diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 65508a6..b92179a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -6,6 +6,9 @@ on: pull_request: branches: [main] +permissions: + contents: read + jobs: test: runs-on: ubuntu-latest @@ -15,6 +18,8 @@ jobs: steps: - uses: actions/checkout@v6 + with: + persist-credentials: false - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@v6 @@ -30,4 +35,3 @@ jobs: - name: Run tests run: | python -m pytest tests/ -v --cov=src --cov-report=term-missing - diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml deleted file mode 100644 index ffc3b66..0000000 --- a/.github/workflows/npm-publish.yml +++ /dev/null @@ -1,28 +0,0 @@ -name: Publish to npm - -on: - release: - types: [published] - workflow_dispatch: - -jobs: - publish: - runs-on: ubuntu-latest - permissions: - contents: read - - steps: - - uses: actions/checkout@v6 - - - name: Set up Node.js - uses: actions/setup-node@v6 - with: - node-version: "22" - registry-url: "https://registry.npmjs.org" - - - name: Publish to npm - env: - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} - run: | - npm publish --access public - diff --git a/.github/workflows/pages.yml b/.github/workflows/pages.yml index d2d8ccb..4259af1 100644 --- a/.github/workflows/pages.yml +++ b/.github/workflows/pages.yml @@ -18,7 +18,9 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 + with: + persist-credentials: false - name: Setup Pages uses: actions/configure-pages@v5 - name: Build with Jekyll diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index b2d572b..e00c8b1 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -22,6 +22,8 @@ jobs: steps: - uses: actions/checkout@v6 + with: + persist-credentials: false - name: Set up Python 3.11 uses: actions/setup-python@v6