feat(ci): additional code/deps/security checks

* check for compile warnings * check deprecated deps * check insecure deps * check unused deps * check code vunerabilities
2023-08-01 10:10:36 +00:00 · 2023-08-01 10:10:36 +00:00 · c814232bf0
commit c814232bf0
parent 2039b43c53
2 changed files with 8 additions and 2 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -52,10 +52,14 @@ steps:
    image: 'elixir:1.15.4-slim'
    commands:
      - mix do local.rebar --force, local.hex --force, deps.get, deps.compile
-      - mix compile
+      - mix compile --all-warnings --warnings-as-errors
-      - mix format --check-formatted
+      - mix hex.audit
      - mix deps.audit
      - mix deps.unlock --check-unused
      - mix format --dry-run --check-formatted
      - mix credo suggest --strict --format=flycheck
      - mix dialyzer --no-check --quiet --ignore-exit-status --format short
      - mix sobelow
  - name: rebuild cache
    image: 'meltwater/drone-cache:v1.4.0'
--- a/mix.exs
+++ b/mix.exs
@ -39,6 +39,7 @@ defmodule Wabanex.MixProject do
      {:jason, "~> 1.4.0"},
      {:junit_formatter, "~> 3.3.0", only: [:test]},
      {:lcov_ex, "~> 0.3.0", only: [:dev, :test], runtime: false},
      {:mix_audit, "~> 2.1.0", only: [:dev, :test], runtime: false},
      {:pg_ranges, "~> 1.1.0"},
      {:phoenix, "~> 1.7.0"},
      {:phoenix_ecto, "~> 4.4.0"},
@ -47,6 +48,7 @@ defmodule Wabanex.MixProject do
      {:plug_cowboy, "~> 2.6.0"},
      {:postgrex, "~> 0.17.0"},
      {:prom_ex, "~> 1.8.0"},
      {:sobelow, "~> 0.12", only: [:dev, :test], runtime: false},
      {:telemetry_metrics, "~> 0.6.0"},
      {:telemetry_poller, "~> 1.0.0"}
    ]