Make the frontend build and validate it in CI#605
Merged
Conversation
The frontend source is an Angular 4 app: it uses HttpModule from @angular/http, NgbModule.forRoot(), rxjs 5 "rxjs/add" imports, core-js 2 polyfill paths (core-js/es6/*), the ngx-uploader 2 API (NgUploaderModule/NgUploaderOptions), and a CLI-1.x .angular-cli.json workspace (there is no angular.json). Over time Dependabot bumped the version numbers in package.json/npm-shrinkwrap.json as far as @angular/cli 12 / @angular/core 10 with no accompanying source migration, producing an internally incoherent manifest that cannot build: CLI 12 needs angular.json, the @angular/* packages straddled majors 4/7/10, core-js 3 dropped the es6/* paths, and ngx-uploader 4 renamed the API the source still calls. Reconcile the dependencies back to the last hand-authored, source-matching versions (the manifest at 001a3de), then make just the two toolchain adjustments needed to install and build on the Node 8 ABI the app targets: pin @angular/cli to 1.4.10 and typescript to 2.4.2. Drop the docs-site tooling (wintersmith / wintersmith-sassy) whose transitive node-sass 3.x has no Node 8 prebuilt and aborted `npm install`; it is unused by `ng build`. Remove the stale yarn.lock — the build uses npm, and npm-shrinkwrap.json is the lockfile that is actually consumed. Verified with `npm ci` + `npm run build` on Node 8.17: dist/ is produced with zero compile errors. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
`./gradlew check` compiles only the backend and runs its (empty) test suite; it never builds the frontend, so a breaking frontend dependency bump could pass CI unnoticed. Split the Check workflow into a `backend` job (the existing gradle check, unchanged) and a `frontend` job that runs `npm ci` + `npm run build` on Node 8, so the frontend is compiled on every push and pull request. Node 8 is required because the app's stack (Angular 4 / @angular/cli 1.4, node-sass 4.14) only supports that ABI. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🤖
CI + build fix. It makes the frontend build again and adds that build to the
Checkworkflow../gradlew check(the only CI gate) compiles the backend and runs its empty test suite — it never touches the frontend. And the frontend has not actually been buildable for a long time: its source is an Angular 4 app (HttpModulefrom@angular/http,NgbModule.forRoot(),rxjs/addimports,core-js/es6/*polyfills, thengx-uploader2 API, and a CLI-1.x.angular-cli.jsonworkspace with noangular.json), but Dependabot bumped the version numbers inpackage.json/npm-shrinkwrap.jsonup to@angular/cli12 /@angular/core10 with no source migration. The result is an incoherent manifest that cannot build:@angular/cli12 requiresangular.json; the repo only has.angular-cli.json(CLI ≤ 5 format).@angular/*packages straddled majors 4 / 7 / 10.core-js3 removed thees6/*pathspolyfills.tsimports.ngx-uploader4 renamed the API the source still calls (NgUploaderModule/NgUploaderOptions).Because CI never built the frontend, breaking Dependabot bumps for the frontend (the only ecosystem Dependabot updates here, besides GitHub Actions) could sail through unnoticed.
What is the new behavior (if this is a feature change)?
001a3de), with two toolchain adjustments needed to install/build on the Node 8 ABI the app targets:@angular/cli→1.4.10andtypescript→2.4.2. The docs-site tooling (wintersmith/wintersmith-sassy) is dropped — its transitivenode-sass3.x has no Node 8 prebuilt and abortednpm install, and it is unrelated tong build. The staleyarn.lockis removed (the build uses npm;npm-shrinkwrap.jsonis the lockfile that is actually consumed).Checkworkflow is split into abackendjob (the existing./gradlew check, unchanged) and afrontendjob that runsnpm ci+npm run buildon Node 8.Verified locally: a clean
npm ci+npm run buildon Node 8.17 producesdist/with zero compile errors.Other information:
frontendjob only protects automerge once it is a required status check in branch protection onmain. Right nowmainis unprotected, so this job runs but does not yet block a merge — configuring branch protection to requirebackendandfrontendis the follow-up that actually makes Dependabot automerge safe.ng test/ e2e coverage is a separate, larger effort.