Oh. I have no idea if we intentionally support that kind of link

Is it documented somewhere? As far as I know, it’s not part of any of the release scripts

pkg

server updates have mostly been Teddy, and only recently got automated.

Glancing at obvious looking common names, like

osquery.pkg

osquery.msi

etc, the date stamps are all over. I don’t know if I want to support them, or not.

If there are docs, or we think it’s a good idea, we can add it to the release generation tooling pretty easily.

There is no /latest endpoint or anything. so I just been using that url as it until now guaranteed to serve the newest .msi

Like there needs to be a way for script do just hit the same URL and receive the current version of the msi. If you have osquery-x.y.z.msi in the url then someone needs to change the script every time to alter x,y and z to download the latest msi. vendors typically have a /latest endpoint or something where you can be sure to fetch the latest msi from your script.

And anyone who uses it in their script now has a broken script that wont update. Seems like a bit of an "f you" to say "we never guaranteed it". If you make that URL available you should maintain it, explicit guarantee not necessary as the URL didn't make itself and therefore it obviously exists to be used. And now for whatever reason you don't want to use it anymore?

And if it no longer exists or is deprecated then 301 it to somewhere that does exist

@Mystery Incorporated I think it's a valid suggestion and I'll create a GitHub issue to either (a) disable that URL or (b) point it to 'current'. But I think there's a bigger problem we have which is automatic and frequent re-downloading of this installer, causing some massive bandwidth bills to the project. Encouraging automatic retrieval is probably not in our self-interest and I don't know how sustainable it is already