Skip to content

fix: use non-API GitHub redirect for update checks, add --force to update apply#91

Merged
jpage-godaddy merged 2 commits into
rust-portfrom
fix-release-round-2
Jul 10, 2026
Merged

fix: use non-API GitHub redirect for update checks, add --force to update apply#91
jpage-godaddy merged 2 commits into
rust-portfrom
fix-release-round-2

Conversation

@jpage-godaddy

@jpage-godaddy jpage-godaddy commented Jul 9, 2026

Copy link
Copy Markdown
Collaborator

Summary

  • gddy update check/apply were hitting GitHub's unauthenticated REST API (api.github.com), which enforces a 60-requests/hour rate limit per IP — trivially exhausted behind a shared/corporate NAT, surfacing as Error: GitHub API returned 403 Forbidden while checking for updates. Switched to resolving the latest release tag via github.com/{repo}/releases/latest's plain redirect (the same technique install.sh already relies on), which isn't subject to that limit.
  • Added a --force flag to gddy update apply so the self-update mechanism (download, checksum verify, extract, self-replace) can be exercised end-to-end even when the running binary is already on the latest version. --force only bypasses the exact "already up to date" case — a genuine downgrade (running binary newer than the latest release) is still blocked unconditionally (refined during review).
  • Fixed a clippy::await_holding_lock warning in domains-client's test suite: a std::sync::MutexGuard serializing a transport-logger test was held across .await points. Swapped it for an async-aware tokio::sync::Mutex (added the sync feature to tokio's dev-dependency).
  • Errors from the redirect-lookup path now report the resolved (post-redirect) URL instead of the constant /releases/latest request URL, and the redirect-following/parsing logic is now covered by httpmock-based tests (refined during review).

Test plan

  • cargo build, cargo fmt --check, cargo clippy -p domains-client --all-targets -- -D warnings, cargo clippy -p godaddy-cli --all-targets -- -D warnings, cargo test --workspace all pass
  • Verified live: gddy update check correctly reports 0.1.0 -> 0.1.1 after the redirect-based fix
  • Run gddy update apply --force to validate the full self-update flow end-to-end

…date apply

api.github.com's unauthenticated 60-req/hour rate limit was causing
`gddy update check`/`apply` to fail with 403 behind shared/corporate NAT
IPs. Resolve the latest release tag via github.com's plain redirect
instead (same technique install.sh already uses), which isn't
API-rate-limited.

Also add `--force` to `update apply` so the self-update mechanism can be
exercised even when already on the latest version, and fix a
clippy::await_holding_lock warning in domains-client's transport-logger
test lock by switching it to an async-aware tokio::sync::Mutex.

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the CLI self-update mechanism to avoid unauthenticated GitHub REST API rate limits, adds a --force option for exercising update application, and cleans up an async test locking pattern in the domains client.

Changes:

  • Switch update checks to resolve the latest release tag via github.com/{repo}/releases/latest redirect instead of api.github.com.
  • Add gddy update apply --force to allow reinstalling even when already on the latest version.
  • Replace a std::sync::Mutex test lock with tokio::sync::Mutex to avoid holding a blocking guard across .await.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

File Description
rust/src/update/mod.rs Redirect-based latest-tag resolution for update checks; --force flag wiring for update apply.
rust/domains-client/src/lib.rs Swap test serialization lock to tokio::sync::Mutex to address await_holding_lock.
rust/domains-client/Cargo.toml Enable Tokio sync feature for the new async mutex usage in tests.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread rust/src/update/mod.rs Outdated
Comment thread rust/src/update/mod.rs Outdated
Comment thread rust/src/update/mod.rs
- --force no longer bypasses a downgrade: only the exact "already up
  to date" case (latest == current) is skipped, so a stale/dev build
  never gets replaced with an older published release.
- Errors from fetch_latest_tag now include the resolved (post-redirect)
  URL instead of the constant /releases/latest request URL, making
  failures actionable.
- Add httpmock-based coverage for fetch_latest_tag_from's redirect
  handling (happy path + missing tag segment).

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 3 out of 3 changed files in this pull request and generated no new comments.

@jpage-godaddy jpage-godaddy merged commit 60cc92d into rust-port Jul 10, 2026
2 checks passed
@jpage-godaddy jpage-godaddy deleted the fix-release-round-2 branch July 10, 2026 18:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants