linkedin-apply-assistant 0.1.3 → 0.1.5

package/CHANGELOG.md

@@ -6,6 +6,33 @@ This file follows the spirit of Keep a Changelog and uses semantic version label
 
 ## [Unreleased]
 
+## [0.1.5] - 2026-06-13
+
+### Added
+
+- Added `linkedin-apply-assistant update` with automatic npm vs PowerShell
+  install-channel detection, plus `--check` and `--method` options.
+- Added PowerShell installer update flags: `install.ps1 -Update` and
+  `install.ps1 -CheckOnly`.
+
+### Changed
+
+- NPM launcher and PowerShell installer shims now mark their install channel so
+  the CLI can pick the correct updater automatically.
+- NPM package contents now include only Python source files from
+  `src/linkedin_apply_assistant/*.py`, preventing generated `__pycache__`
+  bytecode from entering npm tarballs after test runs.
+
+## [0.1.4] - 2026-06-13
+
+### Fixed
+
+- Made `linkedin-apply-assistant --verbose` print root help and a first-run hint
+  instead of failing with a missing `command` parser error.
+- Made `linkedin-apply-assistant config` default to the read-only
+  `config check` diagnostics command instead of failing with a missing
+  `config_command` parser error.
+
 ## [0.1.3] - 2026-06-13
 
 ### Changed

package/README.md

@@ -7,7 +7,7 @@ LinkedIn-apply-assistant is an experimental local browser automation assistant f
 
 The package is local-first. It does not require credentials in config, copied browser profiles, private documents, or generated reports to import, inspect, or run its deterministic tests.
 
-Current package metadata version: `0.1.3`.
+Current package metadata version: `0.1.5`.
 
 ## Safety Boundary
 
@@ -98,6 +98,7 @@ All commands accept these shared flags where relevant: `--workspace`, `--config`
 | `apply` | Prepare approval-gated application audit output. Browser submission remains disabled today. | `--input`, `--limit`, `--confirm-submit` |
 | `dry-run` | Validate local job input without browser or network submission. | `--input` |
 | `report` | Read a local JSON report and print a concise summary. | `report_json` |
+| `update` | Update through the detected npm or PowerShell install channel. | `--check`, `--method` |
 
 ## Documentation Map
 

package/RELEASE_CHECKLIST.md

@@ -443,6 +443,100 @@ Distribution safety boundary:
   download and run that public script
 - PyPI and TestPyPI uploads stay out of this release
 
