@metasession.co/devaudit-cli 0.1.56 → 0.1.58
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +2 -2
- package/dist/index.js.map +1 -1
- package/package.json +2 -2
- package/sdlc/files/_common/README_TEMPLATE.md +2 -2
- package/sdlc/files/_common/skills/e2e-test-engineer/references/bootstrap.md +3 -3
- package/sdlc/files/_common/skills/e2e-test-engineer/references/e2e-regression-3-tier.yml +3 -3
- package/sdlc/files/ci/check-release-approval.yml.template +1 -1
- package/sdlc/files/ci/ci.yml.template +6 -6
- package/sdlc/files/ci/close-out-release.yml.template +1 -1
- package/sdlc/files/ci/compliance-evidence.yml.template +4 -4
- package/sdlc/files/ci/compliance-validation.yml.template +1 -1
- package/sdlc/files/ci/incident-export.yml.template +1 -1
- package/sdlc/files/ci/periodic-review.yml.template +1 -1
- package/sdlc/files/ci/post-deploy-prod.yml.template +1 -1
- package/sdlc/files/ci/python/ci.yml.template +7 -7
- package/sdlc/files/stacks/_schema/adapter.schema.json +1 -1
- package/sdlc/files/stacks/node/adapter.json +1 -1
- package/sdlc/files/stacks/python/adapter.json +1 -1
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@metasession.co/devaudit-cli",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.58",
|
|
4
4
|
"description": "DevAudit CLI — installs, syncs, and operates the Metasession SDLC across consumer projects.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"bin": {
|
|
@@ -33,7 +33,7 @@
|
|
|
33
33
|
},
|
|
34
34
|
"dependencies": {
|
|
35
35
|
"@clack/prompts": "^0.8.2",
|
|
36
|
-
"@metasession.co/devaudit-plugin-sdk": "^0.1.
|
|
36
|
+
"@metasession.co/devaudit-plugin-sdk": "^0.1.58",
|
|
37
37
|
"ajv": "^8.20.0",
|
|
38
38
|
"commander": "^12.1.0",
|
|
39
39
|
"consola": "^3.2.3",
|
|
@@ -332,7 +332,7 @@ upload-evidence:
|
|
|
332
332
|
needs: [e2e-tests]
|
|
333
333
|
if: github.event_name == 'pull_request'
|
|
334
334
|
steps:
|
|
335
|
-
- uses: actions/checkout@
|
|
335
|
+
- uses: actions/checkout@v6
|
|
336
336
|
|
|
337
337
|
# Upload test artifacts
|
|
338
338
|
- name: Upload E2E evidence
|
|
@@ -367,7 +367,7 @@ sync-compliance-docs:
|
|
|
367
367
|
runs-on: ubuntu-latest
|
|
368
368
|
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
|
|
369
369
|
steps:
|
|
370
|
-
- uses: actions/checkout@
|
|
370
|
+
- uses: actions/checkout@v6
|
|
371
371
|
- name: Upload compliance documents
|
|
372
372
|
run: |
|
|
373
373
|
for doc in compliance/RTM.md compliance/test-plan.md compliance/test-cases.md compliance/test-summary-report.md; do
|
|
@@ -209,13 +209,13 @@ jobs:
|
|
|
209
209
|
e2e:
|
|
210
210
|
runs-on: ubuntu-latest
|
|
211
211
|
steps:
|
|
212
|
-
- uses: actions/checkout@
