Enforce scoped auth for EPCIS MCP tools #77
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Check Package Lock File | |
| permissions: | |
| contents: read | |
| concurrency: | |
| group: check-package-lock-${{ github.ref }} | |
| cancel-in-progress: true | |
| on: | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - 'package.json' | |
| - 'package-lock.json' | |
| - '**/package.json' | |
| pull_request: | |
| branches: | |
| - "**" | |
| paths: | |
| - 'package.json' | |
| - 'package-lock.json' | |
| - '**/package.json' | |
| jobs: | |
| verify-package-lock: | |
| name: Verify package-lock.json exists | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Check if package-lock.json exists | |
| run: | | |
| if [ ! -f "package-lock.json" ]; then | |
| echo "ERROR: package-lock.json file is missing from the repository" | |
| echo "This file is required to ensure consistent dependency versions across all environments" | |
| echo "Please ensure package-lock.json is committed with your changes" | |
| exit 1 | |
| fi | |
| echo "SUCCESS: package-lock.json file is present" | |
| - name: Verify package-lock.json is not empty | |
| run: | | |
| if [ ! -s "package-lock.json" ]; then | |
| echo "ERROR: package-lock.json file exists but is empty" | |
| echo "Please run 'npm install' to regenerate the lock file" | |
| exit 1 | |
| fi | |
| echo "SUCCESS: package-lock.json file is valid and not empty" | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '22' | |
| - name: Validate package-lock.json is valid and in sync | |
| run: npm ci --dry-run --ignore-scripts |