SIR-1522 - cli v2 pre flight validation gate on raisely deploy no validate#68
Merged
KeinerM merged 9 commits intoMay 8, 2026
Conversation
Run campaign and component validators before any deploy uploads, add the --no-validate escape hatch, and stop the deploy with contextual errors when validation fails. Co-authored-by: Cursor <cursoragent@cursor.com>
Add explicit integration-style tests for bad SCSS, bad component, network failure, --no-validate bypass, and gate behavior under --force and cli mode. Co-authored-by: Cursor <cursoragent@cursor.com>
Move the CLI test runner and all test files to Vitest while preserving existing test coverage and behavior. Add a shared Vitest config to support cwd-dependent tests and keep filenames standardized as *.test.js. Co-authored-by: Cursor <cursoragent@cursor.com>
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
Normalize malformed validator results into explicit deploy validation failures and stop the styles upload spinner on error before returning. Add coverage for malformed validator output to prevent regressions. Co-authored-by: Cursor <cursoragent@cursor.com>
…IR-1522) Limit pre-flight validation fan-out with bounded concurrency and treat a missing components directory as an empty component set. Add deploy test coverage for the missing-components path. Co-authored-by: Cursor <cursoragent@cursor.com>
Drop createDeployDependencies and test-only dependency parameters from deploy while preserving behavior. Rewrite deploy tests to use Vitest module mocks instead of injected stubs. Co-authored-by: Cursor <cursoragent@cursor.com>
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 1ffc4d6. Configure here.
Remove deploy dependency-injection wiring in favor of direct module calls, and handle campaign lookup failures as controlled validation failures. Update deploy tests to use vi.mock module mocks and cover campaign lookup failure handling. Co-authored-by: Cursor <cursoragent@cursor.com>
Pin runtime and dev dependencies to exact latest versions compatible with Node 18 and refresh the lockfile for reproducible installs. Co-authored-by: Cursor <cursoragent@cursor.com>
…-1522) Pin the CLI Babel compiler toolchain to the known-compatible versions used by the compile flow and refresh the lockfile while keeping Node 18 compatibility. Co-authored-by: Cursor <cursoragent@cursor.com>
xolott-ark
approved these changes
May 7, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What changed
--no-validateonraisely deployto bypass validation when needed.--no-validatebypass--forcecli: truenode:testtovitest.Note
High Risk
Deploy now performs pre-upload SCSS/component validation and includes token-refreshing validator calls, plus new test tooling/deps; mistakes here could block deployments or mishandle auth/validation flows.
Overview
Adds a pre-flight validation gate to
raisely deploythat validates campaign SCSS (via remote transpiler) and local component source, failing fast before any uploads and printing all errors with campaign/component context. Introduces--no-validateto bypass this gate when needed (validation still runs under--force/cli: true).Adds new validator helpers (
validateCampaignSass,validateComponent) including transpiler URL normalization, credential refresh-on-401, and graceful handling of malformed/failed validator responses, plus deploy-focused tests covering validation failures/bypass and network/auth edge cases. Migrates the test suite tovitestand updates test config/scripts.Risk Assessment (Framework v2.0)
validateCampaignSass)vitest)deployflow plus new testsvitestdev dependency and updates test script/configMitigating Factors
Findings
--no-validatebehavior are acceptable for all workflows (CI and interactive).Outstanding findings: 1
Overall risk: HIGH
Decision: ESCALATE
Rationale: Two Tier 1 dimensions are Medium (auth-adjacent validation + deploy behavior change), and there is an open workflow-risk finding that warrants human review.
Reviewed by Cursor Bugbot for commit 4b76e0c. Bugbot is set up for automated code reviews on this repo. Configure here.