|
|
213
|
-
- uses: actions/setup-node@
|
|
212
|
+
- uses: actions/checkout@v6
|
|
213
|
+
- uses: actions/setup-node@v6
|
|
214
214
|
with: { node-version: 'lts/*' }
|
|
215
215
|
- run: npm ci
|
|
216
216
|
- run: npx playwright install --with-deps
|
|
217
217
|
- run: npm run test:e2e
|
|
218
|
-
- uses: actions/upload-artifact@
|
|
218
|
+
- uses: actions/upload-artifact@v7
|
|
219
219
|
if: always()
|
|
220
220
|
with:
|
|
221
221
|
name: playwright-report
|
|
@@ -46,11 +46,11 @@ jobs:
|
|
|
46
46
|
name: E2E Regression Tests
|
|
47
47
|
runs-on: ubuntu-latest # adapt to your runner; e.g. self-hosted, ubuntu-24.04
|
|
48
48
|
steps:
|
|
49
|
-
- uses: actions/checkout@
|
|
49
|
+
- uses: actions/checkout@v6
|
|
50
50
|
with:
|
|
51
51
|
fetch-depth: 0 # for E2E_NEW_SPECS computation
|
|
52
52
|
|
|
53
|
-
- uses: actions/setup-node@
|
|
53
|
+
- uses: actions/setup-node@v6
|
|
54
54
|
with:
|
|
55
55
|
node-version: '22' # match your project
|
|
56
56
|
cache: 'npm'
|
|
@@ -111,7 +111,7 @@ jobs:
|
|
|
111
111
|
npx playwright test --project="$PROJECT" --reporter=json,html
|
|
112
112
|
fi
|
|
113
113
|
|
|
114
|
-
- uses: actions/upload-artifact@
|
|
114
|
+
- uses: actions/upload-artifact@v7
|
|
115
115
|
if: always()
|
|
116
116
|
with:
|
|
117
117
|
name: e2e-regression-report
|
|
@@ -33,7 +33,7 @@ jobs:
|
|
|
33
33
|
PROJECT_SLUG: {{PROJECT_SLUG}}
|
|
34
34
|
|
|
35
35
|
steps:
|
|
36
|
-
- uses: actions/checkout@
|
|
36
|
+
- uses: actions/checkout@v6
|
|
37
37
|
with:
|
|
38
38
|
# The default `pull_request` checkout is a synthetic merge commit
|
|
39
39
|
# with an empty body, so `derive-release-version.sh` can't see the
|
|
@@ -41,7 +41,7 @@ jobs:
|
|
|
41
41
|
{{APP_ENV}}
|
|
42
42
|
|
|
43
43
|
steps:
|
|
44
|
-
- uses: actions/checkout@
|
|
44
|
+
- uses: actions/checkout@v6
|
|
45
45
|
with:
|
|
46
46
|
# Full history so the "new specs on this branch" calculation
|
|
47
47
|
# (E2E_NEW_SPECS, below) can do a real diff against the merge
|
|
@@ -51,7 +51,7 @@ jobs:
|
|
|
51
51
|
|
|
52
52
|
# ── Cached installs (skip if already present on self-hosted runner) ──
|
|
53
53
|
|
|
54
|
-
- uses: actions/setup-node@
|
|
54
|
+
- uses: actions/setup-node@v6
|
|
55
55
|
with:
|
|
56
56
|
node-version: {{NODE_VERSION}}
|
|
57
57
|
|
|
@@ -209,7 +209,7 @@ jobs:
|
|
|
209
209
|
|
|
210
210
|
# ── Upload artifacts ──
|
|
211
211
|
|
|
212
|
-
- uses: actions/upload-artifact@
|
|
212
|
+
- uses: actions/upload-artifact@v7
|
|
213
213
|
if: always()
|
|
214
214
|
continue-on-error: true
|
|
215
215
|
with:
|
|
@@ -238,7 +238,7 @@ jobs:
|
|
|
238
238
|
DEVAUDIT_BASE_URL_VAR: ${{ vars.DEVAUDIT_BASE_URL }}
|
|
239
239
