Update MSI packages' installation tests for the latest nightly version

[hustcer]

Update MSI packages' installation tests for the latest nightly version, fixes #52

[github-actions]

Script Analysis

• Key observations:
  • Removed machine-scope installation tests from both MSI and Winget workflows
  • Added komac installation step in Winget workflow
  • Implemented dynamic version fetching via GitHub API in test scripts
  • Improved manifest preparation in winget-install.nu
  • Added new utility functions in common.nu (get-latest-tag)
  • Better structured data handling with where/filter operations
  • Proper use of Nushell's http module for API interactions

Security Review

• Vulnerability findings:
  • ❗ Hardcoded komac path in winget-install.nu (line 3) could cause issues in different environments
  • ⚠️ GitHub API responses are not validated for null/empty values in get-latest-tag
  • ❗ No error handling for failed API requests in get-download-url
  • ⚠️ Winget install arguments are constructed without proper sanitization

Optimization Suggestions

• Performance improvements:
  • Replace sequential API calls with parallel requests where possible
  • Cache GitHub API responses to avoid repeated calls
  • Use par-each for processing multiple assets in get-download-url
  • Consider lazy evaluation for version checking operations
  • Batch file operations in setup/teardown phases

Overall Quality: 4

The changes show good modernization of the test infrastructure with proper use of Nushell features, but could benefit from better error handling and security practices. The dynamic version fetching is a significant improvement over hardcoded values.