+## v0.1.4 CLI Missing-Command UX Release
+
+This patch fixes first-run command-line behavior so missing subcommands produce
+actionable output instead of raw argparse parser errors.
+
+Scope:
+
+- Package version: `0.1.4`
+- npm package: `linkedin-apply-assistant`
+- npm dist-tag: `latest`
+- GitHub Release: `v0.1.4`
+- Repository: `MohammedGhazal09/linkedin-apply-assistant`
+- Runtime behavior, browser safety posture, and public apply/search boundaries are unchanged.
+- `linkedin-apply-assistant --verbose` prints root help and a first-run hint.
+- `linkedin-apply-assistant config` runs the same read-only diagnostics as
+  `linkedin-apply-assistant config check`.
+- PyPI and TestPyPI remain future channels.
+
+Required local evidence before public sync:
+
+```powershell
+python -m pytest tests\test_cli_help.py tests\test_config_diagnostics.py tests\test_distribution_metadata.py tests\test_docs_smoke.py tests\test_registry_publication_strategy.py tests\test_release_readiness.py tests\test_npm_launcher.py tests\test_distribution_smoke.py tests\test_release_manifest.py -q
+python scripts\release.py clean
+python scripts\release.py manifest --check
+python scripts\release.py verify
+npm pack --dry-run --json
+```
+
+Post-publish verification:
+
+```powershell
+npm view linkedin-apply-assistant version --json
+npm view linkedin-apply-assistant dist-tags --json
+linkedin-apply-assistant --verbose
+linkedin-apply-assistant --verbose config
+gh release view v0.1.4 --repo MohammedGhazal09/linkedin-apply-assistant --json tagName,name,url,isDraft,isPrerelease,targetCommitish
+```
+
+Distribution safety boundary:
+
+- no lifecycle install, publish, or token scripts are added to `package.json`
+- `config` shorthand remains read-only and creates no files or directories
+- PyPI and TestPyPI uploads stay out of this release
+
+## v0.1.5 NPM and PowerShell Update Command Release
+
+This patch adds an explicit update path for both public install channels.
+
+Scope:
+
+- Package version: `0.1.5`
+- npm package: `linkedin-apply-assistant`
+- npm dist-tag: `latest`
+- GitHub Release: `v0.1.5`
+- Repository: `MohammedGhazal09/linkedin-apply-assistant`
+- Runtime behavior, browser safety posture, and public apply/search boundaries are unchanged.
+- `linkedin-apply-assistant update` chooses npm or PowerShell from the detected
+  install channel.
+- `linkedin-apply-assistant update --check` prints the selected updater without
+  changing files.
+- `install.ps1 -Update` reruns the no-admin installer against the same install
+  directory when the PowerShell shim provides it.
+- `install.ps1 -CheckOnly` prints installer settings without changing files.
+- PyPI and TestPyPI remain future channels.
+
+Required local evidence before public sync:
+
+```powershell
+python -m pytest tests\test_cli_help.py tests\test_cli_contract.py tests\test_config_diagnostics.py tests\test_distribution_metadata.py tests\test_docs_smoke.py tests\test_registry_publication_strategy.py tests\test_release_readiness.py tests\test_npm_launcher.py tests\test_distribution_smoke.py tests\test_release_manifest.py -q
+python scripts\release.py clean
+python scripts\release.py manifest --check
+python scripts\release.py verify
+npm pack --dry-run --json
+powershell -NoProfile -Command "$errors=$null; [System.Management.Automation.PSParser]::Tokenize((Get-Content -Raw .\install.ps1), [ref]$errors) | Out-Null; if($errors){$errors; exit 1}"
+linkedin-apply-assistant update --check
+```
+
+Post-publish verification:
+
+```powershell
+npm view linkedin-apply-assistant version --json
+npm view linkedin-apply-assistant dist-tags --json
+linkedin-apply-assistant update --check
+gh release view v0.1.5 --repo MohammedGhazal09/linkedin-apply-assistant --json tagName,name,url,isDraft,isPrerelease,targetCommitish
+```
+
+Distribution safety boundary:
+
+- no lifecycle install, publish, or token scripts are added to `package.json`
+- `update` runs only the selected package updater and does not touch browser
+  profiles, configs, Q&A banks, outputs, or reports
+- browser submission remains disabled
+- PyPI and TestPyPI uploads stay out of this release
+
 ## Required Public Metadata
 
 `package.json` must include exactly these public project fields:
@@ -496,7 +590,7 @@ Do not publish while any hard blocker remains unresolved.
 - `LEGAL.md` and `SAFETY.md` remain linked from README.
 - `MIGRATION.md` explains extraction scope and excluded root surfaces.
 - `CONTRIBUTING.md` and `SECURITY.md` are standalone-scoped.
-- Changelog has `Unreleased`, `0.1.3`, `0.1.2`, `0.1.1`, and `0.1.0`.
+- Changelog has `Unreleased`, `0.1.5`, `0.1.4`, `0.1.3`, `0.1.2`, `0.1.1`, and `0.1.0`.
 - Source, Python, npm launcher, and PowerShell installer docs are current and tested.
 - Phase 21 terminal UX docs and help stay current: `docs\commands.md`, `tests\test_cli_help.py`, and `tests\test_config_diagnostics.py`.
 - Public package metadata points to the canonical GitHub repository and issue tracker.

package/SECURITY.md

@@ -34,4 +34,4 @@ Never attach browser profiles, cookies, credentials, screenshots, private docume
 
