Fix critical issues in backend auto-updater system

## Summary
  The backend auto-updater has critical cross-platform compatibility and security issues. Currently disabled in `backend/cmd/main.go:90`.

  ## Critical Issues
  - **Cross-platform**: Uses Windows-specific commands (`tasklist`/`taskkill`), hard-coded `.exe` extensions
  - **Security**: No signature/checksum verification of downloaded binaries
  - **Reliability**: Race conditions, no error handling, no rollback mechanism
  - **Production**: Blocking user prompts unsuitable for automated deployments

  ## Current Implementation
  - `backend/cmd/main.go:668-766` - Update logic
  - `updater/main.go` - Platform-specific updater
  - Checks GitHub releases API, prompts user, downloads/replaces binary

  ## Required Fixes
  1. Replace Windows-specific process management with cross-platform Go stdlib
  2. Add cryptographic verification of downloaded binaries
  3. Implement proper error handling and rollback capability
  4. Add configuration for automated vs interactive modes
  5. Fix release artifact naming consistency

  ## Files
  - `backend/cmd/main.go` (update logic commented out)
  - `updater/main.go` (main implementation)
  - `.github/workflows/release.yaml` (packaging)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Fix critical issues in backend auto-updater system #308

Summary

Critical Issues

Current Implementation

Required Fixes

Files

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Fix critical issues in backend auto-updater system #308

Description

Summary

Critical Issues

Current Implementation

Required Fixes

Files

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions