Update URLs, CI permissions, and authors for repo transfer#372
Update URLs, CI permissions, and authors for repo transfer#372
Conversation
The repository was transferred from kyamagu/skia-python to skia-python/skia-python. This updates all references to the new org, fixes CI permissions flagged by Code Scanning, adds a co-author, and fixes blob/master to blob/main in docs. Co-Authored-By: Claude Opus 4.6 <[email protected]>
There was a problem hiding this comment.
Pull request overview
Updates repository metadata and documentation links to reflect the transfer to the skia-python/skia-python org, and adjusts GitHub Actions token permissions to support docs deployment while reducing overall privileges.
Changes:
- Replaced legacy GitHub/org and GitHub Pages URLs across docs/README/notebooks and updated
blob/master→blob/mainwhere applicable. - Updated GitHub Actions job permissions (add
contents: writefor docs deployment; reduce Fedora job fromwrite-alltocontents: read). - Added an additional author/co-author entry in package metadata (
setup.py).
Reviewed changes
Copilot reviewed 11 out of 11 changed files in this pull request and generated 6 comments.
Show a summary per file
| File | Description |
|---|---|
| setup.py | Updates package URL and author metadata for the new org/ownership. |
| relnotes/README.m116.md | Updates repo links in release notes. |
| notebooks/Paint-Overview.ipynb | Updates documentation site links embedded in notebook text. |
| docs/tutorial/overview.rst | Updates notebook link to the new repo + main branch. |
| docs/tutorial/index.rst | Updates tutorial notebook links to the new repo + main branch. |
| docs/install.rst | Updates clone URL to the new repo location. |
| docs/index.rst | Updates the GitHub link target to the new org repo. |
| docs/development.rst | Updates GitHub/Issues/PR links to the new org repo. |
| README.md | Updates CI badge, docs URLs, and repo links to the new org. |
| .github/workflows/ci.yml | Adds docs job permissions for gh-pages deploy and reduces Fedora job permissions. |
| .github/workflows/build_docs.yml | Adds docs job permissions for gh-pages deploy in manual workflow. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| permissions: | ||
| contents: write |
There was a problem hiding this comment.
build_docs runs on pull_request as well as release, but the job now has contents: write for all events. That grants a write-capable GITHUB_TOKEN to PR code (including Sphinx builds / installed wheel artifacts), which is a security risk. Consider splitting this into a read-only docs build job for PRs and a separate deploy job (conditioned on release.published) with contents: write, or otherwise ensuring write permissions are only present for the deploy path.
There was a problem hiding this comment.
This is limited in scope, and I'd leave it as-is for now. Might consider in another PR
Co-authored-by: Copilot <[email protected]>
Co-authored-by: Copilot <[email protected]>
Co-authored-by: Copilot <[email protected]>
…lnotes Co-Authored-By: Claude Opus 4.6 <[email protected]>
Summary
permissions: contents: writetobuild_docsjobs (needed for gh-pages deployment) and reducingbuild_and_test_on_Fedorafromwrite-alltocontents: readkyamagu/skia-python→skia-python/skia-pythonandkyamagu.github.io→skia-python.github.ioacross 9 files (33 occurrences), plus fixedblob/master→blob/mainin docs/tutorialTest plan
🤖 Generated with Claude Code