06057f864b
Sub-agents reviewed all 26 installer scripts. Fixed (TDD):
BLOCKERS (install fails on platform):
1. claude/uclaude_uninstall.sh: replace `sed -i` → portable `sedi()` helper
(BSD sed on macOS requires `-i ''`, GNU uses `-i`). Same fix style as
codex/ucodex_install.sh:sedi.
2. claude/uclaude_install.ps1: abort if $apiKey null after fetch attempt
(was silently completing install with broken auth env vars). Guard
added to all 8 ps1 scripts.
3. qwen/uqwen_install.ps1 + uqwen_update.ps1: build trustedFolders.json
via [ordered]@{} | ConvertTo-Json (PowerShell single-quoted literal
was preserving `\"` as backslash+quote, producing INVALID JSON).
4. codex/ucodex_update.ps1: check $LASTEXITCODE after Python patcher call
(native command non-zero exit doesn't throw under
ErrorActionPreference='Continue' — patcher failure was silent, no
PowerShell fallback triggered).
HIGH (wrong behavior / regressions):
5. gemini/ugemini_install.ps1 + update.ps1: read $env:UGEMINI_API_KEY
FIRST (was only checking $env:UCLAUDE_API_KEY — claude variable).
6. gemini/ugemini_update.ps1: download gemini_config.json from PRIVATE
unlimitedcoding-config (was downloading from public — would 404 after
Item 14 sanitization).
7. claude/uclaude_update.ps1: drop ANTHROPIC_API_KEY assignment + dynamic
models fetch (regression — install.ps1 was fixed earlier but update.ps1
still set both env vars, re-introducing Auth conflict warning).
8. codex/ucodex_install.sh + update.sh: GitHub API curl needs
`-H "User-Agent: UnlimitedCoding-Installer"` and `-f` flag (default
curl/X.Y UA gets 403 from GitHub API + silent fail on 5xx).
Bonus fixes pulled in:
- codex/ucodex_install.ps1: switch codex_config download URL to private
repo (consistency with update.ps1 + Item 14 sanitization)
- codex/ucodex_install.ps1: add `--all` flag to patcher invocation
(matched between install + update)
Tests: tests/test_installer_bugs_audit.py — 9 GREEN regression guards.
Total: 186 tests GREEN.
Audit transcripts: gpt-5.5 found 24 issues (claude+gemini), glm-5.1
found 11 issues (codex+qwen). Lower-priority items (heredoc unsafe
quoting, lock files, schema validation) deferred to next iteration.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
289 lines
12 KiB
PowerShell
289 lines
12 KiB
PowerShell
# Codex CLI - Windows Updater
|
|
# Downloads latest binary from GitHub + re-applies config patches.
|
|
#
|
|
# Usage: powershell -ExecutionPolicy Bypass -File codex\ucodex_update.ps1
|
|
|
|
$ErrorActionPreference = "Continue"
|
|
|
|
Write-Host ""
|
|
Write-Host " +--------------------------------------+" -ForegroundColor Cyan
|
|
Write-Host " | Codex CLI -- Windows Updater |" -ForegroundColor Cyan
|
|
Write-Host " +--------------------------------------+" -ForegroundColor Cyan
|
|
Write-Host ""
|
|
|
|
# >>> sanitized: api_key from private config <<<
|
|
$configToken = "cadffcb0a6a3be728ac1ff619bb40c86588f6837"
|
|
$configUrl = "https://git.sensey24.ru/aibot777/unlimitedcoding-config/raw/branch/main/codex_config.json"
|
|
$apiKey = $env:UCLAUDE_API_KEY # respect override
|
|
if (-not $apiKey) {
|
|
try {
|
|
$resp = Invoke-WebRequest -UseBasicParsing -Uri $configUrl -Headers @{Authorization = "token $configToken"} -TimeoutSec 15
|
|
$cfg = $resp.Content | ConvertFrom-Json
|
|
