pezkuwichain/pezkuwi-subquery
1
0
Fork 0
mirror of https://github.com/pezkuwichain/pezkuwi-subquery.git synced 2026-04-22 04:17:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
46ca19c22d3f2dbb5791f5c0a56a2792361f7c60
pezkuwi-subquery/.github/workflows/code-quality.yml
T
pezkuwichain 46ca19c22d Add security and code quality GitHub Actions workflows 
Security workflow includes:
- CodeQL static analysis for TypeScript vulnerabilities
- npm audit for dependency vulnerabilities (fails on critical)
- Dependency review on PRs (blocks high severity, GPL licenses)
- TruffleHog secret scanning
- Weekly scheduled security scans

Code quality workflow includes:
- ESLint linting checks
- Prettier formatting validation
- TypeScript strict type checking
- Cyclomatic complexity analysis (warns on >15)
- Duplicate code detection with jscpd
2026-02-13 01:37:31 +03:00

117 lines
2.6 KiB
YAML
Raw Blame History

name: Code Quality
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
lint:
name: ESLint
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '18'
cache: 'yarn'
- name: Install dependencies
run: yarn install --frozen-lockfile
- name: Run ESLint
run: yarn eslint src/ --ext .ts --max-warnings 0
continue-on-error: true
format:
name: Prettier
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '18'
cache: 'yarn'
- name: Install dependencies
run: yarn install --frozen-lockfile
- name: Check formatting
run: yarn prettier --check "src/**/*.ts"
typecheck:
name: TypeScript
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '18'
cache: 'yarn'
- name: Install dependencies
run: yarn install --frozen-lockfile
- name: Generate types
run: yarn codegen
- name: TypeScript check
run: yarn tsc --noEmit
complexity:
name: Code Complexity
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '18'
- name: Install complexity checker
run: npm install -g complexity-report
- name: Check complexity
run: |
cr src/**/*.ts --format json > complexity-report.json || true
HIGH_COMPLEXITY=$(cat complexity-report.json 2>/dev/null | jq '[.reports[].functions[] | select(.cyclomatic > 15)] | length' 2>/dev/null || echo "0")
if [ "$HIGH_COMPLEXITY" -gt 0 ]; then
echo "::warning::Found $HIGH_COMPLEXITY functions with cyclomatic complexity > 15"
fi
duplicate-code:
name: Duplicate Code Detection
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '18'
- name: Install jscpd
run: npm install -g jscpd
- name: Check for duplicates
run: jscpd src/ --min-lines 10 --min-tokens 50 --threshold 5
continue-on-error: true
Reference in New Issue View Git Blame Copy Permalink