 ## Supported Versions
 
-The initial standalone GitHub source release is `0.1.0`. Current package metadata is `0.1.3`. Security guidance applies to the current unreleased, `0.1.3`, `0.1.2`, `0.1.1`, and `0.1.0` package-local surfaces.
+The initial standalone GitHub source release is `0.1.0`. Current package metadata is `0.1.5`. Security guidance applies to the current unreleased, `0.1.5`, `0.1.4`, `0.1.3`, `0.1.2`, `0.1.1`, and `0.1.0` package-local surfaces.

package/bin/linkedin-apply-assistant.mjs

@@ -29,6 +29,9 @@ if (existsSync(localSrc)) {
     : localSrc;
 }
 
+launcherEnv.LINKEDIN_APPLY_ASSISTANT_INSTALL_CHANNEL = "npm";
+launcherEnv.LINKEDIN_APPLY_ASSISTANT_NPM_PACKAGE_ROOT = packageRoot;
+
 function printSetupGuidance(reason) {
   console.error(`linkedin-apply-assistant npm launcher could not start: ${reason}`);
   console.error("");

package/docs/commands.md

@@ -11,6 +11,9 @@ Use this page after installation to choose the right terminal command, inspect f
    linkedin-apply-assistant config check
    ```
 
+   `linkedin-apply-assistant config` is accepted as the same read-only
+   diagnostic shortcut.
+
 3. Copy example files into your own ignored workspace when you need them:
    - `configs/config.example.yml` for profile, documents, and path choices.
    - `configs/qa_bank.example.yml` for truthful reusable answers.
@@ -56,6 +59,12 @@ Run diagnostics before browser workflows or after changing path flags:
 linkedin-apply-assistant config check
 ```
 
+Shortcut:
+
+```powershell
+linkedin-apply-assistant config
+```
+
 Expected output:
 
 - `ok`, `missing`, or `warning` for each path category.
@@ -162,6 +171,36 @@ linkedin-apply-assistant report examples/reports/apply-audit.example.json
 
 Use this command for local report review without opening a browser.
 
+## update
+
+`update` refreshes the installed command through the detected install channel.
+NPM-installed commands run npm; PowerShell-installed commands rerun the public
+installer.
+
+```powershell
+linkedin-apply-assistant update
+```
+
+Preview the selected updater without changing files:
+
+```powershell
+linkedin-apply-assistant update --check
+```
+
+Force a channel when detection is not what you want:
+
+```powershell
+linkedin-apply-assistant update --method npm
+linkedin-apply-assistant update --method powershell
+```
+
+Notes:
+
+- The npm method runs `npm install -g linkedin-apply-assistant@latest`.
+- The PowerShell method downloads `install.ps1` and runs it with `-Update`.
+- This command only updates the local package install. It does not submit
+  applications or change the browser safety boundary.
+
 ## Troubleshooting Pointers
 
 | Symptom | Next step |
@@ -171,6 +210,7 @@ Use this command for local report review without opening a browser.
 | Invalid JSON input | Re-run `dry-run` after checking the `--input` path and JSON format. |
 | Missing Playwright or Chromium | Run `python -m playwright install chromium`. |
 | Browser profile issue | Run `config check`, inspect the browser profile path, or choose another profile with `--browser-profile <path>`. |
+| Unsure how to update | Run `linkedin-apply-assistant update --check`. |
 | Unsure which command to use | Start with `linkedin-apply-assistant --help` and `linkedin-apply-assistant config check`. |
 
 More details are in [Troubleshooting](troubleshooting.md).

package/docs/install-and-configuration.md

@@ -4,7 +4,7 @@ This package runs locally. You install the Python package, choose a local worksp
 
 This file is the canonical install matrix. The README keeps only a short quick start.
 
-Current package metadata version: `0.1.3`.
+Current package metadata version: `0.1.5`.
 
 The npm launcher and PowerShell no-admin installer are the current quick-install paths.
 PyPI remains a future package channel. The package-channel decision, approval
@@ -55,6 +55,19 @@ npm install -g linkedin-apply-assistant
 linkedin-apply-assistant --help
 ```
 
