Documentation

Self-Update

Automatic updates, manual upgrades, rollback to previous versions, and uninstalling.

Edit on GitHub

Nyzhi can update itself. It checks for new versions periodically, downloads the latest binary, backs up the old one, and verifies the new version works — all without leaving your terminal.

Checking for Updates

Nyzhi checks for updates automatically every 4 hours (configurable). To check manually:

nyz update

If a new version is available, it downloads and installs it.

Forcing an Update

Skip the version check and reinstall:

nyz update --force

Configuration

[update]
enabled = true                     # enable auto-update checks
check_interval_hours = 4           # how often to check (hours)
release_url = "https://get.nyzhi.com"  # update server

Security: release_url can only be set in the global config (~/.config/nyzhi/config.toml). Project configs cannot override it — this prevents supply chain attacks via repository config files.

How Updates Work

When an update runs:

  1. Throttle check — skips if checked recently (based on update-check.json)
  2. URL validation — ensures the release URL is HTTPS and not a cloud metadata endpoint
  3. Fetch version — downloads version metadata from <release_url>/version
  4. Compare — compares semantic versions
  5. Download — downloads the platform-specific binary
  6. Backup — saves the current binary before replacing it
  7. Replace — installs the new binary
  8. Verify — runs nyz --version to confirm the new binary works
  9. Integrity checks — validates config, data directories, and provider tokens are intact

Backups and Rollback

Every update creates a backup of the previous binary:

# List available backups (newest first)
nyz update --list-backups

# Rollback to the most recent backup
nyz update --rollback latest

# Rollback to a specific backup
nyz update --rollback /path/to/backup/nyz

Backups are stored at ~/.local/share/nyzhi/backups/ and auto-pruned to keep the 3 most recent.

Integrity Checks

After updating, Nyzhi verifies:

  • Config and data directories still exist
  • Config file hash hasn’t drifted unexpectedly
  • Provider tokens are still accessible

If anything looks wrong, you’ll see a warning. Use nyz update --rollback latest to revert if needed.

Disabling Updates

[update]
enabled = false

Note: enabled uses AND merge semantics — both global and project config must have it enabled for updates to run. Setting it to false in either location disables updates.

Uninstalling

Remove Nyzhi completely:

nyz uninstall

This removes:

  • The nyz binary
  • Config directory (~/.config/nyzhi/)
  • Data directory (~/.local/share/nyzhi/)
  • Backups
  • Shell PATH entries added by the install script

Add --yes to skip the confirmation prompt:

nyz uninstall --yes

Next Steps

Back to overview