Skip to content

Update install command#162

Merged
amalshaji merged 2 commits intomainfrom
curl-install-docs
Jun 1, 2025
Merged

Update install command#162
amalshaji merged 2 commits intomainfrom
curl-install-docs

Conversation

@amalshaji
Copy link
Owner

@amalshaji amalshaji commented Jun 1, 2025
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • New Features

    • Added an alternative installation method for the Portr client using a shell install script, in addition to the existing Homebrew option.
    • Updated the installation section to present both methods with clear labels, code snippets, and copy-to-clipboard buttons.

  • Documentation

    • Expanded installation instructions to include both the install script and Homebrew options, with improved clarity and updated headings.

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Jun 1, 2025
edited
Loading

Walkthrough

The changes update both the web UI and documentation to present two installation methods for the Portr client: a new install script command and the existing Homebrew command. The UI now displays both options with labels, code blocks, and copy buttons, while the documentation lists both installation commands with updated headings and descriptions. Additionally, a .nvmrc file specifying Node.js version 20 was added to the docs directory.

Changes

File(s) Change Summary
admin/web/src/pages/app/overview.svelte Added install script command as an installation option; updated UI to show both install script and Homebrew methods with labels, code blocks, and copy buttons; generalized heading and reworded binary download text.
docs/src/content/docs/client/installation.mdx Updated documentation to include both install script and Homebrew installation methods with revised headings and order.
docs/.nvmrc Added .nvmrc file specifying Node.js version 20 for project environment setup.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant WebUI
    participant Docs

    User->>WebUI: Views client installation options
    WebUI-->>User: Displays install script and Homebrew commands

    User->>Docs: Reads installation documentation
    Docs-->>User: Shows install script and Homebrew instructions
Loading

Possibly related PRs

Poem

Hopping along the install trail,
Now two ways for clients to set sail—
Curl or brew, pick what you please,
Copy with a click, install with ease!
🐇✨
Portr’s journey’s just begun,
With scripts and docs for everyone!

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between fa09b66 and f15f97f.

📒 Files selected for processing (1)
  • docs/.nvmrc (1 hunks)
✅ Files skipped from review due to trivial changes (1)
  • docs/.nvmrc
⏰ Context from checks skipped due to timeout of 90000ms (2)
  • GitHub Check: test
  • GitHub Check: Cloudflare Pages
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Explain this complex logic.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai explain this code block.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and explain its main purpose.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR.
  • @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@cloudflare-workers-and-pages
Copy link

cloudflare-workers-and-pages bot commented Jun 1, 2025
edited
Loading

Deploying portr with  Cloudflare Pages  Cloudflare Pages

Latest commit: f15f97f
Status: ✅  Deploy successful!
Preview URL: https://dda24bae.portr.pages.dev
Branch Preview URL: https://curl-install-docs.portr.pages.dev

View logs

coderabbitai[bot]
coderabbitai bot reviewed Jun 1, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 4b60d75 and fa09b66.

📒 Files selected for processing (2)
  • admin/web/src/pages/app/overview.svelte (2 hunks)
  • docs/src/content/docs/client/installation.mdx (1 hunks)
🧰 Additional context used
🪛 LanguageTool
docs/src/content/docs/client/installation.mdx

[grammar] ~10-~10: The word ‘install’ is not a noun.
Context: ...ts"; ### Install the client Using the install script: ```shell curl -sSf https://ins...

(A_INSTALL)

⏰ Context from checks skipped due to timeout of 90000ms (1)
  • GitHub Check: test
🔇 Additional comments (2)
admin/web/src/pages/app/overview.svelte (2)

230-266: Excellent UI restructuring for multiple installation methods.

The updated UI clearly presents both installation options with proper labeling, syntax highlighting, and copy functionality. The structure is user-friendly and provides good visual separation between the two methods.

270-270: Good text improvement for consistency.