+Update:
+
+```powershell
+linkedin-apply-assistant update
+linkedin-apply-assistant update --check
+```
+
+Direct npm equivalent:
+
+```powershell
+npm install -g linkedin-apply-assistant@latest
+```
+
 If the launcher reports that the Python package is not importable, install the
 bundled Python package from the global npm package directory:
 
@@ -75,6 +88,13 @@ does not require admin rights.
 irm https://raw.githubusercontent.com/MohammedGhazal09/linkedin-apply-assistant/main/install.ps1 | iex
 ```
 
+Update:
+
+```powershell
+linkedin-apply-assistant update
+linkedin-apply-assistant update --check
+```
+
 Inspectable temp-file equivalent:
 
 ```powershell
@@ -83,6 +103,20 @@ iwr https://raw.githubusercontent.com/MohammedGhazal09/linkedin-apply-assistant/
 & $script
 ```
 
+Inspectable update equivalent:
+
+```powershell
+$script = Join-Path $env:TEMP 'linkedin-apply-assistant-install.ps1'
+iwr https://raw.githubusercontent.com/MohammedGhazal09/linkedin-apply-assistant/main/install.ps1 -OutFile $script
+& $script -Update
+```
+
+Check installer settings without changing files:
+
+```powershell
+& $script -CheckOnly
+```
+
 Optional visible-browser setup during install:
 
 ```powershell

package/docs/registry-publication-strategy.md

@@ -7,17 +7,17 @@ asset, or grant publish-capable workflow permissions.
 
 The first GitHub source release, `v0.1.0`, remains source-only and is not a
 registry backfill candidate. The npm launcher release starts at `0.1.1`; the
-current PowerShell short-command npm package page refresh is `0.1.3`. PyPI and
-TestPyPI remain future channels.
+current npm and PowerShell update command release is `0.1.5`. PyPI and TestPyPI
+remain future channels.
 
