SubMiner/backlog/tasks/task-166 - Prevent-AUR-upgrade-cache-collisions-for-unversioned-release-assets.md at claude/infallible-murdock - SubMiner

mirror of https://github.com/ksyasuda/SubMiner.git synced 2026-03-20 03:16:46 -07:00

Files

chore(backlog): maintain task backlog and add changelog fragments

- Move completed tasks (85, 117, 118, 155) to backlog/completed/
- Delete superseded task files (166 verification, 172 drilldown)
- Add stats dashboard milestone m-1
- Add new tasks (190, 194)
- Update task metadata across remaining backlog items
- Add changelog fragments for stats, mpv args, and subtitle filtering

2026-03-18 02:25:07 -07:00

3.4 KiB

Raw Permalink Blame History

id, title, status, assignee, created_date, updated_date, labels, dependencies, references, priority, ordinal

title

status

assignee

created_date

updated_date

labels

dependencies

references

priority

ordinal

TASK-166

Prevent AUR upgrade cache collisions for unversioned release assets

Done

Codex

2026-03-17 18:10

2026-03-18 05:28

release

packaging

linux

TASK-165

/home/sudacode/projects/japanese/SubMiner/.github/workflows/release.yml

/home/sudacode/projects/japanese/SubMiner/scripts/update-aur-package.sh

/home/sudacode/projects/japanese/SubMiner/scripts/update-aur-package.test.ts

/home/sudacode/projects/japanese/SubMiner/packaging/aur/subminer-bin/PKGBUILD

/home/sudacode/projects/japanese/SubMiner/packaging/aur/subminer-bin/.SRCINFO

medium

107500

Description

Fix the AUR release metadata generated by the tagged-release workflow so end-user upgrades do not reuse stale cached downloads for unversioned subminer and subminer-assets.tar.gz source names.

Acceptance Criteria

#1 AUR packaging generated for a new pkgver uses versioned local source aliases for the non-versioned GitHub release assets.
#2 The package install step references the versioned local launcher filename correctly.
#3 Regression coverage fails if metadata generation reintroduces stable cache-colliding source aliases.
#4 Targeted verification records the commands run and results.

Implementation Plan

Add a failing regression test around scripts/update-aur-package.sh output for versioned local source aliases.
Update the repo AUR template and .SRCINFO rewrite logic to stamp versioned alias names for subminer and subminer-assets.
Verify the generated metadata and targeted workflow/package tests, then record results here.

Implementation Notes

Root cause: the AUR package used stable local source aliases for the unversioned subminer and subminer-assets.tar.gz GitHub release assets. makepkg/AUR helpers can reuse those cached filenames across upgrades, so a stale cached download survives into a newer pkgver and then fails checksum validation.

Patched the repo AUR template to version the local cache aliases:

subminer-${pkgver}::.../subminer
subminer-assets-${pkgver}.tar.gz::.../subminer-assets.tar.gz

Updated package() to install the versioned local wrapper filename, and updated scripts/update-aur-package.sh so the generated .SRCINFO stamps matching concrete versioned aliases for release automation.

Added regression assertions in scripts/update-aur-package.test.ts covering both versioned source aliases and the launcher install path, then watched that test fail before the patch and pass after it.

Verification:

bun test scripts/update-aur-package.test.ts
bash -n scripts/update-aur-package.sh && bash -n packaging/aur/subminer-bin/PKGBUILD
bun run typecheck
bun run test:fast
bun run test:env
bun run build
bun run test:smoke:dist

Final Summary

The tagged-release AUR metadata path now emits versioned local source aliases for the non-versioned GitHub release assets, preventing stale makepkg cache reuse across subminer-bin upgrades. The change is covered by a regression test and passed the repo's maintained verification gate.

3.4 KiB Raw Permalink Blame History