Vendoo 1.41.2 – Git Ignore Boundary & Module Tracking Hotfix (#18)

* docs: prepare Vendoo 1.41.2 git-ignore boundary hotfix

* fix: track native source modules with root-anchored runtime ignores
This commit was merged in pull request #18.
This commit is contained in:
Masterluke77
2026-07-09 17:09:00 +02:00
committed by GitHub
parent f4923437ca
commit 6f48827f4d
556 changed files with 77265 additions and 210 deletions
+1
View File
@@ -0,0 +1 @@
* @Masterluke77
+27
View File
@@ -0,0 +1,27 @@
version: 2
updates:
- package-ecosystem: npm
directory: /
schedule:
interval: weekly
day: monday
time: '05:00'
timezone: Europe/Berlin
open-pull-requests-limit: 5
groups:
npm-production:
dependency-type: production
- package-ecosystem: github-actions
directory: /
schedule:
interval: monthly
time: '05:30'
timezone: Europe/Berlin
open-pull-requests-limit: 5
- package-ecosystem: docker
directory: /
schedule:
interval: monthly
time: '06:00'
timezone: Europe/Berlin
open-pull-requests-limit: 5
+20
View File
@@ -0,0 +1,20 @@
## Änderung
<!-- Was wurde geändert und warum? -->
## Sicherheit und Daten
- [ ] Keine `.env`, Tokens, Datenbanken, Uploads, Backups, Logs oder Modelle enthalten
- [ ] Bestehende Benutzer- und Artikeldaten bleiben erhalten
- [ ] Originalbilder werden nicht überschrieben
- [ ] FASHN VTON / Virtual Try-on wurde nicht wieder eingeführt
## Prüfung
- [ ] `npm ci`
- [ ] `npm run verify:git`
- [ ] `npm run check`
- [ ] `npm run verify:architecture`
- [ ] `npm run verify:deployment`
- [ ] `npm run verify:db`
- [ ] Windows-/Docker-/Browser-Abnahme dokumentiert oder ausdrücklich als offen markiert
+116
View File
@@ -0,0 +1,116 @@
name: Vendoo CI
on:
push:
branches: [main, develop, 'feature/**', 'release/**', 'hotfix/**']
pull_request:
branches: [main, develop]
permissions:
contents: read
concurrency:
group: vendoo-ci-${{ github.ref }}
cancel-in-progress: true
jobs:
quality:
name: Syntax, Sicherheit und Release-Gates
runs-on: ubuntu-latest
timeout-minutes: 25
steps:
- name: Repository auschecken
uses: actions/checkout@v6
with:
fetch-depth: 0
- name: Node.js 22 aktivieren
uses: actions/setup-node@v4
with:
node-version: '22.x'
cache: npm
- name: Abhängigkeiten reproduzierbar installieren
run: npm ci
- name: Git-Sicherheitsgate
run: npm run verify:git
- name: Git-Sicherheitsgate Regressionstest
run: npm run verify:git-regression
- name: Git-Staging-Filter Regressionstest
run: npm run verify:git-staging
- name: Git-Ignore-Grenzen für Quell- und Runtimeordner prüfen
run: npm run verify:ignore-boundaries
- name: Syntaxprüfung
run: npm run check
- name: Produktiven Source-Root und Archivgrenzen prüfen
run: npm run verify:source-boundaries
- name: ESM-Exportverträge prüfen
run: npm run verify:esm-exports
- name: FLUX-Loop-Hotfix prüfen
run: npm run verify:flux-loop
- name: Vollständigen Modul-Capability-Graph prüfen
run: npm run verify:capabilities
- name: Coolify-Deployment und Web-Updates prüfen
run: npm run verify:coolify
- name: Initial deaktivierte Module prüfen
run: npm run verify:initial-modules
- name: Plattformarchitektur und Design Tokens prüfen
run: npm run verify:architecture
- name: Theme Manager, Accessibility und Komponenten-Tokens prüfen
run: npm run verify:themes
- name: Security, Secrets und Observability prüfen
run: npm run verify:security
- name: Auth, Benutzer, Sitzungen und Einstellungen prüfen
run: npm run verify:identity
- name: Artikel, Lager und Medien prüfen
run: npm run verify:catalog
- name: Modulmanager, Pakete und Aktivierungsgrenzen prüfen
run: npm run verify:modules
- name: Deployment-Gate
run: npm run verify:deployment
- name: Persistenten Konfigurationsspeicher prüfen
run: npm run verify:config
- name: Geführte Shell-Installer simulieren
run: npm run verify:installer-shell
- name: Datenbankmigrationen prüfen
run: npm run verify:db
- name: Docker-Compose-Dateien validieren
run: |
cp .env.example .env
python - <<'PY'
from pathlib import Path
p=Path('.env')
s=p.read_text()
s=s.replace('VENDOO_SETUP_TOKEN=', 'VENDOO_SETUP_TOKEN=ci-only-not-a-production-secret-1234567890')
s=s.replace('VENDOO_DOMAIN=', 'VENDOO_DOMAIN=vendoo.example.invalid')
p.write_text(s)
PY
docker compose -f compose.yaml config -q
docker compose -f compose.yaml -f compose.bind-mounts.example.yaml config -q
docker compose -f compose.vps.yaml config -q
rm -f .env
- name: Docker-Image testweise bauen
run: docker build --pull --tag vendoo:ci .