 ## Current Boundary
 
-- Current package metadata version: `0.1.3`.
+- Current package metadata version: `0.1.5`.
 - Current install path: npm global launcher, PowerShell installer, source
   checkout, local Python install, local editable install, and local npm launcher
   dry-run validation.
 - Current public channel: GitHub repository source checkout and GitHub source
-  release archives; npm launcher package for `0.1.3` after the approved npm
+  release archives; npm launcher package for `0.1.5` after the approved npm
   patch publish step verifies successfully.
 - Not current: PyPI package, TestPyPI package, GitHub Packages package, PyPI
   trusted-publisher setup, npm trusted-publisher setup, registry automation,
@@ -34,14 +34,14 @@ action, and exact mutation.
 | GitHub Releases | Current source-only channel for `v0.1.0`. No wheel, sdist, npm tarball, or other release asset is attached. | Keep as the source-of-truth release record. Future assets require explicit approval. | Users can inspect and install from source without introducing registry auth or package-name ownership. | Clean local verification, changelog, release checklist, source manifest, approved tag or release mutation. | Explicit GitHub Release approval naming repo, tag, target commit, release state, and assets, if any. | `gh release view`, `gh release list`, source archive inspection, release manifest verification. | Remove mistaken assets from the release, correct the release notes, or delete a draft. Source tags need separate explicit remediation because asset removal does not undo a tag. |
 | PyPI | Not published and not reserved. | Primary future Python registry for direct package publication. | The project is a Python CLI with Playwright-driven browser automation, so PyPI is the natural long-term install path. | Maintainer or maintainer-controlled organization ownership, account 2FA where supported, PyPI Trusted Publishing with GitHub Actions OIDC, protected `pypi` environment, clean build and metadata gates. | Explicit PyPI approval naming repository, version, PyPI project, workflow or manual action, and exact upload mutation. | Read-only JSON API check, `python -m build`, `twine check dist/*`, local wheel install smoke, release scan, manifest verification. | Prefer yanking a broken release where appropriate. Deletion is disruptive and permanent; never rely on deleting and reusing the same version. |
 | TestPyPI | Not published and not reserved. | Required preflight for the first registry release and for publish-workflow changes. Routine patch preflights can become optional only after a proven release cycle. | It exercises package metadata, artifacts, and installer behavior before the real PyPI release. | Same artifact gates as PyPI, protected `testpypi` environment, explicit preflight approval, no production token. | Explicit TestPyPI approval naming repository, version, TestPyPI project, workflow or manual action, and exact upload mutation. | TestPyPI JSON API check, metadata validation, test-index install smoke, package contents review. | Clean up mistaken TestPyPI releases where possible and move forward with a new version if needed. Do not treat TestPyPI cleanup as production rollback proof. |
-| npm | Public thin-launcher channel for `0.1.3`; `0.1.1` was the first npm and PowerShell distribution release. | Keep as the JavaScript ecosystem convenience launcher; use PyPI later for direct Python package installs. | npm provides a familiar global command on systems that already have Node.js, but the launcher delegates to the Python CLI and cannot install Python itself. | Maintainer or maintainer-controlled ownership, account 2FA where supported, first-publish token bootstrap if trusted publishing cannot create the package, exact package contents review. | Explicit npm approval naming repository, version, npm package, workflow or manual action, and exact registry mutation. | `npm pack --dry-run --json`, package contents inspection, no lifecycle install/publish scripts, npm read-only registry check after publication. | Prefer deprecation for bad packages when unpublish criteria are not met. A used npm `package@version` cannot be reused, even after unpublish. |
+| npm | Public thin-launcher channel for `0.1.5`; `0.1.1` was the first npm and PowerShell distribution release. | Keep as the JavaScript ecosystem convenience launcher; use PyPI later for direct Python package installs. | npm provides a familiar global command on systems that already have Node.js, but the launcher delegates to the Python CLI and cannot install Python itself. | Maintainer or maintainer-controlled ownership, account 2FA where supported, first-publish token bootstrap if trusted publishing cannot create the package, exact package contents review. | Explicit npm approval naming repository, version, npm package, workflow or manual action, and exact registry mutation. | `npm pack --dry-run --json`, package contents inspection, no lifecycle install/publish scripts, npm read-only registry check after publication. | Prefer deprecation for bad packages when unpublish criteria are not met. A used npm `package@version` cannot be reused, even after unpublish. |
 | PowerShell installer | Current GitHub-hosted installer script at `install.ps1`; the README uses `irm ... \| iex` and the detailed install doc keeps a temp-file equivalent. | Keep as the no-admin Windows convenience path for users who prefer a single script. | It can create a local virtual environment, install dependencies from the public source archive, create command shims, and optionally install Chromium. | Public GitHub source archive availability, Python 3.11+, script syntax validation, and local install smoke. | Push the verified installer/docs to the public repository; no registry mutation is required for installer-only changes. | PowerShell parser check, temp-directory install smoke, command shim help smoke, and docs link checks. | Fix forward in `main`; users can reinstall from the corrected script or pin `-Ref` to a known tag. |
 | GitHub Packages | Not used. | Deferred. | It adds `packages: write` and authenticated consumption friction without improving the primary Python install path. | A future reason to publish a package to GitHub Packages, explicit package type, permission model, and install documentation. | Separate approval naming package type, repository, version, and exact mutation. | GitHub Packages read-only checks and package permission review. | Delete or deprecate only according to the package type's GitHub Packages support. This is not a substitute for PyPI/npm remediation. |
 
 ## Package Names
 
 The target package name for PyPI, TestPyPI, and npm publication is
-`linkedin-apply-assistant`. The current npm launcher version is `0.1.3`.
+`linkedin-apply-assistant`. The current npm launcher version is `0.1.5`.
 
