fix: muse domains publish/update/delete never worked against localhost HTTPS
Discovered while debugging gabriel's report of /domains showing 0 repos on staging: registering the same domains locally to reproduce and debug before deploying to staging surfaced that `muse domains publish` fails outright against https://localhost:1337 with a certificate verify error.
_post_json/_patch_json/_delete_request called urllib.request.urlopen() with no SSL context, always falling back to the default system CA bundle — which doesn't trust mkcert's local root CA. Every other network command in this codebase (push, pull, clone) already goes through transport.py::_make_ssl_ctx() for exactly this reason; domains.py's HTTP helpers were written independently and never picked up that pattern.
- Added `context=_make_ssl_ctx(url)` to all three urlopen() calls in domains.py. urlopen() accepts context= directly, so no call-shape change was needed — existing tests mocking urllib.request.urlopen keep working once their fake functions accept the new kwarg. - _make_ssl_ctx() itself now memoizes both the localhost (mkcert CA) and default context process-wide — a real, measured cost (500 sequential calls went from <2.0s to 2.14s) from recreating create_default_context() and shelling out to `mkcert -CAROOT` on every single call, with zero per-call variance to justify not caching. - Updated ~20 test mock signatures across three test files (test_domains_publish.py, test_stress_domains_publish.py, test_cmd_domains_hardening.py) that hardcoded a narrow (req, timeout) signature not accepting the new context kwarg.
Verified live: `muse domains publish --hub https://localhost:1337` now succeeds. 315/315 tests pass (domains CLI suite + core transport suite), zero regressions, zero new mypy errors (confirmed against baseline for both modified files).
Semantic Changes
31 symbols
Files Changed
~5
1120 in snapshot
0 comments
muse hub commit comment sha256:700e5e8a55f5913738576608e502b8c00c60cb76819a7086dfac2b8d5afc919b --body "your comment"
No comments yet. Be the first to start the discussion.