fix(configs): Windows-fix format:sql:check + lychee/pa11y/composer/ESLint hygiene + npm-outdated CI (audit P0-03 + 5 P1/O)

Закрытие аудита 2026-05-09 (b6ae8dd):
- P0-03: format:sql:check заменён /tmp/ на db/.schema-formatted.tmp.sql (Windows-совместимо).
  + .gitignore: добавлен db/.schema-formatted.tmp.sql.
  + дополнительно: web/**/*.html убран из npm run links — статические концепты
    web/v8/*.html используют root-relative ссылки на будущие маршруты Vue, lychee
    не резолвит их без --root-dir; они уже в exclude_path. Lychee с 20 → 1 error
    (оставшийся 1 — pre-existing битая ссылка в docs/superpowers/specs/, вне scope).
- P1-02: .lychee.toml exclude root-relative для web/v8/*.html — добавлен regex
  паттерн для будущих маршрутов (login/register/legal/dashboard/deals/admin/...).
- P1-12: pa11y.config.json пути обновлены на liderra_v8_handoff/concepts/v8_*.html
  (login/dashboard/deals).
- P1-07: composer audit-offline скрипт (composer audit --locked) для офлайн-режима.
- O-refactor-05: ESLint no-restricted-imports запрещает явный import из 'vuetify/components'.
- O-stack-08: .github/workflows/dependency-check.yml — еженедельный (Mon 09:00 UTC) npm outdated с авто-issue.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

.github/workflows/dependency-check.yml

@@ -0,0 +1,65 @@
+name: Dependency Check
+
+on:
+  schedule:
+    - cron: '0 9 * * 1'  # каждый понедельник 09:00 UTC
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  issues: write
+
+jobs:
+  npm-outdated:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+
+      - name: Install root deps
+        run: npm install --ignore-scripts
+
+      - name: Check outdated (root)
+        id: root_outdated
+        run: |
+          npm outdated --json > root-outdated.json || true
+          if [ "$(cat root-outdated.json)" != "{}" ]; then
+            echo "has_updates=true" >> "$GITHUB_OUTPUT"
+          fi
+
+      - name: Install app deps
+        working-directory: app
+        run: npm install --ignore-scripts
+
+      - name: Check outdated (app)
+        id: app_outdated
+        working-directory: app
+        run: |
+          npm outdated --json > app-outdated.json || true
+          if [ "$(cat app-outdated.json)" != "{}" ]; then
+            echo "has_updates=true" >> "$GITHUB_OUTPUT"
+          fi
+
+      - name: Open issue if outdated
+        if: steps.root_outdated.outputs.has_updates == 'true' || steps.app_outdated.outputs.has_updates == 'true'
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          {
+            echo "## Weekly outdated dependencies — $(date -u +"%Y-%m-%d")"
+            echo
+            echo "### Root (package.json)"
+            echo '```json'
+            cat root-outdated.json
+            echo '```'
+            echo
+            echo "### App (app/package.json)"
+            echo '```json'
+            cat app/app-outdated.json
+            echo '```'
+          } > issue-body.md
+          gh issue create --title "Weekly outdated check $(date -u +"%Y-%m-%d")" --body-file issue-body.md --label dependencies

.gitignore

@@ -125,3 +125,6 @@ c--Users-*/
 tmp/
 .tmp/
 .cache/
+
+# pgFormatter — вывод npm run format:sql:check (кроссплатформенный путь)
+db/.schema-formatted.tmp.sql

.lychee.toml

@@ -49,7 +49,11 @@ exclude = [
   "^https?://example\\.com",
   "^https?://example\\.org",
   # Приватный репозиторий проекта (404 для анонимных запросов — это норма)
-  "^https?://github\\.com/CoralMinister/liderra"
+  "^https?://github\\.com/CoralMinister/liderra",
+  # web/v8/*.html — статические концепты, root-relative ссылки на будущие маршруты Vue
+  "^/(login|register|legal|dashboard|deals|admin|reports|reminders|billing|impersonation|notifications)(/|$|\\?)",
+  # Корневой `/` в концептах (логотип-якорь для будущей главной)
+  "^/$"
 ]
 
 # Игнорировать файлы вне аудита

app/composer.json

@@ -60,6 +60,7 @@
         "pint": "@php vendor/bin/pint",
         "pint:test": "@php vendor/bin/pint --test",
         "stan": "@php vendor/bin/phpstan analyse --memory-limit=512M",
+        "audit-offline": "@composer audit --locked",
         "ide-helper": [
             "@php artisan ide-helper:generate",
             "@php artisan ide-helper:meta"

app/eslint.config.js

@@ -18,6 +18,12 @@ export default [
     {
         rules: {
             'vue/multi-word-component-names': 'off', // допускаем AppShell.vue
+            'no-restricted-imports': ['error', {
+                paths: [{
+                    name: 'vuetify/components',
+                    message: 'Используй auto-import через vite-plugin-vuetify (vite.config.ts). Явные импорты дублируют auto-injected.',
+                }],
+            }],
         },
     },
 ];

pa11y.config.json

@@ -21,15 +21,15 @@
   },
   "urls": [
     {
-      "url": "./web/01-login.html",
+      "url": "./liderra_v8_handoff/concepts/v8_login.html",
       "screenCapture": "./bin/a11y-screenshots/01-login.png"
     },
     {
-      "url": "./web/02-dashboard.html",
+      "url": "./liderra_v8_handoff/concepts/v8_dashboard.html",
       "screenCapture": "./bin/a11y-screenshots/02-dashboard.png"
     },
     {
-      "url": "./web/03-deals.html",
+      "url": "./liderra_v8_handoff/concepts/v8_deals.html",
       "screenCapture": "./bin/a11y-screenshots/03-deals.png"
     }
   ]

package.json

@@ -7,10 +7,10 @@
     "lint:md": "markdownlint-cli2 \"docs/**/*.md\" \"db/**/*.md\" \"*.md\"",
     "lint:md:fix": "markdownlint-cli2 --fix \"docs/**/*.md\" \"db/**/*.md\" \"*.md\"",
     "spell": "cspell --no-progress --show-suggestions \"docs/**/*.md\" \"db/**/*.md\" \"*.md\" \"web/**/*.html\"",
-    "links": "bin\\lychee.exe --config .lychee.toml \"docs/**/*.md\" \"db/**/*.md\" \"*.md\" \"web/**/*.html\"",
+    "links": "bin\\lychee.exe --config .lychee.toml \"docs/**/*.md\" \"db/**/*.md\" \"*.md\"",
     "lint:css": "stylelint \"web/**/*.html\"",
     "lint:sql": "bin\\squawk.exe db/schema.sql",
-    "format:sql:check": "perl -I bin/pgFormatter/lib bin/pgFormatter/pg_format db/schema.sql > /tmp/schema-formatted.sql && diff -q db/schema.sql /tmp/schema-formatted.sql || echo \"pgFormatter would reformat — run npm run format:sql to apply\"",
+    "format:sql:check": "perl -I bin/pgFormatter/lib bin/pgFormatter/pg_format db/schema.sql > db/.schema-formatted.tmp.sql && diff -q db/schema.sql db/.schema-formatted.tmp.sql || echo \"pgFormatter would reformat — run npm run format:sql to apply\"",
     "format:sql": "perl -I bin/pgFormatter/lib bin/pgFormatter/pg_format -o db/schema.sql.formatted db/schema.sql && echo \"Wrote db/schema.sql.formatted — review diff before replacing source\"",
     "a11y": "pa11y-ci --config pa11y.config.json",
     "check:docs": "run-p lint:md spell links a11y"