chore: 🤖 Add strict .npmrc file
#637
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Code Quality | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| workflow_call: # Allow this workflow to be called by other workflows | |
| jobs: | |
| quality: | |
| name: Code Quality Checks | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 # Needed for SonarCloud | |
| - name: Install pnpm | |
| uses: pnpm/action-setup@v4 | |
| with: | |
| run_install: false | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version-file: ".nvmrc" | |
| cache: "pnpm" | |
| - name: Install dependencies | |
| run: pnpm install | |
| - name: Run tests with coverage | |
| run: pnpm run --recursive test:vitest --coverage --coverage.reporter lcov --coverage.reporter json | |
| - name: Check build | |
| run: pnpm run build | |
| - name: Check for security vulnerabilities | |
| run: pnpm audit --audit-level=moderate | |
| - name: Check bundle size | |
| run: | | |
| echo "## Bundle Size Report" >> $GITHUB_STEP_SUMMARY | |
| echo "\`\`\`" >> $GITHUB_STEP_SUMMARY | |
| ls -lh packages/css-if-polyfill/dist >> $GITHUB_STEP_SUMMARY | |
| echo "\`\`\`" >> $GITHUB_STEP_SUMMARY | |
| - name: Archive code coverage results | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: code-coverage-report | |
| path: | | |
| packages/css-if-polyfill/coverage/ | |
| packages/postcss-if-function/coverage/ | |
| packages/lightningcss-plugin-if-function/coverage/ | |
| packages/stylelint-config-if-function/coverage/ | |
| retention-days: 30 | |
| security: | |
| name: Security Scan | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v5 | |
| - name: Install pnpm | |
| uses: pnpm/action-setup@v4 | |
| with: | |
| run_install: false | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version-file: ".nvmrc" | |
| cache: "pnpm" | |
| - name: Install dependencies | |
| run: pnpm install | |
| - name: Run security audit | |
| run: pnpm audit --audit-level=low |