fix: curl fallback for pack uploads to .workers.dev on macOS

Cloudflare Bot Fight Mode blocks Python urllib on .workers.dev due to TLS fingerprint (JA3) detection. System curl uses Apple SecureTransport and passes through.

- build_msign_header() extracted to module level in transport.py so callers outside HttpTransport can sign requests (HttpTransport._build_msign_header now delegates to it — no behaviour change on the happy path) - _send_pack in _push_objects_as_packs detects Darwin + .workers.dev pack_url and routes through curl: serialises pack as msgpack, computes MSign header, writes body to tempfile, calls system curl, parses msgpack/JSON response - Normal path (Linux, local://, non-Worker HTTPS) is unchanged

sha256:6911adac584afd20bb2c3208ddef5a8af01b347ba8f1ffebe95dbc62643a61a1 sha

sha256:74a7299611e05b380430c834712cd757a1222fd90a7ece39a2cd844214931b3b parent

sha256:180c096c45a9ceb08642e6fc320202298ad34517404240e24178589e84b3b2d3 snapshot

← Older Oldest on task/curl-worker-pack

All commits

Newer → Latest on task/curl-worker-pack

0 comments

No comments yet. Be the first to start the discussion.

To add a comment, use the Muse CLI: muse hub commit comment sha256:6911adac584afd20bb2c3208ddef5a8af01b347ba8f1ffebe95dbc62643a61a1 --body "your comment"

Provenance signed

gabriel

Bump BREAKING

Breaking

muse/core/transport.py::HttpTransportmuse/core/transport.py::build_msign_header

Signature Cryptographically verified

Snapshot

ID sha256:180c096c45a9ceb08642e6fc320202298ad34517404240e24178589e84b3b2d3

Files 0

Browse tree at this commit →

Commit

SHA sha256:6911adac584afd20bb2c3208ddef5a8af01b347ba8f1ffebe95dbc62643a61a1

Parent

sha256:74a7299611e05b380430c834712cd757a1222fd90a7ece39a2cd844214931b3b

Branch task/curl-worker-pack