diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml index cc78fb0e2..6a8a0b9f8 100644 --- a/.gitea/workflows/ci.yml +++ b/.gitea/workflows/ci.yml @@ -8,7 +8,7 @@ on: jobs: build: - name: Build check + name: Build & Quality Checks runs-on: ubuntu-latest steps: - name: Checkout @@ -23,14 +23,41 @@ jobs: - name: Install dependencies run: npm ci + # ── Critical gate — if this fails, nothing deploys ────────────────── - name: Build run: npm run build env: NODE_OPTIONS: "--max_old_space_size=4096" - # No auth token — skip source map upload in CI (done by deploy script) SENTRY_AUTH_TOKEN: "" - - name: Audit (high/critical only) - run: npm audit --audit-level=high - # Informational — don't fail the build on existing known vulns + # ── Quality checks (informational — pre-existing issues exist) ─────── + - name: TypeScript + run: npm run typecheck continue-on-error: true + + - name: ESLint + run: npm run check:eslint + continue-on-error: true + + - name: Prettier + run: npm run check:prettier + continue-on-error: true + + # ── Security ───────────────────────────────────────────────────────── + - name: Audit (high/critical) + run: npm audit --audit-level=high + continue-on-error: true + + # ── Bundle size report ─────────────────────────────────────────────── + - name: Report bundle sizes + run: | + echo "### Bundle sizes" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + echo "| File | Size | Gzip |" >> $GITHUB_STEP_SUMMARY + echo "|------|------|------|" >> $GITHUB_STEP_SUMMARY + find dist/assets -name "*.js" -not -name "*.map" | sort | while read f; do + name=$(basename "$f") + size=$(du -sh "$f" | cut -f1) + gzip_size=$(gzip -c "$f" | wc -c | awk '{printf "%.1f kB", $1/1024}') + echo "| $name | $size | $gzip_size |" >> $GITHUB_STEP_SUMMARY + done