fix(prodfork): replace silent skips with vm.skip + dedup ORACLE_REGISTRY (audit #208 #213)

[hardyjosh]

#213: ProdFork tests used return; in fork-availability modifiers,
making forge report PASSED for tests that never ran an assertion. Replace
with vm.skip(true) so missing fork env or unset prod addresses surface
as SKIPPED in CI output instead of false-green.

#208: ORACLE_REGISTRY address was independently encoded in both
src/lib/LibProdDeploy.sol and test/src/concrete/ProdFork.t.sol's
LibProdOracles. Test now imports from LibProdDeploy so a future
prod-address rotation only requires one edit.

Closes #208, #213.

Co-Authored-By: Claude Opus 4.7 noreply@anthropic.com

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 1028446b-dd83-4669-982f-f14bac8e7f0f

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/audit-prodfork-hardening

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[hardyjosh]

Warning

This pull request is not mergeable via GitHub because a downstack PR is open. Once all requirements are satisfied, merge this PR as a stack on Graphite.
Learn more

• refactor(test): extract shared MockCorporateActions fixture (audit #207) #226
• fix(prodfork): replace silent skips with vm.skip + dedup ORACLE_REGISTRY (audit #208 #213) #225 👈 (View in Graphite)
• fix(morpho): require 8-decimal upstream oracle (audit #187) #224 : 2 other dependent PRs (#227 , #228 )
• refactor(interface): rename to AggregatorV2V3Interface + add getRoundData #222 : 1 other dependent PR (#223 )
• chore: remove MultiPythOracleAdapter for Euler launch #238
• docs: README refresh + integrator notes for corporate-action auto-pause (RAI-325) #26 : 1 other dependent PR (#221 )
• feat(deploy): thread CorporateActionPauseConfig through unified deployers (RAI-322) #25
• test: auto-pause revert propagation through protocol adapters (RAI-321) #24
• feat(oracle): wire corporate-action auto-pause into BasePythOracleAdapter (RAI-320) #23
• feat(lib): LibCorporateActionsPause reader helper (RAI-319) #22
• docs(spec): corporate-action-aware auto-pause semantics (RAI-318) #21
• deps: migrate from git submodules to soldeer #237
• main

This stack of pull requests is managed by Graphite. Learn more about stacking.

[hardyjosh]

Folded into PR #222 (refactor: AggregatorV2V3Interface) — the vm.skip(true) hardening and LibProdDeploy.ORACLE_REGISTRY dedup now ship with the interface rename that already touches ProdFork.t.sol.