fix(peer): repair update lifecycle regressions

FINDINGS.md identified three merge blockers in the post-plan install/update flow. Updates now use FetchLatestFromPeers so the Tauri update command bypasses local manifest serving and asks peers that advertise the latest version for fresh file metadata. PeerGameDB now aggregates and validates file descriptions from latest-version peers, keeping stale cached metadata for older versions from poisoning chunk planning when filenames stay the same but sizes change. Download-to-install handoff now performs explicit async state transitions. The download task mutates Downloading to Installing or Updating under the active-operation write lock, clears the cancellation token, and then runs the install transaction. OperationGuard remains armed only as crash or abort cleanup and is disarmed after normal explicit cleanup, so final refreshes no longer race a deferred Drop cleanup. Local library index writers now serialize the load/mutate/save window with one async mutex. The index fingerprint also includes the root version.ini contents so a same-length version rewrite in the same mtime second still updates the reported local version. The tradeoff is that local index mutations are serialized in-process instead of moved into a dedicated actor. That keeps the fix small and scoped to the merge blockers while preserving the existing scanner API. Test Plan: - just fmt - just test - just clippy - just build - git diff --check Refs: - FINDINGS.md
2026-05-16 14:19:10 +02:00
parent 8890d78642
commit 6242d64583
9 changed files with 722 additions and 74 deletions
@@ -271,4 +271,56 @@ mod tests {
            "peers-gone cancellation must not emit a duplicate failure event"
        );
    }
+
+    #[tokio::test]
+    async fn all_peers_gone_cancels_multiple_downloads_without_stuck_entries() {
+        let peer_game_db = Arc::new(RwLock::new(PeerGameDB::new()));
+        let first_cancel = CancellationToken::new();
+        let second_cancel = CancellationToken::new();
+        let active_operations = Arc::new(RwLock::new(HashMap::from([
+            ("first".to_string(), OperationKind::Downloading),
+            ("second".to_string(), OperationKind::Downloading),
+            ("installing".to_string(), OperationKind::Installing),
+        ])));
+        let active_downloads = Arc::new(RwLock::new(HashMap::from([
+            ("first".to_string(), first_cancel.clone()),
+            ("second".to_string(), second_cancel.clone()),
+        ])));
+        let (tx, mut rx) = tokio::sync::mpsc::unbounded_channel();
+
+        handle_active_downloads_without_peers(
+            &peer_game_db,
+            &active_operations,
+            &active_downloads,
+            &tx,
+        )
+        .await;
+
+        assert!(first_cancel.is_cancelled());
+        assert!(second_cancel.is_cancelled());
+        let operations = active_operations.read().await;
+        assert!(!operations.contains_key("first"));
+        assert!(!operations.contains_key("second"));
+        assert_eq!(
+            operations.get("installing"),
+            Some(&OperationKind::Installing)
+        );
+        drop(operations);
+        assert!(active_downloads.read().await.is_empty());
+
+        let mut cancelled_ids = Vec::new();
+        for _ in 0..2 {
+            let event = rx.recv().await.expect("peers-gone event should be emitted");
+            let PeerEvent::DownloadGameFilesAllPeersGone { id } = event else {
+                panic!("expected peers-gone event");
+            };
+            cancelled_ids.push(id);
+        }
+        cancelled_ids.sort();
+        assert_eq!(cancelled_ids, vec!["first", "second"]);
+        assert!(
+            rx.try_recv().is_err(),
+            "multiple peers-gone cancellations must not emit duplicate failure events"
+        );
+    }
 }