Try to fix Winget install & upgrade Tests in workflows

[hustcer]

Try to fix Winget install & upgrade Tests in workflows

[github-actions]

Script Analysis

• Key observations:
  • The changes move winget install commands from Nushell scripts to dedicated workflow steps using cmd
  • Maintains same functionality but with better separation of concerns
  • Properly uses environment variables for sensitive data (GITHUB_TOKEN)
  • Follows consistent pattern across multiple workflow files

Security Review

• Vulnerability findings:
  • ✅ Sensitive GITHUB_TOKEN is properly passed as environment variable
  • ✅ External command execution (winget) is properly parameterized with static arguments
  • ❗ Consider adding error handling for the winget install step to fail fast if installation fails

Optimization Suggestions

• Performance improvements:
  • ✅ Moving winget install to separate step prevents redundant installations when running multiple test cases
  • ⚠️ Consider adding a condition to skip installation if Komac is already present
  • ✅ Using cmd for Windows-specific commands is more efficient than shelling out from Nushell

Overall Quality: 4

checklist:

• Compatibility: ["Nu 0.90+", "Windows-specific", "No plugin dependencies"]
• Security: ["Input sanitization not needed (static args)", "No temp files", "Env properly handled"]
• Reliability: ["Could improve error handling", "No null handling needed", "Type validation not applicable"]
• Performance: ["Reduced redundant operations", "Proper command grouping", "Stream handling not applicable"]