m/arch-fullupgrade
1
0
Fork 0
Code Issues Releases Activity
Files
42deea5be24498539dba95db1d9314e0dae06110
arch-fullupgrade/.continue/rules/project.md
T
matmoul 42deea5be2 feat: harden fullupgrade and document release workflow 
Add set -euo pipefail, root checks, safer orphan cleanup, and a help
message to fullupgrade. Refresh the README and project notes to match
the current scripts and release process.
2026-04-27 19:50:47 +02:00

87 lines
2.6 KiB
Markdown
Raw Blame History

# Project status — fullupgrade
Last updated: 2026-04-27
## Project goal
This repository contains two Bash scripts for system administration and Git release management:
- `fullupgrade`: Arch Linux maintenance script
- `makerelease.sh`: Git release automation script
The project is intentionally minimal and centered on these two scripts.
## Current structure
- `fullupgrade`: system update and cleanup
- `makerelease.sh`: release workflow from `dev` to `main`
- `README.md`: English documentation with usage, warnings, and examples
- `LICENSE`: GPLv3
## Current analysis
### 1) `fullupgrade`
Current behavior:
- updates `archlinux-keyring`
- runs `pacman -Syu --noconfirm`
- removes orphaned packages only when any are found
- cleans the pacman cache
Notes:
- the script already uses `set -euo pipefail`
- it checks for root privileges before running package operations
- it can have a significant system impact
Recommendations:
- keep documenting the system impact clearly
- consider whether `pacman -Sc` is the right cache cleanup level for every use case
### 2) `makerelease.sh`
Current behavior:
- takes `VERSION` and `MESSAGE` as arguments
- checks that the current branch is `dev`
- checks out `main`
- merges `dev` into `main`
- pushes the branch
- creates an annotated tag
- pushes tags
- returns to `dev`
Notes:
- the script currently does not use `set -euo pipefail`
- there is no check for a clean working tree
- there is no validation of the release message
- there is no guard against duplicate tags
- returning to `dev` is not protected if a command fails
Recommendations:
- add `set -euo pipefail`
- verify the Git status before releasing
- validate `VERSION` and `MESSAGE`
- prevent duplicate tags
- use a `trap` to return to the initial branch on failure
- improve the help output
### 3) `README.md`
Current status:
- the README has a first complete pass in English
- it explains both scripts, their requirements, usage, warnings, and an example release command
Recommendations:
- keep it aligned with the actual script behavior
- add more examples only if they improve clarity
## Project tracking rules
This file should be updated whenever:
- script behavior changes
- documentation changes materially
- new constraints or design decisions are introduced
- release workflow rules evolve
## Current priorities
1. Secure the Bash scripts
2. Keep documentation aligned with the scripts
3. Make the release workflow more robust
## Maintenance notes
- Always keep the README, the scripts, and this file consistent.
- If a script changes, update this note immediately.
- If a new usage rule appears, document it here.
Reference in New Issue View Git Blame Copy Permalink