 If the unscoped npm name becomes unavailable or ownership changes later, the
 fallback is a future scoped npm package under a maintainer-controlled scope.
@@ -58,6 +58,11 @@ fallback is a future scoped npm package under a maintainer-controlled scope.
   README content is immutable for an existing package version.
 - The PowerShell short-command README refresh uses `0.1.3` because the npm
   package page must be republished to replace the prior command.
+- The CLI no-command and `config` shorthand fix uses `0.1.4` because it changes
+  user-facing terminal behavior without changing browser workflow behavior.
+- The npm and PowerShell update command release uses `0.1.5` because it adds a
+  user-facing updater and installer flags without changing browser workflow
+  behavior.
 - If user-visible behavior changes before registry publication, the default
   future version example is `0.2.0`.
 - Future behavior changes remain SemVer decisions at the publish phase.

package/install.ps1

@@ -3,7 +3,9 @@ param(
     [string]$InstallDir = (Join-Path $env:LOCALAPPDATA "linkedin-apply-assistant"),
     [string]$Ref = "main",
     [switch]$InstallBrowser,
-    [switch]$NoPath
+    [switch]$NoPath,
+    [switch]$Update,
+    [switch]$CheckOnly
 )
 
 Set-StrictMode -Version 3.0
@@ -103,8 +105,19 @@ $binDir = Join-Path $installRoot "bin"
 $tempDir = Join-Path ([IO.Path]::GetTempPath()) ("linkedin-apply-assistant-" + [guid]::NewGuid())
 $zipPath = Join-Path $tempDir "source.zip"
 
+if ($CheckOnly) {
+    Write-Step "Installer source: $archiveUrl"
+    Write-Step "Install directory: $installRoot"
+    Write-Step "Ref: $Ref"
+    Write-Host ""
+    Write-Host "Run update:"
+    Write-Host "  powershell -NoProfile -ExecutionPolicy Bypass -File .\install.ps1 -Update"
+    exit 0
+}
+
 try {
-    Write-Step "Installing from $archiveUrl"
+    $action = if ($Update) { "Updating" } else { "Installing" }
+    Write-Step "$action from $archiveUrl"
     New-Item -ItemType Directory -Force -Path $tempDir | Out-Null
     New-Item -ItemType Directory -Force -Path $installRoot | Out-Null
 
@@ -147,13 +160,22 @@ try {
     $psShim = Join-Path $binDir "linkedin-apply-assistant.ps1"
     $cmdShim = Join-Path $binDir "linkedin-apply-assistant.cmd"
 
-    @"
+@"
 param([Parameter(ValueFromRemainingArguments = `$true)][string[]]`$RemainingArgs)
+`$env:LINKEDIN_APPLY_ASSISTANT_INSTALL_CHANNEL = "powershell"
+`$env:LINKEDIN_APPLY_ASSISTANT_INSTALL_DIR = "$installRoot"
+`$env:LINKEDIN_APPLY_ASSISTANT_INSTALL_REF = "$Ref"
 & "$venvPython" -m linkedin_apply_assistant.cli @RemainingArgs
 exit `$LASTEXITCODE
 "@ | Set-Content -LiteralPath $psShim -Encoding UTF8
 
-    "@echo off`r`n`"$venvPython`" -m linkedin_apply_assistant.cli %*`r`n" |
+    @"
+@echo off
+set "LINKEDIN_APPLY_ASSISTANT_INSTALL_CHANNEL=powershell"
+set "LINKEDIN_APPLY_ASSISTANT_INSTALL_DIR=$installRoot"
+set "LINKEDIN_APPLY_ASSISTANT_INSTALL_REF=$Ref"
+"$venvPython" -m linkedin_apply_assistant.cli %*
+"@ |
         Set-Content -LiteralPath $cmdShim -Encoding ASCII
 
     if (-not $NoPath) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "linkedin-apply-assistant",
-  "version": "0.1.3",
+  "version": "0.1.5",
   "description": "Thin npm launcher for the Python LinkedIn apply assistant package",
   "license": "MIT",
   "repository": {
@@ -18,7 +18,7 @@
   "files": [
     "bin/linkedin-apply-assistant.mjs",
     "pyproject.toml",
-    "src/",
+    "src/linkedin_apply_assistant/*.py",
     "install.ps1",
     "README.md",
     "SAFETY.md",

package/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "linkedin-apply-assistant"
-version = "0.1.3"
+version = "0.1.5"
 description = "Local LinkedIn application assistant with user-visible browser workflows"
 readme = "README.md"
 requires-python = ">=3.11"

package/src/linkedin_apply_assistant/__init__.py

@@ -1,6 +1,6 @@
 """Package identity for the standalone LinkedIn application assistant."""
 
-__version__ = "0.1.3"
+__version__ = "0.1.5"
 
 APP_DISPLAY_NAME = "LinkedIn-apply-assistant"
 APP_PACKAGE_NAME = "linkedin-apply-assistant"

package/src/linkedin_apply_assistant/cli.py

@@ -4,10 +4,14 @@ from __future__ import annotations
 
 import argparse
 import json
+import os
+import shutil
+import subprocess
 import sys
 from pathlib import Path
 from typing import Any
 
+from . import APP_PACKAGE_NAME, __version__
 from .apply_reports import RuntimeReportSink
 from .ats_handlers import DisabledSubmissionPolicy
 from .browser_sessions import PLAYWRIGHT_CHROMIUM_INSTALL_COMMAND, VisibleBrowserSessionFactory
@@ -29,6 +33,11 @@ REQUIRED_JOB_FIELDS = ("title", "company", "url", "location", "description")
 CONFIG_CHECK_COMMAND = "linkedin-apply-assistant config check"
 CONFIG_EXAMPLE_PATH = "configs/config.example.yml"
 QA_BANK_EXAMPLE_PATH = "configs/qa_bank.example.yml"
+PUBLIC_INSTALLER_URL = (
+    "https://raw.githubusercontent.com/MohammedGhazal09/linkedin-apply-assistant/main/install.ps1"
+)
+INSTALL_CHANNEL_ENV = "LINKEDIN_APPLY_ASSISTANT_INSTALL_CHANNEL"
+INSTALL_DIR_ENV = "LINKEDIN_APPLY_ASSISTANT_INSTALL_DIR"
 NO_SUBMIT_HELP = (
     "Safety: public workflows are no-submit by default; assist is fill-only and "
     "browser submission remains disabled in apply."
@@ -108,7 +117,12 @@ Outputs use the resolved output directory and reports are written under its repo
 {NO_SUBMIT_HELP}
 """,
     )
-    subparsers = parser.add_subparsers(dest="command", required=True)
+    parser.add_argument(
+        "--version",
+        action="version",
+        version=f"%(prog)s {__version__}",
+    )
+    subparsers = parser.add_subparsers(dest="command")
 
     config = subparsers.add_parser(
         "config",
@@ -124,7 +138,7 @@ The diagnostic resolves config, Q&A bank, browser profile, output, reports, data
 It creates no files and no directories.
 """,
     )
-    config_subparsers = config.add_subparsers(dest="config_command", required=True)
+    config_subparsers = config.add_subparsers(dest="config_command")
     config_check = config_subparsers.add_parser(
         "check",
         parents=[subcommand_common],
@@ -246,6 +260,41 @@ This command is browser-free and reads an existing local report file.
     report.add_argument("report_json", help="Path to the report JSON file.")
     report.set_defaults(handler=_handle_report)
 
+    update = subparsers.add_parser(
+        "update",
+        parents=[subcommand_common],
+        formatter_class=formatter,
+        help="Update the installed package through npm or the PowerShell installer.",
+        description=(
+            "Update linkedin-apply-assistant through the detected install channel. "
+            "npm installs use npm; PowerShell installs rerun the public installer."
+        ),
+        epilog=f"""Examples:
+  linkedin-apply-assistant update
+  linkedin-apply-assistant update --check
+  linkedin-apply-assistant update --method npm
+  linkedin-apply-assistant update --method powershell
+
+NPM update command:
+  npm install -g {APP_PACKAGE_NAME}@latest
+
+PowerShell update command:
+  irm {PUBLIC_INSTALLER_URL} | iex
+""",
+    )
+    update.add_argument(
+        "--method",
+        choices=("auto", "npm", "powershell"),
+        default="auto",
+        help="Choose the update mechanism. Auto uses the detected install channel.",
+    )
+    update.add_argument(
+        "--check",
+        action="store_true",
+        help="Show the selected update command without running it.",
+    )
+    update.set_defaults(handler=_handle_update)
+
     return parser
 