The change from "Or download the binary" to "You can also download the binary" provides better flow and consistency with the multiple installation options presented above.

admin/web/src/pages/app/overview.svelte
Comment on lines 100 to 106
const installCommand = `
curl -sSf https://install.portr.dev | sh
`.trim();

const homebrewCommand = `
brew install amalshaji/taps/portr
`.trim();
Copy link
Contributor

@coderabbitai coderabbitai bot Jun 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Verification agent

🧩 Analysis chain

Consider security implications of the curl-based install script.

The new install script pattern curl -sSf https://install.portr.dev | sh is convenient but poses security risks since it downloads and executes code directly. Consider adding a security warning or offering users the option to download and inspect the script first.

Consider adding a security notice in the UI or providing an alternative download-first approach:

+  const installScriptUrl = "https://install.portr.dev";
+  const installCommand = `
+  # Download and inspect the script first (recommended):
+  curl -sSf ${installScriptUrl} -o install.sh && chmod +x install.sh && ./install.sh
+  
+  # Or run directly (less secure):
+  curl -sSf ${installScriptUrl} | sh
+  `.trim();

Let me verify if the install script URL is accessible:

🏁 Script executed:

#!/bin/bash
# Check if the install script URL is accessible and inspect its content
curl -I https://install.portr.dev
curl -sSf https://install.portr.dev | head -20

Length of output: 1606

Add security notice and download-first option for the curl installer

The install script at https://install.portr.dev is accessible and returns the expected bash installer. However, piping remote code directly into sh carries inherent risks. Please update the UI and constants to:

• Offer a download-and-inspect approach as the recommended path
• Retain the direct pipeline option with a clear warning

Locations to update:

  • admin/web/src/pages/app/overview.svelte around lines 100–106 (installCommand definition)

Suggested diff:

  // Define installer URL
+ const installScriptUrl = 'https://install.portr.dev';

- const installCommand = `
- curl -sSf https://install.portr.dev | sh
- `.trim();
+ const installCommand = `
+ # Recommended: download and inspect the installer first
+ curl -sSf ${installScriptUrl} -o install.sh && chmod +x install.sh && ./install.sh
+
+ # Or run directly (less secure)
+ curl -sSf ${installScriptUrl} | sh
+ `.trim();

Additionally, consider adding a brief security notice in the UI adjacent to the install command, e.g.:

“Running remote scripts directly is less secure. We recommend downloading and reviewing the script before execution.”

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
const installCommand = `
curl -sSf https://install.portr.dev | sh
`.trim();
const homebrewCommand = `
brew install amalshaji/taps/portr
`.trim();
// Define installer URL
const installScriptUrl = 'https://install.portr.dev';
const installCommand = `
# Recommended: download and inspect the installer first
curl -sSf ${installScriptUrl} -o install.sh && chmod +x install.sh && ./install.sh
# Or run directly (less secure)
curl -sSf ${installScriptUrl} | sh
`.trim();
const homebrewCommand = `
brew install amalshaji/taps/portr
`.trim();
🤖 Prompt for AI Agents 
In admin/web/src/pages/app/overview.svelte around lines 100 to 106, the
installCommand uses a direct curl-to-sh pipeline which poses security risks.
Update the code to provide two options: keep the direct pipeline command but add
a clear security warning, and add a new command that downloads the script first
for inspection before running it. Also, add a brief security notice in the UI
near the install command explaining that running remote scripts directly is less
secure and recommending users download and review the script before execution.

docs/src/content/docs/client/installation.mdx
Comment on lines +10 to +16
Using the install script:

```shell
curl -sSf https://install.portr.dev | sh
```

Or install the client using homebrew:
Copy link
Contributor

@coderabbitai coderabbitai bot Jun 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Verification agent

🧩 Analysis chain

Address the grammar issue and consider security documentation.

The documentation structure aligns well with the UI changes, but there's a grammar issue flagged by static analysis. Also consider adding security guidance for the curl-based install method.

