download: restore artifact-domain fallback for GHCR bottles#22011
download: restore artifact-domain fallback for GHCR bottles#22011coder999999999 wants to merge 3 commits intoHomebrew:mainfrom
Conversation
There was a problem hiding this comment.
Pull request overview
This PR fixes HOMEBREW_ARTIFACT_DOMAIN behavior for GHCR bottle downloads by ensuring Homebrew can retry the original ghcr.io URL when an artifact mirror fails, and by restoring GitHub Packages auth headers for real ghcr.io fallback requests.
Changes:
- Precompute candidate download URLs so artifact-mirror failures can fall back to the original
ghcr.ioURL unlessHOMEBREW_ARTIFACT_DOMAIN_NO_FALLBACKis set. - Restore GitHub Packages auth headers for
ghcr.iorequests (while not adding them for artifact-mirror requests). - Add regression tests covering fallback behavior and
HOMEBREW_ARTIFACT_DOMAIN_NO_FALLBACK.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| Library/Homebrew/download_strategy.rb | Builds URL candidates up front for artifact-domain fallback; adds conditional GitHub Packages auth injection for ghcr.io requests. |
| Library/Homebrew/test/download_strategies/curl_spec.rb | Adds regression coverage for artifact-domain fallback vs. no-fallback behavior. |
| Library/Homebrew/test/download_strategies/curl_github_packages_spec.rb | Adds coverage ensuring auth is restored for ghcr.io requests but not added for artifact-mirror URLs. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
Will reopen when you're using the PR template. |
|
Updated the PR body to use the repository template, added the required AI disclosure, and ran |
MikeMcQuaid
left a comment
MikeMcQuaid
left a comment
There was a problem hiding this comment.
Thanks for the PR! A few comments.
MikeMcQuaid
left a comment
MikeMcQuaid
left a comment
There was a problem hiding this comment.
Thanks!
CI is failing: https://github.com/Homebrew/brew/actions/runs/24467014618/job/71496786078?pr=22011
please ensure you are running brew lgtm before pushing.
| end | ||
|
|
||
| sig { params(url: String, _block: T.proc.returns(T.untyped)).returns(T.untyped) } | ||
| def with_github_packages_auth(url, &_block) |
There was a problem hiding this comment.
I'm not sure I understand why this is required now and wasn't before? Can you explain?
Fixes #21892
brew lgtm(style, typechecking and tests) with your changes locally?This fixes
HOMEBREW_ARTIFACT_DOMAINfallback for GHCR bottle downloads. When an artifact mirror URL fails, Homebrew can now retry the originalghcr.ioURL unlessHOMEBREW_ARTIFACT_DOMAIN_NO_FALLBACKis set. The change also preserves existing authorization headers on artifact-mirror requests while still restoring GitHub Packages auth for realghcr.iofallback requests.I used Codex (GPT-5) to help draft and iterate on the patch and PR text. I manually reviewed the resulting changes, reproduced the original failure locally on macOS, verified both fallback and no-fallback
brew fetch --force-bottle xzbehaviour, ran targeted download-strategy tests and style checks, and ranbin/brew lgtmsuccessfully on this branch.