diff --git a/.gitea/workflows/code-analysis.yml b/.gitea/workflows/code-analysis.yml index 738972a..3819b8c 100644 --- a/.gitea/workflows/code-analysis.yml +++ b/.gitea/workflows/code-analysis.yml @@ -88,7 +88,11 @@ jobs: rm -f gitleaks.tar.gz - name: Install dependencies - run: npm ci + run: | + if ! npm ci; then + echo "WARNING: npm ci fehlgeschlagen (Lockfile-Drift?). Fallback auf npm install." + npm install + fi - name: Lint run: npm run lint diff --git a/deploy-production.sh b/deploy-production.sh index 2bfc2a0..ea5e665 100755 --- a/deploy-production.sh +++ b/deploy-production.sh @@ -57,7 +57,10 @@ has_tracked_files_under() { install_dependencies() { if [ -f "package-lock.json" ]; then echo " Running: npm ci" - npm ci + if ! npm ci; then + echo " WARNING: npm ci fehlgeschlagen (Lockfile ggf. nicht synchron). Fallback auf npm install..." + npm install + fi else echo " WARNING: package-lock.json fehlt. Führe npm install aus..." npm install @@ -92,6 +95,10 @@ install_dependencies_if_needed() { echo " package-lock.json unverändert, überspringe npm ci" fi + if [ -f "package-lock.json" ]; then + current_lock_hash="$(sha256sum package-lock.json | awk '{print $1}')" + fi + printf '%s\n' "$current_lock_hash" > "$lock_hash_file" } diff --git a/deploy-test.sh b/deploy-test.sh index adb55ad..2751283 100755 --- a/deploy-test.sh +++ b/deploy-test.sh @@ -70,7 +70,10 @@ has_tracked_files_under() { install_dependencies() { if [ -f "package-lock.json" ]; then echo " Running: npm ci" - npm ci + if ! npm ci; then + echo " WARNING: npm ci fehlgeschlagen (Lockfile ggf. nicht synchron). Fallback auf npm install..." + npm install + fi else echo " WARNING: package-lock.json fehlt. Führe npm install aus..." npm install @@ -105,6 +108,10 @@ install_dependencies_if_needed() { echo " package-lock.json unverändert, überspringe npm ci" fi + if [ -f "package-lock.json" ]; then + current_lock_hash="$(sha256sum package-lock.json | awk '{print $1}')" + fi + printf '%s\n' "$current_lock_hash" > "$lock_hash_file" }