wuphf 0.71.9 → 0.71.11

package/README.md

@@ -166,4 +166,15 @@ To point the wrapper at a locally-built binary, set `WUPHF_BINARY`:
 WUPHF_BINARY=./wuphf npx wuphf --version
 ```
 
+## Auto-upgrade
+
+`npm install -g` does not pull new versions on its own, so the wrapper
+checks `registry.npmjs.org` once per 24h (cached at
+`~/.wuphf/cache/latest-version.json`). If a newer release is available it
+downloads the matching binary into `~/.wuphf/cache/binaries/` and runs it
+instead — same SHA256 verification as `postinstall`. A one-line hint points
+you at `npm install -g wuphf@latest` for a permanent upgrade.
+
+Set `WUPHF_SKIP_VERSION_CHECK=1` to disable the check entirely.
+
 MIT licensed. Free, open source, self-hosted, your API keys.

package/bin/wuphf.js

@@ -1,24 +1,92 @@
 #!/usr/bin/env node
 "use strict";
 
-// Thin shim that spawns the native wuphf binary. Downloads lazily on first
-// run if postinstall was skipped (common with `npm install --ignore-scripts`
-// and with some `npx` cache behaviors).
+// Thin shim that spawns the native wuphf binary.
+//
+// Two responsibilities beyond a plain `spawn`:
+//
+//   1. Lazy download if postinstall was skipped (common with
+//      `npm install --ignore-scripts` and with some `npx` cache behaviors).
+//
+//   2. Self-heal when npm's published `latest` has moved past the installed
+//      version. `npm install -g` does NOT auto-upgrade, so a user who
+//      installed weeks ago runs their old binary forever without this
+//      check. We consult the npm registry (24h cache), and if a newer
+//      release exists, we transparently serve it from an out-of-tree
+//      version-keyed cache. The cached binary is verified against the
+//      release's checksums.txt via the same path postinstall uses — there
+//      is no path that runs an unverified binary.
+//
+// Escape hatches:
+//   WUPHF_BINARY=/path/to/wuphf         — use a specific binary.
+//   WUPHF_SKIP_VERSION_CHECK=1          — never query npm, always run the
+//                                         locally-installed binary.
 
 const fs = require("node:fs");
 const path = require("node:path");
+const os = require("node:os");
 const { spawn } = require("node:child_process");
-const { downloadBinary } = require("../scripts/download-binary");
+const { downloadBinary, packageVersion } = require("../scripts/download-binary");
+const { getLatestVersion, compareVersions } = require("../scripts/version-check");
 
-const binaryPath =
-  process.env.WUPHF_BINARY || path.join(__dirname, "wuphf");
+const installedBinary = path.join(__dirname, "wuphf");
+
+function cachedBinaryPath(version) {
+  return path.join(
+    os.homedir(),
+    ".wuphf",
+    "cache",
+    "binaries",
+    `wuphf-${version}`,
+  );
+}
+
+async function resolveInstalledBinary() {
+  if (fs.existsSync(installedBinary)) return installedBinary;
+  return downloadBinary();
+}
 
 async function ensureBinary() {
   if (process.env.WUPHF_BINARY && fs.existsSync(process.env.WUPHF_BINARY)) {
     return process.env.WUPHF_BINARY;
   }
-  if (fs.existsSync(binaryPath)) return binaryPath;
-  return downloadBinary();
+
+  const installed = await resolveInstalledBinary();
+  if (process.env.WUPHF_SKIP_VERSION_CHECK === "1") return installed;
+
+  const installedVersion = packageVersion();
+  const latestVersion = await getLatestVersion();
+  if (!latestVersion) return installed;
+  if (compareVersions(latestVersion, installedVersion) <= 0) return installed;
+
+  // npm has a newer release than what's installed. Serve the cached newer
+  // binary, downloading it once if absent. Integrity-verified via the same
+  // checksums.txt path as postinstall — a failure anywhere in that chain
+  // falls back to the installed binary rather than running something
+  // unverified or crashing the command.
