chore: add script to update deps

2026-05-13 16:39:52 +00:00 · 2026-04-26 14:41:27 +02:00
parent 64d4ac7919
commit f9f93f0ef1
4 changed files with 601 additions and 0 deletions
--- a/scripts/development/create-release.sh
+++ b/scripts/development/create-release.sh
@@ -1,3 +1,5 @@
+#!/bin/bash
+
 # Check if the script is being run from the root of the project
 if [ ! -f .version ] || [ ! -f frontend/package.json ] || [ ! -f CHANGELOG.md ]; then
    echo "Error: This script must be run from the root of the project."
@@ -16,6 +18,12 @@ if ! command -v gh &>/dev/null; then
    exit 1
 fi

+# Check if Snyk CLI is installed
+if ! command -v snyk &>/dev/null; then
+    echo "Error: Snyk CLI is not installed. Please install it and authenticate using 'snyk auth'."
+    exit 1
+fi
+
 # Check if we're on the main branch
 if [ "$(git rev-parse --abbrev-ref HEAD)" != "main" ]; then
    echo "Error: This script must be run on the main branch."
@@ -76,6 +84,12 @@ else
    fi
 fi

+echo "Running Snyk dependency scan..."
+if ! snyk test --all-projects --dev --detection-depth=3 --strict-out-of-sync=false --severity-threshold=high; then
+    echo "Error: Snyk detected high-severity vulnerable dependencies. Release creation aborted."
+    exit 1
+fi
+
 # Increment the version based on the release type
 if [ "$RELEASE_TYPE" == "major" ]; then
    echo "Performing major release..."