ci.yml
yaml
sha256:8915fe406161f95c1681f9469375e7bae5b28c884f00bedbdef65e4b0cd0738d
docs(flow): commit FLOW-V0-SPEC.md hygiene for 7A-INT merge
Human
10 hours ago
| 1 | name: CI |
| 2 | |
| 3 | on: |
| 4 | push: |
| 5 | branches: [main] |
| 6 | pull_request: |
| 7 | branches: [main] |
| 8 | |
| 9 | jobs: |
| 10 | secret-scan: |
| 11 | name: Secret scanning (TruffleHog) |
| 12 | runs-on: ubuntu-latest |
| 13 | steps: |
| 14 | - uses: actions/checkout@v4 |
| 15 | with: |
| 16 | fetch-depth: 0 |
| 17 | - name: TruffleHog OSS |
| 18 | uses: trufflesecurity/trufflehog@main |
| 19 | with: |
| 20 | path: ./ |
| 21 | base: ${{ github.event_name == 'pull_request' && github.event.pull_request.base.sha || github.event.before }} |
| 22 | head: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }} |
| 23 | extra_args: --only-verified |
| 24 | |
| 25 | test: |
| 26 | runs-on: ubuntu-latest |
| 27 | |
| 28 | strategy: |
| 29 | matrix: |
| 30 | node-version: [20] |
| 31 | |
| 32 | steps: |
| 33 | - uses: actions/checkout@v4 |
| 34 | |
| 35 | - name: Use Node.js ${{ matrix.node-version }} |
| 36 | uses: actions/setup-node@v4 |
| 37 | with: |
| 38 | node-version: ${{ matrix.node-version }} |
| 39 | cache: npm |
| 40 | |
| 41 | - name: Install dependencies |
| 42 | run: | |
| 43 | npm ci |
| 44 | cd hub/gateway && npm ci |
| 45 | cd ../bridge && npm ci |
| 46 | |
| 47 | - name: Audit dependencies — fail on high/critical CVEs |
| 48 | run: | |
| 49 | npm audit --audit-level=high --omit=dev |
| 50 | (cd hub/gateway && npm audit --audit-level=high --omit=dev) |
| 51 | (cd hub/bridge && npm audit --audit-level=high --omit=dev) |
| 52 | |
| 53 | - name: Hosted MCP schema guard |
| 54 | run: npm run check:mcp-hosted-schema |
| 55 | |
| 56 | - name: Run tests |
| 57 | run: npm test |
File History
1 commit
sha256:8915fe406161f95c1681f9469375e7bae5b28c884f00bedbdef65e4b0cd0738d
docs(flow): commit FLOW-V0-SPEC.md hygiene for 7A-INT merge
Human
10 hours ago