fix: resolve Snyk security findings #661
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Build and deploy the web app to GitHub Pages. | |
| # Enable in repo: Settings → Pages → Source: GitHub Actions. | |
| # Site URL: https://<owner>.github.io/<repo>/ | |
| name: Deploy Web App to GitHub Pages | |
| on: | |
| push: | |
| branches: ["main", "master"] | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| pages: write | |
| id-token: write | |
| concurrency: | |
| group: "pages" | |
| cancel-in-progress: false | |
| env: | |
| FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true" | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v5 | |
| - name: Setup Node | |
| uses: actions/setup-node@v5 | |
| with: | |
| node-version: "lts/*" | |
| cache: "npm" | |
| - name: Install root dependencies | |
| run: npm ci | |
| - name: Prepare web app (index + skills) | |
| run: npm run app:setup | |
| - name: Install web-app dependencies | |
| run: cd apps/web-app && npm ci | |
| - name: Build web app for GitHub Pages | |
| run: cd apps/web-app && npm run build | |
| env: | |
| VITE_BASE_PATH: /${{ github.event.repository.name }}/ | |
| SEO_SITE_URL: https://${{ github.repository_owner }}.github.io/${{ github.event.repository.name }} | |
| - name: Validate SEO artifact quality | |
| run: cd apps/web-app && npm run verify:seo | |
| - name: Validate generated sitemap and asset consistency | |
| run: | | |
| cd apps/web-app | |
| test -f dist/robots.txt | |
| test -f dist/sitemap.xml | |
| test -f dist/site.webmanifest | |
| - name: Prepare artifact (404 + .nojekyll) | |
| run: | | |
| cd apps/web-app/dist | |
| cp index.html 404.html | |
| touch .nojekyll | |
| test -f 404.html | |
| - name: Configure GitHub Pages | |
| uses: actions/configure-pages@v5 | |
| - name: Upload Pages artifact | |
| uses: actions/upload-pages-artifact@v4 | |
| with: | |
| path: apps/web-app/dist | |
| deploy: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| environment: | |
| name: github-pages | |
| url: ${{ steps.deploy.outputs.page_url }} | |
| steps: | |
| - name: Deploy to GitHub Pages | |
| id: deploy | |
| uses: actions/deploy-pages@v4 |