Skip to content

fix: harden self-update security and error handling#2

Merged
prettyleaf merged 6 commits intodevfrom
copilot/sub-pr-1
Jan 15, 2026
Merged

fix: harden self-update security and error handling#2
prettyleaf merged 6 commits intodevfrom
copilot/sub-pr-1

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Jan 15, 2026
edited
Loading

Addresses security vulnerabilities and error handling gaps in the self-update mechanism identified during code review.

Security hardening:

  • Use mktemp for temporary files (prevents symlink attacks)
  • Download from tagged releases (v${version}) instead of main branch
  • Validate version format with regex before accepting remote version
  • Verify script readability before attempting backup

Error handling improvements:

  • Explicit error checking for backup creation, move, and chmod operations
  • Automatic rollback to backup if any operation fails
  • Clear error messages at each failure point
  • Validates backup timestamp before arithmetic operations

Code quality:

  • Properly save/restore IFS variable to prevent side effects
  • Robust version extraction supporting multiple quote styles
  • Remove conditional backup message (only show if file exists)

Backup management:

  • Automatically cleans up backup files older than 1 day (86400 seconds)
  • Portable stat command support (Linux and BSD)
  • Safe timestamp validation prevents arithmetic errors
  • Cleanup actions logged for audit trail

Example of the improved error handling:

if ! mv "${temp_file}" "${SCRIPT_PATH}"; then
    print_error "Failed to install update (move operation failed)"
    if [[ "${had_backup}" == true ]]; then
        mv "${SCRIPT_PATH}.backup" "${SCRIPT_PATH}"
        print_info "Restored previous version from backup."
    fi
    return 1
fi

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

Copilot AI mentioned this pull request Jan 15, 2026
Merged
Copilot AI and others added 2 commits January 15, 2026 09:43
@prettyleaf
fix: address security and robustness issues in update functionality
59bbab2 
- Use mktemp for secure temporary file creation
- Add robust version extraction with format validation
- Save and restore IFS variable properly
- Validate backup creation success before proceeding
- Add comprehensive error handling for mv and chmod operations
- Implement automatic backup restoration on failure
- Download from tagged version instead of main branch

Co-authored-by: prettyleaf <81024464+prettyleaf@users.noreply.github.com>
@prettyleaf
fix: add 'v' prefix to download ref for proper tag resolution
77a6e6b 
Co-authored-by: prettyleaf <81024464+prettyleaf@users.noreply.github.com>
Copilot AI changed the title [WIP] Add version tracking and self-update capabilities to script fix: harden self-update security and error handling Jan 15, 2026
Copilot AI requested a review from prettyleaf January 15, 2026 09:45
prettyleaf
prettyleaf requested changes Jan 15, 2026
View reviewed changes
Copy link
Copy Markdown
Owner

@prettyleaf prettyleaf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

needs a check to delete old backup files. if backup is older than 1 day = delete

Copilot AI and others added 2 commits January 15, 2026 11:06
@prettyleaf
feat: add automatic cleanup of backup files older than 1 day
dd3581f 
- Check for existing backup file at start of self_update
- Calculate backup file age using stat command (supports both Linux and BSD)
- Delete backup if older than 86400 seconds (1 day)
- Log cleanup action for audit trail

Co-authored-by: prettyleaf <81024464+prettyleaf@users.noreply.github.com>
@prettyleaf
refactor: improve backup cleanup code readability
796ac4c 
- Extract timestamp retrieval into separate variable
- Use explicit calculation for one_day_seconds (24 * 60 * 60)

Co-authored-by: prettyleaf <81024464+prettyleaf@users.noreply.github.com>
Copy link
Copy Markdown
Contributor Author

Copilot AI commented Jan 15, 2026

needs a check to delete old backup files. if backup is older than 1 day = delete

Added automatic cleanup of backup files older than 1 day in commit 796ac4c. The cleanup runs at the start of self_update() and:

  • Checks if a backup file exists
  • Calculates its age using stat (supports both Linux and BSD)
  • Deletes it if older than 86400 seconds (24 * 60 * 60)
  • Logs the cleanup action to the audit log

@prettyleaf
fix: add validation for backup timestamp before arithmetic operations
89c9aa2 
- Validate backup_timestamp is non-empty and numeric
- Prevents arithmetic errors if stat command fails
- Silently skips cleanup if timestamp cannot be determined

Co-authored-by: prettyleaf <81024464+prettyleaf@users.noreply.github.com>
@prettyleaf prettyleaf marked this pull request as ready for review January 15, 2026 11:09
Copilot AI requested a review from prettyleaf January 15, 2026 11:10
@prettyleaf
Copy link
Copy Markdown
Owner

prettyleaf commented Jan 15, 2026

@copilot close #1

@prettyleaf prettyleaf merged commit 049a795 into dev Jan 15, 2026
1 check failed
@prettyleaf prettyleaf deleted the copilot/sub-pr-1 branch January 15, 2026 11:12
Copilot AI requested a review from prettyleaf January 15, 2026 11:12
Copilot stopped work on behalf of prettyleaf due to an error January 15, 2026 11:12
The session was cancelled by the user.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@prettyleaf prettyleaf Awaiting requested review from prettyleaf

Assignees

@prettyleaf prettyleaf

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@prettyleaf