feat(cli): add source-aware atomic update router#59
Merged
Conversation
The test helper used format!-templating to embed install_path into the manifest, producing "install_path": "C:\Users\..." on Windows — illegal JSON because \U etc. aren't valid string escapes. detect_source then failed to parse the manifest and fell through to path heuristics, returning Manual instead of OfficialInstaller. CI green on ubuntu-latest and macos-latest; failed on windows-latest. - Manifest::install_path: String -> PathBuf so serde handles escaping at the deserialization boundary, and add a doc comment clarifying that install_path is platform-native (never compared across platforms, only canonicalized against current_exe()). - write_manifest now builds the JSON with serde_json::json! instead of format!-templating, so the encoder owns escaping for any path shape. - Add write_manifest_emits_valid_json_for_windows_paths: constructs a Windows-shaped path with a raw string and verifies round-trip parse on any host, so the regression is caught even without Windows CI. install.sh writes the producer side of this manifest and lives in a separate repo; it has the same pitfall and needs a follow-up.
leefaus
approved these changes
May 20, 2026
Contributor
leefaus
left a comment
leefaus
left a comment
There was a problem hiding this comment.
Approved. Let's merge to dev.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR adds
atomic update.The command checks the latest Atomic release on GitHub, compares it with the currently running binary, and prints the right upgrade command for how that binary was installed.
It supports:
This is a routing command only. It does not replace the binary yet.
Why
Users should be able to run one command to find out whether their Atomic CLI is outdated and how to upgrade it.
Different install methods need different upgrade commands. For example, Homebrew users should run
brew upgrade, Cargo users should runcargo install --force, and official installer users should re-runinstall.sh.This PR pairs with
atomic-storagePR #51:https://github.com/atomicdotdev/atomic-storage/pull/51
That PR updates the hosted
install.shso it writes:This PR reads that manifest. If the manifest says the binary came from the official installer, and the recorded
install_pathmatches the currently running binary,atomic updateshows the installer upgrade command.If there is no trusted manifest,
atomic updatefalls back to path-based detection for Homebrew/Cargo/manual installs.Behavior
curl -sSf https://atomic.storage/install.sh | shATOMIC_INSTALL=...brew upgrade atomicdotdev/tap/atomiccargo install --git https://github.com/atomicdotdev/atomic atomic-cli --locked --forceatomic update --checkis intended for CI:0when up to date1when outdated4when the version cannot be checked or comparedSafety
The install manifest is user-writable, so this command does not blindly trust it.
It only treats the manifest as official-installer metadata when:
The manifest is used for routing and drift detection only. It is not tamper protection.
Verification
Unit tests cover:
Current focused test result:
I also ran a real local E2E with
atomic-storagePR #51:install.shinto a temporary install dir.$XDG_STATE_HOME/atomic/install.json.atomic 0.5.0binary to force the outdated path.install_path.atomic update --checkreportssource: installer.source: manual.Detailed E2E commands and output are here:
https://github.com/atomicdotdev/atomic-storage/pull/51#issuecomment-4480872503
Out of Scope
This PR does not implement self-update / binary replacement. That should come later with release artifact signing, safer replacement mechanics, permission handling, and rollback behavior.