Skip to content

fix(ci): Avoid unauthenticated release ref fetch#6

Merged
dcramer merged 1 commit into
mainfrom
fix/release-ref-validation
Jul 11, 2026
Merged

fix(ci): Avoid unauthenticated release ref fetch#6
dcramer merged 1 commit into
mainfrom
fix/release-ref-validation

Conversation

@dcramer

@dcramer dcramer commented Jul 11, 2026

Copy link
Copy Markdown
Member

The release workflow now validates immediately after the full-depth checkout instead of running a second unauthenticated Git fetch. The checkout already fetches every branch and tag, so this keeps the ref snapshot fresh while retaining persist-credentials: false.

The release validation fixture now makes its remote unreachable after populating local refs, covering the reported failure mode and preventing another network fetch from slipping back in.

Validate the complete ref snapshot immediately after checkout instead of fetching again without persisted credentials. Keep setup work after validation and make the release fixture fail if another network fetch is introduced.

Co-Authored-By: OpenAI Codex <noreply@openai.com>
@dcramer dcramer marked this pull request as ready for review July 11, 2026 17:50
@dcramer dcramer merged commit 98a1584 into main Jul 11, 2026
14 checks passed
@dcramer dcramer deleted the fix/release-ref-validation branch July 11, 2026 17:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant