From 14b0e73cee918ce8cac74464b59819c61aa35af3 Mon Sep 17 00:00:00 2001 From: cs_betty Date: Tue, 9 Jun 2026 17:27:08 +0000 Subject: [PATCH 1/4] fix(ci): use REGISTRY_TOKEN for build-and-push registry login (CAR-1330) Parity fix with uat. Prevents reintroduction on next dev->uat promotion. The automatic github.token has no package/registry write scope; auth's proven-green ci.yml uses secrets.REGISTRY_TOKEN instead. cc @cpfarhood --- .gitea/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml index d17525e..be9b718 100644 --- a/.gitea/workflows/ci.yml +++ b/.gitea/workflows/ci.yml @@ -118,7 +118,7 @@ jobs: echo "CalVer tag: $VERSION" - name: Log in to Gitea Container Registry - run: echo "${{ github.token }}" | docker login git.farh.net -u ${{ github.actor }} --password-stdin + run: echo "${{ secrets.REGISTRY_TOKEN }}" | docker login git.farh.net -u ${{ github.actor }} --password-stdin - name: Extract metadata id: meta -- 2.52.0 From f59668bf0a30cbbd810615b7eda8d85bab9e3a67 Mon Sep 17 00:00:00 2001 From: cs_betty Date: Tue, 9 Jun 2026 17:34:02 +0000 Subject: [PATCH 2/4] fix(ci): format tests/conftest.py (CAR-1330 dev lint fix) Remove extra blank line at line 120. Pre-existing dev branch issue blocking CAR-1356 PR #50. Mirrors CAR-1340 uat fix (2b20946). --- tests/conftest.py | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/conftest.py b/tests/conftest.py index 1958022..133f726 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -117,7 +117,6 @@ def _register_event_listeners(): event.listen(cls, "before_insert", _set_timestamp_defaults) - TEST_JWT_SECRET = secrets.token_urlsafe(32) TEST_SERVICE_KEY = secrets.token_urlsafe(32) TEST_FERNET_KEY = "7reF42nmTwbdN21PBoubGp7h_FU8qSimstmlaMLoRK8=" -- 2.52.0 From 94d617305408025d175a10aea4a1bccf96c9cb48 Mon Sep 17 00:00:00 2001 From: cs_betty Date: Tue, 9 Jun 2026 17:34:11 +0000 Subject: [PATCH 3/4] fix(ci): dedupe _public_limiter/_auth_limiter declarations in rate_limit.py (CAR-1330 dev lint fix) mypy no-redef: the second forward-decl block at line 124 was a duplicate of the block at line 111. Pre-existing dev branch issue blocking CAR-1356. Mirrors CAR-1340 uat fix (2b20946). --- src/cartsnitch_api/middleware/rate_limit.py | 4 ---- 1 file changed, 4 deletions(-) diff --git a/src/cartsnitch_api/middleware/rate_limit.py b/src/cartsnitch_api/middleware/rate_limit.py index c6d5f21..e736537 100644 --- a/src/cartsnitch_api/middleware/rate_limit.py +++ b/src/cartsnitch_api/middleware/rate_limit.py @@ -121,10 +121,6 @@ if settings.rate_limit_redis_enabled: logger.warning("Failed to connect to Redis for rate limiting, using in-memory: %s", e) _use_redis = False -_public_limiter: RateLimitBackend -_auth_limiter: RateLimitBackend -_auth_strict_limiter: RateLimitBackend - if _use_redis and _redis_client: _public_limiter = RedisSlidingWindow( _redis_client, settings.rate_limit_requests, settings.rate_limit_window_seconds -- 2.52.0 From c1147590dd3493d9b21e397c59b5d0c3c9a8146c Mon Sep 17 00:00:00 2001 From: cs_betty Date: Tue, 9 Jun 2026 17:34:21 +0000 Subject: [PATCH 4/4] fix(ci): annotate cache.py:38 redis return type (CAR-1330 dev lint fix) mypy no-any-return: annotate value: str | bytes | None so mypy doesn't widen redis client return to Any. Pre-existing dev branch issue blocking CAR-1356. Mirrors CAR-1340 uat fix (2b20946). --- src/cartsnitch_api/cache.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/cartsnitch_api/cache.py b/src/cartsnitch_api/cache.py index 6766a8c..836bfb8 100644 --- a/src/cartsnitch_api/cache.py +++ b/src/cartsnitch_api/cache.py @@ -35,7 +35,7 @@ class CacheClient: async def get(self, key: str) -> str | None: if not self._client: return None - value = await self._client.get(key) + value: str | bytes | None = await self._client.get(key) if value is None: return None if isinstance(value, bytes): -- 2.52.0