Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 24 additions & 0 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,3 +27,27 @@ jobs:
- run: pnpm typecheck
- run: pnpm test
- run: pnpm build

e2e:
runs-on: ubuntu-latest
env:
AUTH_SECRET: some-dummy-secret-for-ci
AUTH_TRUST_HOST: "true"
TURSO_DATABASE_URL: file:local.db

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Description: Search for database initialization or migration logic

# Check for Turso/database initialization in the app
rg -n --type=ts --type=js -C3 'TURSO_DATABASE_URL|drizzle.*migrate|prisma.*migrate' 

# Check for any db setup in package.json scripts
rg -n 'db.*setup|db.*migrate|db.*push' package.json

Repository: DataDave-Dev/weftmap

Length of output: 1256


🏁 Script executed:

# Check the full CI workflow E2E job setup
cat -n .github/workflows/ci.yml | head -60

Repository: DataDave-Dev/weftmap

Length of output: 1653


🏁 Script executed:

# Search for any startup/middleware that might trigger migrations
rg -n --type=ts --type=js "db:push|migrate|startup|middleware" src/

Repository: DataDave-Dev/weftmap

Length of output: 46


🏁 Script executed:

# Check the test:e2e script definition in package.json
rg -n "test:e2e" package.json -A 2

Repository: DataDave-Dev/weftmap

Length of output: 228


🏁 Script executed:

# Look for any startup/initialization code that might run migrations
rg -n "db:push|migrat" src/ --type=ts --type=js

Repository: DataDave-Dev/weftmap

Length of output: 46


🏁 Script executed:

# Check if there's a drizzle migration directory or any setup in the app
find . -name "drizzle" -type d -o -name "*migrat*" -type f | head -20

Repository: DataDave-Dev/weftmap

Length of output: 2565


🏁 Script executed:

# Check what's in the drizzle directory
ls -la drizzle/ 2>/dev/null | head -20

Repository: DataDave-Dev/weftmap

Length of output: 238


🏁 Script executed:

# Read full src/db/index.ts to see initialization logic
cat -n src/db/index.ts

Repository: DataDave-Dev/weftmap

Length of output: 834


Add database migration step to E2E job before running tests.

The E2E job sets TURSO_DATABASE_URL: file:local.db but does not run migrations. The application only validates the environment variable at startup and does not automatically initialize the database—the drizzle/schema.sql migration file exists but is never executed in CI. Add pnpm db:push before pnpm test:e2e to ensure tables exist when E2E tests run.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/ci.yml at line 36, The E2E job configures
TURSO_DATABASE_URL to use a local file-based database but does not initialize
the database schema before running tests. The application does not automatically
create tables on startup; instead, it only validates the environment variable.
Add a database migration step by inserting pnpm db:push command in the CI
workflow before the pnpm test:e2e command to ensure that the schema from
drizzle/schema.sql is executed and all required tables are created before the
E2E tests run against the local database.

steps:
- uses: actions/checkout@v7

- uses: pnpm/action-setup@v6

- uses: actions/setup-node@v6
with:
node-version: 24
cache: pnpm

- run: pnpm install --frozen-lockfile

- name: Install Playwright Chromium Browser
run: pnpm exec playwright install --with-deps chromium

- name: Run E2E Smoke Tests
run: pnpm test:e2e
Comment on lines +31 to +53

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion | 🟠 Major | ⚡ Quick win

Add artifact upload for Playwright test results.

When E2E tests fail in CI, the HTML report and traces are essential for debugging. Without artifact upload, these files are lost when the job completes.

📦 Proposed addition
       - name: Run E2E Smoke Tests
         run: pnpm test:e2e
+
+      - name: Upload Playwright Report
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: playwright-report
+          path: playwright-report/
+          retention-days: 30
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
e2e:
runs-on: ubuntu-latest
env:
AUTH_SECRET: some-dummy-secret-for-ci
AUTH_TRUST_HOST: "true"
TURSO_DATABASE_URL: file:local.db
steps:
- uses: actions/checkout@v7
- uses: pnpm/action-setup@v6
- uses: actions/setup-node@v6
with:
node-version: 24
cache: pnpm
- run: pnpm install --frozen-lockfile
- name: Install Playwright Chromium Browser
run: pnpm exec playwright install --with-deps chromium
- name: Run E2E Smoke Tests
run: pnpm test:e2e
e2e:
runs-on: ubuntu-latest
env:
AUTH_SECRET: some-dummy-secret-for-ci
AUTH_TRUST_HOST: "true"
TURSO_DATABASE_URL: file:local.db
steps:
- uses: actions/checkout@v7
- uses: pnpm/action-setup@v6
- uses: actions/setup-node@v6
with:
node-version: 24
cache: pnpm
- run: pnpm install --frozen-lockfile
- name: Install Playwright Chromium Browser
run: pnpm exec playwright install --with-deps chromium
- name: Run E2E Smoke Tests
run: pnpm test:e2e
- name: Upload Playwright Report
if: always()
uses: actions/upload-artifact@v4
with:
name: playwright-report
path: playwright-report/
retention-days: 30
🧰 Tools
🪛 zizmor (1.25.2)

