From 02fc9700f8a4cc14dd3a917d7abe643e74711b3f Mon Sep 17 00:00:00 2001 From: Gabriel Pan Gantes Date: Sat, 16 May 2026 16:46:54 +0200 Subject: [PATCH] Add GitHub Actions CI for frontend/nextjs: install, lint, test, build CI workflow runs on pushes to master and PRs that touch frontend/nextjs/** or the workflow itself. Steps: 1. pnpm install --frozen-lockfile - preinstall runs pnpm audit + pnpm audit signatures, so a vulnerable or unsigned package fails the install before anything else runs. 2. pnpm run lint -> tsc --noEmit 3. pnpm run test -> tsc --noEmit 4. pnpm run build -> next build with dummy PLUGGY_CLIENT_ID / PLUGGY_CLIENT_SECRET (read at module init in pages/api/token.ts; no runtime calls made during build). Scripts added to package.json: - typecheck: tsc --noEmit (named target for "the code compiles") - lint: tsc --noEmit (was `next lint`, which prompts an interactive ESLint-config wizard when no config exists and is also deprecated in newer Next.js. The quickstart deliberately ships without an ESLint setup, so for CI purposes lint = the type check. Users wanting real lint can add eslint-config-next on their fork.) - test: tsc --noEmit (placeholder until real tests exist) Concurrency-cancel older runs on the same ref. Verified end-to-end locally with Node 24.14.1 + pnpm 11.1.1. --- .github/workflows/frontend-nextjs-ci.yml | 62 ++++++++++++++++++++++++ frontend/nextjs/package.json | 4 +- 2 files changed, 65 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/frontend-nextjs-ci.yml diff --git a/.github/workflows/frontend-nextjs-ci.yml b/.github/workflows/frontend-nextjs-ci.yml new file mode 100644 index 0000000..e02039a --- /dev/null +++ b/.github/workflows/frontend-nextjs-ci.yml @@ -0,0 +1,62 @@ +name: frontend/nextjs CI + +on: + push: + branches: [master] + paths: + - frontend/nextjs/** + - .github/workflows/frontend-nextjs-ci.yml + pull_request: + paths: + - frontend/nextjs/** + - .github/workflows/frontend-nextjs-ci.yml + +concurrency: + group: frontend-nextjs-${{ github.ref }} + cancel-in-progress: true + +jobs: + ci: + name: install / lint / test / build + runs-on: ubuntu-latest + defaults: + run: + working-directory: frontend/nextjs + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Set up pnpm + uses: pnpm/action-setup@v4 + with: + version: 11.1.1 + run_install: false + + - name: Set up Node + uses: actions/setup-node@v4 + with: + node-version: 24 + cache: pnpm + cache-dependency-path: frontend/nextjs/pnpm-lock.yaml + + - name: Install dependencies + # `preinstall` runs `pnpm audit && pnpm audit signatures`, so a + # vulnerable or unsigned package fails the install before any + # of the later steps run. + run: pnpm install --frozen-lockfile + + - name: Lint + run: pnpm run lint + + - name: Test + run: pnpm run test + + - name: Build + # PLUGGY_* are read at module init in pages/api/token.ts. + # Dummy values are enough for `next build` to bundle the + # route — runtime calls are not made during build. + env: + PLUGGY_CLIENT_ID: dummy + PLUGGY_CLIENT_SECRET: dummy + run: pnpm run build diff --git a/frontend/nextjs/package.json b/frontend/nextjs/package.json index b30d49e..c30efd3 100644 --- a/frontend/nextjs/package.json +++ b/frontend/nextjs/package.json @@ -16,10 +16,12 @@ "scripts": { "preinstall": "pnpm audit && pnpm audit signatures", "lint:lockfile": "pnpm install --frozen-lockfile", + "typecheck": "tsc --noEmit", "dev": "next dev", "build": "next build", "start": "next start", - "lint": "next lint" + "lint": "tsc --noEmit", + "test": "tsc --noEmit" }, "dependencies": { "next": "15.5.18",