Skip to content

[Hermes] Remove npm-publish.yml, add project URLs, harden CI security#12

Merged
Coding-Dev-Tools merged 1 commit into
mainfrom
hermes/json2sql/remove-npm-publish-add-urls-harden-ci
May 18, 2026
Merged

[Hermes] Remove npm-publish.yml, add project URLs, harden CI security#12
Coding-Dev-Tools merged 1 commit into
mainfrom
hermes/json2sql/remove-npm-publish-add-urls-harden-ci

Conversation

@Coding-Dev-Tools

@Coding-Dev-Tools Coding-Dev-Tools commented May 18, 2026

Copy link
Copy Markdown
Owner

Summary

  • Remove npm-publish.yml — Python repo has no npm package; this workflow was templated from a JS project and would fail if triggered
  • Add [project.urls] to pyproject.toml — Homepage, Documentation, Repository, Issues, Changelog links for PyPI metadata
  • Add Python 3.13 to CI test matrix (3.10, 3.11, 3.12, 3.13)
  • Add persist-credentials: false to all 3 checkout steps (ci.yml, publish.yml, pages.yml) — prevents token exfiltration in read-only workflows
  • Add permissions: contents: read to ci.yml — least-privilege principle

Test Plan

  • ruff check src/ — All checks passed
  • pytest tests/ — 93 passed
  • CI workflow runs on this branch (GitHub Actions)

fix: remove npm-publish.yml, add project URLs, harden CI security
68a7ef6 
- Remove npm-publish.yml (wrong-language workflow for Python repo)
- Add [project.urls] to pyproject.toml (Homepage, Docs, Repo, Issues, Changelog)
- Add Python 3.13 to CI test matrix
- Add persist-credentials: false to all checkout steps (ci, publish, pages)
- Add permissions: contents: read to ci.yml
@Coding-Dev-Tools Coding-Dev-Tools merged commit ba4cd3b into main May 18, 2026
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Coding-Dev-Tools