Skip to content

Chore: [AEA-0000] - add ignore-scripts to npm ci#736

Merged
anthony-nhs merged 1 commit intomainfrom
fix_install
Apr 15, 2026
Merged

Chore: [AEA-0000] - add ignore-scripts to npm ci#736
anthony-nhs merged 1 commit intomainfrom
fix_install

Conversation

@anthony-nhs
Copy link
Copy Markdown
Contributor

@anthony-nhs anthony-nhs commented Apr 15, 2026

Summary

  • Routine Change

Details

  • add ignore-scripts to npm ci command

Copilot AI review requested due to automatic review settings April 15, 2026 11:12
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Apr 15, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Copilot AI reviewed Apr 15, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the repository’s Node installation step to disable running npm lifecycle scripts during npm ci, aligning installs with a more locked-down/supply-chain-conscious posture.

Changes:

  • Add --ignore-scripts to the install-node Makefile target’s npm ci command.

Comment thread Makefile

install-node:
npm ci
npm ci --ignore-scripts
Copy link

Copilot AI Apr 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

npm ci --ignore-scripts will skip all dependency lifecycle scripts. In the current package-lock.json there are dependencies marked hasInstallScript (e.g., unrs-resolver used by jest-resolve), so this change can alter runtime behavior and potentially break npm run test/npm run lint if any required postinstall step is skipped. Consider restricting --ignore-scripts to CI-only (or adding a separate make target) and/or explicitly verifying in CI that build/lint/test still pass after a clean install with scripts disabled.

Suggested change
npm ci --ignore-scripts
npm ci

Copilot uses AI. Check for mistakes.
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Apr 15, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@anthony-nhs anthony-nhs merged commit 2f42aa7 into main Apr 15, 2026
15 checks passed
@anthony-nhs anthony-nhs deleted the fix_install branch April 15, 2026 11:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@anthony-nhs