Skip to content
CI

chore(deps): bump the production-dependencies group with 5 updates #129

Sign in to view logs

chore(deps): bump the production-dependencies group with 5 updates

chore(deps): bump the production-dependencies group with 5 updates #129

Workflow file for this run

.github/workflows/ci.yml at 9797092
name: CI
on:
push:
branches:
- main
- develop
- 'feature/**'
pull_request:
branches:
- main
- develop
jobs:
security:
name: Security Audit
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Setup Node.js
uses: actions/setup-node@v6
with:
node-version: '18'
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Run npm audit
run: npm audit --audit-level=moderate
continue-on-error: true
- name: Check for known vulnerabilities
run: |
echo "Checking for security vulnerabilities..."
npm audit --json > audit-report.json || true
# Count vulnerabilities by severity
HIGH=$(cat audit-report.json | jq '.metadata.vulnerabilities.high // 0')
CRITICAL=$(cat audit-report.json | jq '.metadata.vulnerabilities.critical // 0')
echo "Critical vulnerabilities: $CRITICAL"
echo "High vulnerabilities: $HIGH"
# Fail if critical vulnerabilities found
if [ "$CRITICAL" -gt 0 ]; then
echo "❌ Critical vulnerabilities found!"
exit 1
fi
# Warn about high vulnerabilities but don't fail
if [ "$HIGH" -gt 0 ]; then
echo "⚠️ High severity vulnerabilities found. Please review."
fi
echo "✅ Security audit passed"
lint:
name: Lint Code
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Setup Node.js
uses: actions/setup-node@v6
with:
node-version: '18'
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Run ESLint
run: npm run lint
- name: Check code formatting
run: npm run format -- --check
test:
name: Run Tests
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [18, 20, 22]
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Setup Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v6
with:
node-version: ${{ matrix.node-version }}
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Run tests
run: npm test
- name: Generate coverage report
if: matrix.node-version != '18' # Node.js 18 doesn't support node:inspector/promises
run: npm run test:coverage
- name: Upload coverage to Codecov
if: matrix.node-version == 20 # Only upload once
uses: codecov/codecov-action@v4
with:
files: ./coverage/coverage-final.json
flags: unittests
fail_ci_if_error: false
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
build:
name: Build Project
runs-on: ubuntu-latest
# Build can run parallel with tests - only depends on lint passing
needs: [lint]
steps:
- name: Checkout code
uses: actions/checkout@v6
- name: Cache TypeScript build
uses: actions/cache@v4
with:
path: |
dist/
.tsbuildinfo
key: build-${{ runner.os }}-${{ hashFiles('src/**/*.ts', 'tsconfig.json') }}
restore-keys: |
build-${{ runner.os }}-
- name: Setup Node.js
uses: actions/setup-node@v6
with:
node-version: '18'
cache: 'npm'
- name: Install dependencies
run: npm ci
- name: Build TypeScript
run: npm run build
- name: Check dist files
run: |
if [ ! -d "dist" ]; then
echo "❌ dist directory not created"
exit 1
fi
if [ ! -f "dist/cli.js" ]; then
echo "❌ dist/cli.js not found"
exit 1
fi
echo "✅ Build artifacts created successfully"
- name: Upload build artifacts
uses: actions/upload-artifact@v6
with:
name: dist
path: dist/
retention-days: 7