fix: apply base64 | tr -d newline fix to all auth lines (matches PR 106)

vmrh21 · claude · vmrh21 · commit af906eb0de5a · 2026-04-10T15:27:57.000-04:00
Prevents broken Authorization headers when credentials are long enough
to trigger base64 line-wrapping at 76 chars.

Co-Authored-By: Claude Sonnet 4.6 (1M context) &lt;noreply@anthropic.com&gt;
diff --git a/workflows/cve-fixer/.claude/commands/cve.find.md b/workflows/cve-fixer/.claude/commands/cve.find.md
@@ -87,7 +87,7 @@ Report: artifacts/cve-fixer/find/cve-issues-20260226-145018.md
 
    ```bash
    JIRA_BASE_URL="https://redhat.atlassian.net"
-   AUTH=$(echo -n "${JIRA_EMAIL}:${JIRA_API_TOKEN}" | base64)
+   AUTH=$(echo -n "${JIRA_EMAIL}:${JIRA_API_TOKEN}" | base64 | tr -d '\n')
 
    # Diagnostic only — do NOT stop if these are "no"
    echo "JIRA_API_TOKEN in bash env: $([ -n "${JIRA_API_TOKEN}" ] && echo yes || echo no)"
diff --git a/workflows/cve-fixer/.claude/commands/cve.fix.md b/workflows/cve-fixer/.claude/commands/cve.fix.md
@@ -574,7 +574,7 @@ This issue can be closed as 'Not a Bug / ${VEX_JUSTIFICATION}' if the above evid
    COMMENT_JSON=$(jq -n --arg body "$COMMENT_TEXT" '{"body": $body}')
 
    # Post comment via Jira API
-   AUTH=$(echo -n "${JIRA_EMAIL}:${JIRA_API_TOKEN}" | base64)
+   AUTH=$(echo -n "${JIRA_EMAIL}:${JIRA_API_TOKEN}" | base64 | tr -d '\n')
    curl -s -X POST \
      -H "Authorization: Basic ${AUTH}" \
      -H "Content-Type: application/json" \
@@ -1138,7 +1138,7 @@ Possible causes: transitive dependency conflict, incorrect package targeted, or
 the fix requires additional changes beyond a version bump."
 
      COMMENT_JSON=$(jq -n --arg body "$COMMENT_TEXT" '{"body": $body}')
-     AUTH=$(echo -n "${JIRA_EMAIL}:${JIRA_API_TOKEN}" | base64)
+     AUTH=$(echo -n "${JIRA_EMAIL}:${JIRA_API_TOKEN}" | base64 | tr -d '\n')
      curl -s -X POST \
        -H "Authorization: Basic ${AUTH}" \
        -H "Content-Type: application/json" \
diff --git a/workflows/cve-fixer/.claude/commands/onboard.md b/workflows/cve-fixer/.claude/commands/onboard.md
@@ -38,7 +38,7 @@ used in Jira — this is validated against the Jira API during onboarding.
 
    ```bash
    JIRA_BASE_URL="https://redhat.atlassian.net"
-   AUTH=$(echo -n "${JIRA_EMAIL}:${JIRA_API_TOKEN}" | base64)
+   AUTH=$(echo -n "${JIRA_EMAIL}:${JIRA_API_TOKEN}" | base64 | tr -d '\n')
    JQL="component = \"${COMPONENT_NAME}\" AND labels = SecurityTracking"
    ENCODED=$(python3 -c "import urllib.parse, sys; print(urllib.parse.quote(sys.argv[1]))" "$JQL")
 