 
@@ -555,9 +604,107 @@ def _handle_report(args: argparse.Namespace) -> int:
     return 0
 
 
+def _detect_update_method(requested: str) -> str:
+    if requested != "auto":
+        return requested
+
+    channel = os.environ.get(INSTALL_CHANNEL_ENV, "").strip().lower()
+    if channel in {"npm", "powershell"}:
+        return channel
+
+    npm = shutil.which("npm")
+    if npm:
+        try:
+            result = subprocess.run(
+                [npm, "root", "-g"],
+                text=True,
+                capture_output=True,
+                check=False,
+                timeout=10,
+            )
+        except (OSError, subprocess.SubprocessError):
+            result = None
+        if result and result.returncode == 0:
+            package_root = Path(result.stdout.strip()) / APP_PACKAGE_NAME / "package.json"
+            if package_root.exists():
+                return "npm"
+
+    if os.name == "nt":
+        return "powershell"
+    return "npm"
+
+
+def _powershell_quote(value: str) -> str:
+    return "'" + value.replace("'", "''") + "'"
+
+
+def _powershell_update_command_parts() -> tuple[list[str], str]:
+    powershell = shutil.which("pwsh") or shutil.which("powershell")
+    if not powershell:
+        return [], f"irm {PUBLIC_INSTALLER_URL} | iex"
+
+    install_dir = os.environ.get(INSTALL_DIR_ENV, "").strip()
+    command = (
+        "$script = Join-Path $env:TEMP 'linkedin-apply-assistant-install.ps1'; "
+        f"iwr {PUBLIC_INSTALLER_URL} -OutFile $script; "
+        "& $script -Update"
+    )
+    if install_dir:
+        command = f"{command} -InstallDir {_powershell_quote(install_dir)}"
+    return [powershell, "-NoProfile", "-ExecutionPolicy", "Bypass", "-Command", command], command
+
+
+def _npm_update_command_parts() -> tuple[list[str], str]:
+    npm = shutil.which("npm")
+    command = ["npm", "install", "-g", f"{APP_PACKAGE_NAME}@latest"]
+    display = " ".join(command)
+    return ([npm, *command[1:]] if npm else [], display)
+
+
+def _handle_update(args: argparse.Namespace) -> int:
+    method = _detect_update_method(args.method)
+    if method == "npm":
+        command, display = _npm_update_command_parts()
+    else:
+        command, display = _powershell_update_command_parts()
+
+    print(f"Current version: {__version__}")
+    print(f"Update method: {method}")
+    print(f"Update command: {display}")
+
+    if args.check:
+        return 0
+
+    if not command:
+        _print_error(
+            f"{method} updater is not available on PATH.",
+            f"Run manually: {display}",
+        )
+        return 2
+
+    result = subprocess.run(command, check=False)
+    if result.returncode != 0:
+        _print_error(
+            f"Update command failed with exit code {result.returncode}.",
+            f"Run manually: {display}",
+        )
+        return int(result.returncode or 1)
+
+    print("Update complete.")
+    return 0
+
+
 def main(argv: list[str] | None = None) -> int:
     parser = build_parser()
     args = parser.parse_args(argv)
+    if args.command is None:
+        parser.print_help()
+        print()
+        print(f"Try: {CONFIG_CHECK_COMMAND}")
+        return 0
+    if args.command == "config" and args.config_command is None:
+        args.config_command = "check"
+        args.handler = _handle_config_check
     handler = getattr(args, "handler")
     try:
         return int(handler(args))