|
DEVAUDIT_API_KEY: ${{ secrets.DEVAUDIT_API_KEY }}
|
|
240
240
|
steps:
|
|
241
|
-
- uses: actions/checkout@
|
|
241
|
+
- uses: actions/checkout@v6
|
|
242
242
|
|
|
243
243
|
- name: Resolve DevAudit base URL
|
|
244
244
|
run: |
|
|
@@ -369,7 +369,7 @@ jobs:
|
|
|
369
369
|
DEVAUDIT_BASE_URL_VAR: ${{ vars.DEVAUDIT_BASE_URL }}
|
|
370
370
|
DEVAUDIT_API_KEY: ${{ secrets.DEVAUDIT_API_KEY }}
|
|
371
371
|
steps:
|
|
372
|
-
- uses: actions/checkout@
|
|
372
|
+
- uses: actions/checkout@v6
|
|
373
373
|
|
|
374
374
|
- name: Resolve DevAudit base URL
|
|
375
375
|
run: |
|
|
@@ -392,7 +392,7 @@ jobs:
|
|
|
392
392
|
echo "DEVAUDIT_BASE_URL=${BASE%/}" >> "$GITHUB_ENV"
|
|
393
393
|
|
|
394
394
|
- name: Download CI gate artifacts
|
|
395
|
-
uses: actions/download-artifact@
|
|
395
|
+
uses: actions/download-artifact@v8
|
|
396
396
|
continue-on-error: true
|
|
397
397
|
with:
|
|
398
398
|
name: ci-results
|
|
@@ -69,7 +69,7 @@ jobs:
|
|
|
69
69
|
DEVAUDIT_BASE_URL_VAR: ${{ vars.DEVAUDIT_BASE_URL }}
|
|
70
70
|
DEVAUDIT_API_KEY: ${{ secrets.DEVAUDIT_API_KEY }}
|
|
71
71
|
steps:
|
|
72
|
-
- uses: actions/checkout@
|
|
72
|
+
- uses: actions/checkout@v6
|
|
73
73
|
with:
|
|
74
74
|
# Full history so `req_meta_args` can `git log --grep "[REQ-XXX]|Ref: REQ-XXX"`
|
|
75
75
|
# against the implementation commits (the merge commit alone never
|
|
@@ -512,7 +512,7 @@ jobs:
|
|
|
512
512
|
name: Upload E2E Regression Evidence
|
|
513
513
|
if: github.event_name == 'workflow_run'
|
|
514
514
|
runs-on: {{RUNNER}}
|
|
515
|
-
# actions: read is required so `actions/download-artifact@
|
|
515
|
+
# actions: read is required so `actions/download-artifact@v8` with
|
|
516
516
|
# `run-id` can read another workflow's artifacts. Without it the
|
|
517
517
|
# download step fails with a 404 even when the artifact exists.
|
|
518
518
|
permissions:
|
|
@@ -522,7 +522,7 @@ jobs:
|
|
|
522
522
|
DEVAUDIT_BASE_URL_VAR: ${{ vars.DEVAUDIT_BASE_URL }}
|
|
523
523
|
DEVAUDIT_API_KEY: ${{ secrets.DEVAUDIT_API_KEY }}
|
|
524
524
|
steps:
|
|
525
|
-
- uses: actions/checkout@
|
|
525
|
+
- uses: actions/checkout@v6
|
|
526
526
|
with:
|
|
527
527
|
# Check out the SHA the E2E Regression ran against — that
|
|
528
528
|
# determines the release version + the in-scope REQs via the
|
|
@@ -557,7 +557,7 @@ jobs:
|
|
|
557
557
|
|
|
558
558
|
- name: Download E2E Regression artifact
|
|
559
559
|
if: steps.resolve.outputs.skip != 'true'
|
|
560
|
-
uses: actions/download-artifact@
|
|
560
|
+
uses: actions/download-artifact@v8
|
|
561
561
|
with:
|
|
562
562
|
name: e2e-regression-report
|
|
563
563
|
path: e2e-artifacts/
|
|
@@ -38,7 +38,7 @@ jobs:
