Skip to content

Commit 0228507

Browse files
sjsyrekclaude
andcommitted
fix(ci): add build step before tests, audit production deps only
E2E and integration tests shell out to dist/cli/index.js, which requires a build step. Security audit now scopes to production dependencies to avoid false positives from dev tooling. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
1 parent deb8fa8 commit 0228507

2 files changed

Lines changed: 3 additions & 2 deletions

File tree

.github/workflows/ci.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,4 +26,5 @@ jobs:
2626
- run: npm ci
2727
- run: npm run lint
2828
- run: npm run type-check
29+
- run: npm run build
2930
- run: npm test

.github/workflows/security.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -23,5 +23,5 @@ jobs:
2323

2424
- run: npm ci
2525

26-
- name: Run npm audit
27-
run: npm audit --audit-level=moderate
26+
- name: Run npm audit (production only)
27+
run: npm audit --audit-level=moderate --omit=dev

0 commit comments

Comments
 (0)