fix: use curl for binary download to support proxy and add npmmirror …

[qianzhicheng95]

…fallback

Node.js https.get() does not honor https_proxy/HTTP_PROXY env vars, causing silent download failures behind firewalls. Switch to curl which natively supports proxy settings, and add npmmirror.com as a fallback mirror for regions where GitHub is slow or blocked.

Change-Id: If9ace1e467e46f2a3009610a808bce8d78259e78

Summary

Changes

• Change 1
• Change 2

Test Plan

• Unit tests pass
• Manual local verification confirms the lark xxx command works as expected

Related Issues

• None

Summary by CodeRabbit

• Bug Fixes
  • Improved installation reliability with automatic fallback to alternate download source if primary fails
  • Enhanced error messaging with proxy setup guidance for better troubleshooting
  • Reduced offline certificate revocation errors on Windows systems

[coderabbitai]

📝 Walkthrough

Walkthrough

The installation script replaces a Node.js HTTPS streaming download mechanism with a synchronous curl-based approach, introducing fallback support to an alternate mirror URL and adding Windows-specific SSL certificate handling alongside synchronous control flow with expanded error messaging.

Changes

Cohort / File(s)	Summary
Download Mechanism Overhaul scripts/install.js	Replaced HTTPS streaming download with synchronous curl invocation; added dual-URL fallback (GitHub and mirror), Windows SSL certificate revocation flag (--ssl-revoke-best-effort), and converted async/await control flow to synchronous with try/catch error handling and enhanced proxy setup guidance in error messages.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related issues

• postinstall: binary download fails silently behind HTTP proxy (Node.js https ignores https_proxy) #201: Directly addresses the proxy and download failure issues by replacing the Node.js HTTPS streaming implementation with synchronous curl-based downloads and fallback mirror support.

Poem

🐰 From streaming streams to curled request,
Our download flows now pass the test!
When mirrors shimmer, proxies play,
The install script hops the right way! ✨

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Description check	❓ Inconclusive	The description addresses the motivation and key changes, but the template sections (Changes, Test Plan) are only partially filled with placeholder text rather than actual details.	Complete the Changes section with actual modifications and mark/detail the Test Plan checklist items to clarify how the changes were verified.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately captures the main change: replacing https.get() with curl for proxy support and adding npmmirror as a fallback mirror.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/install_curl

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[greptile-apps]

Greptile Summary

This PR replaces the custom Node.js HTTPS download implementation with curl to gain native proxy support via environment variables (https_proxy / HTTP_PROXY) and adds registry.npmmirror.com as an automatic fallback for users in regions where GitHub is slow or blocked. The change also simplifies the code by dropping async/await in favour of synchronous execSync calls.

Confidence Score: 5/5

Safe to merge; the core proxy fix is correct and the fallback logic is sound — only minor P2 suggestions remain.

All findings are P2 style suggestions (log the swallowed error, guard for missing curl). No P0/P1 defects were found. The switch to curl is a well-known pattern for proxy-aware downloads, the URL construction uses only fixed constants so there is no shell-injection risk, and the mirror fallback correctly overwrites any partially-written file.

No files require special attention.

Important Files Changed

Filename	Overview
scripts/install.js	Replaces Node.js https.get with curl (proxy-aware) and adds npmmirror as a fallback; two P2 style suggestions: log the GitHub failure before retrying, and guard against curl not being installed.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[npm postinstall → install.js] --> B[Detect platform & arch]
    B --> C{Supported?}
    C -- No --> D[process.exit 1]
    C -- Yes --> E[mkdtemp tmpDir]
    E --> F[curl download GITHUB_URL]
    F -- success --> H[Extract archive]
    F -- failure --> G[curl download MIRROR_URL npmmirror]
    G -- success --> H
    G -- failure --> I[print proxy hint & process.exit 1]
    H --> J[Copy binary to bin/]
    J --> K[chmod 0o755]
    K --> L[rmSync tmpDir]
    L --> M[Done ✓]

Loading

_{Reviews (1): Last reviewed commit: "fix: use curl for binary download to sup..." | Re-trigger Greptile}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

scripts/install.js (1)

57-61: Consider logging which download source was used.

The fallback silently switches to the mirror without any indication to the user. For transparency (especially since the mirror is a third-party source), consider logging which URL succeeded or at least when falling back.

💡 Suggested improvement for transparency

     try {
       download(GITHUB_URL, archivePath);
     } catch (err) {
+      console.log("GitHub download failed, trying mirror...");
       download(MIRROR_URL, archivePath);
     }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@scripts/install.js` around lines 57 - 61, The current download fallback
silently switches from GITHUB_URL to MIRROR_URL inside the try/catch around
download(GITHUB_URL, archivePath), so update the block to log which source
succeeded and when a fallback occurred: call processLogger/console.log before or
after invoking download to record "attempting GITHUB_URL" and on catch log the
error and "falling back to MIRROR_URL", then call download(MIRROR_URL,
archivePath) and log its success or failure; reference the download function and
the GITHUB_URL, MIRROR_URL, archivePath variables and include the caught err
when logging.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@scripts/install.js`:
- Around line 42-50: The download function assumes curl is on PATH (causing
cryptic failures on older Windows or minimal Linux containers); add an
availability check before calling execSync in download (or during module init)
that runs a lightweight command (e.g., spawnSync('curl','--version') or
equivalent) and, if curl is missing, throw or log a clear error with remediation
(install curl or require Windows ≥ v1803) mentioning the symbols download and
isWindows so maintainers can find the code; alternatively, document the minimum
Windows version in package.json/postinstall message if you prefer not to fail
install automatically.

---

Nitpick comments:
In `@scripts/install.js`:
- Around line 57-61: The current download fallback silently switches from
GITHUB_URL to MIRROR_URL inside the try/catch around download(GITHUB_URL,
archivePath), so update the block to log which source succeeded and when a
fallback occurred: call processLogger/console.log before or after invoking
download to record "attempting GITHUB_URL" and on catch log the error and
"falling back to MIRROR_URL", then call download(MIRROR_URL, archivePath) and
log its success or failure; reference the download function and the GITHUB_URL,
MIRROR_URL, archivePath variables and include the caught err when logging.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: a72c2072-b896-4843-ab81-3e11788b2761

📥 Commits

Reviewing files that changed from the base of the PR and between 6692300 and dcaba2d.

📒 Files selected for processing (1)

• scripts/install.js

[github-actions]

🚀 PR Preview Install Guide

🧰 CLI update

npm i -g https://pkg.pr.new/larksuite/cli/@larksuite/cli@dcaba2d8c957746065adb39aff0f44d2f7feebbb

🧩 Skill update

npx skills add larksuite/cli#feat/install_curl -y -g