feat: add tool update checking to setup.sh and aidevops CLI #56
Conversation
- Enhanced tool-version-check.sh with comprehensive tool checking: - NPM tools: osgrep, auggie, repomix, dspyground, mcp-local-wp, beads-ui, bdui, opencode - Brew tools: gh, glab, bd, jq, shellcheck - Pip tools: beads-viewer, dspy-ai, crawl4ai - Supports --update, --category, --json, --quiet flags - Added 'aidevops update-tools' command to check for outdated tools - aidevops update-tools: Check all tools for updates - aidevops update-tools -u: Auto-update all outdated tools - Added --update/-u flag to setup.sh - Runs tool update check after setup completes - Offers to update outdated tools interactively This allows users to keep their development tools up to date without manually checking each one.
|
Warning Rate limit exceeded@marcusquinn has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 6 minutes and 36 seconds before requesting another review. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. 📒 Files selected for processing (3)
WalkthroughThe PR reworks the tool-version-check.sh script into a category-based system supporting npm, brew, and pip packages with JSON output and version comparison logic. It integrates a new update-tools command into the CLI via aidevops.sh and adds post-setup tool update checks to setup.sh with a --update flag. Changes
Sequence Diagram(s)sequenceDiagram
actor User
participant setup.sh
participant tool-version-check.sh
participant npm/brew/pip
User->>setup.sh: run with --update flag
setup.sh->>setup.sh: set UPDATE_TOOLS_MODE=true
setup.sh->>setup.sh: perform standard setup
setup.sh->>tool-version-check.sh: call check_tool_updates()
tool-version-check.sh->>tool-version-check.sh: check_category(npm, brew, pip)
tool-version-check.sh->>npm/brew/pip: query installed versions
npm/brew/pip-->>tool-version-check.sh: return version data
tool-version-check.sh->>npm/brew/pip: query latest versions
npm/brew/pip-->>tool-version-check.sh: return latest data
tool-version-check.sh->>tool-version-check.sh: version_lt() comparison
tool-version-check.sh->>tool-version-check.sh: accumulate JSON results & counters
tool-version-check.sh->>npm/brew/pip: execute update commands (if --update)
npm/brew/pip-->>tool-version-check.sh: return update status
tool-version-check.sh-->>setup.sh: output results (JSON or human-readable)
setup.sh-->>User: completion summary with tool status
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes Poem
🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Summary of ChangesHello @marcusquinn, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request significantly enhances the Highlights
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
🔍 Code Quality Report�[0;35m[MONITOR]�[0m Code Review Monitoring Report �[0;34m[INFO]�[0m Latest Quality Status: �[0;34m[INFO]�[0m Recent monitoring activity: 📈 Current Quality Metrics
Generated on: Sun Jan 11 17:48:27 UTC 2026 Generated by AI DevOps Framework Code Review Monitoring |
🤖 Augment PR SummarySummary: This PR adds first-class tool version/update checking to the aidevops framework so users can keep their dev toolchain current. Changes:
Technical Notes: Installed versions are scraped from tool output, latest versions are fetched via the relevant package manager, and comparisons use 🤖 Was this summary useful? React with 👍 or 👎 |
![augmentcode[bot]](https://avatars.githubusercontent.com/in/1027498?s=60&v=4){kind=small}
setup.sh
Outdated
|
|
||
| # Run the check in quiet mode first to see if there are updates | ||
| local outdated_output | ||
| outdated_output=$(bash "$tool_check_script" --quiet 2>/dev/null || true) |
There was a problem hiding this comment.
outdated_output is treated as a “no updates” sentinel here, but tool-version-check.sh --quiet still emits headers/summary output, so this will likely be non-empty even when nothing is outdated (and always prompt to update).
🤖 Was this useful? React with 👍 or 👎
| shift | ||
| ;; | ||
| --category|-c) | ||
| CATEGORY="$2" |
There was a problem hiding this comment.
With set -u, --category/-c without a following value will hit an unbound $2 and exit; consider validating the argument is present and failing with a clearer message.
