Create dedicated check scripts for lockfile accuracy.

There isn't a corresponding fix script for this as the lockfiles are rebuilt every time you run a command that resolves dependencies, in either `cargo` or `npm`. Furthermore, `cargo build` (and anything else that runs `build.rs`) will implicitly run `npm install` and update `package-lock.json` in the process. This was originally part of [another proposal][pr-6]. I've broken it out to make the intent clearer, and to make the proposal easier to get a handle on in isolation from other, related changes. Thanks to @wlonk for their input on this! [pr-6]: https://codeberg.org/ojacobson/pilcrow/pulls/6 Merges prop/lockfile-checks into main.
author: ojacobson <ojacobson@noreply.codeberg.org> 2025-06-11 18:34:15 +0200
committer: ojacobson <ojacobson@noreply.codeberg.org> 2025-06-11 18:34:15 +0200
commit: 1f009e06fd6db82a91536eec88ef3232267385bf (patch)
tree: bc8ff93911996678fa206e17fe86884932cadb9f /tools
parent: a6ae7ee0170e2235ffc9c4eacddae2fb6878ad07 (diff)
parent: 0fe097759f175a8727ff9353bf9570acfe25765c (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/tools/check-lockfiles b/tools/check-lockfiles
new file mode 100755
index 0000000..5e27fa7
--- /dev/null
+++ b/tools/check-lockfiles
@@ -0,0 +1,11 @@
+#!/bin/bash -e
+
+## tools/check-lockfiles
+##
+## Verifies that the various dependency lockfiles used in this project match
+## the dependencies configured.
+
+cd "$(dirname "$0")/.."
+
+npm ci --dry-run
+cargo update --locked --workspace
author	ojacobson <ojacobson@noreply.codeberg.org>	2025-06-11 18:34:15 +0200
committer	ojacobson <ojacobson@noreply.codeberg.org>	2025-06-11 18:34:15 +0200
commit	1f009e06fd6db82a91536eec88ef3232267385bf (patch)
tree	bc8ff93911996678fa206e17fe86884932cadb9f /tools
parent	a6ae7ee0170e2235ffc9c4eacddae2fb6878ad07 (diff)
parent	0fe097759f175a8727ff9353bf9570acfe25765c (diff)