Skip to content

Fix Cypress workflow failures caused by invalid aws4 lockfile tarballs#2504

Merged
commjoen merged 3 commits intomasterfrom
copilot/fix-broken-action-step
Apr 22, 2026
Merged

Fix Cypress workflow failures caused by invalid aws4 lockfile tarballs#2504
commjoen merged 3 commits intomasterfrom
copilot/fix-broken-action-step

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Apr 22, 2026
edited
Loading

The Cypress workflows were failing during npm install because lockfiles referenced a non-existent aws4 tarball (1.13.3). This updates both affected lockfiles to a published tarball so dependency resolution can proceed in CI.

  • Dependency lockfile corrections

    • Updated src/test/e2e/package-lock.json to point node_modules/aws4 at a valid published artifact.
    • Updated src/test/K8s-tests/package-lock.json to point node_modules/aws4 at a valid published artifact.
    • Scope is intentionally limited to the broken lockfile entries used by the failing workflows.

  • Why this unblocks the workflows

    • Heroku workflow installs from src/test/e2e; npm resolves from the checked-in lockfile.
    • Minikube/Vault Cypress workflow installs from src/test/K8s-tests; npm resolves from that lockfile as well.
    • Replacing the 404 tarball URLs removes the install-time hard failures.
"node_modules/aws4": {
  "version": "1.13.2",
  "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.13.2.tgz",
  "integrity": "sha512-lHe62zvbTB5eEABUVi/AwVh0ZKY9rMMDhmm+eeyuuUQbQ3+J+fONVQOZyj+DdrvD4BY33uYniyRJ4UJIaSKAfw=="
}

> [!WARNING]
>
>

Copilot AI linked an issue Apr 22, 2026 that may be closed by this pull request
can you fix https://github.com/OWASP/wrongsecrets/actions/runs/24764906573/job/72457211560#step:3:17 #2503
Closed
Copilot AI changed the title [WIP] Fix broken action step in wrongsecrets Fix Heroku Cypress workflow failure caused by invalid aws4 lockfile tarball Apr 22, 2026
Copilot AI requested a review from commjoen April 22, 2026 07:17
@commjoen
Copy link
Copy Markdown
Collaborator

commjoen commented Apr 22, 2026

@copilot Can you fix https://github.com/OWASP/wrongsecrets/actions/runs/24765415697/job/72460422917?pr=2504 as well?

Copy link
Copy Markdown
Contributor Author

Copilot AI commented Apr 22, 2026

@copilot Can you fix https://github.com/OWASP/wrongsecrets/actions/runs/24765415697/job/72460422917?pr=2504 as well?

Fixed in 0f22529. I updated src/test/K8s-tests/package-lock.json to use the published aws4 tarball (1.13.2) so job 72460422917 no longer fails on the npm 404 during npm install.

Copilot AI changed the title Fix Heroku Cypress workflow failure caused by invalid aws4 lockfile tarball Fix Cypress workflow failures caused by invalid aws4 lockfile tarballs Apr 22, 2026
@commjoen commjoen marked this pull request as ready for review April 22, 2026 08:06
@commjoen commjoen requested a review from bendehaan as a code owner April 22, 2026 08:06
@commjoen commjoen merged commit 5183255 into master Apr 22, 2026
16 checks passed
@commjoen commjoen deleted the copilot/fix-broken-action-step branch April 22, 2026 08:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@commjoen commjoen Awaiting requested review from commjoen commjoen is a code owner

@bendehaan bendehaan Awaiting requested review from bendehaan bendehaan is a code owner

Assignees

@commjoen commjoen

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

can you fix https://github.com/OWASP/wrongsecrets/actions/runs/24764906573/job/72457211560#step:3:17

2 participants

@commjoen