Fix broken jira-cli Linux install instructions in README

[sherine-k]

The old download URL used an asset name (jira_linux_amd64.tar.gz) that no longer exists in jira-cli releases, causing a 404 after redirect. Updated to dynamically resolve the latest version via the GitHub API and use the current asset naming convention (jira__linux_x86_64.tar.gz). Also fixed the extraction path to match the actual tarball structure.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign ciaranroche for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• hyperfleet-jira/OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[coderabbitai]

📝 Walkthrough

Summary by CodeRabbit

• Chores

  • Version updated to 0.5.4

• Documentation

  • Improved Linux installation instructions to dynamically fetch the latest jira-cli release instead of using static URLs

Walkthrough

This PR updates the hyperfleet-jira plugin to version 0.5.4 and improves the Linux installation prerequisites. The manifest version field is incremented, and the README's Linux install section now dynamically fetches the latest jira-cli release from GitHub's API instead of using a hardcoded download URL, reducing maintenance burden for future releases.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 6

✅ Passed checks (6 passed)

Check name	Status	Explanation
Title check	✅ Passed	Title accurately summarizes the main change: fixing broken jira-cli Linux install instructions in the README.
Description check	✅ Passed	Description clearly explains the problem (outdated asset name causing 404), the solution (dynamic GitHub API resolution), and specific technical details about naming conventions and extraction paths.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Sec-02: Secrets In Log Output	✅ Passed	PR modifies only JSON and Markdown files; zero Go source files exist in hyperfleet-jira. No Go logging statements to contain secrets.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

✨ Simplify code

• Create PR with simplified code

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@hyperfleet-jira/README.md`:
- Around line 34-39: The script uses the VERSION variable (set via curl/grep)
directly in filesystem commands (curl -LO, tar, sudo mv, rm -rf) which risks
path traversal or malformed input; validate and sanitize VERSION before use by
enforcing a strict semantic-version regex (e.g., allow only patterns like
v?MAJOR.MINOR.PATCH with optional safe pre-release) and reject or exit on
mismatch, and normalize by stripping any characters outside [A-Za-z0-9._-] so
subsequent commands (the curl -LO URL, tar filename,
jira_${VERSION#v}_linux_x86_64 paths, sudo mv, rm -rf) only operate on a
validated, safe token.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Central YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: e80874e8-440b-4784-82fe-2e366708755b

📥 Commits

Reviewing files that changed from the base of the PR and between 87e089c and 9b78296.

📒 Files selected for processing (2)

• hyperfleet-jira/.claude-plugin/plugin.json
• hyperfleet-jira/README.md

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Validate VERSION before using in paths and commands.

VERSION is fetched from an external API (GitHub) and used directly in sudo mv and rm -rf without validation. If the API response is compromised or malformed, it could enable path traversal or unintended file operations. As per coding guidelines, input at system boundaries must be validated (SEC-01).

🛡️ Add regex validation

 # Download latest release
 VERSION=$(curl -sL https://api.github.com/repos/ankitpokhrel/jira-cli/releases/latest | grep '"tag_name"' | cut -d'"' -f4)
+# Validate VERSION format (v1.2.3)
+if ! [[ "$VERSION" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+  echo "Error: Invalid version format: $VERSION"
+  exit 1
+fi
 curl -LO "https://github.com/ankitpokhrel/jira-cli/releases/download/${VERSION}/jira_${VERSION#v}_linux_x86_64.tar.gz"

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	# Download latest release
	VERSION=$(curl -sL https://api.github.com/repos/ankitpokhrel/jira-cli/releases/latest | grep '"tag_name"' | cut -d'"' -f4)
	curl -LO "https://github.com/ankitpokhrel/jira-cli/releases/download/${VERSION}/jira_${VERSION#v}_linux_x86_64.tar.gz"
	tar -xzf jira_${VERSION#v}_linux_x86_64.tar.gz
	sudo mv jira_${VERSION#v}_linux_x86_64/bin/jira /usr/local/bin/
	rm -rf jira_${VERSION#v}_linux_x86_64 jira_${VERSION#v}_linux_x86_64.tar.gz
	# Download latest release
	VERSION=$(curl -sL https://api.github.com/repos/ankitpokhrel/jira-cli/releases/latest | grep '"tag_name"' | cut -d'"' -f4)
	# Validate VERSION format (v1.2.3)
	if ! [[ "$VERSION" =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
	echo "Error: Invalid version format: $VERSION"
	exit 1
	fi
	curl -LO "https://github.com/ankitpokhrel/jira-cli/releases/download/${VERSION}/jira_${VERSION#v}_linux_x86_64.tar.gz"
	tar -xzf jira_${VERSION#v}_linux_x86_64.tar.gz
	sudo mv jira_${VERSION#v}_linux_x86_64/bin/jira /usr/local/bin/
	rm -rf jira_${VERSION#v}_linux_x86_64 jira_${VERSION#v}_linux_x86_64.tar.gz

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@hyperfleet-jira/README.md` around lines 34 - 39, The script uses the VERSION
variable (set via curl/grep) directly in filesystem commands (curl -LO, tar,
sudo mv, rm -rf) which risks path traversal or malformed input; validate and
sanitize VERSION before use by enforcing a strict semantic-version regex (e.g.,
allow only patterns like v?MAJOR.MINOR.PATCH with optional safe pre-release) and
reject or exit on mismatch, and normalize by stripping any characters outside
[A-Za-z0-9._-] so subsequent commands (the curl -LO URL, tar filename,
jira_${VERSION#v}_linux_x86_64 paths, sudo mv, rm -rf) only operate on a
validated, safe token.

[rafabene]

nit: PR title is missing a JIRA ticket reference. The team convention is HYPERFLEET-XXX - type: subject (see commit-standard.md). If there's a ticket tracking this fix, please add it to the title.