fix(release): install pinned clawhub CLI from npm (#281)

* fix(release): install pinned clawhub CLI from npm

* test(release): assert public clawhub lockfile source

scripts/ci/install_clawhub_cli.sh

@@ -2,27 +2,6 @@
 set -euo pipefail
 
 CLI_PREFIX="${CLAWHUB_CLI_PREFIX:-.github/clawhub-cli}"
-CODEARTIFACT_DOMAIN="${CODEARTIFACT_DOMAIN:-prompt-security}"
-CODEARTIFACT_DOMAIN_OWNER="${CODEARTIFACT_DOMAIN_OWNER:-443370709039}"
-CODEARTIFACT_REPOSITORY="${CODEARTIFACT_REPOSITORY:-npm-proxy}"
-AWS_REGION="${AWS_REGION:-${AWS_DEFAULT_REGION:-eu-north-1}}"
-
-if ! command -v aws >/dev/null 2>&1; then
-  echo "::error::aws CLI is required to authenticate npm against CodeArtifact"
-  exit 1
-fi
-
-if ! aws sts get-caller-identity >/dev/null 2>&1; then
-  echo "::error::AWS credentials are required before installing the CodeArtifact-pinned clawhub CLI"
-  exit 1
-fi
-
-aws codeartifact login \
-  --tool npm \
-  --domain "$CODEARTIFACT_DOMAIN" \
-  --domain-owner "$CODEARTIFACT_DOMAIN_OWNER" \
-  --repository "$CODEARTIFACT_REPOSITORY" \
-  --region "$AWS_REGION"
 
 npm ci --prefix "$CLI_PREFIX"
 

scripts/test-skill-release-workflow.mjs

@@ -3,12 +3,14 @@ import { readFile } from 'node:fs/promises';
 
 const workflowPath = new URL('../.github/workflows/skill-release.yml', import.meta.url);
 const ciWorkflowPath = new URL('../.github/workflows/ci.yml', import.meta.url);
+const clawhubLockPath = new URL('../.github/clawhub-cli/package-lock.json', import.meta.url);
 const validateSkillInstallDocsPath = new URL('./ci/validate_skill_install_docs.mjs', import.meta.url);
 const installClawhubCliPath = new URL('./ci/install_clawhub_cli.sh', import.meta.url);
 const patchClawhubPayloadPath = new URL('./ci/patch_clawhub_publish_payload.mjs', import.meta.url);
 const guardClawhubSlugOwnerPath = new URL('./ci/guard_clawhub_slug_owner.sh', import.meta.url);
 const workflow = await readFile(workflowPath, 'utf8');
 const ciWorkflow = await readFile(ciWorkflowPath, 'utf8');
+const clawhubLock = JSON.parse(await readFile(clawhubLockPath, 'utf8'));
 const validateSkillInstallDocs = await readFile(validateSkillInstallDocsPath, 'utf8');
 const installClawhubCli = await readFile(installClawhubCliPath, 'utf8');
 const patchClawhubPayload = await readFile(patchClawhubPayloadPath, 'utf8');
@@ -392,26 +394,27 @@ assert.doesNotMatch(
   'ClawHub payload patching must not be duplicated inline in the workflow',
 );
 
-for (const secret of ['AWS_ACCESS_KEY_ID', 'AWS_SECRET_ACCESS_KEY', 'AWS_SESSION_TOKEN']) {
-  assert.match(
-    workflow,
-    new RegExp(`${secret}: \\$\\{\\{ secrets\\.${secret} \\}\\}`),
-    `ClawHub jobs must expose ${secret} for CodeArtifact npm authentication`,
-  );
-}
-
-assert.match(
-  installClawhubCli,
-  /aws codeartifact login[\s\S]*--domain "\$CODEARTIFACT_DOMAIN"[\s\S]*--domain-owner "\$CODEARTIFACT_DOMAIN_OWNER"[\s\S]*--repository "\$CODEARTIFACT_REPOSITORY"[\s\S]*--region "\$AWS_REGION"/,
-  'ClawHub CLI installer must authenticate npm against CodeArtifact before npm ci',
-);
-
 assert.match(
   installClawhubCli,
   /npm ci --prefix "\$CLI_PREFIX"/,
   'ClawHub CLI installer must install from the committed lockfile prefix',
 );
 
+assert.doesNotMatch(
+  installClawhubCli,
+  /aws codeartifact login|AWS credentials are required/,
+  'ClawHub CLI installer must not require AWS secrets that are not configured for release workflows',
+);
+
+const clawhubLockResolvedUrls = Object.values(clawhubLock.packages ?? {})
+  .map((entry) => entry.resolved)
+  .filter(Boolean);
+assert.ok(clawhubLockResolvedUrls.length > 0, 'ClawHub CLI lockfile must contain resolved tarball URLs');
+assert.ok(
+  clawhubLockResolvedUrls.every((url) => url.startsWith('https://registry.npmjs.org/')),
+  'ClawHub CLI lockfile must use public npm tarballs because release workflows do not have AWS CodeArtifact secrets',
+);
+
 assert.match(
   installClawhubCli,
   /"\$\{workspace\}\/\$\{CLI_PREFIX\}\/node_modules\/\.bin" >> "\$GITHUB_PATH"/,