+  const cachedPath = cachedBinaryPath(latestVersion);
+  if (!fs.existsSync(cachedPath)) {
+    try {
+      await downloadBinary({
+        version: latestVersion,
+        targetPath: cachedPath,
+      });
+    } catch (err) {
+      process.stderr.write(
+        `wuphf: self-heal download of v${latestVersion} failed: ${err.message}\n` +
+          `wuphf: running installed v${installedVersion}. ` +
+          `Run \`npm install -g wuphf@latest\` to upgrade.\n`,
+      );
+      return installed;
+    }
+  }
+
+  process.stderr.write(
+    `wuphf: serving cached v${latestVersion} (installed is v${installedVersion}). ` +
+      `Run \`npm install -g wuphf@latest\` to upgrade permanently, ` +
+      `or set WUPHF_SKIP_VERSION_CHECK=1 to disable this check.\n`,
+  );
+  return cachedPath;
 }
 
 function run(resolvedPath) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "wuphf",
-  "version": "0.71.9",
+  "version": "0.71.11",
   "description": "Slack for AI employees with a shared brain. A collaborative office where AI employees run your work 24x7.",
   "bin": {
     "wuphf": "bin/wuphf.js"
@@ -9,6 +9,7 @@
     "bin/wuphf.js",
     "scripts/download-binary.js",
     "scripts/postinstall.js",
+    "scripts/version-check.js",
     "README.md"
   ],
   "scripts": {

package/scripts/download-binary.js

@@ -162,12 +162,21 @@ async function verifyArchive({ version, archivePath, archiveBasename, silent })
   }
 }
 
-async function downloadBinary({ silent = false } = {}) {
-  const version = packageVersion();
-  const archiveBasename = archiveName(version);
-  const url = releaseAssetUrl(version, archiveBasename);
-  const binDir = path.join(__dirname, "..", "bin");
-  const binaryPath = path.join(binDir, "wuphf");
+// Options:
+//   silent      — suppress progress output on stderr.
+//   version     — download a specific tagged release instead of the one
+//                 recorded in package.json. Used by bin/wuphf.js to fetch a
+//                 newer release into an out-of-tree cache when npm's latest
+//                 has moved past the installed version.
+//   targetPath  — where to place the extracted binary. Defaults to
+//                 bin/wuphf inside this package. The out-of-tree cache uses
+//                 a version-keyed path so multiple versions can coexist.
+async function downloadBinary({ silent = false, version, targetPath } = {}) {
+  const resolvedVersion = version ?? packageVersion();
+  const archiveBasename = archiveName(resolvedVersion);
+  const url = releaseAssetUrl(resolvedVersion, archiveBasename);
+  const binaryPath = targetPath ?? path.join(__dirname, "..", "bin", "wuphf");
+  const binDir = path.dirname(binaryPath);
 
   await fsp.mkdir(binDir, { recursive: true });
 
@@ -181,7 +190,12 @@ async function downloadBinary({ silent = false } = {}) {
     await fetchToFile(url, archivePath);
 
     // Integrity check BEFORE we extract or execute anything.
-    await verifyArchive({ version, archivePath, archiveBasename, silent });
+    await verifyArchive({
+      version: resolvedVersion,
+      archivePath,
+      archiveBasename,
+      silent,
+    });
 
     // Extract using system tar (available on darwin + linux).
     execFileSync("tar", ["-xzf", archivePath, "-C", tmpDir], {

package/scripts/version-check.js

@@ -0,0 +1,127 @@
+"use strict";
+
+// Queries npm for the published `latest` wuphf version, with a 24h on-disk
+// cache so we don't hammer the registry on every CLI invocation.
+//
+// Why this exists: `npm install -g wuphf` does not auto-upgrade. A user who
+// installed weeks ago runs their old binary forever unless they manually
+// re-install. The shim in bin/wuphf.js uses this to transparently serve the
+// *latest* release from a verified cache while pointing the user at a real
+// fix (`npm install -g wuphf@latest`). See bin/wuphf.js for how the result
+// feeds into ensureBinary().
+//
+// Contract:
+//   - getLatestVersion() returns a semver string or null. null means
+//     "couldn't check" and the caller MUST fall back to the installed
+//     version. Network errors, malformed responses, and fetch timeouts all
+//     resolve to null rather than throwing — this path runs before every
+//     command and must never break invocation.
