@metasession.co/devaudit-cli 0.1.16 → 0.1.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +1 -1
- package/dist/index.js.map +1 -1
- package/package.json +2 -2
- package/sdlc/files/ci/ci.yml.template +39 -0
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@metasession.co/devaudit-cli",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.17",
|
|
4
4
|
"description": "DevAudit CLI — installs, syncs, and operates the Metasession SDLC across consumer projects.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"bin": {
|
|
@@ -33,7 +33,7 @@
|
|
|
33
33
|
},
|
|
34
34
|
"dependencies": {
|
|
35
35
|
"@clack/prompts": "^0.8.2",
|
|
36
|
-
"@metasession.co/devaudit-plugin-sdk": "^0.1.
|
|
36
|
+
"@metasession.co/devaudit-plugin-sdk": "^0.1.17",
|
|
37
37
|
"commander": "^12.1.0",
|
|
38
38
|
"consola": "^3.2.3",
|
|
39
39
|
"env-paths": "^3.0.0",
|
|
@@ -162,6 +162,7 @@ jobs:
|
|
|
162
162
|
e2e-auth-results.json
|
|
163
163
|
playwright-report/
|
|
164
164
|
coverage/coverage-summary.json
|
|
165
|
+
compliance/evidence/*/screenshots/*.png
|
|
165
166
|
retention-days: 90
|
|
166
167
|
|
|
167
168
|
# ──────────────────────────────────────────────
|
|
@@ -329,6 +330,44 @@ jobs:
|
|
|
329
330
|
--category test_report ${FLAGS}
|
|
330
331
|
fi
|
|
331
332
|
|
|
333
|
+
# Upload per-AC e2e evidence screenshots, scoped to each in-scope
|
|
334
|
+
# requirement so they render under "Evidence by requirement" in the
|
|
335
|
+
# portal. These are the per-assertion `evidenceShot(page, REQ, 'ACn-…')`
|
|
336
|
+
# captures (compliance/evidence/<reqId>/screenshots/*.png) — taken at the
|
|
337
|
+
# moment each acceptance criterion is demonstrated, NOT the Playwright
|
|
338
|
+
# report's trailing/failure capture. evidenceType `screenshot` →
|
|
339
|
+
# image/png renders inline. Only when a pending release ticket defines
|
|
340
|
+
# the in-scope REQ(s); skipped on ordinary dev pushes. Best-effort: a
|
|
341
|
+
# screenshot upload failure warns but never blocks the gate.
|
|
342
|
+
SHOT_REQS=()
|
|
343
|
+
if [ -d compliance/pending-releases ]; then
|
|
344
|
+
for TICKET in compliance/pending-releases/RELEASE-TICKET-REQ-*.md; do
|
|
345
|
+
[ -f "$TICKET" ] || continue
|
|
346
|
+
SHOT_REQS+=("$(basename "$TICKET" .md | sed 's/^RELEASE-TICKET-//')")
|
|
347
|
+
done
|
|
348
|
+
fi
|
|
349
|
+
shopt -s nullglob
|
|
350
|
+
SHOTS=(ci-evidence/compliance/evidence/*/screenshots/*.png compliance/evidence/*/screenshots/*.png)
|
|
351
|
+
if [ "${#SHOT_REQS[@]}" -gt 0 ] && [ "${#SHOTS[@]}" -gt 0 ]; then
|
|
352
|
+
echo "Uploading ${#SHOTS[@]} evidence screenshot(s) for: ${SHOT_REQS[*]}"
|
|
353
|
+
SHOT_TMP="$(mktemp -d)"
|
|
354
|
+
for REQ in "${SHOT_REQS[@]}"; do
|
|
355
|
+
for PNG in "${SHOTS[@]}"; do
|
|
356
|
+
# The folder is the (SRS) requirement id, the basename is the AC
|
|
357
|
+
# slug (ACn-…). Upload as <srs-req>-<slug>.png so the reviewer can
|
|
358
|
+
# see which requirement/AC each image proves and names don't collide.
|
|
359
|
+
SRS_REQ="$(basename "$(dirname "$(dirname "$PNG")")")"
|
|
360
|
+
NAMED="${SHOT_TMP}/${SRS_REQ}-$(basename "$PNG")"
|
|
361
|
+
cp "$PNG" "$NAMED" 2>/dev/null || continue
|
|
362
|
+
bash scripts/upload-evidence.sh \
|
|
363
|
+
{{PROJECT_SLUG}} "$REQ" screenshot "$NAMED" \
|
|
364
|
+
--category test_report ${FLAGS} --release "$REQ" \
|
|
365
|
+
|| echo "::warning::evidence screenshot upload failed: ${PNG} -> ${REQ}"
|
|
366
|
+
done
|
|
367
|
+
done
|
|
368
|
+
fi
|
|
369
|
+
shopt -u nullglob
|
|
370
|
+
|
|
332
371
|
# NOTE: committed compliance docs (planning category: RTM/test-plan/
|
|
333
372
|
# test-cases, release tickets, and per-requirement
|
|
334
373
|
# compliance/evidence/REQ-*/ folders) are intentionally NOT uploaded
|