Add workflow for Nushell install and upgrade tests by winget

[hustcer]

Add workflow for Nushell install and upgrade tests by winget

[github-actions]

Script Analysis

• The script demonstrates good Nu 0.90+ compatibility with proper use of modern features like const, export def, and structured commands
• Effective use of pipeline operations in the test functions
• Well-organized module structure with clear separation of concerns between installation types
• Proper handling of version constants and installation paths
• Good cross-platform consideration with Windows-specific paths and commands

Security Review

• ❗ Potential security issue with direct use of msiexec and winget without input validation on paths
• ⚠️ The script uses environment variables for paths but doesn't validate their safety
• ❗ No explicit error handling for failed installations/uninstallations
• ⚠️ The script assumes admin privileges for machine scope operations without explicit checks

Optimization Suggestions

• Replace string concatenation with path joining using path join for better cross-platform compatibility
• Consider using par-each for parallel test execution where possible
• Add error handling with try/catch blocks for installation commands
• Implement input validation for paths and version strings
• Consider caching winget manifests to reduce network calls

Overall Quality: 4

The script is well-structured and functional, but could benefit from improved security practices and error handling. The core functionality is solid and demonstrates good understanding of Nushell's capabilities.

[github-actions]

Script Analysis

• The script demonstrates good Nu 0.90+ compatibility with modern syntax features
• Proper use of constants and structured data for configuration management
• Effective pipeline design for testing different installation scenarios
• Well-organized module structure with clear separation of concerns
• Good cross-platform support focused on Windows winget/MSI workflows

Security Review

• ❗ Potential path injection risk in manifest path construction (line 54, 63, 73, 82)
• ⚠️ Hardcoded paths (PER_MACHINE_INSTALL_DIR, PER_USER_INSTALL_DIR) could cause issues in different environments
• ✅ Proper use of complete for error handling in winget uninstall commands
• ✅ Sensible security flags in WINGET_ARGS (--ignore-security-hash, --silent)

Optimization Suggestions

• Replace string path concatenation with path join for better cross-platform compatibility
• Consider using par-each for parallel test execution where possible
• Add lazy evaluation for version checks to avoid unnecessary operations
• Implement structured error handling with try/catch instead of complete
• Cache winget list results to avoid repeated calls

Overall Quality: 4

The script is well-structured and follows modern Nu practices, but could benefit from improved path handling and parallel execution. Security considerations are generally good but could be enhanced with more robust path construction.