little-coder 1.9.5 → 1.9.6

package/CHANGELOG.md

@@ -2,6 +2,19 @@
 
 All notable changes to little-coder are documented here. The format follows [Keep a Changelog](https://keepachangelog.com/en/1.1.0/), and little-coder's public interface (CLI, providers, tools, skills) follows semver starting at `v0.0.1` post-rename.
 
+## [v1.9.6] — 2026-06-18
+
+### Fixed
+- **Auto-update silently failed on Windows** ([PR #52](https://github.com/itayinbarr/little-coder/pull/52) by [@i-snyder](https://github.com/i-snyder)). On Windows `npm` is `npm.cmd` (a batch-file shim), and `spawnSync("npm", …)` without `shell: true` returns `ENOENT` before npm ever launches — the user saw `✗ Update failed (npm exit null). Continuing with v1.9.x.`, where the `null` exit code was the tell that npm never ran. The launcher now invokes `npm` via `process.env.COMSPEC /c npm` on Windows (`shell: true` would also work but triggers Node 24+'s `DEP0190` deprecation warning; COMSPEC doesn't). Cross-platform behavior unchanged: POSIX still uses plain `spawnSync("npm", …)`. The failure message is also fixed — when the spawn itself fails (`result.error` is set), the launcher now surfaces `result.error.code` (e.g. `ENOENT`) instead of `result.status` (which is `null` and meaningless), so users diagnosing future spawn failures get an actionable code instead of `npm exit null`.
+
+### Added
+- **`little-coder --update` forces a fresh update check** ([PR #52](https://github.com/itayinbarr/little-coder/pull/52) by [@i-snyder](https://github.com/i-snyder)). The launcher caches the registry "latest" lookup for 12 hours; `--update` bypasses that cache and fetches fresh from npm, then either updates or prints `✓ little-coder is already up to date (v<x>)`. The flag is stripped from argv before forwarding to pi, so `little-coder --update` no longer errors with `Unknown option: --update`. Two new `shouldSkip` tests document the interaction (the flag forces a check; the notice-only mode still applies on non-TTY).
+
+### Notes for upgraders
+- No CLI-flag or public-API breakage. Windows users on v1.9.5 or earlier should manually `npm install -g little-coder@1.9.6` this once; future updates will work via the in-app prompt or `little-coder --update`.
+
+---
+
 ## [v1.9.5] — 2026-06-18
 
 ### Changed

package/bin/little-coder.mjs

@@ -135,7 +135,8 @@ try {
   // ignore — update-check just won't fire if we can't read the version
 }
 if (!isSubagent) {
-  const exitAfterCheck = await checkForUpdate(currentVersion);
+  const forceUpdate = process.argv.includes("--update");
+  const exitAfterCheck = await checkForUpdate(currentVersion, { force: forceUpdate });
   if (exitAfterCheck) {
     // Successful update happened; user needs to re-run the new binary.
     process.exit(0);
@@ -148,7 +149,9 @@ if (!isSubagent) {
 // --system-prompt    : load <pkgRoot>/AGENTS.md regardless of cwd
 //
 // Strip our own flags before forwarding to pi so it doesn't reject them.
-const userArgs = process.argv.slice(2).filter((a) => a !== "--no-update-check");
+const userArgs = process.argv.slice(2).filter(
+  (a) => a !== "--no-update-check" && a !== "--update",
+);
 const agentsMd = join(pkgRoot, "AGENTS.md");
 
 // Default the thinking level to "medium" for interactive sessions (pi's own

package/bin/update-check.mjs

@@ -123,17 +123,28 @@ function promptYesNo(question) {
 // Returns `true` if the launcher should NOT proceed to spawn pi (because we
 // updated and exited / the user opted out and we should re-run).  Returns
 // `false` to let the launcher continue.
+//
+// opts.force — bypass the 12h cache and always fetch the latest version from
+//   the registry. Used when the user explicitly passes `--update`. If already
+//   at the latest version, prints a short "up to date" notice instead of
+//   silently returning.
 export async function checkForUpdate(currentVersion, opts = {}) {
   const skip = opts.skip ?? shouldSkip();
   if (skip === true) return false;
 
-  let latest = readCache()?.latest;
+  const force = opts.force ?? false;
+  let latest = (!force && readCache()?.latest) || null;
   if (!latest) {
     latest = await fetchLatest();
     if (latest) writeCache(latest);
   }
   if (!latest) return false;
-  if (compareSemver(latest, currentVersion) <= 0) return false;
+  if (compareSemver(latest, currentVersion) <= 0) {
+    if (force) {
+      process.stderr.write(`\n   ✓ little-coder is already up to date (v${currentVersion}).\n\n`);
+    }
+    return false;
+  }
 
   const headline =
     `\n📦 little-coder v${latest} is available (you have v${currentVersion}).`;
@@ -151,17 +162,25 @@ export async function checkForUpdate(currentVersion, opts = {}) {
   }
 
   process.stderr.write(`\n   Running: npm install -g little-coder@${latest}\n\n`);
-  const result = spawnSync("npm", ["install", "-g", `little-coder@${latest}`], {
-    stdio: "inherit",
-  });
+  // On Windows `npm` resolves to `npm.cmd`, a batch-file shim that Node's
+  // spawnSync cannot execute without shell:true. However, shell:true with
+  // array args triggers DEP0190 on Node 24+. Instead, invoke cmd.exe directly
+  // via COMSPEC — it resolves `npm` to `npm.cmd` itself, no shell:true needed.
+  const npmArgs = ["install", "-g", `little-coder@${latest}`];
+  const result = process.platform === "win32"
+    ? spawnSync(process.env.COMSPEC || "cmd.exe", ["/c", "npm", ...npmArgs], { stdio: "inherit" })
+    : spawnSync("npm", npmArgs, { stdio: "inherit" });
   if (result.status === 0) {
     process.stderr.write(
       `\n   ✓ Updated to v${latest}. Re-run \`little-coder\` to use the new version.\n\n`,
     );
     return true;
   }
+  const exitDesc = result.error
+    ? `could not launch npm (${result.error.code ?? result.error.message})`
+    : `npm exit ${result.status}`;
   process.stderr.write(
-    `\n   ✗ Update failed (npm exit ${result.status}). Continuing with v${currentVersion}.\n\n`,
+    `\n   ✗ Update failed (${exitDesc}). Continuing with v${currentVersion}.\n\n`,
   );
   return false;
 }

package/bin/update-check.test.mjs

@@ -161,4 +161,12 @@ describe("shouldSkip", () => {
   it("returns notice-only on non-TTY pipelines", () => {
     expect(shouldSkip([], noEnv, pipeStdout())).toBe("notice-only");
   });
+
+  it("does not skip for --update (it forces the check, not skips it)", () => {
+    expect(shouldSkip(["--update"], noEnv, ttyStdout())).toBe(false);
+  });
+
+  it("notice-only still applies with --update on non-TTY", () => {
+    expect(shouldSkip(["--update"], noEnv, pipeStdout())).toBe("notice-only");
+  });
 });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "little-coder",
-  "version": "1.9.5",
+  "version": "1.9.6",
   "description": "A pi-based coding agent optimized for small local language models. Reproduces the whitepaper's scaffold-model-fit adaptations as pi extensions.",
   "homepage": "https://github.com/itayinbarr/little-coder",
   "repository": {