked with...

[misspelling] ~134-~134: This word is normally spelled with a hyphen. (EN_COMPOUNDS_LONG_RUNNING)
Context: ...t parameter. You can use it to cancel a long running operation. ## Package functions | v0 ...

[duplication] ~141-~141: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...or) | DetectLatest(ctx context.Context, repository Repository) (*Release, bool, error) | | DetectVers...

[duplication] ~142-~142: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...r) | DetectVersion(ctx context.Context, repository Repository, version string) (*Release, bool, error...

[duplication] ~143-~143: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...ontext, cmdPath string, current string, repository Repository) (*Release, error) | | UpdateSelf(curre...

[duplication] ~144-~144: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...lf(ctx context.Context, current string, repository Repository) (*Release, error) | ## Methods on Sou...

[duplication] ~150-~150: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...or) | ListReleases(ctx context.Context, repository Repository) ([]SourceRelease, error) | | DownloadR...

[duplication] ~157-~157: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...or) | DetectLatest(ctx context.Context, repository Repository) (release *Release, found bool, err err...

[duplication] ~158-~158: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...r) | DetectVersion(ctx context.Context, repository Repository, version string) (release *Release, fou...

[duplication] ~159-~159: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...ontext, cmdPath string, current string, repository Repository) (*Release, error) | | UpdateSelf(curre...

[duplication] ~160-~160: Possible typo: you repeated a word (ENGLISH_WORD_REPEAT_RULE)
Context: ...lf(ctx context.Context, current string, repository Repository) (*Release, error) | | UpdateTo(rel *Re...

[uncategorized] ~178-~178: Use a comma before ‘and’ if it connects two independent clauses (unless they are closely connected and short). (COMMA_COMPOUND_SENTENCE)
Context: ...zand.tar.xz`. You can also use blank and it means binary is not compressed. If ...

[uncategorized] ~180-~180: Possible missing article found. (AI_HYDRA_LEO_MISSING_THE)
Context: ...ot compressed. If you compress binary, uncompressed directory or file must contain the exec...

[uncategorized] ~184-~184: Possible missing article found. (AI_HYDRA_LEO_MISSING_THE)
Context: ... your command name is foo-bar, one of followings is expected to be put in release page o...

[uncategorized] ~193-~193: Possible missing article found. (AI_HYDRA_LEO_MISSING_THE)
Context: ...must contain an executable named one of followings: - foo-bar (only command name) - `fo...

[uncategorized] ~199-~199: Possible missing article found. (AI_HYDRA_LEO_MISSING_THE)
Context: ... on Windows, .exe can be added before file extension like `foo-bar_windows_amd64.e...

[uncategorized] ~208-~208: Possible missing article found. (AI_HYDRA_LEO_MISSING_THE)
Context: ..., you should use the version number for tag of the Git repository (i.e. 1.2.3 or ...

[style] ~282-~282: The phrase ‘for e.g.’ is an tautology (‘e.g.’ means ‘for example’). Consider using just “e.g.” or “for example”. (FOR_EG_REDUNDANCY)
Context: ...riginal file with the suffix .sha256. For e.g. use sha256sum, the file `selfupdate/tes...

[style] ~290-~290: The phrase ‘for e.g.’ is an tautology (‘e.g.’ means ‘for example’). Consider using just “e.g.” or “for example”. (FOR_EG_REDUNDANCY)
Context: ...s original file with the suffix .sig. For e.g. use openssl, the file `selfupdate/testd...

[uncategorized] ~296-~296: A comma may be missing after the conjunctive/linking adverb ‘Therefore’. (SENT_START_CONJUNCTIVE_LINKING_ADVERB_COMMA)
Context: ...akes use of go internal crypto package. Therefore the private key has to be compatible wi...

