From 0ed9b006e87c055f232f11ef5bdfff15075c36cd Mon Sep 17 00:00:00 2001
From: silverwind <me@silverwind.io>
Date: Sat, 15 Jan 2022 12:06:29 -0800
Subject: [PATCH] Add lockfile-check (#18285)

* Add lockfile-check

This check runs `npm install` which will rewrite the lockfile in case it
is inconsistent with package.json. This check detects this and will fail
the CI in such a case.
---
 Makefile          | 13 ++++++++++++-
 package-lock.json |  1 +
 package.json      |  1 +
 3 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index ca273fd507..cb4304b812 100644
--- a/Makefile
+++ b/Makefile
@@ -292,7 +292,7 @@ fmt-check:
 checks: checks-frontend checks-backend
 
 .PHONY: checks-frontend
-checks-frontend: svg-check
+checks-frontend: lockfile-check svg-check
 
 .PHONY: checks-backend
 checks-backend: swagger-check swagger-validate
@@ -700,6 +700,17 @@ svg-check: svg
 		exit 1; \
 	fi
 
+.PHONY: lockfile-check
+lockfile-check:
+	npm install --package-lock-only
+	@diff=$$(git diff package-lock.json); \
+	if [ -n "$$diff" ]; then \
+		echo "package-lock.json is inconsistent with package.json"; \
+		echo "Please run 'npm install --package-lock-only' and commit the result:"; \
+		echo "$${diff}"; \
+		exit 1; \
+	fi
+
 .PHONY: update-translations
 update-translations:
 	mkdir -p ./translations
diff --git a/package-lock.json b/package-lock.json
index 845be7179c..3d62eb1ab2 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -4,6 +4,7 @@
   "requires": true,
   "packages": {
     "": {
+      "name": "gitea",
       "license": "MIT",
       "dependencies": {
         "@claviska/jquery-minicolors": "2.3.6",
diff --git a/package.json b/package.json
index 2f8ac8df53..86e8b9aedd 100644
--- a/package.json
+++ b/package.json
@@ -1,4 +1,5 @@
 {
+  "name": "gitea",
   "license": "MIT",
   "private": true,
   "type": "module",