-
Notifications
You must be signed in to change notification settings - Fork 1
41 lines (33 loc) · 939 Bytes
/
psalm.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
name: "Psalm Security Scan"
on:
pull_request:
push:
branches-ignore:
- "dependabot/**"
jobs:
psalm:
name: "Psalm"
runs-on: ${{ matrix.operating-system }}
strategy:
matrix:
dependencies:
- "locked"
php-version:
- "8.1"
operating-system:
- "ubuntu-latest"
steps:
- name: "Checkout"
uses: "actions/checkout@v4"
- name: "Composer install"
uses: ./.github/actions/composer
with:
php-version: '${{ matrix.php-version }}'
dependencies: '${{ matrix.dependencies }}'
extensions: json, mbstring
- name: "Psalm Security Scan"
run: .Build/bin/psalm --output-format=github --taint-analysis --report=results.sarif
- name: "Upload Security Analysis results to GitHub"
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: results.sarif