1  name: PR Quality Check
 2  
 3  on:
 4    pull_request:
 5      branches: [main]
 6    push:
 7      branches: [main]
 8  
 9  jobs:
10    quality:
11      runs-on: ubuntu-latest
12  
13      steps:
14        - name: Checkout code
15          uses: actions/checkout@v4
16  
17        - name: Setup Node.js
18          uses: actions/setup-node@v4
19          with:
20            node-version: '20'
21            cache: 'npm'
22  
23        - name: Install dependencies
24          run: npm ci
25  
26        - name: Run linting
27          run: npm run lint
28  
29        - name: Run tests
30          # E2E tests require Playwright + live external services (PayPal sandbox,
31          # production site) — run locally only, not in CI.
32          run: npm run test:unit
33  
34        - name: Check for vulnerabilities
35          run: npm audit --audit-level=high || true
36  
37        - name: Upload coverage reports
38          uses: actions/upload-artifact@v4
39          if: always()
40          with:
41            name: coverage-report
42            path: coverage/