b90aec2024
F-03: validate TLS by default. New _mosaic_tls_opt helper in _lib/credentials.sh returns -k only for private-network IP literals (trusted LAN) or an explicit MOSAIC_INSECURE_TLS opt-in; generic mosaic_http/_post/_patch helpers now use `curl -sS $_tls` instead of `curl -sk`. Woodpecker scripts (_lib.sh, pipeline-status/list/trigger.sh) talk only to the two public/valid CI hosts, so `-sk` is changed to `-sS` (straight -k removal, no helper). F-02: credentials.sh resolves MOSAIC_CREDENTIALS_FILE via a fallback chain — env first, then ~/.config/mosaic/credentials.json, then the legacy ~/src/jarvis-brain/credentials.json retained as final fallback so the running fleet keeps working. F-06: pr-ci-wait.sh distinguishes a genuine no-CI condition (empty state AND no statuses) as a new `no-status` state and fast-exits 0 after 3 consecutive empty polls with a clear "no CI configured" message. Repos that DO have pipelines are unaffected — any pipeline signal resets the streak and pending still waits. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01Kt2D8TsnDwhtzEAPijsNmR
1.9 KiB
Executable File
1.9 KiB
Executable File