Fix dependency review workflow for missing build tools

- Install devDependencies (including sass) with --include=dev flag - Add proper error handling for missing main branch files - Skip bundle size analysis if no frontend changes detected - Improve git diff logic for changed files detection 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-07-07 20:17:34 -04:00 · 2025-07-07 20:17:34 -04:00 · 6c2be648c0
commit 6c2be648c0
parent c50a07c870
1 changed files with 37 additions and 7 deletions
--- a/.forgejo/workflows/dependency-review.yml
+++ b/.forgejo/workflows/dependency-review.yml
@ -99,17 +99,47 @@ jobs:
        run: |
          echo "Analyzing bundle size impact..."
          
-          # Install dependencies from main
-          git show origin/main:package-lock.json > package-lock-main.json
-          npm ci --package-lock-only --package-lock=package-lock-main.json
-          npm run build:frontend || true
-          du -sh public/dist > size-main.txt
+          # Get changed files for this workflow
+          git fetch origin main
+          if git merge-base origin/main HEAD >/dev/null 2>&1; then
+            CHANGED_FILES=$(git diff --name-only origin/main...HEAD)
+          else
+            CHANGED_FILES=$(git diff --name-only origin/main HEAD || echo "")
+          fi
+          
+          # Skip bundle size check if no frontend changes
+          if ! echo "$CHANGED_FILES" | grep -E "(src/frontend|scripts/build)" > /dev/null; then
+            echo "No frontend changes detected, skipping bundle size analysis"
+            exit 0
+          fi
+          
+          # Install dependencies from main (including devDependencies for build tools)
+          git show origin/main:package-lock.json > package-lock-main.json || echo "No package-lock.json in main"
+          git show origin/main:package.json > package-main.json || echo "No package.json in main"
+          
+          if [ -f "package-main.json" ]; then
+            # Temporarily use main's package files
+            cp package.json package-current.json
+            cp package-lock.json package-lock-current.json
+            cp package-main.json package.json
+            cp package-lock-main.json package-lock.json 2>/dev/null || true
+            
+            npm ci --include=dev || echo "Failed to install main dependencies"
+            npm run build:frontend > /dev/null 2>&1 || echo "Failed to build main frontend"
+            du -sh public/dist 2>/dev/null > size-main.txt || echo "0B public/dist" > size-main.txt
+            
+            # Restore current package files
+            mv package-current.json package.json
+            mv package-lock-current.json package-lock.json
+          else
+            echo "No main branch package.json found" > size-main.txt
+          fi
          
          # Install current dependencies
-          npm ci
+          npm ci --include=dev
          npm run build:frontend
          du -sh public/dist > size-current.txt
          
          echo "Bundle size comparison:"
-          echo "Main branch: $(cat size-main.txt)"
+          echo "Main branch: $(cat size-main.txt 2>/dev/null || echo 'Unable to determine')"
          echo "This branch: $(cat size-current.txt)"