ci: skip ssh2 optional crypto native build

[QuantumExplorer]

Issue being fixed or feature implemented

ssh2 — pulled in transitively via docker-modem — ships an optional "sshcrypto" native binding built via node-gyp + nan. On Node 24 the vendored nan versions (2.17 / 2.22) don't compile against V8's newer Intercepted / ScriptOriginOptions API, producing a wall of C++ errors during yarn install --inline-builds.

Example log (from a CI run on #3516):

ssh2@npm:1.11.0 STDERR ../../../../../../../nan-npm-2.17.0-.../nan.h:2546:8: error: 'class v8::ObjectTemplate' has no member named 'SetAccessor'
...
ssh2@npm:1.11.0 STDOUT Failed to build optional crypto binding

The failure is cosmetic — ssh2 catches it and falls back to pure-JS crypto. But the noise makes real install failures (e.g. the EBADF race addressed separately in #3519) much harder to spot.

What was done?

Added dependenciesMeta in the root package.json to set built: false on both resolved ssh2 versions (1.11.0 and 1.16.0). yarn skips the postinstall build script entirely, so the native compile never runs.

How Has This Been Tested?

• Ran yarn install --mode=skip-build locally — config accepted, no warnings beyond pre-existing peer-dep messages.
• Updated yarn.lock reflects the metadata in the workspace root entry.

Functional verification: ssh2 itself already runs in a "build failed, fall back" mode in production CI today, so disabling the build is strictly a superset of the current behavior.

Breaking Changes

None. ssh2 already operates without the optional native binding in all CI runs; this just avoids attempting the build.

Checklist:

• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have added or updated relevant unit/integration/functional/e2e tests
• I have added "!" to the title and described breaking changes in the corresponding section if my code contains any
• I have made corresponding changes to the documentation if needed

[coderabbitai]

Warning

Rate limit exceeded

@QuantumExplorer has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 46 minutes and 26 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 46 minutes and 26 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 14b430e4-db41-4590-8cb3-3e4d4cf648c6

📥 Commits

Reviewing files that changed from the base of the PR and between b771a17 and 21c3ae1.

⛔ Files ignored due to path filters (1)

• yarn.lock is excluded by !**/yarn.lock, !**/*.lock

📒 Files selected for processing (1)

• package.json

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch claude/ci-skip-ssh2-optional-build

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[thepastaclaw]

Review Gate

Commit: 21c3ae1d

• ⏳ Debounce: 18m ago (need 30m)

• ✅ CI checks: builds passed, 0/2 tests passed

• ✅ CodeRabbit review: comment found

• ✅ Off-peak hours: off-peak (11:22 PM PT Wednesday)

• Run review now (check to override)