(raw: string | undefined)
| 129 | // whitespace; fall back to randomUUID so the security boundary is never |
| 130 | // silently weakened by misconfiguration. |
| 131 | function sanitizeAuthToken(raw: string | undefined): string | null { |
| 132 | if (!raw) return null; |
| 133 | const stripped = raw.replace(/[\s -]/g, ''); |
| 134 | if (stripped.length < 16) return null; |
| 135 | return stripped; |
| 136 | } |
| 137 | // AUTH_TOKEN const + module-level initRegistry call deleted in v1.35.0.0. |
| 138 | // buildFetchHandler now owns auth state end-to-end: cfg.authToken is the |
| 139 | // single source of truth, factory body calls initRegistry(cfg.authToken), |
no outgoing calls
no test coverage detected