fix(auth): preserve canonical clone base paths

[vriesdemichael]

Summary

• fix clone HTTP auth fallback so canonical stored Bitbucket base paths are preserved even when the clone host already matches by host
• return the canonical stored Bitbucket URL from stored-auth clone resolution so fallback rebuilds have the correct context path
• add focused regression coverage for host-matched but path-mismatched HTTPS clone fallback

Context

• follow-up to the post-merge review comment on PR fix(auth): resolve host alias review follow-up #141

Validation

• task quality:check

[Copilot]

Pull request overview

Fixes HTTPS clone auth fallback to preserve the canonical stored Bitbucket base URL (including context path) when resolving stored credentials, so reconstructed clone URLs keep the correct base path.

Changes:

• Rebuilds HTTPS clone URLs using the canonical stored Bitbucket base URL when stored HTTP auth is used.
• Updates clone auth resolution to return the stored canonical Bitbucket URL (vs returning the input clone host).
• Adds regression coverage for host-matched but context-path-mismatched HTTPS fallback behavior.

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
internal/cli/repo_clone.go	Adjusts stored-auth resolution and HTTPS fallback rebuild behavior to preserve canonical base URLs (context paths).
internal/cli/repo_clone_test.go	Updates expectations and adds a regression test for context-path mismatch handling in HTTPS fallback.
docs/quality/coverage.combined.scoped.out	Regenerated coverage artifact reflecting updated execution/coverage.
docs/quality/coverage.combined.raw.out	Regenerated coverage artifact reflecting updated execution/coverage.
docs/quality/coverage-report.json	Regenerated coverage report JSON reflecting updated patch/statement coverage.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The comparison used to decide whether to rebuild the HTTPS clone URL is effectively always true: normalizeHTTPCloneBaseURL(httpCloneURL) includes the full /scm/<project>/<repo>.git path, while resolvedHTTPCloneHost is a base host URL (optionally with a context path). This means the code will rebuild the clone URL on every stored-auth HTTPS attempt, and it can also unintentionally override an explicit HTTP clone URL input even when no context-path correction is needed. Consider comparing base URLs of the same shape (e.g., extract scheme/host/+context from httpCloneURL before comparing), or compare cloneHost’s base against the canonical stored base instead of comparing the full clone URL to the base host URL.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 82.53%. Comparing base (d11136b) to head (4b0a12f).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #142      +/-   ##
==========================================
+ Coverage   82.51%   82.53%   +0.01%     
==========================================
  Files          78       78              
  Lines       15833    15833              
==========================================
+ Hits        13065    13067       +2     
+ Misses       1990     1989       -1     
+ Partials      778      777       -1     

Flag	Coverage Δ
combined_scoped	82.53% <100.00%> (+0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.