[warning] 38-38: credential persistence through GitHub Actions artifacts (artipacked): does not set persist-credentials: false

(artipacked)


[warning] 31-54: overly broad permissions (excessive-permissions): default permissions used due to no permissions: block

(excessive-permissions)


[error] 38-38: unpinned action reference (unpinned-uses): action is not pinned to a hash (required by blanket policy)

(unpinned-uses)


[error] 40-40: unpinned action reference (unpinned-uses): action is not pinned to a hash (required by blanket policy)

(unpinned-uses)


[error] 42-42: unpinned action reference (unpinned-uses): action is not pinned to a hash (required by blanket policy)

(unpinned-uses)

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/ci.yml around lines 31 - 53, The e2e CI job is missing
artifact uploads for Playwright test results, which means debugging information
is lost when tests fail. After the "Run E2E Smoke Tests" step that executes pnpm
test:e2e, add a new step using the actions/upload-artifact@v4 action to upload
the Playwright HTML report and traces directory. Configure the upload to run
even when tests fail by adding a condition that checks the job status, and
specify the appropriate paths where Playwright stores its report and trace files
(typically playwright-report and test-results directories).

3 changes: 2 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,8 @@

# testing
/coverage

/playwright-report
/test-results
# next.js
/.next/
/out/
Expand Down
28 changes: 28 additions & 0 deletions e2e/smoke.spec.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
import { test, expect } from "@playwright/test";

test("should load app, click analyze on default snippet, and render call graph nodes", async ({ page }) => {
// 1. Visit the app in English locale
await page.goto("/en/app");

// 2. Locate the textarea for code input and verify it is visible
const textarea = page.locator("textarea");
await expect(textarea).toBeVisible();

// 3. Click the "Analyze" button (using the default Python sample code)
const analyzeBtn = page.getByRole("button", { name: /^Analyze$/ });
await expect(analyzeBtn).toBeEnabled();
await analyzeBtn.click();

// 4. Assert that the React Flow workspace container is rendered
const reactFlow = page.locator(".react-flow");
await expect(reactFlow).toBeVisible();

// 5. Assert that we successfully render 6 nodes (1 file container + 5 defined functions)
const nodes = page.locator(".react-flow__node");
await expect(nodes).toHaveCount(6);

// 6. Verify key node labels contain our function names and container file
await expect(page.locator(".react-flow__node", { hasText: "snippet.py" })).toBeVisible();
await expect(page.locator(".react-flow__node", { hasText: "main" })).toBeVisible();
await expect(page.locator(".react-flow__node", { hasText: "clean" })).toBeVisible();
});
3 changes: 3 additions & 0 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,8 @@
"lint": "eslint",
"typecheck": "tsc --noEmit",
"test": "vitest run",
"test:e2e": "playwright test",
"test:e2e:ui": "playwright test --ui",
"db:push": "drizzle-kit push",
"db:studio": "drizzle-kit studio",
"format": "prettier --write .",
Expand Down Expand Up @@ -43,6 +45,7 @@
"zod": "^4.4.3"
},
"devDependencies": {
"@playwright/test": "^1.61.0",
"@types/dagre": "^0.7.54",
"@types/node": "^26",
"@types/react": "^19",
Expand Down
31 changes: 31 additions & 0 deletions playwright.config.ts
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
import { defineConfig, devices } from "@playwright/test";

export default defineConfig({
testDir: "./e2e",
fullyParallel: true,
forbidOnly: !!process.env.CI,
retries: process.env.CI ? 2 : 0,
workers: process.env.CI ? 1 : undefined,
reporter: "html",
webServer: {
command: "pnpm dev",
url: "http://localhost:3000",
reuseExistingServer: !process.env.CI,
stdout: "ignore",
stderr: "pipe",
env: {
AUTH_TRUST_HOST: "true",
AUTH_SECRET: "some-dummy-secret-for-e2e",
},
},
use: {
baseURL: "http://localhost:3000",
trace: "on",
},
projects: [
{
name: "chromium",
use: { ...devices["Desktop Chrome"] },
},
],
});
55 changes: 47 additions & 8 deletions pnpm-lock.yaml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading