From 6a97701c783177d1404a390b0761428ec5ba36ea Mon Sep 17 00:00:00 2001
From: Bojan <bojan.colic131@gmail.com>
Date: Thu, 15 Jan 2026 13:23:15 +0100
Subject: [PATCH 1/3] add github actions that checks if package-lock is not
 deleted

---
 .github/workflows/check-package-lock.yml | 42 ++++++++++++++++++++++++
 1 file changed, 42 insertions(+)
 create mode 100644 .github/workflows/check-package-lock.yml

diff --git a/.github/workflows/check-package-lock.yml b/.github/workflows/check-package-lock.yml
new file mode 100644
index 0000000..fa2ce84
--- /dev/null
+++ b/.github/workflows/check-package-lock.yml
@@ -0,0 +1,42 @@
+name: Check Package Lock File
+
+concurrency:
+  group: check-package-lock-${{ github.ref }}
+  cancel-in-progress: true
+
+on:
+  push:
+    branches:
+      - "**" # Run on push to any branch
+  pull_request:
+    branches:
+      - "**" # Run on PR to any branch
+
+jobs:
+  verify-package-lock:
+    name: Verify package-lock.json exists
+    runs-on: ubuntu-latest
+    timeout-minutes: 5
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Check if package-lock.json exists
+        run: |
+          if [ ! -f "package-lock.json" ]; then
+            echo "ERROR: package-lock.json file is missing from the repository"
+            echo "This file is required to ensure consistent dependency versions across all environments"
+            echo "Please ensure package-lock.json is committed with your changes"
+            exit 1
+          fi
+          echo "SUCCESS: package-lock.json file is present"
+
+      - name: Verify package-lock.json is not empty
+        run: |
+          if [ ! -s "package-lock.json" ]; then
+            echo "ERROR: package-lock.json file exists but is empty"
+            echo "Please run 'npm install' to regenerate the lock file"
+            exit 1
+          fi
+          echo "SUCCESS: package-lock.json file is valid and not empty"

From dd6e5d3615841bc543c0ab280fa9f33d838dbe91 Mon Sep 17 00:00:00 2001
From: Bojan <bojan.colic131@gmail.com>
Date: Thu, 22 Jan 2026 09:56:32 +0100
Subject: [PATCH 2/3] add package  lock check improvements

---
 .github/workflows/check-package-lock.yml | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/check-package-lock.yml b/.github/workflows/check-package-lock.yml
index fa2ce84..8075abf 100644
--- a/.github/workflows/check-package-lock.yml
+++ b/.github/workflows/check-package-lock.yml
@@ -7,7 +7,7 @@ concurrency:
 on:
   push:
     branches:
-      - "**" # Run on push to any branch
+      - main # Run on push to main branch only
   pull_request:
     branches:
       - "**" # Run on PR to any branch
@@ -40,3 +40,11 @@ jobs:
             exit 1
           fi
           echo "SUCCESS: package-lock.json file is valid and not empty"
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '22'
+
+      - name: Validate package-lock.json is valid and in sync
+        run: npm ci --dry-run --ignore-scripts

From e6f48e67e0f1f7362a71673022ea4dbf0354eed4 Mon Sep 17 00:00:00 2001
From: Bojan <bojan.colic131@gmail.com>
Date: Thu, 22 Jan 2026 11:20:26 +0100
Subject: [PATCH 3/3] improve security

---
 .github/workflows/check-package-lock.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/check-package-lock.yml b/.github/workflows/check-package-lock.yml
index 8075abf..5fb8e63 100644
--- a/.github/workflows/check-package-lock.yml
+++ b/.github/workflows/check-package-lock.yml
@@ -1,5 +1,8 @@
 name: Check Package Lock File
 
+permissions:
+  contents: read
+
 concurrency:
   group: check-package-lock-${{ github.ref }}
   cancel-in-progress: true