Feat/aikido version mgmt #7
Conversation
…enhance version fetching logic
There was a problem hiding this comment.
Pull request overview
This PR introduces automated version management for the Aikido pre-commit scanner Feature, transitioning from a hardcoded default version to a "latest" strategy with automated fallback maintenance.
Changes:
- Changed default version from
v1.0.116to"latest"with automatic upstream version detection at install time - Added fallback version mechanism and GitHub Actions workflow to keep it current via automated PRs
- Enhanced documentation to explain version management strategies (auto-detection vs. pinned)
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
src/aikido-precommit/devcontainer-feature.json |
Updated default version to "latest" with clarified description |
src/aikido-precommit/install.sh |
Added version resolution logic with upstream fetching and fallback mechanism |
src/aikido-precommit/README.md |
Documented version management strategies and usage patterns |
.github/workflows/aikido-version-check.yml |
Automated weekly check for upstream version updates with PR creation |
test/aikido-precommit/scenarios.json |
Added test scenario for pinned version installation |
test/aikido-precommit/pinned-version.sh |
Test script validating explicit version installation |
| local extracted_version | ||
|
|
||
| # Attempt to fetch the upstream install script | ||
| if upstream_script=$(curl -fsSL --connect-timeout 10 "$AIKIDO_UPSTREAM_SCRIPT" 2>/dev/null); then |
There was a problem hiding this comment.
When the curl command fails, there's no feedback to the user about why version resolution fell back. Consider logging a warning message before returning the fallback version to help users understand when/why they're not getting the latest version.
|
@copilot open a new pull request to apply changes based on the comments in this thread |
|
@Datacom-Ayden I've opened a new pull request, #8, to work on those changes. Once the pull request is ready, I'll request review from you. |
Co-authored-by: Datacom-Ayden <221437541+Datacom-Ayden@users.noreply.github.com>
Add fallback logging to aikido-precommit version resolution
This pull request introduces automated version management for the Aikido pre-commit scanner, making it easier to stay up-to-date with the latest releases while still supporting pinned versions for reproducibility. The main changes include updating the default versioning strategy to "latest," adding a fallback mechanism, and implementing automation to keep the fallback version current. Documentation and tests have also been improved to reflect these changes.
Version Management Improvements
"latest"indevcontainer-feature.json,install.sh, and documentation, enabling automatic fetching of the latest version at install time. [1] [2] [3]install.sh(FALLBACK_VERSION), which is used if the upstream script cannot be fetched.aikido-version-check.yml) to automatically check for new upstream versions weekly and create a pull request to update the fallback version if needed.Documentation Updates
README.mdto clearly explain the new version management strategy, including the default "latest" behavior and instructions for pinning a specific version.Testing Enhancements