ci: run the frontend vitest suite on pull requests

[ashish921998]

What

Adds a Frontend workflow that runs npx vitest run on every PR touching frontend/** (and on pushes to main).

Why

The renderer test suite rotted to 2/9 runnable files with nothing noticing, because no CI workflow ever executed it — found during the post-merge QA pass. #171 revived the suite (9/9 files, 99/99 tests); this job is the guard that keeps it alive.

Typecheck is deliberately not included yet: forge.config.ts and update-electron-app carry pre-existing type errors (documented in #171). Add npm run typecheck to this job once those are fixed.

Verification

Simulated the job locally with a clean npm ci + npx vitest run: 9/9 test files, 99/99 tests pass.

🤖 Generated with Claude Code

[greptile-apps]

Greptile Summary

Adds a Frontend GitHub Actions workflow that runs the vitest suite (npx vitest run) on every PR touching frontend/** and on pushes to main, filling the gap that allowed the renderer test suite to silently rot. The package-lock.json is updated to include the new test dependencies added in #171.

• The workflow is well-structured: least-privilege contents: read permissions, working-directory: frontend, and cache-dependency-path correctly pointed at the frontend lockfile.
• The push trigger on main lacks a paths filter (unlike the pull_request trigger), so the job fires on every push to main regardless of which files changed — inconsistent with go.yml's pattern.
• npx vitest run bypasses the npm test script defined in package.json; any future flags or reporters added to that script would not be picked up by CI.

Confidence Score: 4/5

Safe to merge — introduces a new CI workflow with no production code changes; the two findings are cosmetic/consistency issues that do not affect correctness.

The workflow correctly guards the vitest suite and uses pinned actions, minimal permissions, and a proper cache path. The push trigger is missing a paths filter (runs on all main pushes), and npx vitest run bypasses the npm test script, but neither causes incorrect CI behavior today.

.github/workflows/frontend.yml — the push trigger and test invocation are worth a quick look; frontend/package-lock.json is a routine lockfile update.

Important Files Changed

Filename	Overview
.github/workflows/frontend.yml	New CI workflow that runs the vitest suite on PRs touching frontend/**; correctly scoped permissions and working directory. One minor gap: the push trigger on main has no path filter, so it runs on every push to main regardless of which files changed.
frontend/package-lock.json	Lockfile regenerated as part of dependency additions from PR #171 (vitest, testing-library, etc.); the CI workflow references it for npm cache-dependency-path, which is correct.

Sequence Diagram

sequenceDiagram
    participant GH as GitHub
    participant Runner as ubuntu-latest Runner
    participant Node as Node 20
    participant Vitest as npx vitest run

    GH->>Runner: "Trigger on PR (frontend/**) or push to main"
    Runner->>Runner: "actions/checkout@v4"
    Runner->>Node: "actions/setup-node@v4 (Node 20, npm cache)"
    Node-->>Runner: Node ready, cache restored
    Runner->>Runner: npm ci (in frontend/)
    Runner->>Vitest: npx vitest run
    Vitest-->>Runner: 9/9 files, 99/99 tests pass or fail
    Runner-->>GH: Job result

Loading

_{Reviews (2): Last reviewed commit: "fix(frontend): regenerate package-lock.j..." | Re-trigger Greptile}

[greptile-apps]

The push trigger on main has no paths filter, so this job runs on every push to main regardless of which files were changed (e.g., a backend-only or docs-only commit). The sibling go.yml workflow sets a paths filter for its push trigger to avoid this. Adding the same filter here would keep CI consistent and avoid burning runner minutes on unrelated pushes.

Suggested change

	on:
	push:
	branches: [main]
	pull_request:
	paths:
	- "frontend/**"
	- ".github/workflows/frontend.yml"
	on:
	push:
	branches: [main]
	paths:
	- "frontend/**"
	- ".github/workflows/frontend.yml"
	pull_request:
	paths:
	- "frontend/**"
	- ".github/workflows/frontend.yml"

[greptile-apps]

The test script in package.json already maps to vitest run ("test": "vitest run"), so npm test is the conventional interface here. Using npx vitest run bypasses the package.json script contract — if the test invocation ever gains flags or env-vars via package.json (e.g., coverage flags, reporters), CI would silently not pick them up.

Suggested change

	- name: Run vitest suite
	run: npx vitest run
	- name: Run vitest suite
	run: npm test

Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!