Дмитрий
cc6e1cba72
Закрытие аудита 2026-05-09 (b6ae8dd):
- P0-03: format:sql:check заменён /tmp/ на db/.schema-formatted.tmp.sql (Windows-совместимо).
+ .gitignore: добавлен db/.schema-formatted.tmp.sql.
+ дополнительно: web/**/*.html убран из npm run links — статические концепты
web/v8/*.html используют root-relative ссылки на будущие маршруты Vue, lychee
не резолвит их без --root-dir; они уже в exclude_path. Lychee с 20 → 1 error
(оставшийся 1 — pre-existing битая ссылка в docs/superpowers/specs/, вне scope).
- P1-02: .lychee.toml exclude root-relative для web/v8/*.html — добавлен regex
паттерн для будущих маршрутов (login/register/legal/dashboard/deals/admin/...).
- P1-12: pa11y.config.json пути обновлены на liderra_v8_handoff/concepts/v8_*.html
(login/dashboard/deals).
- P1-07: composer audit-offline скрипт (composer audit --locked) для офлайн-режима.
- O-refactor-05: ESLint no-restricted-imports запрещает явный import из 'vuetify/components'.
- O-stack-08: .github/workflows/dependency-check.yml — еженедельный (Mon 09:00 UTC) npm outdated с авто-issue.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
66 lines
1.8 KiB
YAML
66 lines
1.8 KiB
YAML
name: Dependency Check
|
|
|
|
on:
|
|
schedule:
|
|
- cron: '0 9 * * 1' # каждый понедельник 09:00 UTC
|
|
workflow_dispatch:
|
|
|
|
permissions:
|
|
contents: read
|
|
issues: write
|
|
|
|
jobs:
|
|
npm-outdated:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '20'
|
|
cache: 'npm'
|
|
|
|
- name: Install root deps
|
|
run: npm install --ignore-scripts
|
|
|
|
- name: Check outdated (root)
|
|
id: root_outdated
|
|
run: |
|
|
npm outdated --json > root-outdated.json || true
|
|
if [ "$(cat root-outdated.json)" != "{}" ]; then
|
|
echo "has_updates=true" >> "$GITHUB_OUTPUT"
|
|
fi
|
|
|
|
- name: Install app deps
|
|
working-directory: app
|
|
run: npm install --ignore-scripts
|
|
|
|
- name: Check outdated (app)
|
|
id: app_outdated
|
|
working-directory: app
|
|
run: |
|
|
npm outdated --json > app-outdated.json || true
|
|
if [ "$(cat app-outdated.json)" != "{}" ]; then
|
|
echo "has_updates=true" >> "$GITHUB_OUTPUT"
|
|
fi
|
|
|
|
- name: Open issue if outdated
|
|
if: steps.root_outdated.outputs.has_updates == 'true' || steps.app_outdated.outputs.has_updates == 'true'
|
|
env:
|
|
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
run: |
|
|
{
|
|
echo "## Weekly outdated dependencies — $(date -u +"%Y-%m-%d")"
|
|
echo
|
|
echo "### Root (package.json)"
|
|
echo '```json'
|
|
cat root-outdated.json
|
|
echo '```'
|
|
echo
|
|
echo "### App (app/package.json)"
|
|
echo '```json'
|
|
cat app/app-outdated.json
|
|
echo '```'
|
|
} > issue-body.md
|
|
gh issue create --title "Weekly outdated check $(date -u +"%Y-%m-%d")" --body-file issue-body.md --label dependencies
|