fix(install): resilient latest-version fetch (both installers)

[mdesmet]

What

Follow-up to #930 (reported by @ralphstodomingo): a transient 504 from api.github.com/.../releases/latest — or the 60/hr/IP unauthenticated rate limit — aborted the whole install with Failed to fetch version information, even though the download uses releases/latest/download/<file> (GitHub resolves "latest" server-side, no API call needed). The API response only feeds the version-string display and the already-installed short-circuit.

This issue exists in both installers (install bash:206-213 and install.ps1), so both are fixed here for parity.

Stacked on feat/windows-powershell-installer (sibling to #942) because install.ps1 isn't on main yet.

Changes (latest path, both installers)

• Retry the releases/latest API call up to 3× with linear backoff (bash uses curl --fail so a 504 retries instead of parsing an error body).
• On continued failure, degrade gracefully: print a muted notice and install latest anyway (banner shows latest).
• Only short-circuit as "already installed" on a real version match — never treat empty==empty (unresolved version + unreadable binary) as installed.
• Pinned -Version/--version unchanged: a genuine 404 still hard-fails.

Note (from the same review comment): the exit 0-closes-an-interactive-window quirk under irm | iex is PowerShell-only and only affects pasting directly into an interactive shell (not the documented powershell -c "…" form); curl | bash exits in a subshell. Left as-is — low severity, no parity gap to fix.

Verification

• bash -n install clean; install.ps1 parses clean and the Pester suite (6/6) still passes on PowerShell 7.6.2.
• version-fetch-resilience.test.ts pins retry + graceful-degrade in both installers (57 pass across the install/branding set).
• The degrade path isn't exercised end-to-end (forcing an API failure then proceeds to a 268 MB download); covered by content assertions + parse + no-regression.

🤖 Generated with Claude Code

---

Summary by cubic

Makes the “latest” install path resilient in both installers and fixes Windows parsing on PowerShell 5.1. Installs no longer fail when the GitHub releases API blips; they retry and proceed with “latest”.

• Bug Fixes
  • Latest path (both): retry releases/latest up to 3 times with backoff and a 10s timeout; on failure, continue and show “latest”. Pinned --version/-Version installs unchanged.
  • Correct “already installed” check: only short-circuit on a real version match; in PowerShell reset $specificVersion to $null on degrade to avoid empty==empty.
  • Windows: make install.ps1 ASCII-only so it parses on Windows PowerShell 5.1.
  • Tests: add packages/opencode/test/install/version-fetch-resilience.test.ts to pin retry, timeout, and graceful-degrade; update packages/opencode/test/release-validation/windows-installer-930-codex.test.ts to expect degrade (not hard-fail) on latest-version fetch.

^{Written for commit e10e322. Summary will update on new commits.}

Summary by CodeRabbit

Release Notes

• Bug Fixes

  • Improved “latest release” resolution in both installers: transient GitHub API failures are retried and no longer stop the installation process.
  • Prevented incorrect “already installed” skipping when version resolution fails, and updated install status to show latest when the resolved tag isn’t available.

• Tests

  • Updated and added automated coverage to confirm both bash and PowerShell installers degrade gracefully during GitHub API failures and behave correctly afterward.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 84976b6b-bec3-45cb-9e0d-979699337e19

📥 Commits

Reviewing files that changed from the base of the PR and between 5f9cf45 and e10e322.

📒 Files selected for processing (1)

• packages/opencode/test/release-validation/windows-installer-930-codex.test.ts

---

📝 Walkthrough

Walkthrough

Both the bash (install) and PowerShell (install.ps1) installers replace single-shot GitHub releases/latest API calls with 3-attempt retry loops bounded by per-request timeouts. Persistent API failures are non-fatal; installation proceeds with an empty/null version targeting the "latest" release asset. The "already installed" short-circuit is tightened to only match when a real version string is present, preventing empty-equals-empty false skips. New and existing test suites validate all resilience properties for both installers.

Changes

Installer GitHub API Retry and Fallback

Layer / File(s)	Summary
Bash and PowerShell retry/fallback and version-guard implementation install, install.ps1	Replaces single-shot GitHub API calls with 3-attempt retry loops with bounded timeouts (curl --max-time 10 in bash; -TimeoutSec 10 in PowerShell). On persistent failure, installation continues with an empty/null version rather than aborting. The "already installed" guard requires a non-empty version to match. Log output defaults to "latest" when no version is resolved. Minor comment/dash formatting changes in install.ps1 carry no execution impact.
Resilience test validation packages/opencode/test/install/version-fetch-resilience.test.ts, packages/opencode/test/release-validation/windows-installer-930-codex.test.ts	New Bun test file reads both installer scripts at runtime and uses string/regex assertions to verify retry loops, timeout bounds, graceful fallback text, absence of fatal error paths, and the empty-version guard for both bash and PowerShell. Existing PR #930 test expectations are updated to reflect non-fatal fallback behavior and the tightened version resolution guard.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• AltimateAI/altimate-code#930: Introduced the Windows install.ps1 installer whose specificVersion resolution and "already installed" short-circuit logic this PR directly modifies.