🤖 Was this useful? React with 👍 or 👎
- Add validation for --category flag to prevent unbound variable error - Fix quiet mode to only output when there are outdated tools - Suppress headers and summary in quiet mode for cleaner output
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces a comprehensive tool version checking and updating mechanism, which is a great feature. The new tool-version-check.sh script is well-structured and feature-rich, supporting different package managers and output formats. The integration into the aidevops CLI and setup.sh script is clean and provides a good user experience. I've identified a couple of areas for improvement in the shell script to enhance robustness and security, but overall, this is a solid addition to the framework.
| echo " Installed & up to date: $INSTALLED_COUNT" | ||
| echo " Outdated: $OUTDATED_COUNT" | ||
| echo " Not installed: $NOT_INSTALLED_COUNT" | ||
| echo "" |
There was a problem hiding this comment.
The use of eval can be dangerous and should be avoided. Although the update_cmd variable is constructed from hardcoded strings in this script, using eval is a security risk if the variable could ever contain user-supplied data. A safer approach is to parse the command into an array and execute it. This avoids the risks associated with eval while achieving the same result.
| echo "" | |
| read -r -a cmd_parts <<< "$update_cmd" | |
| if "${cmd_parts[@]}" 2>&1 | tail -2; then |
| OUTDATED_PACKAGES+=("$update_cmd") | ||
| else | ||
| ((INSTALLED_COUNT++)) || true | ||
| fi |
There was a problem hiding this comment.
Manual JSON string construction is fragile. If variables like $name contain special characters (e.g., a double quote "), it will produce invalid JSON. To make this more robust, you should escape the variables before inserting them into the string.
For example, you could use sed for basic escaping:
name_escaped=$(echo "$name" | sed 's/"/\\"/g')
A better approach would be to use a tool like jq to construct the JSON, but since jq is one of the tools being checked, it might not be available. A helper function for escaping would be a good compromise for maintainability.
🔍 Code Quality Report�[0;35m[MONITOR]�[0m Code Review Monitoring Report �[0;34m[INFO]�[0m Latest Quality Status: �[0;34m[INFO]�[0m Recent monitoring activity: 📈 Current Quality Metrics
Generated on: Sun Jan 11 17:53:37 UTC 2026 Generated by AI DevOps Framework Code Review Monitoring |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 5
🤖 Fix all issues with AI agents
In @.agent/scripts/tool-version-check.sh:
- Around line 24-65: The --category|-c branch currently assumes a following
value and will break under set -u and accept invalid categories; update the
--category|-c case handling to first validate that a next argument exists and is
not another flag (e.g., check [[ -n "${2-}" && ${2:0:1} != "-" ]]), then assign
CATEGORY="$2" and shift 2, and after argument parsing validate CATEGORY against
the allowed set (npm|brew|pip|all) and exit with a clear error on unknown
category; apply the same validation logic to the corresponding handling later in
the script (the code around the CATEGORY variable usage) so no code path ever
assumes CATEGORY was set without checking.
- Around line 80-86: The Beads CLI entry in the BREW_TOOLS array uses the
inconsistent version flag "version" for the bd tool; update that entry so the bd
tool uses the "--version" flag to match the pattern used by other entries and
setup.sh (change the string "brew|Beads CLI|bd|version|steveyegge/beads/bd|brew
upgrade steveyegge/beads/bd" to use "--version" for the bd version check).
- Around line 137-142: The get_pip_latest() function uses a plain pip invocation
which is brittle; change calls like pip index versions "$pkg" to python3 -m pip
index versions "$pkg" throughout (including the similar block at lines ~265-275)
to avoid PATH/pip3 issues, and add a fallback: detect if python3 exists and pip
supports the index command (or check pip --version >= 21.2) and either fall back
to python3 -m pip or emit a clear "pip too old/unsupported" error; update
get_pip_latest() and the other function to prefer python3 -m pip and handle
missing/old pip gracefully.
In @aidevops.sh:
- Around line 812-832: The cmd_update_tools function currently peeks at only the
first arg and special-cases "-u/--update", dropping any other flags; change it
to forward all CLI flags to the tool-version-check.sh script instead of
inspecting only $1: in cmd_update_tools (and using the tool_check_script
variable) remove the local auto_update logic and the if/else that only calls
bash "$tool_check_script" or bash "$tool_check_script" --update, and replace
with a single call that forwards all arguments exactly as received, e.g. bash
"$tool_check_script" "$@", ensuring it still handles zero-argument invocations
correctly.
🧹 Nitpick comments (3)
aidevops.sh (1)
847-861: Help text matches the new command; consider documenting pass-through flags.
