Skip to content

feat: add Playwright testing framework and initial test setup for bro… #55

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
clFaster wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

feat: add Playwright testing framework and initial test setup for bro… #55

clFaster wants to merge 2 commits into from

Conversation

@clFaster
Copy link
Owner

@clFaster clFaster commented Dec 12, 2025

…wser extension

@sonarqubecloud
Copy link

sonarqubecloud bot commented Dec 12, 2025

Quality Gate Failed Quality Gate failed

Failed conditions
1 Security Hotspot

See analysis details on SonarQube Cloud

github-advanced-security[bot]
github-advanced-security bot found potential problems Dec 12, 2025
View reviewed changes
.github/workflows/playwright.yml
Comment on lines +9 to +39
timeout-minutes: 60
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4

- uses: pnpm/action-setup@v4
with:
version: 10

- uses: actions/setup-node@v4
with:
node-version: lts/*
cache: 'pnpm'

- name: Install dependencies
run: pnpm install

- name: Install Playwright Browsers
run: pnpm exec playwright install --with-deps
working-directory: browser

- name: Run Playwright tests (excluding extension tests that require build)
run: pnpm test --grep-invert extension
working-directory: browser

- uses: actions/upload-artifact@v4
if: always()
with:
name: playwright-report
path: browser/playwright-report/
retention-days: 30

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}

Copilot Autofix

AI 27 days ago

To fix this problem, add a permissions section with least-privilege settings. In this workflow, the only needed permission is likely contents: read, which grants read access to repository contents, enabling actions like checkout and reading code, but preventing pushes or sensitive changes. This can be added either at the root (applies to all jobs) or at the test job level. Since there is only one job, adding at the root is clear and future-proof.

Change required:

  • At the top (after the name field), insert: 
    permissions:
  contents: read
  • No new methods, definitions, or imports are needed, as this is a static configuration in YAML.
Suggested changeset 1
.github/workflows/playwright.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/playwright.yml b/.github/workflows/playwright.yml
--- a/.github/workflows/playwright.yml
+++ b/.github/workflows/playwright.yml
@@ -1,4 +1,6 @@
 name: Playwright Tests
+permissions:
+  contents: read
 on:
   push:
     branches: [ main ]
EOF
@@ -1,4 +1,6 @@
name: Playwright Tests
permissions:
contents: read
on:
push:
branches: [ main ]
Copilot is powered by AI and may make mistakes. Always verify output.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@clFaster