Skip to content

🌿 Fern Regeneration -- September 1, 2025 #19

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 1 commit into from
Closed

🌿 Fern Regeneration -- September 1, 2025 #19

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 0 additions & 9 deletions .devcontainer/Dockerfile
View file
Open in desktop

This file was deleted.

43 changes: 0 additions & 43 deletions .devcontainer/devcontainer.json
View file
Open in desktop

This file was deleted.

1 change: 1 addition & 0 deletions .fernignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
# Specify files that shouldn't be modified by Fern
117 changes: 28 additions & 89 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,98 +1,37 @@
name: CI
on:
push:
branches-ignore:
- 'generated'
- 'codegen/**'
- 'integrated/**'
- 'stl-preview-head/**'
- 'stl-preview-base/**'
pull_request:
branches-ignore:
- 'stl-preview-head/**'
- 'stl-preview-base/**'
name: ci

on: [push]
jobs:
lint:
timeout-minutes: 10
name: lint
runs-on: ${{ github.repository == 'stainless-sdks/browser-use-python' && 'depot-ubuntu-24.04' || 'ubuntu-latest' }}
if: github.event_name == 'push' || github.event.pull_request.head.repo.fork
compile:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4

- name: Install Rye
run: |
curl -sSf https://rye.astral.sh/get | bash
echo "$HOME/.rye/shims" >> $GITHUB_PATH
env:
RYE_VERSION: '0.44.0'
RYE_INSTALL_OPTION: '--yes'

- name: Install dependencies
run: rye sync --all-features

- name: Run lints
run: ./scripts/lint

build:
if: github.event_name == 'push' || github.event.pull_request.head.repo.fork
timeout-minutes: 10
name: build
permissions:
contents: read
id-token: write
runs-on: depot-ubuntu-24.04
steps:
- uses: actions/checkout@v4

- name: Install Rye
- name: Checkout repo
uses: actions/checkout@v4
- name: Set up python
uses: actions/setup-python@v4
with:
python-version: 3.8
- name: Bootstrap poetry
run: |
curl -sSf https://rye.astral.sh/get | bash
echo "$HOME/.rye/shims" >> $GITHUB_PATH
env:
RYE_VERSION: '0.44.0'
RYE_INSTALL_OPTION: '--yes'

curl -sSL https://install.python-poetry.org | python - -y --version 1.5.1
- name: Install dependencies
run: rye sync --all-features

- name: Run build
run: rye build

- name: Get GitHub OIDC Token
if: github.repository == 'stainless-sdks/browser-use-python'
id: github-oidc
uses: actions/github-script@v6
with:
script: core.setOutput('github_token', await core.getIDToken());

- name: Upload tarball
if: github.repository == 'stainless-sdks/browser-use-python'
env:
URL: https://pkg.stainless.com/s
AUTH: ${{ steps.github-oidc.outputs.github_token }}
SHA: ${{ github.sha }}
run: ./scripts/utils/upload-artifact.sh

run: poetry install
- name: Compile
run: poetry run mypy .
test:

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}
timeout-minutes: 10
name: test
runs-on: ${{ github.repository == 'stainless-sdks/browser-use-python' && 'depot-ubuntu-24.04' || 'ubuntu-latest' }}
if: github.event_name == 'push' || github.event.pull_request.head.repo.fork
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4

- name: Install Rye
- name: Checkout repo
uses: actions/checkout@v4
- name: Set up python
uses: actions/setup-python@v4
with:
python-version: 3.8
- name: Bootstrap poetry
run: |
curl -sSf https://rye.astral.sh/get | bash
echo "$HOME/.rye/shims" >> $GITHUB_PATH
env:
RYE_VERSION: '0.44.0'
RYE_INSTALL_OPTION: '--yes'

- name: Bootstrap
run: ./scripts/bootstrap
curl -sSL https://install.python-poetry.org | python - -y --version 1.5.1
- name: Install dependencies
run: poetry install

- name: Run tests
run: ./scripts/test
- name: Test
run: poetry run pytest -rP .
Comment on lines +22 to +37

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 19 days ago

The best way to fix this problem is to explicitly add a permissions block at either the workflow level (top-level, after name:) or at the job level (under each job, e.g., compile: and test:). Since neither job in the provided workflow requires write access—and all commands only read the code and run install/test/compile tasks—the required minimum permission is contents: read. Adding this at the top-level will enforce least privilege for every job. Edit .github/workflows/ci.yml by inserting the following block after the name: ci line:

permissions:
  contents: read

No changes to imports, methods, variables, or dependencies are needed.

Suggested changeset 1
.github/workflows/ci.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -1,4 +1,6 @@
 name: ci
+permissions:
+  contents: read
 
 on: [push]
 jobs:
EOF
@@ -1,4 +1,6 @@
name: ci
permissions:
contents: read

on: [push]
jobs:
Copilot is powered by AI and may make mistakes. Always verify output.
31 changes: 0 additions & 31 deletions .github/workflows/publish-pypi.yml
View file
Open in desktop

This file was deleted.

21 changes: 0 additions & 21 deletions .github/workflows/release-doctor.yml
View file
Open in desktop

This file was deleted.

20 changes: 5 additions & 15 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,5 @@
.prism.log
_dev

__pycache__
.mypy_cache

dist

.venv
.idea

.env
.envrc
codegen.log
Brewfile.lock.json
.mypy_cache/
.ruff_cache/
__pycache__/
dist/
poetry.toml
1 change: 0 additions & 1 deletion .python-version
View file
Open in desktop

This file was deleted.

3 changes: 0 additions & 3 deletions .release-please-manifest.json
View file
Open in desktop

This file was deleted.

4 changes: 0 additions & 4 deletions .stats.yml
View file
Open in desktop

This file was deleted.

3 changes: 0 additions & 3 deletions .vscode/settings.json
View file
Open in desktop

This file was deleted.

2 changes: 0 additions & 2 deletions Brewfile
View file
Open in desktop

This file was deleted.

68 changes: 0 additions & 68 deletions CHANGELOG.md
View file
Open in desktop

This file was deleted.

Loading
Loading