Use install artifact check in Windows CI

Copilot · bytemain · web-flow · commit 54eaf466d4fb · 2026-05-01T14:04:21.000Z
Agent-Logs-Url: https://github.com/version-fox/vfox-python/sessions/5852e539-b06d-4c0c-b5d1-b981726a91d9 Co-authored-by: bytemain <13938334+bytemain@users.noreply.github.com>
diff --git a/.github/workflows/vfox-test.yaml b/.github/workflows/vfox-test.yaml
@@ -149,10 +149,14 @@ jobs:
           VFOX_PYTHON_USE_UV_BUILD: "1"
         run: |
           Invoke-Expression "$(vfox activate pwsh)"
-          $install_output = vfox install python@3.10.20 2>&1
-          $install_output | Write-Output
-          if ($LASTEXITCODE -ne 0 -or ($install_output -join "`n") -ilike "*failed to install python*") {
-              exit 1
+          vfox install python@3.10.20
+          if ($LASTEXITCODE -ne 0) {
+            exit $LASTEXITCODE
+          }
+          $python_exe = Join-Path $HOME ".vfox\cache\python\v-3.10.20\python-3.10.20\python.exe"
+          if (-not (Test-Path $python_exe)) {
+            Write-Error "python@3.10.20 uv-build install did not create $python_exe"
+            exit 1
           }
           vfox use -g python@3.10.20
           vfox current
diff --git a/lib/util.lua b/lib/util.lua
@@ -230,8 +230,12 @@ end
 
 local function containsTraversalSegment(value)
     local normalizedValue = string.gsub(value, "\\", "/")
+    local lowerValue = string.lower(normalizedValue)
+    if string.find(lowerValue, "%%2e", 1, false) then
+        return true
+    end
     for segment in string.gmatch(normalizedValue, "[^/]+") do
-        if segment == ".." then
+        if string.sub(segment, 1, 2) == ".." then
             return true
         end
     end
@@ -256,17 +260,6 @@ local function shellQuote(value)
     return "'" .. string.gsub(value, "'", "'\\''") .. "'"
 end
 
-local function powershellQuote(value)
-    if string.find(value, "[\r\n%z]") then
-        error("Path contains unsupported control character: " .. value)
-    end
-    if containsTraversalSegment(value) then
-        error("Path contains unsupported traversal segment: " .. value)
-    end
-
-    return "'" .. string.gsub(value, "'", "''") .. "'"
-end
-
 local function startsWith(value, prefix)
     return string.sub(value, 1, string.len(prefix)) == prefix
 end
@@ -479,9 +472,9 @@ local function verifyUvBuildArchive(path, sha256)
 
     local status
     if RUNTIME.osType == "windows" or OS_TYPE == "windows" then
-        -- shellQuote quotes for cmd.exe; powershellQuote quotes the archive path inside the PowerShell command.
+        os.setenv("VFOX_PYTHON_HASH_PATH", path)
         local command = "powershell -NoProfile -NonInteractive -ExecutionPolicy Bypass -Command " ..
-            shellQuote("(Get-FileHash -LiteralPath " .. powershellQuote(path) .. " -Algorithm SHA256).Hash")
+            shellQuote("(Get-FileHash -LiteralPath $env:VFOX_PYTHON_HASH_PATH -Algorithm SHA256).Hash")
         local handle = io.popen(command)
         if handle == nil then
             error("Unable to verify uv-build archive sha256 for " .. path .. ": powershell Get-FileHash command could not be started")
