Fixed issue with self-update on Linux

CHANGELOG.md

@@ -2,6 +2,10 @@
 
 All notable changes to this project will be documented in this file.
 
+## [1.44.0]
+- Fixed issue with self-update on Linux
+
+
 ## [1.43.0]
 - Added rules for clearbit, kickbox, azure container registry, improved Azure Storage key
 - Grouped JSON and JSONL outputs by rule, restoring `matches` arrays in reports

Cargo.toml

@@ -10,7 +10,7 @@ publish = false
 
 [package]
 name = "kingfisher"
-version = "1.43.0"
+version = "1.44.0"
 description = "MongoDB's blazingly fast secret scanning and validation tool"
 edition.workspace = true
 rust-version.workspace = true

README.md

@@ -158,8 +158,8 @@ Kingfisher ships with hundreds of rules that cover everything from classic cloud
 |----------|---------------|
 | **AI / LLM APIs** | OpenAI, Anthropic, Google Gemini, Cohere, Mistral, Stability AI, Replicate, xAI (Grok), and more
 | **Cloud Providers** | AWS, Azure, GCP, Alibaba Cloud, DigitalOcean, IBM Cloud, Cloudflare, and more
-| **Dev & CI/CD** | GitHub/GitLab tokens, CircleCI, TravisCI, TeamCity, Docker Hub, npm & PyPI publish token, and more
-| **Messaging & Comms** | Slack, Discord, Microsoft Teams, Twilio, Mailgun/SendGrid/Mailchimp, and more
+| **Dev & CI/CD** | GitHub/GitLab tokens, CircleCI, TravisCI, TeamCity, Docker Hub, npm, PyPI, and more
+| **Messaging & Comms** | Slack, Discord, Microsoft Teams, Twilio, Mailgun, SendGrid, Mailchimp, and more
 | **Databases & Data Ops** | MongoDB Atlas, PlanetScale, Postgres DSNs, Grafana Cloud, Datadog, Dynatrace, and more
 | **Payments & Billing** | Stripe, PayPal, Square, GoCardless, and more
 | **Security & DevSecOps** | Snyk, Dependency-Track, CodeClimate, Codacy, OpsGenie, PagerDuty, and more
@@ -179,7 +179,7 @@ Once you've done that, you can provide your custom rules (defined in a YAML file
 
 ## Basic Examples
 
-> **Note**  `kingfisher scan` detects whether the input is a Git repository or a plain directory—no extra flags required.
+> **Note**  `kingfisher scan` detects whether the input is a Git repository or a plain directory, no extra flags required.
 
 ### Scan with secret validation
 
@@ -614,36 +614,11 @@ Use `--rule-stats` to collect timing information for every rule. After scanning,
 kingfisher scan --help
 ```
 
-## Business Value
-
-By integrating Kingfisher into your development lifecycle, you can:
-
-- **Prevent Costly Breaches**  
-  Early detection of embedded credentials avoids expensive incident response, legal fees, and reputation damage
-- **Automate Compliance**  
-  Enforce secret‑scanning policies across GitOps, CI/CD, and pull requests to help satisfy SOC 2, PCI‑DSS, GDPR, and other standards
-- **Reduce Noise, Focus on Real Threats**  
-  Validation logic filters out false positives and highlights only active, valid secrets (`--only-valid`)
-- **Accelerate Dev Workflows**  
-  Run in parallel across dozens of languages, integrate with GitHub Actions or any pipeline, and shift security left to minimize delays
-
-## The Risk of Leaked Secrets
-
-Real breaches show how one exposed key can snowball into a full-scale incident:
-
-- **Uber (2016):** GitHub-hosted AWS key let attackers access data on 57 M riders and 600 k drivers. [[BBC](https://www.bbc.com/news/technology-42075306)] [[Ars](https://arstechnica.com/tech-policy/2017/11/report-uber-paid-hackers-100000-to-keep-2016-data-breach-quiet/)]
-- **AWS engineer (2020):** Pushed log files with root credentials to GitHub. [[Register](https://www.theregister.com/2020/01/23/aws_engineer_credentials_github/)] [[UpGuard](https://www.upguard.com/breaches/identity-and-access-misstep-how-an-amazon-engineer-exposed-credentials-and-more)]
-- **Infosys (2023):** Full-admin AWS key left in a public PyPI package for a year. [[Stack](https://www.thestack.technology/infosys-leak-aws-key-exposed-on-pypi/)] [[Blog](https://tomforb.es/blog/infosys-leak/)]
-- **Microsoft (2023):** Azure SAS token in an AI repo exposed 38 TB of internal data. [[Wiz](https://www.wiz.io/blog/38-terabytes-of-private-data-accidentally-exposed-by-microsoft-ai-researchers)] [[TechCrunch](https://techcrunch.com/2023/09/18/microsoft-ai-researchers-accidentally-exposed-terabytes-of-internal-sensitive-data/)]
-- **GitHub (2023):** RSA SSH host key briefly went public; company rotated it. [[GitHub](https://github.blog/news-insights/company-news/we-updated-our-rsa-ssh-host-key/)]
-
-Leaked secrets fuel unauthorized access, lateral movement, regulatory fines, and brand-damaging incident-response costs.
-
 # Roadmap
 
 - More rules
 - More targets
-- Please file a [feature request](https://github.com/mongodb/kingfisher/issues) if you have specific features you'd like added
+- Please file a [feature request](https://github.com/mongodb/kingfisher/issues), or open a PR, if you have features you'd like added
 
 # License
 

src/update.rs

@@ -95,6 +95,17 @@ pub fn check_for_update(global_args: &GlobalArgs, base_url: Option<&str>) -> Opt
     #[cfg(all(target_os = "windows", target_arch = "x86_64"))]
     builder.target("windows-x64");
 
+    // ──────────────────────────────────────────────────────
+    // Disambiguate archive format to avoid picking .deb packages.
+    // Linux and macOS releases use `.tgz`; Windows uses `.zip`.
+    // ──────────────────────────────────────────────────────
+    #[cfg(target_os = "windows")]
+    builder.identifier("zip");
+
+    // Linux releases also ship as .deb and .rpm packages; select the .tgz asset for self‑updates
+    #[cfg(not(target_os = "windows"))]
+    builder.identifier("tgz");
+    
     // Build the updater.
     let Ok(updater) = builder.build() else {
         warn!("Failed to configure update checker");