Synchronize release 1.19 changes over master branch #49
Conversation
Signed-off-by: Uilian Ries <[email protected]>
Signed-off-by: Uilian Ries <[email protected]>
Signed-off-by: Uilian Ries <[email protected]>
Signed-off-by: Uilian Ries <[email protected]>
Signed-off-by: Uilian Ries <[email protected]>
Signed-off-by: Uilian Ries <[email protected]>
Signed-off-by: Uilian Ries <[email protected]>
Signed-off-by: Uilian Ries <[email protected]>
Signed-off-by: Uilian Ries <[email protected]>
Signed-off-by: Uilian Ries <[email protected]>
Signed-off-by: Uilian Ries <[email protected]>
Signed-off-by: Uilian Ries <[email protected]>
Signed-off-by: Uilian Ries <[email protected]>
Signed-off-by: Uilian Ries <[email protected]>
Signed-off-by: Uilian Ries <[email protected]>
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| name: "Validate Patche-NG in Conan Center Index" | ||
| runs-on: ubuntu-22.04 | ||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v5 | ||
| with: | ||
| path: python-ng | ||
|
|
||
| - name: Setup Conan client | ||
| uses: conan-io/setup-conan@v1 | ||
|
|
||
| - name: Setup Python NG | ||
| run: pip install -e ./python-ng | ||
|
|
||
| - name: Checkout conan-center-index | ||
| uses: actions/checkout@v5 | ||
| with: | ||
| repository: conan-io/conan-center-index | ||
| path: conan-center-index | ||
| ref: 'd8efbb6f3c51b134205f01d3f8d90bdad1a67fe6' | ||
|
|
||
| - name: Validate Python-NG patch application | ||
| working-directory: conan-center-index/recipes | ||
| run: bash "${GITHUB_WORKSPACE}/python-ng/.github/scripts/validate-cci-patch-ng.sh" |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
| name: "Validate Conan client" | ||
| runs-on: ubuntu-22.04 | ||
| steps: | ||
| - uses: actions/checkout@v5 | ||
|
|
||
| - name: Setup python | ||
| uses: actions/setup-python@v6 | ||
| with: | ||
| python-version: 3.12 | ||
| architecture: x64 | ||
|
|
||
| - name: Clone conan client | ||
| run: | | ||
| git clone --depth 1 https://github.com/conan-io/conan.git | ||
| cd conan/ | ||
| pip install -r conans/requirements_dev.txt | ||
| pip install -r conans/requirements.txt | ||
|
|
||
| - name: Run Conan client tests involving patch-ng | ||
| run: | | ||
| pip install -e . | ||
| cd conan/ | ||
| pytest -v test/functional/test_third_party_patch_flow.py | ||
| pytest -v test/functional/tools/test_files.py | ||
| pytest -v test/unittests/tools/files/test_patches.py |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 2 months ago
To fix this problem, explicitly define the minimum required permissions using a permissions block. Since this workflow only runs checks, installs dependencies, and executes tests—it does not appear to require write access—contents: read is usually the minimal necessary permission for these CI jobs. The permissions block can be added either at the top (root) level so it applies globally to all jobs, or per job for more granular control. Adding it at the root is sufficient here. To implement, insert the following directly after the name: Validate Conan client line and before the on: block in .github/workflows/conan.yml:
permissions:
contents: readNo additional packages or methods need to be added.
| @@ -1,4 +1,6 @@ | ||
| name: Validate Conan client | ||
| permissions: | ||
| contents: read | ||
|
|
||
| on: | ||
| push: |
Description of your Pull Request
Merge change done in the release 1.19 into master branch