+155
View File
@@ -0,0 +1,155 @@
name: Vendoo Release
on:
release:
types: [published]
permissions:
contents: read
concurrency:
group: vendoo-release-${{ github.event.release.tag_name }}
cancel-in-progress: false
env:
REGISTRY: ghcr.io
IMAGE_NAME: masterluke77/vendoo
jobs:
release-assets:
name: Release-Paket und Prüfsummen
permissions:
contents: write
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- name: Repository auschecken
uses: actions/checkout@v6
- name: Node.js 22 aktivieren
uses: actions/setup-node@v4
with:
node-version: '22.x'
cache: npm
- name: Abhängigkeiten installieren
run: npm ci
- name: Release-Tag gegen Paketversion prüfen
env:
RELEASE_TAG: ${{ github.event.release.tag_name }}
run: |
EXPECTED="v$(node -p "require('./package.json').version")"
test "$RELEASE_TAG" = "$EXPECTED" || { echo "Release-Tag $RELEASE_TAG passt nicht zu $EXPECTED." >&2; exit 1; }
- name: Vollständige Prüfung
run: |
npm run verify:git
npm run verify:git-regression
npm run verify:git-staging
npm run verify:ignore-boundaries
npm run check
npm run verify:source-boundaries
npm run verify:esm-exports
npm run verify:flux-loop
npm run verify:capabilities
npm run verify:coolify
npm run verify:initial-modules
npm run verify:architecture
npm run verify:themes
npm run verify:security
npm run verify:identity
npm run verify:catalog
npm run verify:modules
npm run verify:deployment
npm run verify:config
npm run verify:installer-shell
npm run verify:db
- name: Release-Staging erzeugen
run: node tools/build-release.mjs
- name: ZIP und SHA-256 erzeugen
id: package
shell: bash
run: |
PACKAGE_NAME="$(cat release-output/RELEASE_NAME.txt)"
cd release-output
zip -r -9 "${PACKAGE_NAME}.zip" "${PACKAGE_NAME}"
sha256sum "${PACKAGE_NAME}.zip" > "${PACKAGE_NAME}.zip.sha256.txt"
echo "package_name=${PACKAGE_NAME}" >> "$GITHUB_OUTPUT"
- name: Assets an GitHub Release anhängen
env:
GH_TOKEN: ${{ github.token }}
TAG: ${{ github.event.release.tag_name }}
PACKAGE_NAME: ${{ steps.package.outputs.package_name }}
run: |
gh release upload "$TAG" \
"release-output/${PACKAGE_NAME}.zip" \
"release-output/${PACKAGE_NAME}.zip.sha256.txt" \
--clobber
- name: Build-Artefakte sichern
uses: actions/upload-artifact@v4
with:
name: ${{ steps.package.outputs.package_name }}
path: |
release-output/${{ steps.package.outputs.package_name }}.zip
release-output/${{ steps.package.outputs.package_name }}.zip.sha256.txt
if-no-files-found: error
retention-days: 30
container:
name: GHCR-Container veröffentlichen
permissions:
contents: read
packages: write
attestations: write
id-token: write
runs-on: ubuntu-latest
timeout-minutes: 35
steps:
- name: Repository auschecken
uses: actions/checkout@v6
- name: Docker Buildx aktivieren
uses: docker/setup-buildx-action@v3
- name: Bei GHCR anmelden
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Container-Metadaten erzeugen
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=semver,pattern={{version}},value=${{ github.event.release.tag_name }}
type=semver,pattern={{major}}.{{minor}},value=${{ github.event.release.tag_name }}
type=raw,value=stable,enable=${{ !github.event.release.prerelease }}
type=raw,value=latest,enable=${{ !github.event.release.prerelease }}
- name: Container bauen und veröffentlichen
id: push
uses: docker/build-push-action@v6
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64,linux/arm64
provenance: true
sbom: true
- name: Container-Provenienz attestieren
uses: actions/attest@v4
with:
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true