The workflow was using npm workspace commands (-w web) but the repository
doesn't have a root package.json configured for workspaces. Updated to use
working-directory instead to properly execute commands in the web directory.
Changes:
- Install dependencies: npm ci in web directory
- Run linter: npm run lint in web directory
- Run tests: npm run test in web directory
- Build project: npm run build in web directory
This fixes the "No workspaces found" error that was causing the workflow to fail.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
- Refactor security-check.yml to separate critical vs optional checks
- Make TruffleHog, Gitleaks, and Snyk scans optional (continue-on-error)
- Fix .gitattributes negative pattern warning (!.env.example)
- Use specific .env patterns instead of wildcards
- Improve workflow job organization and summary reporting
This ensures the CI/CD pipeline doesn't fail when optional security
tools are not configured with tokens, while maintaining strict
validation for critical security checks.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>