Skip to content

v1.9.24

Choose a tag to compare

View all tags
@pirate pirate released this 03 Apr 06:43
· 218 commits to main since this release
v1.9.24
6096e43
This commit was signed with the committer’s verified signature.
pirate Nick Sweeting
SSH Key Fingerprint: 6CIN5ob1siNL6Oe4C6+10sUHRwN+AO3b7Hb8TX8SPJY
Verified
Learn about vigilant mode.

Highlights

  • Added three new first-class providers: ChromeWebstoreProvider, PuppeteerProvider, and CustomProvider.
  • Packaged the Chrome/extension JS runtime directly inside abx-pkg, so Chrome Web Store installs now work without depending on a sibling abx-plugins checkout.
  • Reworked provider option precedence so per-call args override Binary(...), and Binary(...) overrides provider defaults, with cleaner handling for dry_run, postinstall_scripts, and min_release_age.
  • Improved privilege escalation and subprocess error reporting across providers, including preserving failed sudo output when a fallback attempt also fails.
  • Parallelized CI to run one test file per job with auto-discovered live lifecycle coverage.

New Providers

ChromeWebstoreProvider

  • Added a dedicated Chrome Web Store provider in abx_pkg/binprovider_chromewebstore.py.
  • Supports install_root / bin_dir via extensions_root / extensions_dir.
  • Installs extensions into a managed cache and resolves the installed binary to the unpacked manifest.json.
  • Ships the required JS runtime and config files inside the package:
    • abx_pkg/js/base/config.json
    • abx_pkg/js/base/utils.js
    • abx_pkg/js/chrome/config.json
    • abx_pkg/js/chrome/chrome_utils.js
  • Includes real lifecycle tests covering provider and Binary(...) flows.

PuppeteerProvider

  • Added a dedicated Puppeteer/browser provider in abx_pkg/binprovider_puppeteer.py.
  • Supports provider-managed install roots and bin dirs for @puppeteer/browsers installs.
  • Handles generic browser install args instead of forcing a Chrome-only abstraction.
  • Fixed installed-browser resolution to use semantic version ordering rather than lexicographic string sorting.
  • Includes real lifecycle tests plus regression coverage for version ordering.

CustomProvider

  • Added a dedicated CustomProvider built on top of EnvProvider for shell-command installs.
  • Supports install_root / bin_dir via custom_root / custom_bin_dir.
  • Uses literal per-binary shell overrides for install/update/uninstall while still participating in the standard Binary/BinProvider lifecycle.
  • Includes real lifecycle coverage for direct provider and Binary(...) usage.

Core Behavior Changes

Provider and Binary option precedence

  • Added consistent per-call dry_run support to install(), update(), uninstall(), and load_or_install().
  • Standardized precedence so:
    • explicit action args win
    • Binary(...) defaults come next
    • provider defaults come last
  • Exposed env-backed defaults for:
    • ABX_PKG_INSTALL_TIMEOUT
    • ABX_PKG_VERSION_TIMEOUT
    • ABX_PKG_DRY_RUN (preferred over DRY_RUN when both are set)

Security controls

  • Provider-wide defaults for min_release_age / postinstall_scripts now only hydrate from env vars on providers that actually support those controls.
  • Unsupported providers no longer fail closed by default when these options are present.
  • Instead, unsupported explicit values now warn and continue.
  • EnvProvider no longer claims support for install-only security controls it cannot enforce.
  • pip and npm install-arg merging now preserves explicitly supplied conflicting flags instead of blindly overriding them.

API cleanup

  • binproviders is now the canonical field name used throughout docs/examples instead of binproviders_supported.
  • Module API normalization now handles both provider classes and provider instances consistently.
  • Unavailable-provider errors now use the generic wording:
    • XProvider is disabled because <installer> is not available on this host

Subprocess and Privilege Handling

  • Centralized subprocess error logging in the shared _raise_proc_error(...) path.
  • Reworked older providers to use shared subprocess error handling instead of open-coded log+raise branches.
  • Updated shared exec() behavior to attempt privilege escalation when the provider needs a different EUID, while still falling back to the unprivileged path when escalation is unavailable.
  • When both a sudo attempt and a fallback attempt fail, the final error now includes both outputs.
  • Fixed ansible/pyinfra tempdir cleanup when privileged subprocesses leave root-owned files behind.

Provider-specific Improvements

  • AptProvider, BrewProvider, CargoProvider, GemProvider, GoGetProvider, NixProvider, PipProvider, NpmProvider, PyinfraProvider, AnsibleProvider, and DockerProvider now rely more consistently on shared subprocess/error handling.
  • PipProvider and NpmProvider now merge security controls with explicit install args more rigorously.
  • BrewProvider respects explicit --skip-post-install args when present.
  • PipProvider and NpmProvider gained stronger tests around provider defaults vs per-call overrides.

Packaging and Tooling

  • Added wheel/sdist inclusion rules for packaged JS assets in pyproject.toml.
  • Added bin/setup_monorepo.sh for local monorepo setup.
  • Updated the README to document the new providers, env vars, canonical binproviders field name, and current provider behavior.

CI and Test Coverage

  • Switched the main test workflow to one-job-per-file parallelization.
  • Live lifecycle tests are now auto-discovered from the actual test files instead of being hard-coded.
  • Reduced the standard matrix to:
    • Linux: Python 3.11, 3.14
    • macOS: Python 3.13
  • Added new provider integration suites for:
    • chromewebstore
    • custom
    • puppeteer
  • Expanded coverage for:
    • module API normalization
    • env-backed security defaults
    • unsupported security option warning behavior
    • provider-vs-action override precedence
Assets 2
Loading