[CI] Add GitHub Actions workflow for lint, typecheck, and build

[Obiajulu-gif]

Overview

Add a safe GitHub Actions CI workflow so every pull request can be checked before maintainers review or merge it.

Problem

As ChainMove opens up to GrantFox contributors, maintainers need automated checks for linting, type safety, and builds. The workflow should use repository secrets safely and must not expose private credentials in logs.

Expected solution

Create .github/workflows/ci.yml that:

• runs on pull requests and pushes to main
• installs dependencies with npm ci where possible
• runs npm run lint
• runs TypeScript checking if a script exists or adds a safe typecheck script
• runs npm run build
• injects required environment variables from GitHub Secrets
• avoids deployment or secret-heavy operations on untrusted PRs

Security notes

• Do not echo secrets.
• Do not print environment values.
• Do not add production deployment to this workflow.
• Keep production deploys as a separate maintainer-only workflow.

Files likely involved

• .github/workflows/ci.yml
• package.json
• README.md

Acceptance criteria

• CI runs on PRs and push to main.
• Lint and build jobs pass.
• The workflow uses safe secret references only.
• No secret value is exposed in logs.
• Fork PRs do not run dangerous deployment steps.

Suggested labels

ci, github-actions, developer-experience, security

Difficulty

Beginner / Intermediate

[Menjay7]

Hi! I came across this issue and would love to work on it. I have experience with similar tasks and I'm confident I can investigate, implement a clean solution, and thoroughly test it before submitting a PR. If the issue is still open, I would appreciate it if you could assign it to me. Thank you!

[jaynomyaro]

Hi! I’m a full-stack developer with a strong blockchain background. I’d love to handle this issue and can deliver a clean, reliable solution. Kindly assign it to me.

[olufunsoolutayo]

Hi. Pls assign me this issue to work on. Thank you

[amina69]

Hi team,I would like to claim this issue. I have experience designing secure GitHub Actions workflows, setting up Node.js CI pipelines, and protecting repository secrets during pull request validations.Proposed Solution:Secure Workflow Definition: Create .github/workflows/ci.yml that triggers on push to main and pull_request events, running safely across local branches and forks.Optimized Dependency Caching: Leverage actions/setup-node with built-in npm caching to speed up execution using npm ci.Automated Quality Gates: Sequential execution of linting, TypeScript type-checking, and project compilation stages (npm run build).Hardened Secret Handling: Inject necessary fallback values or pull secrets safely using GitHub context expressions. No production environment variables or deployment actions will be tied to this public PR testing pipeline.Testing: Validate the pipeline functionality across a trial branch to confirm zero secret leakage and clean pipeline reporting.Could you please assign this issue to me? Thank you!

[CeceOs92]

hello maintainer, can I work this?

[Ekenesamuel8]

please i can work on this

[SYLVIANNORUKA]

Hello , Can I work on this pls? . I'll set up a secure GitHub Actions CI workflow that runs on PRs and pushes to main, installs dependencies with npm ci, runs linting, type checking, and builds. I'll ensure secrets are referenced safely without being exposed in logs, prevent deployment or privileged operations.Thank you

[Davidemulo]

can i work on this please

[grantfox-oss]

🦊 GrantFox — @Davidemulo has been assigned to this issue as part of the Official Campaign campaign!

Next steps:

1. Open a Pull Request referencing this issue (e.g., Closes #21)
2. Your PR will be reviewed by the Chainmove maintainers

Good luck! Track your progress on GrantFox.