Markdownlint
README.md

37-37: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

67-67: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

98-98: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

102-102: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

108-108: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

116-116: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

124-124: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

132-132: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

136-136: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

146-146: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

153-153: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

164-164: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

205-205: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

223-223: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

241-241: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

259-259: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

279-279: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

288-288: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

299-299: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

307-307: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

319-319: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

327-327: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

344-344: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

382-382: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

43-43: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

44-44: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

45-45: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

46-46: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

47-47: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

48-48: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

49-49: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

50-50: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

51-51: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

54-54: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

55-55: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

56-56: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

59-59: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

60-60: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

61-61: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

62-62: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

63-63: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

64-64: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

65-65: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

187-187: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

188-188: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

189-189: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

190-190: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

191-191: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

195-195: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

196-196: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

197-197: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

227-227: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

228-228: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

229-229: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

230-230: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

231-231: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

232-232: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

233-233: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

234-234: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

235-235: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

236-236: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

237-237: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

238-238: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

239-239: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

244-244: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

245-245: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

246-246: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

253-253: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

254-254: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

255-255: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

323-323: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

324-324: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

325-325: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

387-387: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

389-389: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

322-322: Expected: 0 or 2; Actual: 1 (MD009, no-trailing-spaces)
Trailing spaces

73-73: Column: 1 (MD010, no-hard-tabs)
Hard tabs

74-74: Column: 1 (MD010, no-hard-tabs)
Hard tabs

75-75: Column: 1 (MD010, no-hard-tabs)
Hard tabs

76-76: Column: 1 (MD010, no-hard-tabs)
Hard tabs

77-77: Column: 1 (MD010, no-hard-tabs)
Hard tabs

78-78: Column: 1 (MD010, no-hard-tabs)
Hard tabs

79-79: Column: 1 (MD010, no-hard-tabs)
Hard tabs

81-81: Column: 1 (MD010, no-hard-tabs)
Hard tabs

82-82: Column: 1 (MD010, no-hard-tabs)
Hard tabs

83-83: Column: 1 (MD010, no-hard-tabs)
Hard tabs

84-84: Column: 1 (MD010, no-hard-tabs)
Hard tabs

86-86: Column: 1 (MD010, no-hard-tabs)
Hard tabs

87-87: Column: 1 (MD010, no-hard-tabs)
Hard tabs

88-88: Column: 1 (MD010, no-hard-tabs)
Hard tabs

89-89: Column: 1 (MD010, no-hard-tabs)
Hard tabs

90-90: Column: 1 (MD010, no-hard-tabs)
Hard tabs

91-91: Column: 1 (MD010, no-hard-tabs)
Hard tabs

92-92: Column: 1 (MD010, no-hard-tabs)
Hard tabs

93-93: Column: 1 (MD010, no-hard-tabs)
Hard tabs

94-94: Column: 1 (MD010, no-hard-tabs)
Hard tabs

268-268: Column: 1 (MD010, no-hard-tabs)
Hard tabs

269-269: Column: 1 (MD010, no-hard-tabs)
Hard tabs

270-270: Column: 1 (MD010, no-hard-tabs)
Hard tabs

271-271: Column: 1 (MD010, no-hard-tabs)
Hard tabs

272-272: Column: 1 (MD010, no-hard-tabs)
