- Add govulncheck to backend-go job
- Add npm audit --audit-level=high to frontend job
- Both use || true to avoid blocking CI on existing vulns
Co-authored-by: Cursor <cursoragent@cursor.com>
- Created contrast utility (apps/web/src/utils/contrast.ts)
- getRelativeLuminance() - calculates WCAG relative luminance
- getContrastRatio() - calculates contrast ratio between colors
- meetsWCAGAA() / meetsWCAGAAA() - validates WCAG standards
- parseRGB() - parses RGB strings from CSS variables
- Created contrast test suite (apps/web/src/__tests__/contrast.test.ts)
- Tests all design system color combinations
- Validates primary text (white) on all backgrounds
- Validates secondary text (dim) on all backgrounds
- Validates text with opacity variants
- All combinations must meet WCAG AA (4.5:1)
- Added contrast test step to CI workflow
- Prevents contrast ratio regressions
- Action 11.1.1.5 complete
- Completed Action 1.1.2.4: Added cache step for generated types
- Cache keyed on openapi.yaml hash for automatic invalidation
- Speeds up CI by avoiding regeneration when spec unchanged
- Completed Action 1.1.2.3: Added type generation step to frontend CI
- Step runs before Type Check to ensure types are up-to-date
- CI will fail if generated types don't match OpenAPI spec
- Added chmod to ensure script is executable in CI environment