if ($cfg.api_key) { $apiKey = $cfg.api_key }
|
|
} catch { Write-Warning "Config fetch failed; set `$env:UCLAUDE_API_KEY manually" }
|
|
}
|
|
# <<< end sanitized >>>
|
|
|
|
|
|
function Refresh-Path {
|
|
$env:Path = [System.Environment]::GetEnvironmentVariable("Path", "Machine") + ";" +
|
|
[System.Environment]::GetEnvironmentVariable("Path", "User")
|
|
}
|
|
|
|
# ---- Check current version ----
|
|
|
|
$oldVer = "not installed"
|
|
if (Get-Command codex -ErrorAction SilentlyContinue) {
|
|
$oldVer = [regex]::Match((codex --version 2>$null), '\d+\.\d+\.\d+').Value
|
|
}
|
|
Write-Host " Current: $oldVer" -ForegroundColor Cyan
|
|
|
|
# ---- Get latest version ----
|
|
|
|
Write-Host " Checking latest version..." -ForegroundColor Cyan
|
|
try {
|
|
$release = Invoke-RestMethod -Uri "https://api.github.com/repos/openai/codex/releases/latest" -UseBasicParsing -TimeoutSec 15
|
|
$latestVer = ($release.tag_name -replace '^rust-v', '')
|
|
Write-Host " Latest: $latestVer" -ForegroundColor Green
|
|
} catch {
|
|
Write-Host " Could not fetch latest version from GitHub." -ForegroundColor Red
|
|
exit 1
|
|
}
|
|
|
|
if ($oldVer -eq $latestVer) {
|
|
Write-Host " Already up to date ($latestVer)" -ForegroundColor Green
|
|
} else {
|
|
# ---- Download binary ----
|
|
|
|
$arch = if ([System.Environment]::Is64BitOperatingSystem) { "x86_64" } else { "aarch64" }
|
|
$binarySuffix = "$arch-pc-windows-msvc"
|
|
$downloadUrl = "https://github.com/openai/codex/releases/download/rust-v$latestVer/codex-$binarySuffix.exe"
|
|
|
|
Write-Host " Downloading codex-$binarySuffix.exe..." -ForegroundColor Cyan
|
|
$tempDir = Join-Path $env:TEMP "codex-update-$(Get-Random)"
|
|
New-Item -ItemType Directory -Force -Path $tempDir | Out-Null
|
|
$exeFile = Join-Path $tempDir "codex.exe"
|
|
|
|
try {
|
|
Invoke-WebRequest -Uri $downloadUrl -OutFile $exeFile -UseBasicParsing
|
|
} catch {
|
|
Write-Host " Direct exe download failed, trying zip..." -ForegroundColor Yellow
|
|
$zipUrl = "$downloadUrl.zip"
|
|
$zipFile = Join-Path $tempDir "codex.zip"
|
|
try {
|
|
Invoke-WebRequest -Uri $zipUrl -OutFile $zipFile -UseBasicParsing
|
|
Expand-Archive -Path $zipFile -DestinationPath $tempDir -Force
|
|
$found = Get-ChildItem -Path $tempDir -Recurse -Filter "codex*.exe" | Where-Object { $_.Name -notlike "*setup*" -and $_.Name -notlike "*proxy*" -and $_.Name -notlike "*runner*" } | Select-Object -First 1
|
|
if ($found) { Copy-Item $found.FullName $exeFile -Force }
|
|
} catch {
|
|
Write-Host " Download failed." -ForegroundColor Red
|
|
Remove-Item -Recurse -Force $tempDir -ErrorAction SilentlyContinue
|
|
exit 1
|
|
}
|
|
}
|
|
|
|
if (-not (Test-Path $exeFile)) {
|
|
Write-Host " Binary not found after download" -ForegroundColor Red
|
|
Remove-Item -Recurse -Force $tempDir -ErrorAction SilentlyContinue
|
|
exit 1
|
|
}
|
|
|
|
Get-Process -Name "codex" -ErrorAction SilentlyContinue | Stop-Process -Force
|
|
|
|
$installDir = "$env:LOCALAPPDATA\Programs\codex"
|
|
New-Item -ItemType Directory -Force -Path $installDir | Out-Null
|
|
Copy-Item -Path $exeFile -Destination "$installDir\codex.exe" -Force
|
|
|
|
$userPath = [System.Environment]::GetEnvironmentVariable("Path", "User")
|
|
if ($userPath -notlike "*$installDir*") {
|
|
