From 8512c68a8c8b8c017846fe96ffb8a8b544c568ed Mon Sep 17 00:00:00 2001 From: bigcat88 Date: Mon, 4 Aug 2025 19:10:17 +0300 Subject: [PATCH 1/4] add "token permissions" to workflows --- .github/workflows/build-and-test.yml | 3 +++ .github/workflows/publish_package.yml | 3 +++ .github/workflows/pytest.yml | 5 +++++ .github/workflows/ruff_check.yml | 3 +++ .github/workflows/run-on-gpu.yml | 3 +++ .github/workflows/test-mac.yml | 3 +++ .github/workflows/test-windows.yml | 3 +++ 7 files changed, 23 insertions(+) diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index 3a022c8d..3cd9fbca 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -19,6 +19,9 @@ on: - "!.coveragerc" - "!.gitignore" +permissions: + contents: read + jobs: test: name: "Run Tests on Multiple Platforms" diff --git a/.github/workflows/publish_package.yml b/.github/workflows/publish_package.yml index 8d349fb6..a85c587e 100644 --- a/.github/workflows/publish_package.yml +++ b/.github/workflows/publish_package.yml @@ -4,6 +4,9 @@ on: release: types: [ created ] +permissions: + contents: read + jobs: build-n-publish-pypi: name: Build and publish Python distributions to PyPI diff --git a/.github/workflows/pytest.yml b/.github/workflows/pytest.yml index b0a9df36..ad8ca771 100644 --- a/.github/workflows/pytest.yml +++ b/.github/workflows/pytest.yml @@ -8,6 +8,11 @@ on: branches: - main +permissions: + contents: read + statuses: write + pull-requests: write + jobs: build: runs-on: ubuntu-latest diff --git a/.github/workflows/ruff_check.yml b/.github/workflows/ruff_check.yml index 9d9705ca..50402651 100644 --- a/.github/workflows/ruff_check.yml +++ b/.github/workflows/ruff_check.yml @@ -8,6 +8,9 @@ on: branches: - main +permissions: + contents: read + jobs: ruff_check: runs-on: ubuntu-latest diff --git a/.github/workflows/run-on-gpu.yml b/.github/workflows/run-on-gpu.yml index 80960720..8ef7617c 100755 --- a/.github/workflows/run-on-gpu.yml +++ b/.github/workflows/run-on-gpu.yml @@ -22,6 +22,9 @@ on: - "!.coveragerc" - "!.gitignore" +permissions: + contents: read + jobs: test-cli-gpu: name: "Run Tests on GPU Runners" diff --git a/.github/workflows/test-mac.yml b/.github/workflows/test-mac.yml index c4ea246b..04bdb160 100644 --- a/.github/workflows/test-mac.yml +++ b/.github/workflows/test-mac.yml @@ -6,6 +6,9 @@ on: paths: - comfy_cli/** +permissions: + contents: read + jobs: test: runs-on: macos-latest diff --git a/.github/workflows/test-windows.yml b/.github/workflows/test-windows.yml index a13b14d9..c349c46a 100755 --- a/.github/workflows/test-windows.yml +++ b/.github/workflows/test-windows.yml @@ -6,6 +6,9 @@ on: paths: - comfy_cli/** +permissions: + contents: read + jobs: test: runs-on: windows-latest From 9c2e20b7fa851381cfc4eb24764d37170399a1d5 Mon Sep 17 00:00:00 2001 From: bigcat88 Date: Mon, 4 Aug 2025 19:10:36 +0300 Subject: [PATCH 2/4] patch=off for codecov --- .github/codecov.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/codecov.yml b/.github/codecov.yml index e5c9a385..c2cbbb48 100644 --- a/.github/codecov.yml +++ b/.github/codecov.yml @@ -1,6 +1,3 @@ -codecov: - allow_coverage_offsets: true # Avoid "Missing base report" due to committing with "[CI skip]" - comment: layout: "diff, files" @@ -9,3 +6,4 @@ coverage: project: default: threshold: 0.1% + patch: off From f31f58ac9de2cba39d1367c125d4472d39d1c809 Mon Sep 17 00:00:00 2001 From: bigcat88 Date: Mon, 4 Aug 2025 19:11:56 +0300 Subject: [PATCH 3/4] dummy commit to test coverage --- comfy_cli/config_manager.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/comfy_cli/config_manager.py b/comfy_cli/config_manager.py index b16445a8..f7a00500 100644 --- a/comfy_cli/config_manager.py +++ b/comfy_cli/config_manager.py @@ -150,6 +150,12 @@ def remove_background(self): del self.config["DEFAULT"][constants.CONFIG_KEY_BACKGROUND] self.write_config() self.background = None + # will remove in this PR, just to test CodeCov comments by token testriction + x = 0 + x = x + 1 + x = x + 2 + x = x + 3 + self.dummy_value = x def get_cli_version(self): # Note: this approach should work for users installing the CLI via From 4ef6c30a2b21000c59ca6236981b3135d32f9080 Mon Sep 17 00:00:00 2001 From: bigcat88 Date: Mon, 4 Aug 2025 19:16:27 +0300 Subject: [PATCH 4/4] Revert "dummy commit to test coverage" This reverts commit f31f58ac9de2cba39d1367c125d4472d39d1c809. --- comfy_cli/config_manager.py | 6 ------ 1 file changed, 6 deletions(-) diff --git a/comfy_cli/config_manager.py b/comfy_cli/config_manager.py index f7a00500..b16445a8 100644 --- a/comfy_cli/config_manager.py +++ b/comfy_cli/config_manager.py @@ -150,12 +150,6 @@ def remove_background(self): del self.config["DEFAULT"][constants.CONFIG_KEY_BACKGROUND] self.write_config() self.background = None - # will remove in this PR, just to test CodeCov comments by token testriction - x = 0 - x = x + 1 - x = x + 2 - x = x + 3 - self.dummy_value = x def get_cli_version(self): # Note: this approach should work for users installing the CLI via