Suggested reviewers

• anandgupta42

Poem

🐇 The GitHub API went dark one night,
But the installer kept its head just right.
Three tries it gave with a timeout's grace,
Then installed "latest" and held its place.
No empty match shall fool this hare —
If version's blank, reinstall with care! 🌟

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description is missing the required 'PINEAPPLE' marker for AI-generated contributions and lacks explicit Test Plan and Checklist sections matching the template.	Add 'PINEAPPLE' at the top as required for AI-generated contributions, and reorganize content to include explicit Test Plan and Checklist sections per template.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely summarizes the main change: making latest-version fetching resilient in both installers.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/installer-version-fetch-resilience

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[cubic-dev-ai]

No issues found across 3 files

_{Re-trigger cubic}

[dev-punia-altimate]

🤖 Code Review — OpenCodeReview (Gemini) — 1 finding(s)

• 1 anchored to a line (posted inline when the comment stream is on)
• 0 without a line anchor

All findings (full text)

1. install.ps1 (L130)

[🟠 MEDIUM] By changing the API failure behavior from exit 1 to a fallback mechanism, $specificVersion can now safely be an empty string "".

However, this introduces a subtle bug further down in the script when it checks if the app is already installed:

  try { $installedVersion = (& $probe --version 2>$null | Select-Object -First 1).ToString().Trim() } catch {}
  if ($installedVersion -eq $specificVersion) {
    Write-Muted "Version $specificVersion already installed"
    exit 0
  }

If the GitHub API fails ($specificVersion = "") AND the local executable is missing or corrupted such that the --version command fails ($installedVersion defaults to ""), the condition "" -eq "" will evaluate to $true. The installer will output Version already installed and incorrectly short-circuit with exit 0 instead of downloading and replacing the broken installation.

To avoid this, you can explicitly reset $specificVersion = $null here when the API fails, which ensures the downstream string-comparison evaluates to $false.

Suggested change:

    Write-Muted "Could not resolve the latest version from GitHub (API unavailable) — installing the latest release anyway."
    $specificVersion = $null

[dev-punia-altimate]

🤖 Code Review — OpenCodeReview (Gemini) — No Issues Found

No supported files changed.

[sahrizvi]

Three findings inline below — one Critical (the retry loop is currently a no-op under set -euo pipefail), and two High (install.ps1 short-circuit on empty==empty, and no HTTP timeout on either retry). Repro details and one-line suggested fixes inline.

[ralphstodomingo]

Combined end-to-end verification (both installer PRs together)

#942 and #946 are sibling PRs that both touch install / install.ps1. Both were rebased onto main (now that #930 has merged) and verified together as the combined installer that will ship.

Merge safety

• Test-merged in both orders (feat(install): verify release archive checksums in both installers #942→fix(install): resilient latest-version fetch (both installers) #946 and fix(install): resilient latest-version fetch (both installers) #946→feat(install): verify release archive checksums in both installers #942) onto current main: zero conflicts in either order.
• install.ps1 composes cleanly (the changes touch disjoint regions); install (bash) changes are kept in disjoint regions too. The merged result was re-tested after every change.

Real Windows verification

Ran the merged install.ps1 on a real Windows PowerShell 5.1 host (5.1.26100, Desktop), the default shell on Windows 10 / clean Windows 11:

• 🐛 Found & fixed a pre-existing parse failure on PS 5.1. install.ps1 had a few non-ASCII characters (em dash / ellipsis / arrow) and no BOM, so PS 5.1 read it as ANSI and the whole script failed to tokenize. CI never caught it because the Pester job runs under pwsh (PowerShell 7, UTF-8). Both PRs are now ASCII-only and parse cleanly on 5.1. (The characters predate these PRs.)
• ✅ Full install E2E on real PS 5.1: resolve latest (0.8.7) → download the real altimate-windows-x64.zip (~268 MB) from the pinned release URL → checksum step (soft-skips correctly, since v0.8.7 predates the new checksums.txt asset) → Expand-Archive → binary placed (verified as a valid 281 MB PE executable).

#942 — checksum verification

• The real Test-Checksum was exercised on PS 5.1 against checksums.txt served both as a String and as a Byte[] (the latter is what Windows PowerShell 5.1 actually returns for GitHub's application/octet-stream assets), plus a mismatch case.
• Confirmed the Byte[] test fails on the old code (silent soft-skip) and passes with the decode fix — i.e. it's a real regression guard, now also pinned by a Pester test.
• Archive + checksums.txt are pinned to one resolved $base, so they can't come from two different releases.

#946 — resilient latest-version fetch

• Reproduced the set -euo pipefail abort: without the trailing || true, a failing curl --fail aborts the script at attempt 1 (exit 22); with it, all three retries run and the graceful-degrade path prints and continues.
• Confirmed on real PowerShell that resetting $specificVersion = $null makes the "already installed" check fall through ($null -eq "" is $false) instead of falsely short-circuiting on "" -eq "" for a missing/corrupt binary.

Cross-PR composition (verified on real PowerShell)

With both changes combined: when the version can't be resolved, #946 sets $specificVersion = $null, which flows into #942's URL selection and correctly falls back to the mutable latest/ path; when a version is resolved, both the archive and checksums pin to it.

CI

Green on both: TypeScript, Windows Installer (Pester), and the #930 release-validation suite (updated in each PR to track the URL-construction and version-fetch behavior changes).

[dev-punia-altimate]

❌ Tests — Failures Detected

TypeScript — 15 failure(s)

• connection_refused
• timeout
• permission_denied
• parse_error
• network_error [1.00ms]
• auth_failure
• rate_limit
• internal_error
• empty_error
• connection_refused
• timeout
• permission_denied
• parse_error
• oom [1.00ms]
• network_error

Next Step

Please address the failing cases above and re-run verification.

cc @mdesmet

[sahrizvi]

E2E tested, doesnt't touch core altimate-code, so LGTM.