Problem
The deploy script pulls kairix-wrapper.sh from the main branch:
curl -fsSL https://raw.githubusercontent.com/quanyeomans/kairix/main/scripts/kairix-wrapper.sh
This means a re-run of the deploy script on an existing installation (e.g. for an update) may pull a wrapper that is incompatible with the currently installed kairix binary version — breaking a working deployment silently.
Proposed Fix
The deploy script should:
- Accept a
--version flag (or read from pyproject.toml) to determine the target release tag
- Pull the wrapper from that specific tag:
VERSION="${KAIRIX_VERSION:-$(pip show kairix | grep ^Version | awk '{print $2}')}"
curl -fsSL "https://raw.githubusercontent.com/quanyeomans/kairix/v${VERSION}/scripts/kairix-wrapper.sh"
- Verify the SHA256 of the downloaded script before installing
This ensures the wrapper and binary are always from the same release.
Acceptance Criteria
scripts/deploy.sh --version 0.9.0 installs the wrapper from the v0.9.0 tag- Without
--version, defaults to the currently installed kairix binary version
- Deploy fails with clear error if the tag does not exist
Problem
The deploy script pulls
kairix-wrapper.shfrom themainbranch:This means a re-run of the deploy script on an existing installation (e.g. for an update) may pull a wrapper that is incompatible with the currently installed kairix binary version — breaking a working deployment silently.
Proposed Fix
The deploy script should:
--versionflag (or read frompyproject.toml) to determine the target release tagThis ensures the wrapper and binary are always from the same release.
Acceptance Criteria
scripts/deploy.sh --version 0.9.0installs the wrapper from thev0.9.0tag--version, defaults to the currently installed kairix binary version