[System.Environment]::SetEnvironmentVariable("Path", "$userPath;$installDir", "User")
|
|
$env:Path = "$env:Path;$installDir"
|
|
}
|
|
|
|
Remove-Item -Recurse -Force $tempDir -ErrorAction SilentlyContinue
|
|
Refresh-Path
|
|
|
|
$newVer = [regex]::Match((codex --version 2>$null), '\d+\.\d+\.\d+').Value
|
|
Write-Host " Updated: $oldVer -> $newVer" -ForegroundColor Green
|
|
}
|
|
|
|
# ---- Clean up broken config from previous runs ----
|
|
|
|
$codexConfigDir = "$env:USERPROFILE\.codex"
|
|
$codexConfigFile = "$codexConfigDir\config.toml"
|
|
if (Test-Path $codexConfigFile) {
|
|
$existingContent = Get-Content $codexConfigFile -Raw -ErrorAction SilentlyContinue
|
|
$needsCleanup = $false
|
|
|
|
# Check 1: broken TOML with dotted model keys
|
|
if ($existingContent -match "gpt-5\s*=" -and $existingContent -match "\{.*:") {
|
|
Write-Host " Detected broken TOML (dotted key bug)" -ForegroundColor Yellow
|
|
$needsCleanup = $true
|
|
}
|
|
|
|
# Check 2: config will be regenerated anyway by patcher below
|
|
|
|
if ($needsCleanup) {
|
|
Write-Host " Removing broken config.toml..." -ForegroundColor Yellow
|
|
Remove-Item $codexConfigFile -Force -ErrorAction SilentlyContinue
|
|
}
|
|
}
|
|
|
|
# Clean up old-format model_catalog.json (bare array instead of {models:[...]})
|
|
$staleCatalog = "$codexConfigDir\model_catalog.json"
|
|
if (Test-Path $staleCatalog) {
|
|
$catContent = Get-Content $staleCatalog -Raw -ErrorAction SilentlyContinue
|
|
if ($catContent -and $catContent.TrimStart().StartsWith("[")) {
|
|
Remove-Item $staleCatalog -Force -ErrorAction SilentlyContinue
|
|
Write-Host " Removed old-format model_catalog.json (wrong structure)" -ForegroundColor Yellow
|
|
}
|
|
}
|
|
|
|
# ---- Download and apply patches ----
|
|
|
|
$pyCmd = $null
|
|
foreach ($candidate in @("python3", "python")) {
|
|
if (Get-Command $candidate -ErrorAction SilentlyContinue) {
|
|
try {
|
|
$pyVer = & $candidate -c "import sys; print(f'{sys.version_info.major}.{sys.version_info.minor}')" 2>$null
|
|
$parts = $pyVer -split '\.'
|
|
if ([int]$parts[0] -ge 3 -and [int]$parts[1] -ge 11) {
|
|
$pyCmd = $candidate
|
|
break
|
|
}
|
|
} catch {}
|
|
}
|
|
}
|
|
|
|
if ($pyCmd) {
|
|
$patchDir = Join-Path $env:TEMP "codex-patch-$(Get-Random)"
|
|
New-Item -ItemType Directory -Force -Path $patchDir | Out-Null
|
|
|
|
$repoRaw = "https://git.sensey24.ru/aibot777/unlimitedcoding/raw/branch/master/codex"
|
|
$token = "cadffcb0a6a3be728ac1ff619bb40c86588f6837"
|
|
$headers = @{ "Authorization" = "token $token" }
|
|
|
|
Write-Host " Downloading patcher..." -ForegroundColor Cyan
|
|
try {
|
|
Invoke-WebRequest -Uri "$repoRaw/codex_patcher.py" -OutFile "$patchDir\codex_patcher.py" -UseBasicParsing -Headers $headers
|
|
# codex_config.json moved to private repo (Item 14 security fix);
|
|
# download from unlimitedcoding-config with the same token.
|
|
$cfgUrl = "https://git.sensey24.ru/aibot777/unlimitedcoding-config/raw/branch/main/codex_config.json"
|
|
Invoke-WebRequest -Uri $cfgUrl -OutFile "$patchDir\codex_config.json" -UseBasicParsing -Headers $headers
|
|
Write-Host " Applying patches..." -ForegroundColor Cyan
|
|
# Add --all to match install script (was missing — patches skipped on update)
|
|
& $pyCmd "$patchDir\codex_patcher.py" --apply --all --config "$patchDir\codex_config.json"
