From 3eee49d4ac00351b83d5743ede308fe60c387ec8 Mon Sep 17 00:00:00 2001 From: Divine Tettey Date: Wed, 5 Jun 2024 14:51:21 +0000 Subject: [PATCH] ci(dependency-review): Add depcheck to workflow for detecting unused dependencies --- .github/workflows/dependency-review.yml | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index cefe8752..e044e1f8 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -18,4 +18,22 @@ jobs: fail-on-severity: high allow-licenses: MIT, Apache-2.0, BSD-3-Clause, ISC, BSD-2-Clause, Unlicense, CC0-1.0, 0BSD, X11, MPL-2.0, MPL-1.0, MPL-1.1, MPL-2.0 fail-on-scopes: development, runtime - allow-dependencies-licenses: 'pkg:npm/caniuse-lite' \ No newline at end of file + allow-dependencies-licenses: 'pkg:npm/caniuse-lite' + - name: 'Setup Node.js' + uses: actions/setup-node@v4 + with: + node-version: '18.x' + + - name: 'Install depcheck globally' + run: npm install -g depcheck + - name: 'Run depcheck' + run: | + depcheck_result=$(depcheck --oneline --skip-missing) + if [[ $depcheck_result == *"Unused dependencies"* ]] || [[ $depcheck_result == *"Unused devDependencies"* ]] + then + echo "Unused dependencies or devDependencies found." + echo "$depcheck_result" + exit 1 + fi + + \ No newline at end of file