+//   - compareVersions(a, b) implements major.minor.patch ordering with a
+//     lexicographic tiebreaker on pre-release suffixes (SemVer: a release
+//     sorts above its pre-releases, matching `0.68.8` > `0.68.8-rc.1`).
+
+const fs = require("node:fs");
+const fsp = require("node:fs/promises");
+const path = require("node:path");
+const os = require("node:os");
+
+const REGISTRY_URL = "https://registry.npmjs.org/wuphf/latest";
+// Generous enough to survive a cold TLS handshake on a slow network but
+// short enough to not stall the CLI noticeably. Only runs once per 24h
+// per user because the result is cached on disk.
+const FETCH_TIMEOUT_MS = 3000;
+const CACHE_TTL_MS = 24 * 60 * 60 * 1000;
+
+function cacheDir() {
+  // Sits under ~/.wuphf so HOME-override dev environments (see
+  // docs/LOCAL-DEV-PROD-ISOLATION.md) get a separate cache from prod.
+  return path.join(os.homedir(), ".wuphf", "cache");
+}
+
+function latestVersionCachePath() {
+  return path.join(cacheDir(), "latest-version.json");
+}
+
+async function readCache() {
+  try {
+    const raw = await fsp.readFile(latestVersionCachePath(), "utf8");
+    const data = JSON.parse(raw);
+    if (typeof data.version !== "string" || typeof data.checkedAt !== "number") {
+      return null;
+    }
+    const age = Date.now() - data.checkedAt;
+    if (age < 0 || age > CACHE_TTL_MS) return null;
+    return data.version;
+  } catch {
+    return null;
+  }
+}
+
+async function writeCache(version) {
+  try {
+    await fsp.mkdir(cacheDir(), { recursive: true });
+    const target = latestVersionCachePath();
+    const tmp = `${target}.tmp`;
+    await fsp.writeFile(tmp, JSON.stringify({ version, checkedAt: Date.now() }));
+    await fsp.rename(tmp, target);
+  } catch {
+    // Cache write is best-effort. A read-only home, full disk, or permission
+    // error should not block the user's command.
+  }
+}
+
+async function fetchLatestFromRegistry() {
+  const controller = new AbortController();
+  const timer = setTimeout(() => controller.abort(), FETCH_TIMEOUT_MS);
+  try {
+    const res = await fetch(REGISTRY_URL, {
+      signal: controller.signal,
+      headers: { Accept: "application/json" },
+      redirect: "follow",
+    });
+    if (!res.ok) return null;
+    const data = await res.json();
+    return typeof data.version === "string" ? data.version : null;
+  } catch {
+    return null;
+  } finally {
+    clearTimeout(timer);
+  }
+}
+
+async function getLatestVersion() {
+  const cached = await readCache();
+  if (cached) return cached;
+  const latest = await fetchLatestFromRegistry();
+  if (latest) await writeCache(latest);
+  return latest;
+}
+
+function compareVersions(a, b) {
+  const [aCore, aPre = ""] = a.split("-");
+  const [bCore, bPre = ""] = b.split("-");
+  const aParts = aCore.split(".").map((x) => Number.parseInt(x, 10) || 0);
+  const bParts = bCore.split(".").map((x) => Number.parseInt(x, 10) || 0);
+  for (let i = 0; i < 3; i += 1) {
+    const ap = aParts[i] ?? 0;
+    const bp = bParts[i] ?? 0;
+    if (ap > bp) return 1;
+    if (ap < bp) return -1;
+  }
+  if (aPre === bPre) return 0;
+  // SemVer: a release sorts above its own pre-releases.
+  if (!aPre) return 1;
+  if (!bPre) return -1;
+  return aPre < bPre ? -1 : 1;
+}
+
+module.exports = {
+  getLatestVersion,
+  compareVersions,
+  cacheDir,
+  latestVersionCachePath,
+  // Exported for tests.
+  fetchLatestFromRegistry,
+  readCache,
+  writeCache,
+};