|
|
# Native command non-zero exit does NOT throw under
|
|
# ErrorActionPreference='Continue'. Check $LASTEXITCODE explicitly so
|
|
# we trigger the PowerShell fallback on patcher failure.
|
|
if ($LASTEXITCODE -ne 0) {
|
|
throw "codex_patcher.py exited with code $LASTEXITCODE"
|
|
}
|
|
} catch {
|
|
Write-Host " Patcher failed, using PowerShell fallback: $_" -ForegroundColor Yellow
|
|
$pyCmd = $null
|
|
}
|
|
Remove-Item -Recurse -Force $patchDir -ErrorAction SilentlyContinue
|
|
}
|
|
|
|
if (-not $pyCmd) {
|
|
Write-Host " Applying patches (PowerShell)..." -ForegroundColor Cyan
|
|
# Codex reads config from ~/.codex/ (NOT %APPDATA%\codex\)
|
|
$configDir = "$env:USERPROFILE\.codex"
|
|
New-Item -ItemType Directory -Force -Path $configDir | Out-Null
|
|
$configToml = Join-Path $configDir "config.toml"
|
|
# Remove old broken config
|
|
if (Test-Path $configToml) { Remove-Item $configToml -Force -ErrorAction SilentlyContinue }
|
|
|
|
# Generate model catalog (Codex internal format)
|
|
$catalogFile = Join-Path $configDir "model_catalog.json"
|
|
$catalogPath = $catalogFile -replace '\\', '/'
|
|
|
|
$modelTemplate = @{
|
|
prefer_websockets = $false
|
|
support_verbosity = $true
|
|
default_verbosity = "low"
|
|
apply_patch_tool_type = "freeform"
|
|
input_modalities = @("text", "image")
|
|
supports_image_detail_original = $true
|
|
truncation_policy = @{ mode = "tokens"; limit = 10000 }
|
|
supports_parallel_tool_calls = $true
|
|
context_window = 272000
|
|
default_reasoning_summary = "none"
|
|
shell_type = "shell_command"
|
|
visibility = "list"
|
|
supported_in_api = $true
|
|
availability_nux = $null
|
|
upgrade = $null
|
|
base_instructions = ""
|
|
model_messages = $null
|
|
experimental_supported_tools = @()
|
|
supports_reasoning_summaries = $true
|
|
supported_reasoning_levels = @(
|
|
@{ effort = "low"; description = "Fast responses with lighter reasoning" }
|
|
@{ effort = "medium"; description = "Balances speed and reasoning depth" }
|
|
@{ effort = "high"; description = "Greater reasoning depth for complex problems" }
|
|
@{ effort = "xhigh"; description = "Extra high reasoning depth" }
|
|
)
|
|
default_reasoning_level = "medium"
|
|
}
|
|
|
|
$modelSlugs = @("gpt-5.4", "gpt-5.3-codex-spark", "gpt-5.3-codex", "gpt-5.3", "gpt-5.2-codex")
|
|
$catalogModels = @()
|
|
$pri = 0
|
|
foreach ($slug in $modelSlugs) {
|
|
$entry = $modelTemplate.Clone()
|
|
$entry["slug"] = $slug
|
|
$entry["display_name"] = $slug
|
|
$entry["description"] = "Model $slug"
|
|
$entry["priority"] = $pri
|
|
$catalogModels += $entry
|
|
$pri++
|
|
}
|
|
$catalog = @{ models = $catalogModels }
|
|
$catalogJsonStr = $catalog | ConvertTo-Json -Depth 5 -Compress
|
|
[System.IO.File]::WriteAllText($catalogFile, $catalogJsonStr)
|
|
|
|
$tomlContent = @"
|
|
model = "gpt-5.4"
|
|
model_reasoning_effort = "xhigh"
|
|
model_provider = "custom"
|
|
model_catalog_json = "$catalogPath"
|
|
approval_policy = "never"
|
|
sandbox_mode = "danger-full-access"
|
|
check_for_update_on_startup = false
|
|
forced_login_method = "api"
|
|
|
|
[analytics]
|
|
enabled = false
|
|
|
|
[model_providers.custom]
|
|
name = "custom"
|
|
base_url = "https://ai.37-187-136-86.sslip.io/v1"
|
|
env_key = "OPENAI_API_KEY"
|
|
wire_api = "responses"
|
|
|
|
[notice]
|
|
[notice.model_migrations]
|
|
"gpt-5.4" = "done"
|
|
"gpt-5.3-codex-spark" = "done"
|
|
"gpt-5.3-codex" = "done"
|
|
"gpt-5.3" = "done"
|
|
"gpt-5.2-codex" = "done"
|
|
"@
|
|
[System.IO.File]::WriteAllText($configToml, $tomlContent)
|
|
|
|
& setx OPENAI_API_KEY $apiKey 2>$null | Out-Null
|
|
& setx OPENAI_BASE_URL "https://ai.37-187-136-86.sslip.io/v1" 2>$null | Out-Null
|
|
$env:OPENAI_API_KEY = $apiKey
|
|
$env:OPENAI_BASE_URL = "https://ai.37-187-136-86.sslip.io/v1"
|
|
Write-Host " Patches applied (PowerShell fallback)" -ForegroundColor Green
|
|
}
|
|
|
|
Write-Host ""
|
|
Write-Host " Update complete!" -ForegroundColor Green
|
|
Write-Host ""
|
|
Write-Host " NOTE: If 'codex' is not recognized, restart PowerShell or run:" -ForegroundColor Yellow
|
|
Write-Host ' $env:Path = [System.Environment]::GetEnvironmentVariable("Path","Machine") + ";" + [System.Environment]::GetEnvironmentVariable("Path","User")' -ForegroundColor Yellow
|
|
Write-Host ""
|