kopi 0.0.9

Kopi is a JDK version management tool
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164

# Kopi Development Guide

This guide contains technical information for developers working on the Kopi codebase.

## Debugging and Logging

Kopi provides flexible logging controls for troubleshooting and debugging:

### Verbosity Levels

Use the `-v/--verbose` flag (can be specified multiple times) with any command:

```bash
kopi install 21              # Default: warnings and errors only
kopi install 21 -v           # Info level: show major operations
kopi install 21 -vv          # Debug level: detailed flow information
kopi install 21 -vvv         # Trace level: very detailed debugging
```

The verbose flag is global and works with all commands:

```bash
kopi list -v                 # Show info logs for list command
kopi use 21 -vv              # Debug version switching
kopi current -vvv            # Trace current version detection
```

### Environment Variable Control

For persistent logging or module-specific debugging, use the `RUST_LOG` environment variable:

```bash
# Set logging level for entire session
export RUST_LOG=debug
kopi install 21

# Debug specific modules
RUST_LOG=kopi::download=debug kopi install 21        # Debug downloads only
RUST_LOG=kopi::api=trace kopi list --remote          # Trace API calls
RUST_LOG=kopi::storage=debug kopi uninstall 21       # Debug storage operations

# Multiple module filters
RUST_LOG=kopi::download=debug,kopi::security=trace kopi install 21
```

### Common Debugging Scenarios

**Installation Issues:**
```bash
kopi install 21 -vv          # See download URLs, checksums, extraction paths
```

**Version Resolution Problems:**
```bash
RUST_LOG=kopi::version=debug kopi install temurin@21  # Debug version parsing
```

**API Communication:**
```bash
RUST_LOG=kopi::api=debug kopi list --remote           # Debug foojay.io API calls
```

**Storage and Disk Space:**
```bash
RUST_LOG=kopi::storage=debug kopi install 21          # Debug installation paths
```

## Security Considerations

Kopi implements several security measures to ensure safe operation:

### Path Validation

- All file operations are restricted to the KOPI_HOME directory (`~/.kopi` by default)
- Path traversal attempts (e.g., `../../../etc/passwd`) are blocked
- Symlinks are validated to ensure they don't point outside the kopi directory

### Version String Validation

- Version strings are validated to contain only safe characters (alphanumeric, `@`, `.`, `-`, `_`, `+`)
- Maximum length of 100 characters enforced
- Special patterns that could be used for injection attacks are rejected

### Tool Validation

- Only recognized JDK tools can be shimmed
- Unknown or system commands (e.g., `rm`, `curl`) are rejected
- Tool names are validated against a comprehensive registry

### File Permission Checks

- Shim targets must be executable files
- On Unix systems, world-writable files are rejected
- Regular file validation ensures directories cannot be executed

### Auto-Install Security

- Auto-installation prompts require explicit user confirmation
- Timeout protection prevents hanging on user input
- Version strings are validated before installation attempts

### Best Practices

1. **Regular Updates**: Keep kopi updated to get the latest security fixes
2. **Verify Downloads**: Kopi automatically verifies checksums for all JDK downloads
3. **Permission Management**: Ensure `~/.kopi` directory has appropriate permissions
4. **Audit Shims**: Periodically run `kopi shim verify` to check shim integrity

## Performance Characteristics

### Shim Overhead

Kopi's shims are designed for minimal performance impact:

- **Cold start**: < 10ms (first invocation)
- **Warm start**: < 5ms (subsequent invocations)
- **Total overhead**: Typically < 20ms including version resolution
- **Binary size**: < 1MB for optimized release builds

### Performance Optimizations

1. **Release Profile**: Shims are built with a custom `release-shim` profile
   - Link-time optimization (LTO) enabled
   - Single codegen unit for better optimization
   - Debug symbols stripped

2. **Efficient Tool Detection**: Uses a static registry for O(1) tool lookups

3. **Fast Version Resolution**: 
   - Caches version file locations
   - Minimal file I/O operations
   - Early exit on environment variable override

4. **Platform-Specific Optimizations**:
   - Direct process replacement on Unix (exec)
   - Efficient subprocess spawning on Windows


### Comparison with Direct Execution

The shim overhead is negligible compared to JVM startup time:
- JVM cold start: 100-500ms
- Shim overhead: 5-20ms (2-4% of total)

## Debugging Environment Variables

- `RUST_LOG` - Control logging verbosity (see Debugging and Logging section)

## Exit Codes

Kopi uses specific exit codes to help with scripting and automation:

- `0`: Success
- `1`: General error
- `2`: Invalid input or configuration error
- `3`: No local version found
- `4`: JDK not installed
- `10`: Active JDK (reserved for future use)
- `13`: Permission denied
- `14`: Partial removal failure
- `17`: Resource already exists
- `20`: Network error
- `28`: Disk space error
- `127`: Command not found