fix(gitmodules): switch submodule URLs from SSH to HTTPS for publishability#13
Merged
Merged
Conversation
…bility Restore HTTPS submodule URLs in .gitmodules so that downstream consumers — and Alire's recursive clone during `alr publish` source deployment — can clone the dev/tooling submodules without SSH credentials. This is the same publishability defect that functional carried before its F-sequence (fixed there by functional#6, shipped in functional v4.1.1). It was discovered on clara during the G9-dry attempt for v1.0.0: alr publish's "Deploy sources" step ran `git clone --recursive` which failed to clone the SSH-form hybrid_scripts_python / hybrid_test_python submodules in the dev container. The v1.0.0 tag is preserved (immutable per project rules). After this PR merges, a separate version-bump PR will set version 1.0.1 and a fresh v1.0.1 tag becomes the first Alire-published release. Both submodule repositories (hybrid_scripts_python and hybrid_test_python) are public on GitHub; HTTPS clones require no credentials. Scope: .gitmodules only. No path changes, no submodule gitlink changes, no version bump, no alire.toml edit, no source/test changes, no CI changes, no release execution. Refs: adafmt#42
abitofhelp
added a commit
that referenced
this pull request
Jun 10, 2026
…lease) (#14) Version-surface bump to prepare clara v1.0.1 as the first version intended for Alire community-index submission. v1.0.0 was tagged but not submitted after alr publish --skip-submit dry-run validation found SSH submodule URLs in .gitmodules. The .gitmodules HTTPS publishability repair was merged separately as PR #13 (ec80afd). v1.0.1 is the first version with the HTTPS-repaired tree that will be submitted to the Alire community index. No source / API / behavior changes vs v1.0.0; only the publishability repair (PR #13) and this version-surface bump. Mirrors the functional v4.1.0 -> v4.1.1 pattern (functional#6 merged the HTTPS repair; functional v4.1.1 was the first version published to the Alire community index, now LIVE). Files changed (5): - alire.toml: version 1.0.0 -> 1.0.1 - test/alire.toml: version 1.0.0 -> 1.0.1 - src/version/clara-version.ads: Patch 0 -> 1; Version "1.0.0" -> "1.0.1" - test/unit/test_version.adb: Patch + Version assertions bumped; Is_Stable test name updated to "Is_Stable is True for 1.0.1" - CHANGELOG.md: top metadata Version 1.0.0 -> 1.0.1 and Date 2026-06-09 -> "<YYYY-MM-DD pending tag>" placeholder; new [1.0.1] section explaining the first-Alire-publication framing; [1.0.0] 2026-06-09 history preserved verbatim. Audit trail: - Ruleset id: 13699088 (Lock all branches, active) - PR head SHA at merge: 1921fce - clara main pre-merge: ec80afd - No [[pins]] in root alire.toml (T1 / PR #12 removal preserved) - Direct functional dependency unchanged: "^4.0.0" - .gitmodules HTTPS-clean (PR #13 repair preserved) - v1.0.0 tag preserved at e3c24f4 -> 8b6ea3b (NOT re-pointed) - Validation: alr build (clara root) 0.38s; alr build (test crate) 2.28s; unit_runner 124/124 PASS - all in dev-container-ada-system-1 with -XGNATCOLL_ICONV_OPT= - No v1.0.1 tag created; no GitHub Release created; no alr publish run; no astengine / astfmt / adafmt / corpus_ada / hybrid_app_ada / hybrid_lib_ada / tzif_ada / zoneinfo_ada changes; corpus_ada visibility unchanged (private) Refs: adafmt#42
abitofhelp
added a commit
that referenced
this pull request
Jun 10, 2026
) Tag-date prep slice for clara v1.0.1: replace both <YYYY-MM-DD pending tag> placeholders in CHANGELOG.md with the intended tag date 2026-06-09. CHANGELOG.md only, +2 / -2. Mirrors the T0 tag-date prep slice for v1.0.0 (PR #11 set [1.0.0] tag date to 2026-06-09). After this merges, the annotated v1.0.1 tag will be pushed against the resulting tree as a separate gate. Note: 2026-06-09 is the intended release/tag date by project convention (Eastern time). GitHub merge timestamps may show 2026-06-10T...Z due to UTC encoding; this does not change the CHANGELOG date. Audit trail: - Ruleset id: 13699088 (Lock all branches, active) - PR head SHA at merge: 79c2e8c - clara main pre-merge: dbcbeb0 - Diff: CHANGELOG.md only, +2 / -2 (exactly the two date placeholders) - alire.toml version remains "1.0.1" (from PR #14) - src/version/clara-version.ads remains Patch = 1, Version = "1.0.1" - Root [[pins]] count = 0 (T1 / PR #12 removal preserved) - functional = "^4.0.0" unchanged - .gitmodules HTTPS-clean (PR #13 preserved) - v1.0.0 tag preserved at e3c24f4 -> 8b6ea3b (NOT re-pointed) - v1.0.1 tag still absent (local + remote) - No GitHub Release on clara - alr publish not run (alire-index clara-1.0.1.toml 404) - clara#15 (test/config tracked-baseline drift) NOT addressed; remains open as separate follow-up - No changes to astengine/astfmt/adafmt/corpus_ada/hybrid_app_ada/ hybrid_lib_ada/tzif_ada/zoneinfo_ada Refs: adafmt#42
