feat: enable insecure mode via INSECURE environment variable (#247)

- Change INSECURE configuration to be enabled by presence of the INSECURE variable, replacing the previous true/false CURL_INSECURE approach
- Update documentation in English and Chinese (Simplified, Traditional) to reflect INSECURE variable usage
- Add usage examples showing how to enable insecure mode via INSECURE=1
- Remove validation checks for CURL_INSECURE value and all references to CURL_INSECURE in the script
- Use INSECURE_ARG for curl invocations to manage SSL verification according to the new logic

Signed-off-by: appleboy <[email protected]>

Author: appleboy

README.md

@@ -130,15 +130,18 @@ chmod +x install.sh
 
 #### Configurable Environment Variables
 
-| Variable Name | Default Value      | Description                                                 |
-| ------------- | ------------------ | ----------------------------------------------------------- |
-| VERSION       | latest             | The CodeGPT version to install (defaults to latest release) |
-| INSTALL_DIR   | $HOME/.codegpt/bin | Installation directory                                      |
-| CURL_INSECURE | false              | Skip SSL verification (true/false)                          |
+| Variable Name | Default Value      | Description                                                                   |
+| ------------- | ------------------ | ----------------------------------------------------------------------------- |
+| VERSION       | latest             | The CodeGPT version to install (defaults to latest release)                   |
+| INSTALL_DIR   | $HOME/.codegpt/bin | Installation directory                                                        |
+| INSECURE      | unset (disabled)   | If set to any value, skips SSL verification. Enabled when variable is present |
 
 Example usage:
 
 ```sh
+# Install with insecure mode enabled (ignoring curl SSL verification):
+INSECURE=1 ./install.sh
+
 # Install a specific version to a custom directory:
 VERSION=1.1.0 INSTALL_DIR=/opt/codegpt ./install.sh
 ```

README.zh-cn.md

@@ -127,13 +127,16 @@ chmod +x install.sh
 
 | 变量名        | 默认值             | 说明                                      |
 | ------------- | ------------------ | ----------------------------------------- |
-| VERSION       | latest             | 要安装的 CodeGPT 版本（默认为最新发布版） |
-| INSTALL_DIR   | $HOME/.codegpt/bin | 安装目录                                  |
-| CURL_INSECURE | false              | 是否跳过 SSL 验证 (true/false)            |
+| VERSION       | latest             | 要安装的 CodeGPT 版本（默认为最新发布版）               |
+| INSTALL_DIR   | $HOME/.codegpt/bin | 安装目录                                               |
+| INSECURE      | 未设置（默认关闭）  | 只要设置该变量（值不限），即跳过 SSL 验证               |
 
 使用示例：
 
 ```sh
+# 启用 insecure 模式（跳过 curl SSL 验证）
+INSECURE=1 ./install.sh
+
 # 安装指定版本到自定义目录
 VERSION=1.1.0 INSTALL_DIR=/opt/codegpt ./install.sh
 ```

README.zh-tw.md

@@ -131,13 +131,16 @@ chmod +x install.sh
 
 | 變數名稱      | 預設值             | 說明                                      |
 | ------------- | ------------------ | ----------------------------------------- |
-| VERSION       | latest             | 要安裝的 CodeGPT 版本（預設為最新發布版） |
-| INSTALL_DIR   | $HOME/.codegpt/bin | 安裝目錄                                  |
-| CURL_INSECURE | false              | 是否跳過 SSL 驗證 (true/false)            |
+| VERSION       | latest             | 要安裝的 CodeGPT 版本（預設為最新發布版）            |
+| INSTALL_DIR   | $HOME/.codegpt/bin | 安裝目錄                                            |
+| INSECURE      | 未設定（預設停用）  | 只要設定該變數（值不限），就會啟用跳過 SSL 驗證模式   |
 
 使用範例：
 
 ```sh
+# 啟用 insecure 模式（忽略 SSL 驗證）
+INSECURE=1 ./install.sh
+
 # 安裝特定版本到自訂目錄
 VERSION=1.1.0 INSTALL_DIR=/opt/codegpt ./install.sh
 ```

install.sh

@@ -66,7 +66,7 @@ function download_and_install() {
   # Use temp dir for download
   TARGET="${TMPDIR}/${CLIENT_BINARY}"
 
-  curl -# -fSL --retry 5 --keepalive-time 2 ${INSECURE_OPTION} "${DOWNLOAD_URL_PREFIX}/${CLIENT_BINARY}" -o "${TARGET}"
+  curl -# -fSL --retry 5 --keepalive-time 2 ${INSECURE_ARG} "${DOWNLOAD_URL_PREFIX}/${CLIENT_BINARY}" -o "${TARGET}"
   chmod +x "${TARGET}" || log_error "Failed to set executable permission on: ${TARGET}" 7
   # Move the binary to install dir and rename to codegpt
   mv "${TARGET}" "${INSTALL_DIR}/codegpt" || log_error "Failed to move ${TARGET} to ${INSTALL_DIR}/codegpt" 8
@@ -104,9 +104,9 @@ function add_to_path() {
 function get_latest_version() {
   local latest
   if command -v jq >/dev/null 2>&1; then
-    latest=$(curl $INSECURE_OPTION -# --retry 5 -fSL https://api.github.com/repos/appleboy/CodeGPT/releases/latest | jq -r .tag_name)
+    latest=$(curl $INSECURE_ARG -# --retry 5 -fSL https://api.github.com/repos/appleboy/CodeGPT/releases/latest | jq -r .tag_name)
   else
-    latest=$(curl $INSECURE_OPTION -# --retry 5 -fSL https://api.github.com/repos/appleboy/CodeGPT/releases/latest | grep '"tag_name":' | sed -E 's/.*"tag_name": ?"v?([^"]+)".*/\1/')
+    latest=$(curl $INSECURE_ARG -# --retry 5 -fSL https://api.github.com/repos/appleboy/CodeGPT/releases/latest | grep '"tag_name":' | sed -E 's/.*"tag_name": ?"v?([^"]+)".*/\1/')
   fi
   # Remove leading 'v' if present
   latest="${latest#v}"
@@ -120,18 +120,13 @@ for cmd in curl; do
   fi
 done
 
-CURL_INSECURE="${CURL_INSECURE:-false}"
-if [[ "${CURL_INSECURE}" != 'true' && "${CURL_INSECURE}" != 'false' ]]; then
-  log_error "CURL_INSECURE must be either 'true' or 'false'" 4
-fi
-if [[ "${CURL_INSECURE}" == 'true' ]]; then
-  print_message warning "WARNING: CURL_INSECURE is set to true. Proceeding with insecure download."
+# If INSECURE is set to any value, enable curl --insecure
+INSECURE_ARG=""
+if [[ -n "${INSECURE:-}" ]]; then
+  INSECURE_ARG="--insecure"
+  print_message warning "WARNING: INSECURE mode is enabled. Proceeding with insecure download."
   print_message warning "WARNING: You are bypassing SSL certificate verification. This is insecure and may expose you to man-in-the-middle attacks."
 fi
-INSECURE_OPTION=""
-if [[ "${CURL_INSECURE}" == 'true' ]]; then
-  INSECURE_OPTION="--insecure"
-fi
 
 if [[ -z "${VERSION:-}" ]]; then
   LATEST_VERSION=$(get_latest_version)