chore: cleanups
This commit is contained in:
94
AGENTS.md
94
AGENTS.md
@@ -56,29 +56,40 @@
|
||||
## Development Workflow
|
||||
|
||||
### Commands
|
||||
- `npm run dev` - Start dev server (port 4000)
|
||||
- `npm run lintfix` - Auto-fix linting issues
|
||||
- `npm run lint` - Check for issues
|
||||
- `npm run build` - Production build
|
||||
- `pnpm dev` - Start dev server (port 4000)
|
||||
- `pnpm build` - Production build
|
||||
- `pnpm start` - Start production server
|
||||
- `pnpm lint` - Check for linting issues
|
||||
- `pnpm lintfix` - Auto-fix linting issues
|
||||
- `pnpm typecheck` - Run TypeScript type checking
|
||||
- `pnpm security:audit` - Run security vulnerability scan
|
||||
- `pnpm security:check` - Generate security report (JSON)
|
||||
- `pnpm security:outdated` - Check for outdated dependencies
|
||||
|
||||
### Windsurf Commands Helper Script
|
||||
The project includes `windsurf-commands.sh` for common development tasks:
|
||||
|
||||
```bash
|
||||
./windsurf-commands.sh lint # Run ESLint to check for code issues
|
||||
./windsurf-commands.sh lintfix # Run ESLint with auto-fix enabled
|
||||
./windsurf-commands.sh help # Show available commands
|
||||
./windsurf-commands.sh lint # Run ESLint to check for code issues
|
||||
./windsurf-commands.sh lintfix # Run ESLint with auto-fix enabled
|
||||
./windsurf-commands.sh typecheck # Run TypeScript type checking
|
||||
./windsurf-commands.sh security:audit # Run security vulnerability scan
|
||||
./windsurf-commands.sh security:check # Generate security report (JSON)
|
||||
./windsurf-commands.sh security:outdated # Check for outdated dependencies
|
||||
./windsurf-commands.sh help # Show available commands
|
||||
```
|
||||
|
||||
**Usage in AGENTS.md:**
|
||||
- When referencing linting in rules, can use either `npm run lint` or `./windsurf-commands.sh lint`
|
||||
**Usage:**
|
||||
- Script provides consistent interface for development commands
|
||||
- Includes error handling and user-friendly output
|
||||
- All commands use `pnpm` internally
|
||||
- Includes error handling and user-friendly output with emojis
|
||||
- Can be used interchangeably with direct `pnpm run` commands
|
||||
|
||||
### Before Committing
|
||||
1. Run `npm run lintfix` and `npm run lint`
|
||||
2. Ensure TypeScript compiles
|
||||
3. Test changes in browser
|
||||
1. Run `pnpm run lintfix` and `pnpm run lint` (or use `./windsurf-commands.sh lintfix` and `./windsurf-commands.sh lint`)
|
||||
2. Run `pnpm run typecheck` (or `./windsurf-commands.sh typecheck`) to ensure TypeScript compiles
|
||||
3. Run `pnpm run security:audit` (or `./windsurf-commands.sh security:audit`) to check for vulnerabilities
|
||||
4. Test changes in browser
|
||||
|
||||
## File Naming
|
||||
- **Components**: PascalCase (`MainPage.tsx`)
|
||||
@@ -359,6 +370,63 @@ mcp0_browser_snapshot → review for proper labels
|
||||
4. **Console errors**: Review `mcp0_browser_console_messages` for stack traces
|
||||
5. **Timing issues**: Use `mcp0_browser_wait_for` to wait for elements/animations
|
||||
|
||||
## CI/CD Pipelines
|
||||
|
||||
The project includes automated GitHub Actions workflows for code quality and security:
|
||||
|
||||
### Lint Check Workflows
|
||||
- **Push Lint Check** (`.github/workflows/push-lint-check.yml`)
|
||||
- Runs on every push to any branch
|
||||
- Executes ESLint checks
|
||||
- Uses pnpm v10 with caching for faster builds
|
||||
- Fails if linting errors are found
|
||||
|
||||
- **PR Lint Check** (`.github/workflows/pr-lint-check.yml`)
|
||||
- Runs on pull requests to main/master/develop
|
||||
- Executes ESLint checks
|
||||
- Posts comment on PR if linting fails
|
||||
- Uses pnpm v10 with caching
|
||||
|
||||
### TypeScript Type Check Workflow
|
||||
- **TypeScript Type Check** (`.github/workflows/typecheck.yml`)
|
||||
- Runs on every push and pull request
|
||||
- Executes `tsc --noEmit` to check for type errors
|
||||
- Uses pnpm v10 with caching
|
||||
- Fails if type errors are found
|
||||
|
||||
### Security Audit Workflow
|
||||
- **Security Audit** (`.github/workflows/security-audit.yml`)
|
||||
- Runs on push to main/master/develop
|
||||
- Runs on all pull requests
|
||||
- Runs weekly on Monday at 00:00 UTC (scheduled)
|
||||
- Executes `pnpm audit` for vulnerability scanning
|
||||
- Generates security report (JSON) as artifact
|
||||
- Checks for outdated dependencies
|
||||
- Uses pnpm v10 with caching
|
||||
- Continues on error but uploads report for review
|
||||
|
||||
### Pipeline Requirements
|
||||
All workflows require:
|
||||
- Node.js 18
|
||||
- pnpm v10 (matches lockfile version)
|
||||
- Frozen lockfile (`pnpm install --frozen-lockfile`)
|
||||
- Proper caching of pnpm store for performance
|
||||
|
||||
### Docker Deployment
|
||||
- **Dockerfile**: Multi-stage build with Alpine Linux base
|
||||
- Uses pnpm v10.30.1
|
||||
- Non-root user (UID 1001)
|
||||
- Read-only filesystem with security hardening
|
||||
- Standalone Next.js output (~150MB image)
|
||||
|
||||
- **docker-compose.yml**: One-command deployment
|
||||
```bash
|
||||
docker-compose up -d
|
||||
```
|
||||
- Includes health checks
|
||||
- Security options (no-new-privileges, dropped capabilities)
|
||||
- Runs on port 4000
|
||||
|
||||
## Notes
|
||||
- This is a **portfolio website** showcasing projects, experience, achievements, and skills
|
||||
- Runs on **port 4000** (not default 3000)
|
||||
|
||||
Reference in New Issue
Block a user