mirrors/hermes-agent
1
0
Fork 0
mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-06-27 11:22:03 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

fix(ci): only run supplychain checks in pr

Browse source
This commit is contained in:
ethernet 2026-06-23 12:35:17 -04:00
parent c820eb6a5a
commit a0471e2464
2 changed files with 15 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

6
.github/workflows/ci.yml vendored
View file

@ -18,8 +18,8 @@ on:
permissions:
contents: read
pull-requests: write # needed by lint (PR comment) + supply-chain (PR comment)
actions: read # needed by osv-scanner (SARIF upload)
pull-requests: write # needed by lint (PR comment) + supply-chain (PR comment)
actions: read # needed by osv-scanner (SARIF upload)
security-events: write # needed by osv-scanner (SARIF upload)
concurrency:
@ -96,7 +96,7 @@ jobs:
supply-chain:
needs: detect
if: needs.detect.outputs.scan == 'true' || needs.detect.outputs.deps == 'true' || needs.detect.outputs.mcp_catalog == 'true'
if: needs.detect.outputs.event_name == 'pull_request' && (needs.detect.outputs.scan == 'true' || needs.detect.outputs.deps == 'true' || needs.detect.outputs.mcp_catalog == 'true')
uses: ./.github/workflows/supply-chain-audit.yml
with:
event_name: ${{ needs.detect.outputs.event_name }}

17
scripts/ci/classify_changes.py
View file

@ -70,11 +70,7 @@ def _is_mcp_catalog(p: str) -> bool:
def classify(files: list[str]) -> dict[str, bool]:
"""Map changed paths to ``{lane: should_run}``."""
files = [f.strip() for f in files if f.strip()]
if not files or any(f.startswith(".github/") for f in files):
return dict.fromkeys(
("python", "docker_meta", "frontend", "site", "scan", "deps", "mcp_catalog"), True
)
return {
ret = {
"python": any(not _py_irrelevant(f) for f in files),
"docker_meta": any(f.startswith(_DOCKER_META) for f in files),
"frontend": any(f.startswith(_FRONTEND) or f in _ROOT_NPM for f in files),
@ -83,6 +79,17 @@ def classify(files: list[str]) -> dict[str, bool]:
"deps": any(f == "pyproject.toml" for f in files),
"mcp_catalog": any(_is_mcp_catalog(f) for f in files),
}
if not files or any(f.startswith(".github/") for f in files):
ret["python"] = True
ret["docker_meta"] = True
ret["frontend"] = True
ret["site"] = True
ret["scan"] = True
ret["deps"] = True
# explicitly skip mcp catalog here. it's not needed unless those files are modified.
return ret
def main() -> int: