The function used a chain of `(( NEED_X == 1 )) && { ... }` statements.
When the last flag is 0 the trailing arithmetic evaluates to false and
bash returns 1 from the function. Under the main script's `set -e` that
propagates up to bootstrap which exits with the misleading "line 60"
ERR trap right after the installer announces it is going to create the
state directory.
Rewrite the body as plain `if` blocks and return 0 explicitly. Add two
regression assertions that exercise the "only some flags set" and
"nothing to do" paths so the class of bug is caught in CI.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The repo was committed from WSL with core.filemode=false, so the exec
bit was never recorded. After actions/checkout the entry script comes
down as 100644 and tests/test_cli.sh fails with Permission denied.
Set mode 100755 on every script that is invoked directly (entry,
installer, test suite, mock binaries). Sourced helpers under lib/
keep 100644 per convention.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
act_runner's job containers live on a temporary bridge network that
does not inherit the runner's own egress path, so apt-get against
Canonical mirrors can time out even on a US host. Remove the apt step,
rely on the tools baked into gitea/runner-images, and fetch the
shellcheck static binary over HTTPS when it is missing.
Also add a short network diagnostics step to make future egress
issues obvious at a glance.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Only install tools that are actually missing (gitea/runner-images
already ships curl/jq/tar), and point apt at mirrors.aliyun.com when
we do need to install something so archive.ubuntu.com timeouts stop
blocking the build. Handles both Noble's DEB822 ubuntu.sources and
the legacy sources.list.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
The repository is initialized with the SHA-256 object format, but
actions/checkout runs `git init` in the workspace before fetching.
Without GIT_DEFAULT_HASH=sha256 that init defaults to SHA-1 and fetch
fails with `mismatched algorithms: client sha1; server sha256`.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Align runs-on with the standard Gitea/GitHub-compatible label so
workflows stay portable. The Main label has been replaced by
ubuntu-latest on the registered runner.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Change runs-on to the "Main" label used by Act Runner 1, and make the
toolchain install step work both as root (default in act_runner
containers) and on hosts where sudo is required.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Introduce .gitea/workflows/release.yml driven by workflow_dispatch.
The pipeline runs shellcheck and unit tests, builds a tar.gz + sha256,
generates release notes from git history, and publishes a Gitea Release
via the API. Version defaults to v<YYYY.MM.DD>-<short-sha>.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
