chore: enhance CI with govulncheck, svelte-check and npm audit

TeleGhost Dev · TeleGhost Dev · commit 05783dc2321b · 2026-02-14T19:19:13.000+05:00
diff --git a/.github/workflows/verify_pr.yml b/.github/workflows/verify_pr.yml
@@ -50,6 +50,11 @@ jobs:
         with:
           args: -exclude=G104,G304,G115,G103 ./...
 
+      - name: Dependency Vulnerability Check (govulncheck)
+        run: |
+          go install golang.org/x/vuln/cmd/govulncheck@latest
+          govulncheck ./...
+
       - name: Run Tests
         run: go test -v -short ./...
 
@@ -73,6 +78,16 @@ jobs:
           cd frontend
           npm ci
 
+      - name: Security Audit (npm audit)
+        run: |
+          cd frontend
+          npm audit --audit-level=high
+
+      - name: Code Quality Check (svelte-check)
+        run: |
+          cd frontend
+          npm run check
+
       - name: Build Check
         run: |
           cd frontend
diff --git a/frontend/package.json b/frontend/package.json
@@ -6,17 +6,19 @@
   "scripts": {
     "dev": "vite",
     "build": "vite build",
+    "check": "svelte-check",
     "preview": "vite preview"
   },
   "devDependencies": {
     "@sveltejs/vite-plugin-svelte": "^1.0.1",
     "autoprefixer": "^10.4.24",
     "postcss": "^8.5.6",
     "svelte": "^3.49.0",
+    "svelte-check": "^3.0.0",
     "tailwindcss": "^3.4.19",
     "vite": "^3.0.7"
   },
   "dependencies": {
     "qrious": "^4.0.2"
   }
-}
+}
