-
Notifications
You must be signed in to change notification settings - Fork 4
ForkedJarlungoodoo73 patch 1 #3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: main
Are you sure you want to change the base?
Changes from all commits
85b9196
4eb3aad
8ed95eb
829c857
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| @@ -0,0 +1,20 @@ | ||||||||||||
| name: Jekyll site CI | ||||||||||||
|
|
||||||||||||
| on: | ||||||||||||
| push: | ||||||||||||
| branches: [ "main" ] | ||||||||||||
| pull_request: | ||||||||||||
| branches: [ "main" ] | ||||||||||||
|
|
||||||||||||
|
||||||||||||
| permissions: | |
| contents: read |
Copilot
AI
Jan 1, 2026
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Using chmod -R 777 is a significant security risk as it grants read, write, and execute permissions to all users on all files and directories. This overly permissive approach can lead to security vulnerabilities. Instead, consider using more restrictive permissions or running the container with appropriate user permissions using the --user flag in docker run.
| -v ${{ github.workspace }}:/srv/jekyll -v ${{ github.workspace }}/_site:/srv/jekyll/_site \ | |
| jekyll/builder:latest /bin/bash -c "chmod -R 777 /srv/jekyll && jekyll build --future" | |
| --user $(id -u):$(id -g) \ | |
| -v ${{ github.workspace }}:/srv/jekyll -v ${{ github.workspace }}/_site:/srv/jekyll/_site \ | |
| jekyll/builder:latest jekyll build --future |
Copilot
AI
Jan 1, 2026
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This Jekyll workflow appears to be incompatible with the repository's technology stack. The repository is a React-based portfolio application (as evidenced by package.json, the existing deploy.yml workflow, and the React source files), not a Jekyll site. Adding a Jekyll-based CI workflow would not function correctly for this project and conflicts with the existing Node.js/React deployment workflow in deploy.yml.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The workflow is configured to trigger on push and pull_request events to the main branch, which overlaps with the existing deploy.yml workflow that also triggers on pushes to main. This duplication could lead to unnecessary CI runs, wasted resources, and potential conflicts. Since this repository uses React/Node.js (not Jekyll), this workflow should likely be removed entirely, or if both are needed, their trigger conditions should be differentiated.