Once args are forwarded, it’s worth adding one example likeaidevops update-tools --category brewto advertise the capability..agent/scripts/tool-version-check.sh (2)
310-333: Avoidevalfor update execution (even with hardcoded commands).
It’s unnecessary risk; switching tobash -lc "$update_cmd"(still string-executed but noeval) or, better, representing update commands as arrays would improve safety.Proposed fix (drop eval; keep behavior)
- if eval "$update_cmd" 2>&1 | tail -2; then + if bash -lc "$update_cmd" 2>&1 | tail -2; then echo -e " ${GREEN}✓ Updated${NC}" else echo -e " ${RED}✗ Failed${NC}" fi
201-228: JSON output is handy; consider escaping strings before emitting.
Right now it’s “safe by convention” (constants), but any future tool name/cmd containing quotes/backslashes will break JSON. A smalljson_escape()helper (orjq -Rn) would keep this zero-debt.Also applies to: 278-300
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (3)
.agent/scripts/tool-version-check.shaidevops.shsetup.sh
🧰 Additional context used
📓 Path-based instructions (3)
**/setup.sh
📄 CodeRabbit inference engine (AGENTS.md)
Deploy agents locally using ./setup.sh script
Files:
setup.sh
**/*.sh
📄 CodeRabbit inference engine (AGENTS.md)
**/*.sh: Use local var="$1" pattern for shell variable assignments
Use explicit returns in shell scripts
Run ShellCheck on all scripts with zero violations required
Files:
setup.shaidevops.sh
.agent/scripts/*.sh
⚙️ CodeRabbit configuration file
.agent/scripts/*.sh: Automation scripts - focus on:
- Reliability and robustness
- Clear logging and feedback
- Proper exit codes
- Error recovery mechanisms
Files:
.agent/scripts/tool-version-check.sh
🧠 Learnings (5)
📚 Learning: 2025-12-22T01:24:53.937Z
Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: templates/home/AGENTS.md:0-0
Timestamp: 2025-12-22T01:24:53.937Z
Learning: Follow all security protocols and working directory specifications defined in ~/Git/aidevops/AGENTS.md
Applied to files:
setup.shaidevops.sh
📚 Learning: 2026-01-06T15:57:56.007Z
Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-01-06T15:57:56.007Z
Learning: Applies to **/setup.sh : Deploy agents locally using ./setup.sh script
Applied to files:
setup.sh
📚 Learning: 2025-12-22T01:24:53.937Z
Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: templates/home/AGENTS.md:0-0
Timestamp: 2025-12-22T01:24:53.937Z
Learning: Reference the authoritative repository at ~/Git/aidevops/ for all detailed AI assistant instructions and configurations
Applied to files:
setup.shaidevops.sh
📚 Learning: 2026-01-06T15:57:56.007Z
Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-01-06T15:57:56.007Z
Learning: Applies to **/.agent/scripts/linters-local.sh : Run quality checks before committing using .agent/scripts/linters-local.sh
Applied to files:
.agent/scripts/tool-version-check.sh
📚 Learning: 2026-01-06T15:57:56.007Z
Learnt from: CR
Repo: marcusquinn/aidevops PR: 0
File: AGENTS.md:0-0
Timestamp: 2026-01-06T15:57:56.007Z
Learning: Applies to **/.agent/scripts/version-manager.sh : Use .agent/scripts/version-manager.sh release [major|minor|patch] for releases
Applied to files:
.agent/scripts/tool-version-check.sh
🧬 Code graph analysis (3)
setup.sh (4)
aidevops.sh (3)
print_info(25-25)print_warning(27-27)print_success(26-26).agent/scripts/version-manager.sh (3)
print_info(17-17)print_warning(19-19)print_success(18-18).agent/scripts/verify-mirrors.sh (3)
print_info(23-23)print_warning(25-25)print_success(24-24).agent/scripts/monitor-code-review.sh (3)
print_info(18-18)print_warning(20-20)print_success(19-19)
.agent/scripts/tool-version-check.sh (1)
aidevops.sh (1)
main(884-921)
aidevops.sh (1)
setup.sh (2)
print_error(29-29)print_info(26-26)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
- GitHub Check: Codacy Static Code Analysis
🔇 Additional comments (3)
aidevops.sh (1)
901-904: CLI wiring looks good (aliases +shift+ forwarding).
With the pass-through fix above, the routing will behave as expected.setup.sh (2)
2176-2182: Minor: CLI list output indentation looks off (missing leading spaces).
Not functionally wrong, but it stands out in an otherwise nicely formatted post-setup summary.⛔ Skipped due to learnings
Learnt from: CR Repo: marcusquinn/aidevops PR: 0 File: templates/home/AGENTS.md:0-0 Timestamp: 2025-12-22T01:24:53.937Z Learning: Reference the authoritative repository at ~/Git/aidevops/ for all detailed AI assistant instructions and configurations
22-23: Reliability:--updatepath can block/hang in non-interactive contexts.
check_tool_updates()prompts unconditionally when updates exist;./setup.sh --updatein automation will stall. Consider: prompt only when stdin is a TTY (or whenINTERACTIVE_MODE==true), otherwise print a message and exit 0 (or optionally run--updateautomatically if you want “non-interactive update mode”).Proposed fix (TTY-gate the prompt; don’t hang)
check_tool_updates() { print_info "Checking for tool updates..." @@ - # Run the check in quiet mode first to see if there are updates + # Run the check in quiet mode first to see if there are updates local outdated_output outdated_output=$(bash "$tool_check_script" --quiet 2>/dev/null || true) @@ bash "$tool_check_script" --quiet echo "" - - read -r -p "Update all outdated tools now? (y/n): " do_update + + # Avoid blocking non-interactive runs + if [[ ! -t 0 ]]; then + print_info "Non-interactive session detected; skipping tool updates prompt." + print_info "Run 'aidevops update-tools' later to update tools." + return 0 + fi + + read -r -p "Update all outdated tools now? (y/n): " do_updateAlso applies to: 2087-2090, 2134-2136, 2237-2241
⛔ Skipped due to learnings
Learnt from: CR Repo: marcusquinn/aidevops PR: 0 File: templates/home/AGENTS.md:0-0 Timestamp: 2025-12-22T01:24:53.937Z Learning: Reference the authoritative repository at ~/Git/aidevops/ for all detailed AI assistant instructions and configurationsLearnt from: CR Repo: marcusquinn/aidevops PR: 0 File: templates/home/AGENTS.md:0-0 Timestamp: 2025-12-22T01:24:53.937Z Learning: Follow all security protocols and working directory specifications defined in ~/Git/aidevops/AGENTS.mdLearnt from: CR Repo: marcusquinn/aidevops PR: 0 File: templates/home/git/AGENTS.md:0-0 Timestamp: 2025-12-22T01:25:03.138Z Learning: Use standardized patterns as defined in the authoritative DevOps repository at ~/Git/aidevops/
- Replace eval with bash -c for safer command execution - Add JSON escaping for special characters in tool names - Pass all arguments through in aidevops update-tools command - Capture exit code in setup.sh to detect script failures - Improve error handling when tool check fails
|
🔍 Code Quality Report�[0;35m[MONITOR]�[0m Code Review Monitoring Report �[0;34m[INFO]�[0m Latest Quality Status: �[0;34m[INFO]�[0m Recent monitoring activity: 📈 Current Quality Metrics
Generated on: Sun Jan 11 17:57:23 UTC 2026 Generated by AI DevOps Framework Code Review Monitoring |
|
@coderabbitai review |
✅ Actions performedReview triggered.
|
|
@coderabbitai resolve |
✅ Actions performedComments resolved and changes approved. |
1 participant
Summary
Adds comprehensive tool update checking capabilities to the aidevops framework:
tool-version-check.sh- Checks versions of all key development toolsaidevops update-toolscommand - CLI command to check/update tools--updateflag for setup.sh - Check for updates after setup completesChanges
tool-version-check.sh (rewritten)
--update,--category,--json,--quietaidevops.sh
update-toolscommandaidevops update-tools- Check all tools for updatesaidevops update-tools -u- Auto-update all outdated toolssetup.sh
--update/-uflagUsage
Testing
tool-version-check.sh --helpworkstool-version-check.sh --category brewshows correct outputaidevops update-toolscommand worksSummary by CodeRabbit
update-toolscommand to check and manage tool versions--updateflag for automatic tool updates post-setup✏️ Tip: You can customize this high-level summary in your review settings.