Hard tabs

273-273: Column: 1 (MD010, no-hard-tabs)
Hard tabs

274-274: Column: 1 (MD010, no-hard-tabs)
Hard tabs

275-275: Column: 1 (MD010, no-hard-tabs)
Hard tabs

348-348: Column: 1 (MD010, no-hard-tabs)
Hard tabs

349-349: Column: 1 (MD010, no-hard-tabs)
Hard tabs

350-350: Column: 1 (MD010, no-hard-tabs)
Hard tabs

351-351: Column: 1 (MD010, no-hard-tabs)
Hard tabs

352-352: Column: 1 (MD010, no-hard-tabs)
Hard tabs

353-353: Column: 1 (MD010, no-hard-tabs)
Hard tabs

354-354: Column: 1 (MD010, no-hard-tabs)
Hard tabs

355-355: Column: 1 (MD010, no-hard-tabs)
Hard tabs

356-356: Column: 1 (MD010, no-hard-tabs)
Hard tabs

357-357: Column: 1 (MD010, no-hard-tabs)
Hard tabs

358-358: Column: 1 (MD010, no-hard-tabs)
Hard tabs

359-359: Column: 1 (MD010, no-hard-tabs)
Hard tabs

360-360: Column: 1 (MD010, no-hard-tabs)
Hard tabs

361-361: Column: 1 (MD010, no-hard-tabs)
Hard tabs

362-362: Column: 1 (MD010, no-hard-tabs)
Hard tabs

363-363: Column: 1 (MD010, no-hard-tabs)
Hard tabs

364-364: Column: 1 (MD010, no-hard-tabs)
Hard tabs

365-365: Column: 1 (MD010, no-hard-tabs)
Hard tabs

366-366: Column: 1 (MD010, no-hard-tabs)
Hard tabs

367-367: Column: 1 (MD010, no-hard-tabs)
Hard tabs

368-368: Column: 1 (MD010, no-hard-tabs)
Hard tabs

369-369: Column: 1 (MD010, no-hard-tabs)
Hard tabs

371-371: Column: 1 (MD010, no-hard-tabs)
Hard tabs

372-372: Column: 1 (MD010, no-hard-tabs)
Hard tabs

373-373: Column: 1 (MD010, no-hard-tabs)
Hard tabs

374-374: Column: 1 (MD010, no-hard-tabs)
Hard tabs

375-375: Column: 1 (MD010, no-hard-tabs)
Hard tabs

376-376: Column: 1 (MD010, no-hard-tabs)
Hard tabs

377-377: Column: 1 (MD010, no-hard-tabs)
Hard tabs

378-378: Column: 1 (MD010, no-hard-tabs)
Hard tabs

163-163: Expected: 1; Actual: 2 (MD012, no-multiple-blanks)
Multiple consecutive blank lines

204-204: Expected: 1; Actual: 2 (MD012, no-multiple-blanks)
Multiple consecutive blank lines

222-222: Expected: 1; Actual: 2 (MD012, no-multiple-blanks)
Multiple consecutive blank lines

386-386: Expected: 1; Actual: 2 (MD012, no-multiple-blanks)
Multiple consecutive blank lines

288-288: Expected: 1; Actual: 0; Below (MD022, blanks-around-headings)
Headings should be surrounded by blank lines

37-37: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

67-67: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

98-98: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

164-164: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

205-205: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

223-223: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

241-241: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

259-259: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

307-307: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

319-319: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

327-327: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

382-382: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

344-344: Punctuation: ':' (MD026, no-trailing-punctuation)
Trailing punctuation in heading

284-284: null (MD031, blanks-around-fences)
Fenced code blocks should be surrounded by blank lines

292-292: null (MD031, blanks-around-fences)
Fenced code blocks should be surrounded by blank lines

54-54: null (MD032, blanks-around-lists)
Lists should be surrounded by blank lines

59-59: null (MD032, blanks-around-lists)
Lists should be surrounded by blank lines

244-244: null (MD032, blanks-around-lists)
Lists should be surrounded by blank lines

253-253: null (MD032, blanks-around-lists)
Lists should be surrounded by blank lines

323-323: null (MD032, blanks-around-lists)
Lists should be surrounded by blank lines

58-58: null (MD034, no-bare-urls)
Bare URL used

171-171: null (MD040, fenced-code-language)
Fenced code blocks should have a language specified

Additional comments not posted (5)
update/apply.go (1)

64-64: Ensure correct file permissions are set for the new executable.

The use of 0o755 for opts.TargetMode is a good default for executables, ensuring they are readable and executable by the owner, and readable by others.

README.md (4)

29-29: Highlight the addition of macOS universal binaries in the documentation.

The new section on macOS universal binaries is clearly mentioned, providing essential information to users about this feature.

47-48: Clarify support for macOS universal binaries and ARM architectures.

The updates clearly state the support for different ARM versions and macOS universal binaries, which enhances the library's usability on these platforms.

Tools
Markdownlint

47-47: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

48-48: Expected: asterisk; Actual: dash (MD004, ul-style)
Unordered list style

86-86: Ensure the executable path is correctly handled in the example.

The use of selfupdate.ExecutablePath() in the example code correctly demonstrates how to obtain the executable path, which is crucial for the update process.

Tools
Markdownlint

86-86: Column: 1 (MD010, no-hard-tabs)
Hard tabs

307-315: Document the use of the UniversalArch configuration for macOS universal binaries.

The documentation clearly explains how to configure the updater to use macOS universal binaries by setting the UniversalArch field in the Config struct. This is crucial for users needing this functionality.

Tools
Markdownlint

307-307: Expected: setext; Actual: atx (MD003, heading-style)
Heading style

307-307: null (MD025, single-title, single-h1)
Multiple top-level headings in the same document

update/apply.go Show resolved Hide resolved
update/apply.go Show resolved Hide resolved
@creativeprojects creativeprojects merged commit 85a4d70 into main Jun 25, 2024
7 of 8 checks passed
@creativeprojects creativeprojects deleted the support-macos-universal-binaries branch June 25, 2024 19:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coderabbitai coderabbitai[bot] coderabbitai left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Support for MacOS universal brinaries
1 participant
@creativeprojects