662bb41cc2
Fixes GitHub Actions failing with "Permission denied (publickey)" when installing libsignal package from GitHub. ## Problem Workflow was failing (runs #22, #23) when Yarn tried to install: `libsignal: "git+https://github.com/whiskeysockets/libsignal-node"` Error: Yarn was converting HTTPS URL to SSH (git@github.com), but runner has no SSH key configured. ## Root Causes 1. Git config order issue: Line 48 was overwriting line 46's SSH -> HTTPS rule 2. Stale cache: node_modules cache contained SSH references 3. No Yarn-specific config to prevent SSH fallback ## Solution ### 1. Improved Git Configuration - Added comments explaining order importance - Separated SSH conversion from authentication - Added Yarn-specific config to prefer HTTPS ### 2. Cache Key Update - Changed cache key from `yarn-` to `yarn-https-v2-` - This busts old cache with SSH references - Added `.yarn/cache` to cached paths ### 3. Fallback Retry Logic - If immutable install fails (due to SSH refs), retry without immutable mode - Clear node_modules before retry - Logs helpful error messages ## Testing Before: Runs #22, #23 failed at "Install packages" (16s, 21s) After: Should succeed with proper HTTPS cloning ## Related - Issue: libsignal package using git+https:// URL - Affects: Daily WhatsApp version update workflow - Impact: Workflow was broken for 2 days https://claude.ai/code/session_01SoNUGBEWbJwWWws3F2fuzh