fix(extensions): always backup registry, verify extension ID on update

1. Backup registry metadata and extensions.yml even when extension
   directory is missing/corrupted. Previously backups were only created
   if the directory existed, leaving registry in inconsistent state
   on failed updates.

2. Verify that the downloaded ZIP contains the expected extension ID.
   If the manifest ID doesn't match the extension being updated,
   treat it as a failed update and trigger rollback. This prevents
   installing a different extension if the catalog is compromised.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

Author: iamaeroplane

src/specify_cli/__init__.py

@@ -2575,20 +2575,21 @@ def extension_update(
                 # This ensures we don't remove the old version if download fails
                 zip_path = catalog.download_extension(extension_id)
 
-                # Backup extension directory and registry metadata before removing
+                # Backup registry metadata and extensions.yml before removing
+                # (always backup these even if directory is missing/corrupted)
                 extension_dir = manager.extensions_dir / extension_id
                 backup_dir = None
-                backup_metadata = None
+                backup_metadata = manager.registry.get(extension_id)
                 backup_command_files = {}  # {path: content}
                 backup_extensions_yml = None
 
-                if extension_dir.exists():
-                    backup_dir = Path(tempfile.mkdtemp(prefix=f"speckit-update-{extension_id}-"))
-                    shutil.copytree(extension_dir, backup_dir / extension_id)
-                    # Save registry metadata for restoration on failure
-                    backup_metadata = manager.registry.get(extension_id)
+                # Backup extensions.yml (remove() will modify hooks)
+                extensions_yml = project_root / ".specify" / "extensions.yml"
+                if extensions_yml.exists():
+                    backup_extensions_yml = extensions_yml.read_text()
 
-                    # Backup registered command files (remove() will delete these)
+                # Backup registered command files (remove() will delete these)
+                if backup_metadata:
                     from .extensions import CommandRegistrar
                     registered_commands = backup_metadata.get("registered_commands", {})
                     registrar = CommandRegistrar()
@@ -2607,17 +2608,22 @@ def extension_update(
                                 if prompt_file.exists():
                                     backup_command_files[prompt_file] = prompt_file.read_text()
 
-                    # Backup extensions.yml (remove() will modify hooks)
-                    extensions_yml = project_root / ".specify" / "extensions.yml"
-                    if extensions_yml.exists():
-                        backup_extensions_yml = extensions_yml.read_text()
+                # Backup extension directory if it exists
+                if extension_dir.exists():
+                    backup_dir = Path(tempfile.mkdtemp(prefix=f"speckit-update-{extension_id}-"))
+                    shutil.copytree(extension_dir, backup_dir / extension_id)
 
                 try:
                     # Remove old version (keep config files)
                     manager.remove(extension_id, keep_config=True)
 
-                    # Install new version
-                    manager.install_from_zip(zip_path, speckit_version)
+                    # Install new version and verify ID matches
+                    installed_manifest = manager.install_from_zip(zip_path, speckit_version)
+                    if installed_manifest.id != extension_id:
+                        raise ValueError(
+                            f"Extension ID mismatch: expected '{extension_id}', "
+                            f"got '{installed_manifest.id}'"
+                        )
                     console.print(f"   [green]✓[/green] Updated to v{update['available']}")
                     updated_count += 1
 
@@ -2626,25 +2632,26 @@ def extension_update(
                         shutil.rmtree(backup_dir)
                 except Exception as install_error:
                     # Restore from backup if install fails
+                    # Restore directory if we have a backup
                     if backup_dir and (backup_dir / extension_id).exists():
                         # Remove any partial install
                         if extension_dir.exists():
                             shutil.rmtree(extension_dir)
                         # Restore backup files
                         shutil.copytree(backup_dir / extension_id, extension_dir)
                         shutil.rmtree(backup_dir)
-                        # Restore registry entry (use data dict directly to preserve installed_at)
-                        if backup_metadata:
-                            manager.registry.data["extensions"][extension_id] = backup_metadata
-                            manager.registry._save()
-                        # Restore command files
-                        for cmd_path, cmd_content in backup_command_files.items():
-                            cmd_path.parent.mkdir(parents=True, exist_ok=True)
-                            cmd_path.write_text(cmd_content)
-                        # Restore extensions.yml (hooks)
-                        if backup_extensions_yml is not None:
-                            extensions_yml = project_root / ".specify" / "extensions.yml"
-                            extensions_yml.write_text(backup_extensions_yml)
+                    # Always restore registry if we have backup (even without directory)
+                    if backup_metadata:
+                        manager.registry.data["extensions"][extension_id] = backup_metadata
+                        manager.registry._save()
+                    # Restore command files
+                    for cmd_path, cmd_content in backup_command_files.items():
+                        cmd_path.parent.mkdir(parents=True, exist_ok=True)
+                        cmd_path.write_text(cmd_content)
+                    # Restore extensions.yml (hooks)
+                    if backup_extensions_yml is not None:
+                        extensions_yml = project_root / ".specify" / "extensions.yml"
+                        extensions_yml.write_text(backup_extensions_yml)
                     raise install_error
                 finally:
                     # Clean up downloaded ZIP