fix(installer): error if MISE_INSTALL_PATH is a directory#8468
Conversation
Previously, setting MISE_INSTALL_PATH to an existing directory (e.g. ~/tmp instead of ~/tmp/mise) would silently wipe out the directory due to `rm -rf "$install_path"`. Now we detect this early and emit a clear error message. Also switched from `rm -rf` to `rm -f` since the path is confirmed to not be a directory. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Summary of ChangesHello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request enhances the robustness of the Highlights
Changelog
Activity
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
There was a problem hiding this comment.
Code Review
This pull request addresses a critical issue in the installer script that could lead to accidental data deletion if MISE_INSTALL_PATH was set to an existing directory. The fix introduces a check to validate the path and errors out if it's a directory, which is a solid approach. I've included one suggestion to move this new check earlier in the script to allow it to fail faster, improving the user experience by avoiding unnecessary downloads if the configuration is invalid.
| if [ -d "$install_path" ]; then | ||
| error "MISE_INSTALL_PATH '$install_path' is a directory. Please set it to a file path, e.g. '$install_path/mise'." | ||
| fi |
There was a problem hiding this comment.
This check is a great addition to prevent accidental data loss. For a better user experience and to avoid unnecessary network operations, consider moving this validation logic to earlier in the install_mise function. A good place would be right after install_path is defined (around line 248), so the script can fail fast before it downloads and verifies the tarball.
Greptile SummaryThis PR fixes a destructive data-loss bug in the standalone installer where setting Key changes:
The fix is minimal, safe, and uses standard POSIX shell constructs. Confidence Score: 5/5
Flowchart%%{init: {'theme': 'neutral'}}%%
flowchart TD
A["User runs installer<br/>MISE_INSTALL_PATH set"] --> B["Resolve OS, arch, version"]
B --> C["Construct tarball URL"]
C --> D["Download tarball"]
D --> E["Verify checksum"]
E --> F{Is install_path<br/>a directory?}
F -->|Yes| G["❌ Error: MISE_INSTALL_PATH is a directory<br/>exit 1"]
F -->|No| H["Create install_dir"]
H --> I["Remove old install_path if exists"]
I --> J["Extract tarball"]
J --> K["Move mise binary to install_path"]
K --> L["✅ Success: mise installed"]
G --> M["User sees clear error message<br/>and example correct path"]
Last reviewed commit: 7b763b8 |
Hyperfine Performance
|
| Command | Mean [ms] | Min [ms] | Max [ms] | Relative |
|---|---|---|---|---|
mise-2026.3.3 x -- echo |
27.0 ± 0.8 | 24.6 | 33.1 | 1.03 ± 0.05 |
mise x -- echo |
26.1 ± 1.1 | 23.8 | 37.9 | 1.00 |
mise env
| Command | Mean [ms] | Min [ms] | Max [ms] | Relative |
|---|---|---|---|---|
mise-2026.3.3 env |
25.3 ± 1.3 | 22.8 | 35.7 | 1.00 |
mise env |
26.3 ± 0.7 | 24.0 | 30.6 | 1.04 ± 0.06 |
mise hook-env
| Command | Mean [ms] | Min [ms] | Max [ms] | Relative |
|---|---|---|---|---|
mise-2026.3.3 hook-env |
25.8 ± 1.0 | 23.7 | 28.6 | 1.00 |
mise hook-env |
26.6 ± 1.2 | 23.6 | 33.5 | 1.03 ± 0.06 |
mise ls
| Command | Mean [ms] | Min [ms] | Max [ms] | Relative |
|---|---|---|---|---|
mise-2026.3.3 ls |
26.2 ± 0.9 | 23.1 | 28.4 | 1.04 ± 0.06 |
mise ls |
25.1 ± 1.1 | 22.7 | 34.1 | 1.00 |
xtasks/test/perf
| Command | mise-2026.3.3 | mise | Variance |
|---|---|---|---|
| install (cached) | 162ms | 158ms | +2% |
| ls (cached) | 91ms | 88ms | +3% |
| bin-paths (cached) | 93ms | 93ms | +0% |
| task-ls (cached) | 876ms | 857ms | +2% |
### 🚀 Features - **(github)** keep exe extensions on Windows by @iki in [#8424](#8424) - **(task)** add `interactive` field for exclusive terminal access by @jdx in [#8491](#8491) - add header comment to generated lockfiles by @ivy in [#8481](#8481) - runtime musl/glibc detection for correct libc variant selection by @jdx in [#8490](#8490) ### 🐛 Bug Fixes - **(github)** use registry platform options during install by @jdx in [#8492](#8492) - **(http)** store tool opts as native TOML to fix platform switching by @jdx in [#8448](#8448) - **(installer)** error if MISE_INSTALL_PATH is a directory by @jdx in [#8468](#8468) - **(prepare)** resolve sources/outputs relative to `dir` when set by @jdx in [#8472](#8472) - **(ruby)** fetch precompiled binary by release tag instead of listing all releases by @jdx in [#8488](#8488) - **(schema)** support structured objects in task depends by @risu729 in [#8463](#8463) - **(task)** replace println!/eprintln! with calm_io in task output macros by @vmaleze in [#8485](#8485) - handle scoped npm package names without backend prefix by @jdx in [#8477](#8477) ### 📦️ Dependency Updates - update ghcr.io/jdx/mise:copr docker digest to c485c4c by @renovate[bot] in [#8484](#8484) - update ghcr.io/jdx/mise:alpine docker digest to 8118bc7 by @renovate[bot] in [#8483](#8483) ### 📦 Registry - disable sd version test by @jdx in [#8489](#8489) ### New Contributors - @ivy made their first contribution in [#8481](#8481) - @iki made their first contribution in [#8424](#8424) ## 📦 Aqua Registry Updates #### New Packages (5) - [`datadog-labs/pup`](https://github.com/datadog-labs/pup) - [`k1LoW/mo`](https://github.com/k1LoW/mo) - [`rtk-ai/rtk`](https://github.com/rtk-ai/rtk) - [`suzuki-shunsuke/docfresh`](https://github.com/suzuki-shunsuke/docfresh) - [`yashikota/exiftool-go`](https://github.com/yashikota/exiftool-go) #### Updated Packages (6) - [`cloudflare/cloudflared`](https://github.com/cloudflare/cloudflared) - [`mozilla/sccache`](https://github.com/mozilla/sccache) - [`owenlamont/ryl`](https://github.com/owenlamont/ryl) - [`spinel-coop/rv`](https://github.com/spinel-coop/rv) - [`technicalpickles/envsense`](https://github.com/technicalpickles/envsense) - [`weaviate/weaviate`](https://github.com/weaviate/weaviate)
Summary
MISE_INSTALL_PATHpoints to an existing directory and exit with a clear error message instead of silently wiping it outrm -rftorm -fsince the path is now confirmed to not be a directoryProblem
Setting
MISE_INSTALL_PATH=~/tmp(a directory) instead of~/tmp/mise(a file path) caused the installer to runrm -rf ~/tmp, silently deleting everything in that directory. This was discovered when someone ran:Fix
Added a guard before the
rmthat errors out early with a helpful message:🤖 Generated with Claude Code
Note
Low Risk
Small, localized change to the installer that adds a safety guard and narrows deletion behavior; low likelihood of regressions aside from users previously (incorrectly) pointing
MISE_INSTALL_PATHat a directory now receiving an error.Overview
Prevents accidental data loss in the standalone installer by adding a preflight check that errors out when
MISE_INSTALL_PATHresolves to an existing directory, with a clear message suggesting a file path like.../mise.Replaces the prior
rm -rf "$install_path"behavior withrm -fso the installer only removes an existing file at the target path before moving the new binary into place.Written by Cursor Bugbot for commit 7b763b8. This will update automatically on new commits. Configure here.