fix(fc2a): use npm install (no lockfile required) for frontend CI

Per feedback-no-local-runs we don't run npm locally, so no
package-lock.json is tracked. npm ci fails without a lockfile; npm
install works fine. We lose strict reproducibility, which is acceptable
for a pre-v1 project — if we want it later, commit a package-lock.json
and flip back to npm ci.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-05-14 13:58:03 -04:00
parent 0f47c7485b
commit 117873423b
+5 -1
View File
@@ -65,6 +65,10 @@ jobs:
working-directory: frontend
steps:
- uses: actions/checkout@v4
- run: npm ci --no-audit --no-fund
# No package-lock.json is tracked yet (we don't run npm locally per
# feedback-no-local-runs). Using `npm install` instead of `npm ci`.
# If we want strict lockfile-based reproducibility later, commit a
# package-lock.json and flip this back to `npm ci`.
- run: npm install --no-audit --no-fund
- run: npm run check
- run: npm run build