Fixes "Permission denied (publickey)" error when Yarn tries to fetch
libsignal dependency via SSH in GitHub Actions.
Added git config to force HTTPS instead of SSH for all GitHub URLs
in all workflows that run yarn install.
https://claude.ai/code/session_01QPt4WssG6jjEciQKdVpFtK
Fixes from code review:
1. Fix #1,6: Use connection.update event instead of overriding sock.end()
- Listens for 'close' event to cleanup interval
- Handles both explicit close and internal disconnections
2. Fix#3: Exit code 2 when fetch fails (not 0)
- Allows CI to distinguish success/error/fetch-failed
- Properly signals fetch failures to workflows
3. Fix#4: Document revision bounds + add env vars
- Added detailed comments explaining min/max revision values
- Made configurable via WA_MIN_REVISION/WA_MAX_REVISION env vars
4. Fix #5,9: Remove unused fetchLatestVersion option
- Removed from SocketConfig and defaults
- Updated versionCheckIntervalMs docs to clarify it's only for makeWASocketAutoVersion
5. Fix#7: Use separate variable for version tracking
- trackedVersion instead of mutating mergedConfig
- Prevents unexpected side effects
6. Fix#8: Check socket state before emitting events
- isSocketClosed flag to prevent race conditions
- Double-check after async operations
7. Fix#10: Implement force parameter in workflow
- Creates PR even without version changes when force=true
- Useful for re-triggering updates manually
Note: Test coverage (Fix#2) deferred to separate PR due to
ESM mocking complexity with Jest.
Changes:
- Update frequency: weekly → daily (06:00 UTC)
- Add retry with exponential backoff (3 attempts per source)
- Add multiple source endpoints (sw.js + bootstrap page)
- Add version validation (sanity checks on revision numbers)
- Add fetch timeout to prevent hanging
- Add detailed logging for debugging
- Simplify workflow to only update baileys-version.json
This makes the version update more reliable and responsive
to WhatsApp Web changes.