- Fetch SHA and Last-Modified from repo over HTTPS (no login); use timestamp
so 'update' only when server is newer, not just different.
- Local state: two-line file (SHA + Unix timestamp); script writes state
after successful swap so it stays correct.
- install.command: fetch remote via HTTPS, stamp SHA+timestamp (or 0 if
install not matching remote).
- build-test: verify first line of state file matches release SHA.
Co-authored-by: Cursor <cursoragent@cursor.com>
Leopere
65114fc265
