fix: _hub_api SSL context + unauthenticated GET for public resources

- Add _hub_api_ssl_context() to load local CA cert for localhost URLs, matching the SSL trust logic already in transport._httpx_verify - Allow GET/HEAD/OPTIONS requests to proceed without a signing identity; mutating methods (POST/PUT/DELETE/PATCH) still require auth - Add _get_hub_and_optional_identity() for read-only hub commands on public repos (hub issue read, hub issue list) - Use fake_id() from muse.core.types instead of raw 'sha256:' + 'a'*64 - Update _fake_urlopen/_fake signatures to accept **_kw for context kwarg - Update test_missing_token_exits to assert POST (not GET) exits without auth

sha256:5d4a894d54ce01e00d662db1d1b395ca8f95c2a79e3702b3023cd151983a3a2c sha

sha256:2a46c7afa043c66a870c3c54f93973dd1cec2c64e2aa6625755b07fde1b74566 parent

sha256:f87939b9a33907dacb5b494a6757fdd112970443bb8827b1013bab797e76d459 snapshot

← Older Oldest on dev

All commits

Newer → Latest on dev

0 comments

No comments yet. Be the first to start the discussion.

To add a comment, use the Muse CLI: muse hub commit comment sha256:5d4a894d54ce01e00d662db1d1b395ca8f95c2a79e3702b3023cd151983a3a2c --body "your comment"

Provenance signed

AI Agent

claude-sonnet-4-6

Bump patch

Agent claude-code

Signature Cryptographically verified

Snapshot

ID sha256:f87939b9a33907dacb5b494a6757fdd112970443bb8827b1013bab797e76d459

Files 0

Browse tree at this commit →

Commit

SHA sha256:5d4a894d54ce01e00d662db1d1b395ca8f95c2a79e3702b3023cd151983a3a2c

Parent

sha256:2a46c7afa043c66a870c3c54f93973dd1cec2c64e2aa6625755b07fde1b74566

Branch dev