Feature: Self-update

[hialvaro]

For people using the standalone binary, a self-update command would be awesome to update zellij with just a command: zellij self-update

[marianomarciello]

Hi @hialvaro I think this is a cool feature. I want to work on this. Do you have any suggestions ? Should we use the os package manager (like apt/pacman/etc..), should we use cargo or should we use the tar releases https://github.com/zellij-org/zellij/releases ? I think the safest and easiest way is using tar releases.

Thanks for your time

[hialvaro]

Hey, restic has a self-update command that is very useful, since I can install the outdated debian package and then run the restic self-update to update the binary.

From the man pages of restic:

The command "self-update" downloads the latest stable release of restic from GitHub and replaces the currently running binary. After download, the authenticity of the binary is verified using the GPG signature on the release files.

Here's the relevant code for this command: https://github.com/restic/restic/tree/master/internal/selfupdate

[marianomarciello]

Hi @hialvaro after a discussion on matrix with other zellij users and developers I want to express my (new) opinion on this feature.

• The self-update feature is the only one (right now) that needs an https connection, so we need to introduce creates for this (like reqwest); if we want to avoid the introduction of this creates, given the high number of creates used by zellij, we need to re-implement the http stack. This will be a lot of work for a feature that is not so useful (read the next point)
• From a security point of view: a terminal multiplexer that creates a connection to a web api is something really strange. Zellij can be interpreted as a trojan or can be blocked by some security measure. E.g. a firewall can block the connection and the self-update feature will never work under this condition. I think we need to stick with the Unix philosophy which says basically that one tool should only do one thing and do it well. So the package manager updates every package on the system (zellij included) and zellij is just a terminal multiplexer.

[hialvaro]

Fair enough, I understand your points

[hialvaro]

@marianomarciello Could we have at least some endpoint /latest to download the latest release of Zellij easily?

[imsnif]

@marianomarciello - respectfully, I disagree with both points.

1. Every application on our machine relies on lots and lots of external dependencies. This is extra visible with rust projects since cargo pulls and compiles all of them (due to the nature of rust) but I believe it is not very different with traditional (C/C++/etc.) apps as well. While I'm all for pruning dependencies to only those we need, adding an https library is very much not terrible (and something we intend to do anyway when we will load plugins from the web).
2. Package managers - and specifically their repositories - are often biased against Rust programs. This is not intentional, but mostly happens because they were created at the age of C/C++. Getting rust programs into many of them (looking at you deb/ubuntu) is not trivial (or at least this was the case a year or two ago, maybe things changed since then). It is no surprise that Zellij is not yet there. Many users rely on the statically linked precompiled binaries Zellij provides which completely bypass them. I think providing these users with an option to also update the executable (or at least be prompted to do so) is not a terrible thing. This request would be user prompted and fully transparent - and also not very different than many other traditional apps who do this (eg. firefox).

Reopening this issue.

@hialvaro - take a look at the "try Zellij without installing" script on the zellij.dev website, I think it uses a latest endpoint of some sort.

[hialvaro]

I have found that this endpoint can be used to download the latest release

https://github.com/zellij-org/zellij/releases/latest/download/zellij-aarch64-unknown-linux-musl.tar.gz

[Zykino]

Just wanted to note the discussion we had on discord to not loose it and give my feedback, back into the original issue.

I proposed that this feature could be done with a plugin. This way it can be removed by packagers so user only have access to the packaged version of their distribution (or from cargo install). Like Firefox auto update ON on windows but OFF when using a package manager on Linux.

But WASM plugins do not have access to internet so an API should be added for that. This should also wait on the . They will also need to access the filesystem and may have different strategy between windows and Linux (not sure about MacOs). All of this will need the permission system to be build before so… in the end it may or may not be created as a plugin, depending on when the task will be taken care of.

[Zykino]

As for "immediate" and/or general update functionality, I know of 2 programs that try to do so generally:

https://github.com/topgrade-rs/topgrade try to detect everything it can update on your computer and start commands to do so.

I wasn’t aware of it and created https://zykino.net/gitea/zykino/system-updater. I use it daily but haven’t published it yet (I still need to write the README :sweat_smile:). The idea on this one is more a "I remember and start the commands for you when you run me". So it will apt update then cargo install-update -a then curl <zellij-url>…

So if the tool you use does not auto-update, there are still ways to automatically update it from external tools ;)

[imsnif]

Not sure why this was closed? It's still not implemented...

[hialvaro]

Hey, sorry, I thought this wasn't going to be implemented. Maybe I had misunderstood it!

[imsnif]

All good - I want this to be implemented, but I hope you can be patient - it might take time.