Apply this diff to fix the grammar and add security context:

-Using the install script:
+Using the installation script:



+:::caution[Security Notice]
+The install script downloads and executes code directly. For enhanced security, consider downloading and inspecting the script first:
+

Let me verify the grammar concern from static analysis:

---

🏁 Script executed:

```shell
curl -sSf https://install.portr.dev | sh

Length of output: 959

🏁 Script executed:

+curl -sSf https://install.portr.dev -o install.sh && chmod +x install.sh && ./install.sh
+```
+:::

Or install the client using homebrew:

Length of output: 265

🌐 Web query:

Is "install script" grammatically correct or should it be "installation script"?

💡 Result:

Both "install script" and "installation script" can be used, but they have slightly different connotations and usage preferences.

  • "Installation script" is the more formal and commonly used term. It refers to a script that performs the process of installation. It treats "installation" as a noun modifying "script," emphasizing the purpose of the script related to installing software or components.

  • "Install script" is more informal and less common. It might be used in contexts where "install" is treated as a verb or shorthand, but it's generally considered less standard than "installation script."

In most professional and technical contexts, "installation script" is preferred for clarity and formality.

Use “installation script” and add security guidance

Tested the direct install script; it runs as expected. To improve clarity and help users stay safe, update the phrasing and include a caution block:

Suggested patch:

- Using the install script:
+ Using the installation script:

```shell
curl -sSf https://install.portr.dev | sh
  • :::caution[Security Notice]
  • The install script downloads and executes code directly. For greater security, download and review the script before running:
  • 

    • 

  • curl -sSf https://install.portr.dev -o install.sh
    • 

  • chmod +x install.sh
    • 

  • ./install.sh
    • 

  • 

    

    • 

  • :::
    • 



Or install the client using Homebrew:



This fixes the grammar (“installation script” is more formal) and provides essential security guidance for users installing via curl.

<details>
<summary>🧰 Tools</summary>

<details>
<summary>🪛 LanguageTool</summary>

[grammar] ~10-~10: The word ‘install’ is not a noun.
Context: ...ts";  ### Install the client  Using the install script:  ```shell curl -sSf https://ins...

(A_INSTALL)

</details>

</details>

<details>
<summary>🤖 Prompt for AI Agents</summary>




In docs/src/content/docs/client/installation.mdx around lines 10 to 16, replace

the informal phrase "install script" with the more formal "installation script"

for clarity. Additionally, add a caution block advising users about the security

risks of piping curl output directly to sh, and provide an alternative safer

method by downloading the script first, reviewing it, making it executable, and

then running it. This improves grammar and adds important security guidance for

users.



</details>

<!-- This is an auto-generated comment by CodeRabbit -->


    

  
  




    


        

      
  
  

    
  
    
    

  

  

  



          

              

      








    


  









  








  








      

  
        





      

  
          
 
  

    
  

  


        
        @amalshaji
  amalshaji



        merged commit 4b5e8ff
      into

      
  
    main
  


    Jun 1, 2025

      

        2 of 4 checks passed
      


      

        
  
          
  
    
    


  
      

  







  

  
  

  
      @amalshaji
  amalshaji


    
    deleted the
    
      
        curl-install-docs
    
    branch

    June 1, 2025 12:47    
    




  

  

    
  


  

      


    @coderabbitai
coderabbitai
bot


    mentioned this pull request
    
      Jul 27, 2025
    





  


  

      
   Merged

  







  













  
  

    

      

  










  








  
      

  
    Sign up for free
    to join this conversation on GitHub.
    Already have an account?
    Sign in to comment


  










      

  

    
    

    

  

    Reviewers
  


    


      

  

    


  
      @coderabbitai
  
    coderabbitai[bot]


    
      
        
      
    
    coderabbitai[bot] left review comments




      






    
    
    

    

  


      
  

    Assignees
  



        


    No one assigned







      


  


  

    Labels
  



    

    None yet







      

  

    

        

    Projects
  


        




    None yet




  



      


  

    
  

    Milestone
  


      No milestone





    
      
          


  

    

      
        

          
  

    Development
  



            


Successfully merging this pull request may close these issues.





  
  



      
    

  




      

    

  
        

  

    

      1 participant
    

    

        
          @amalshaji