gabriel / muse public
fix dev
AI Agent gabriel · 47 days ago · Apr 25, 2026 · Diff

fix: delete PEM-load path from hub/_core.py _hub_api

Remove the key_path/load_pem_private_key primary signing path — no backward compat, no PEM reads. get_signing_identity(remote_url=hub_url) is now the sole signing resolution path, consistent with all other commands.

TDD test H1 added: confirms load_pem_private_key is never called even when identity entry contains a key_path pointing to a real file.

Update key-material-security-audit.md: mark #5 resolved.

sha256:70053a7b1406bbf78e9f85997740dbf178f2be0b1be3b1bb9c01ba079f276845 sha
sha256:9403b6b95d6f7d774cd5bdc36c570ab04b0f3368cbd2282818cc330543919f5f parent
sha256:db67409ee7c0ad6f93b3964863b5f248b34b1280c152e3f211add0c34045b7ba snapshot
← Older Oldest on dev
All commits
Newer → Latest on dev

0 comments

No comments yet. Be the first to start the discussion.

To add a comment, use the Muse CLI: muse hub commit comment sha256:70053a7b1406bbf78e9f85997740dbf178f2be0b1be3b1bb9c01ba079f276845 --body "your comment"