|
|
|
38
38
|
# skips this job entirely on unlabelled issue closes.
|
|
39
39
|
if: contains(github.event.issue.labels.*.name, 'incident')
|
|
40
40
|
steps:
|
|
41
|
-
- uses: actions/checkout@
|
|
41
|
+
- uses: actions/checkout@v6
|
|
42
42
|
with:
|
|
43
43
|
fetch-depth: 0
|
|
44
44
|
token: ${{ secrets.DEVAUDIT_USER_TOKEN || github.token }}
|
|
@@ -45,9 +45,9 @@ jobs:
|
|
|
45
45
|
{{APP_ENV}}
|
|
46
46
|
|
|
47
47
|
steps:
|
|
48
|
-
- uses: actions/checkout@
|
|
48
|
+
- uses: actions/checkout@v6
|
|
49
49
|
|
|
50
|
-
- uses: actions/setup-python@
|
|
50
|
+
- uses: actions/setup-python@v6
|
|
51
51
|
with:
|
|
52
52
|
python-version: '{{PYTHON_VERSION}}'
|
|
53
53
|
cache: pip
|
|
@@ -164,11 +164,11 @@ jobs:
|
|
|
164
164
|
|
|
165
165
|
# ── Upload artifacts ──
|
|
166
166
|
|
|
167
|
-
# actions/upload-artifact@
|
|
167
|
+
# actions/upload-artifact@v7 doesn't honour the job's `working-directory`;
|
|
168
168
|
# paths are workspace-relative. Prefix with WORKING_DIR_PREFIX so artifacts
|
|
169
169
|
# uploaded from a subdir project (e.g. mission-control-api/) include the
|
|
170
170
|
# subdir in their stored path, matching where the gate steps wrote them.
|
|
171
|
-
- uses: actions/upload-artifact@
|
|
171
|
+
- uses: actions/upload-artifact@v7
|
|
172
172
|
if: always()
|
|
173
173
|
continue-on-error: true
|
|
174
174
|
with:
|
|
@@ -191,7 +191,7 @@ jobs:
|
|
|
191
191
|
DEVAUDIT_BASE_URL: ${{ vars.DEVAUDIT_BASE_URL }}
|
|
192
192
|
DEVAUDIT_API_KEY: ${{ secrets.DEVAUDIT_API_KEY }}
|
|
193
193
|
steps:
|
|
194
|
-
- uses: actions/checkout@
|
|
194
|
+
- uses: actions/checkout@v6
|
|
195
195
|
|
|
196
196
|
- name: Validate DevAudit env
|
|
197
197
|
run: |
|
|
@@ -293,7 +293,7 @@ jobs:
|
|
|
293
293
|
DEVAUDIT_BASE_URL: ${{ vars.DEVAUDIT_BASE_URL }}
|
|
294
294
|
DEVAUDIT_API_KEY: ${{ secrets.DEVAUDIT_API_KEY }}
|
|
295
295
|
steps:
|
|
296
|
-
- uses: actions/checkout@
|
|
296
|
+
- uses: actions/checkout@v6
|
|
297
297
|
|
|
298
298
|
# Download to workspace root: upload-artifact@v4 preserves the file's
|
|
299
299
|
# workspace-relative path (e.g. mission-control-api/ci-evidence/sast.json
|
|
@@ -301,7 +301,7 @@ jobs:
|
|
|
301
301
|
# those exact paths so the upload-evidence.sh references below resolve
|
|
302
302
|
# without nesting.
|
|
303
303
|
- name: Download CI gate artifacts
|
|
304
|
-
uses: actions/download-artifact@
|
|
304
|
+
uses: actions/download-artifact@v8
|
|
305
305
|
continue-on-error: true
|
|
306
306
|
with:
|
|
307
307
|
name: ci-results
|
|
@@ -123,7 +123,7 @@
|
|
|
123
123
|
"action": {
|
|
124
124
|
"type": "string",
|
|
125
125
|
"pattern": "^[^@]+@v[0-9]+$",
|
|
126
|
-
"description": "GitHub Actions reference — e.g. actions/setup-node@
|
|
126
|
+
"description": "GitHub Actions reference — e.g. actions/setup-node@v6, actions/setup-python@v6."
|
|
127
127
|
},
|
|
128
128
|
"with": {
|
|
129
129
|
"type": "object",
|