ci: add TypeScript, ESLint, Prettier, audit, and bundle size report

Build is the only hard gate. TS/ESLint/Prettier/audit run as informational checks (continue-on-error) since the codebase has pre-existing issues from matrix-js-sdk type incompatibilities and upstream formatting. Bundle size table is written to the job summary after every build so regressions are visible without digging into logs. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-21 20:42:45 -04:00
parent e3cd41b0ba
commit 04efb60fb2
1 changed files with 32 additions and 5 deletions
@@ -8,7 +8,7 @@ on:

 jobs:
  build:
-    name: Build check
+    name: Build & Quality Checks
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
@@ -23,14 +23,41 @@ jobs:
      - name: Install dependencies
        run: npm ci

+      # ── Critical gate — if this fails, nothing deploys ──────────────────
      - name: Build
        run: npm run build
        env:
          NODE_OPTIONS: "--max_old_space_size=4096"
-          # No auth token — skip source map upload in CI (done by deploy script)
          SENTRY_AUTH_TOKEN: ""

-      - name: Audit (high/critical only)
-        run: npm audit --audit-level=high
-        # Informational — don't fail the build on existing known vulns
+      # ── Quality checks (informational — pre-existing issues exist) ───────
+      - name: TypeScript
+        run: npm run typecheck
        continue-on-error: true
+
+      - name: ESLint
+        run: npm run check:eslint
+        continue-on-error: true
+
+      - name: Prettier
+        run: npm run check:prettier
+        continue-on-error: true
+
+      # ── Security ─────────────────────────────────────────────────────────
+      - name: Audit (high/critical)
+        run: npm audit --audit-level=high
+        continue-on-error: true
+
+      # ── Bundle size report ───────────────────────────────────────────────
+      - name: Report bundle sizes
+        run: |
+          echo "### Bundle sizes" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "| File | Size | Gzip |" >> $GITHUB_STEP_SUMMARY
+          echo "|------|------|------|" >> $GITHUB_STEP_SUMMARY
+          find dist/assets -name "*.js" -not -name "*.map" | sort | while read f; do
+            name=$(basename "$f")
+            size=$(du -sh "$f" | cut -f1)
+            gzip_size=$(gzip -c "$f" | wc -c | awk '{printf "%.1f kB", $1/1024}')
+            echo "| $name | $size | $gzip_size |" >> $GITHUB_STEP_SUMMARY
+          done