fix(deps): resolve high-severity dev dependency advisories #429

Workflow file for this run

	name: CI

	on:
	push:
	branches: [ main ]
	tags: [ "v..", "v..-*" ]
	pull_request:
	branches: [ main ]

	jobs:
	# ── IRONCLAD M9 type firewall ────────────────────────────────────────────
	# This job is the primary gate. It runs ALL type safety checks in parallel.
	# It MUST pass before any PR can merge. Configure as a required status check
	# in GitHub branch protection settings.
	type-firewall:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- name: Use Node.js
	uses: actions/setup-node@v4
	with:
	node-version: '22'
	cache: 'npm'
	- run: npm install
	- name: "Gate 1: TypeScript compiler (strict mode)"
	run: npm run typecheck
	- name: "Gate 2: IRONCLAD policy checker (any/wildcard/ts-ignore ban)"
	run: npm run typecheck:policy
	- name: "Gate 3: Consumer type surface test"
	run: npm run typecheck:consumer
	- name: "Gate 4: ESLint (typed rules + no-explicit-any + no-unsafe-*)"
	run: npm run lint
	- name: "Gate 5: Declaration surface validator (manifest vs index.d.ts vs index.js)"
	run: npm run typecheck:surface

	lint:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- name: Use Node.js
	uses: actions/setup-node@v4
	with:
	node-version: '22'
	cache: 'npm'
	- run: npm install
	- run: npm run lint
	- name: TypeScript
	run: npm run typecheck
	- name: TS policy
	run: npm run typecheck:policy
	- name: Consumer type test
	run: npm run typecheck:consumer
	- name: Declaration surface
	run: npm run typecheck:surface
	- name: Security audit (runtime deps)
	continue-on-error: true
	run: npm audit --omit=dev --audit-level=high

	test-node:
	runs-on: ubuntu-latest
	strategy:
	matrix:
	node: [22]
	steps:
	- uses: actions/checkout@v4
	- name: Run unit + integration tests
	run: docker compose -f docker-compose.test.yml run --rm test-node${{ matrix.node }}

	test-bun:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- name: Run Bun integration tests
	run: docker compose -f docker-compose.test.yml run --rm test-bun

	test-deno:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- name: Run Deno integration tests
	run: docker compose -f docker-compose.test.yml run --rm test-deno

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix(deps): resolve high-severity dev dependency advisories #429

Workflow file

fix(deps): resolve high-severity dev dependency advisories #429

Uh oh!

Workflow file for this run