feat(ci): additional code/deps/security checks (#37)

To improve `CI` quality the following checks were added: * compile warnings * deprecated dependencies * insecure dependencies * unused dependencies * code vulnerabilities Also, to improve `CI` execution time, dependencies checks and lining were separated from the test pipeline. Last, but not least, to make local development easier a `Dockerfile` was created to contain any system dependencies, and targets to handle database creation and migration were added. Reviewed-on: #37
2023-11-11 20:35:45 +00:00
parent 62219ecc9f
commit 7420139650
7 changed files with 154 additions and 19 deletions
--- a/mix.exs
+++ b/mix.exs
@@ -39,6 +39,7 @@ defmodule Wabanex.MixProject do
      {:jason, "~> 1.4.0"},
      {:junit_formatter, "~> 3.3.0", only: [:test]},
      {:lcov_ex, "~> 0.3.0", only: [:dev, :test], runtime: false},
+      {:mix_audit, "~> 2.1.0", only: [:dev, :test], runtime: false},
      {:pg_ranges, "~> 1.1.0"},
      {:phoenix, "~> 1.7.0"},
      {:phoenix_ecto, "~> 4.4.0"},
@@ -47,6 +48,7 @@ defmodule Wabanex.MixProject do
      {:plug_cowboy, "~> 2.6.0"},
      {:postgrex, "~> 0.17.0"},
      {:prom_ex, "~> 1.9.0"},
+      {:sobelow, "~> 0.12", only: [:dev, :test], runtime: false},
      {:telemetry_metrics, "~> 0.6.0"},
      {:telemetry_poller, "~> 1.0.0"}
    ]