Skip to content

feat(copier): convert ssh _src_path to https URL for datasource lookup#44552

Open
jfra1397 wants to merge 1 commit into
renovatebot:mainfrom
jfra1397:feat/44528-copier-ssh-to-https-lookup
Open

feat(copier): convert ssh _src_path to https URL for datasource lookup#44552
jfra1397 wants to merge 1 commit into
renovatebot:mainfrom
jfra1397:feat/44528-copier-ssh-to-https-lookup

Conversation

@jfra1397

Copy link
Copy Markdown

Changes

The copier manager now converts SSH-style _src_path URLs (scp-style git@host:path, ssh://, git+ssh://) to their HTTPS equivalent when constructing the packageName for the git-tags datasource lookup — mirroring what the git-submodules manager already does via getHttpUrl().

This way the version lookup can be authenticated via hostRules credentials on setups which access the Git host over HTTPS only (no SSH key on the bot). Previously, such setups failed with:

Renovate failed to look up the following dependencies:
Failed to look up git-tags package ssh://git@gitlab.com/org/template.git: no-result.

while an SSH submodule in the same repository resolved fine — a surprising asymmetry.

Details:

  • depName keeps the original _src_path for display; only the lookup packageName changes.
  • http(s) URLs are left untouched (no behavior change).
  • If the URL cannot be parsed, the original value is kept (logged at debug level).
  • The answers file itself is not modified, so local copier update runs by developers continue to use SSH. The updateArtifacts step already handles SSH URLs via the exported git insteadOf environment directives.
  • Side effect: Bitbucket Server SSH URLs now resolve to their correct HTTPS form including the /scm/ segment (handled by getHttpUrl()).
  • Documented the behavior in the manager readme.

As suggested by the maintainer in #44528 ("Sounds good. PR welcome").

Context

Please select one of the following:

  • This closes an existing Issue, Closes: #
  • This doesn't close an Issue, but I accept the risk that this PR may be closed if maintainers disagree with its opening or implementation

Discussed in #44528. Related: #41725 stripped the git+ prefix but did not address SSH→HTTPS resolution.

AI assistance disclosure

Did you use AI tools to create any part of this pull request?

  • No — I did not use AI for this contribution.
  • Yes — minimal assistance (e.g., IDE autocomplete, small code completions, grammar fixes).
  • Yes — substantive assistance (AI-generated non‑trivial portions of code, tests, or documentation).
  • Yes — other (please describe):

Code, tests and documentation were written with Claude Code (Claude Opus 4.8), reviewed and verified by me.

Documentation (please check one with an [x])

  • I have updated the documentation, or
  • No documentation update is required

How I've tested my work (please select one)

I have verified these changes via:

  • Code inspection only, or
  • Newly added/modified unit tests, or
  • No unit tests, but ran on a real repository, or
  • Both unit tests + ran on a real repository

@github-actions github-actions Bot requested a review from viceice July 14, 2026 07:56
@cla-assistant

cla-assistant Bot commented Jul 14, 2026

Copy link
Copy Markdown

CLA assistant check
All committers have signed the CLA.

Convert SSH-style template URLs to their HTTPS equivalent when
constructing the packageName for the git-tags datasource lookup,
mirroring what the git-submodules manager does. This allows the
lookup to be authenticated via hostRules credentials on setups
which access the Git host over HTTPS only.

The answers file itself keeps the original URL, so local
'copier update' runs by developers continue to use SSH.

Discussed in renovatebot#44528
@jfra1397 jfra1397 force-pushed the feat/44528-copier-ssh-to-https-lookup branch from 51fe471 to 1ccd4fe Compare July 14, 2026 08:03
@viceice

viceice commented Jul 14, 2026

Copy link
Copy Markdown
Member

please check lint failure

@jfra1397

Copy link
Copy Markdown
Author

please check lint failure

The failure isn't lint — all lint-* jobs passed. build-docs timed out in its "Setup uv" step fetching the uv version manifest (The operation was aborted due to timeout), before building anything: https://github.com/renovatebot/renovate/actions/runs/29316655295/job/87032381528
Looks like an infra flake — could you re-run the failed job? Happy to push an empty commit to retrigger otherwise.

@RahulGautamSingh

Copy link
Copy Markdown
Collaborator

@jfra1397 If you merge from main, the jobs should re-run

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants