VisGuidesCI/CD Integration

CI/CD Integration

Integrate vis into your CI/CD pipelines for automated builds, testing, and dependency management

CI/CD Integration

Integrate vis into your continuous integration and deployment pipelines.

GitHub Actions

Build and Test

Only build and test affected projects in pull requests:

name: CI
on: [pull_request]

jobs:
    build:
        runs-on: ubuntu-latest
        steps:
            - uses: actions/checkout@v4
              with:
                  fetch-depth: 0 # Full history for affected detection

            - uses: pnpm/action-setup@v4
            - uses: actions/setup-node@v4
              with:
                  node-version: 20
                  cache: pnpm

            - run: pnpm install --frozen-lockfile

            - name: Build affected projects
              run: vis affected build --base=origin/main

            - name: Test affected projects
              run: vis affected test --base=origin/main

Dependency Health Checks

Run scheduled dependency checks:

name: Dependency Check
on:
    schedule:
        - cron: "0 9 * * 1" # Every Monday at 9am

jobs:
    check:
        runs-on: ubuntu-latest
        steps:
            - uses: actions/checkout@v4
            - uses: pnpm/action-setup@v4
            - uses: actions/setup-node@v4
              with:
                  node-version: 20
                  cache: pnpm

            - run: pnpm install --frozen-lockfile

            - name: Check for outdated dependencies
              run: vis check --format json > deps-report.json

            - name: Security audit
              run: vis check --security --exit-code

            - name: Upload report
              if: always()
              uses: actions/upload-artifact@v4
              with:
                  name: dependency-report
                  path: deps-report.json

Task Caching

Cache task runner artifacts between CI runs:

- name: Cache vis task runner
  uses: actions/cache@v4
  with:
      path: .task-runner-cache
      key: vis-cache-${{ runner.os }}-${{ hashFiles('pnpm-lock.yaml') }}
      restore-keys: |
          vis-cache-${{ runner.os }}-

Enforcing Dependency Policies

Use --exit-code to fail the pipeline when outdated dependencies are found:

- name: Enforce patch updates
  run: vis check --target patch --exit-code

Use --security to catch vulnerabilities:

- name: Security gate
  run: vis check --security --exit-code

Generating Reports

Export JSON reports for monitoring dashboards or Slack notifications:

- name: Generate reports
  run: |
      vis check --format json > check-results.json
      vis check --security --format json > security-results.json
Edit on GitHub

On this page

CI/CD Integration
GitHub Actions
Build and Test
Dependency Health Checks
Task Caching
Enforcing Dependency Policies
Generating Reports
Support

Contribute to our work and keep us going

Community is the heart of open source. The success of our packages wouldn't be possible without the incredible contributions of users, testers, and developers who collaborate with us every day.Want to get involved? Here are some tips on how you can make a meaningful impact on our open source projects.

Ready to help us out?

Be sure to check out the package's contribution guidelines first. They'll walk you through the process on how to properly submit an issue or pull request to our repositories.

Submit a pull request

Found something to improve? Fork the repo, make your changes, and open a PR. We review every contribution and provide feedback to help you get merged.

Good first issues

Simple issues suited for people new to open source development, and often a good place to start working on a package.
View good first issues