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Restores HTTPS submodule URLs in
.gitmodulesso thatgit clone --recursive(used byalr publish's "Deploy sources" step, and by any consumer that recursively clones clara) can fetch the dev/tooling submodules without SSH credentials.Scope is deliberately
.gitmodulesonly — reversible, two-URL rewrite, no release execution.This is the same publishability defect that
functionalcarried before functional#6 (shipped infunctional v4.1.1, now LIVE on the Alire community index). It was discovered on clara during the G9-dry attempt forv1.0.0:alr publish's step 2 of 5 ("Deploy sources") rangit clone --recursivewhich failed:The dev container (and any consumer environment without GitHub SSH host-key trust + SSH keys) cannot deploy clara at
v1.0.0because of this.v1.0.0was tagged but not submitted to Alire after dry-run publishability validation found SSH submodule URLs.v1.0.1will be the first Alire-published release (separate follow-up PR).Commit map
63e4f4efix(gitmodules): switch submodule URLs from SSH to HTTPS for publishability.gitmodules(+2 / -2)Diff total: 1 file, +2 / -2.
What the change does (mechanical only)
No path changes. No submodule gitlink / pointer changes
(verified:
scripts/python/sharedstays atcf36a0f,test/scripts/python/sharedstays at8e0fae1). No other files touched.Locally,
git submodule syncwas run to update.git/config's mirrored URLs so the working tree,.gitmodules, and.git/configagree on the host. (.git/configis not tracked; the sync is local-state housekeeping.)Why this matters
Both submodule repositories (
hybrid_scripts_pythonandhybrid_test_python) are public on GitHub; HTTPS clones require no credentials. The previous SSH URLs caused failures in any consumer environment without SSH keys + a known_hosts entry forgithub.com, including the canonical Ada dev container and (almost certainly) GHA runners duringalr publish.What about the v1.0.0 tag?
The public
v1.0.0tag is preserved (e3c24f4→8b6ea3b, on origin). Per project rules (no destructive git operations without explicit owner authorization), the tag is not force-rewritten. After this PR merges, a separate version-bump PR will:1.0.0→1.0.1(alire.toml,test/alire.toml,src/version/clara-version.ads)[1.0.1]section noting this.gitmodulesrepair and explaining thatv1.0.0was tagged but not submitted to Alire after dry-run publishability validation found SSH submodule URLs;v1.0.1is the first Alire-published release.v1.0.1→alr publish --skip-submitdry-run → submit to alire-index.This mirrors the exact path
functionaltook (v4.1.0 tagged but unpublished → v4.1.1 published with the HTTPS fix).Validation (performed before PR open)
Clean recursive clone via HTTPS inside the dev container (
dev-container-ada-system-1):Result:
.gitmodulesin fresh clone shows HTTPS URLs ✅scripts/python/shared→cf36a0f38b407a3f3c65ea622c42ef6eeca3c795(matches gitlink, unchanged)test/scripts/python/shared→8e0fae1091a1dbb80f3b6627030a37cb0f303c64(matches gitlink, unchanged)Position in the v1.0.0 / v1.0.1 release sequence
[[pins]] functionalremoval (PR #12)27177524751v1.0.0tagalr publish --skip-submit.gitmodules.gitmodulesSSH → HTTPS repair (this PR)[1.0.1]v1.0.1alr publish --skip-submitagainstv1.0.1treev1.0.1What this PR does NOT do
alire.tomledit — version stays1.0.0on the working tree; the v1.0.1 bump is a separate PR.src/version/clara-version.adsedit.v1.0.0stays put;v1.0.1comes from a separate PR.alr publishretry..gitmodulesaudit is a separate follow-up).clara main branch ruleset state
Expected: the
Lock all branchesruleset (id13699088) will auto-bypass oncreationat push, same pattern as PR #10 / #11 / #12. Merge will requiregh pr merge --adminwith an audit-trail body.Follow-ups deliberately deferred
[1.0.1]PR — separate follow-up.v1.0.1tag + Alire submission — gated downstream..gitmodulesaudit on astengine / astfmt / adafmt — owner-flagged for read-only/prep audit before any further tag work in those repos.v1.0.0GitHub Release — should NOT be created. The release history will start atv1.0.1.Refs: adafmt#42