fix git url comparison when credentials are embedded in url
- strip auth from both URLs before comparing in pull_code
- also strip auth from error message to avoid leaking credentials
- add regression test
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Fix conda Docker build by installing git from Trixie on Bookworm
The miniconda3:25.3.1-1 image is based on Debian Bookworm, which only
provides git ~2.39. The security requirement added in #18916 requires
git >= 2.47.3.
PR #20309 attempted to fix this by pinning the miniconda3 image version,
but incorrectly assumed that version used Debian Trixie. It actually
uses Bookworm.
This fix detects the Debian version at build time and conditionally
adds Trixie apt sources to install git >= 2.47.3 when building on
Bookworm-based images (conda flavor).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
consolidate strip_auth_from_url into prefect._internal.urls
- move `_strip_auth_from_url` from runner/storage.py to `prefect._internal.urls`
- update prefect-github to import from shared location instead of duplicating
- add unit tests for the utility
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>