diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 852c283..d89c5f3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -199,3 +199,28 @@ jobs: typo3-version: - ^9.5 - ^10.4 + security-test: + name: "PHP Security test" + runs-on: ubuntu-latest + strategy: + matrix: + php-version: + - 7.4 + steps: + - name: Checkout + uses: actions/checkout@v2 + - name: "Install PHP" + uses: shivammathur/setup-php@v2 + with: + php-version: "${{ matrix.php-version }}" + - name: "Cache dependencies installed with composer" + uses: actions/cache@v1 + with: + key: "php${{ matrix.php-version }} + -composer-${{ hashFiles('**/composer.json') }}" + path: ~/.composer/cache + restore-keys: "php${{ matrix.php-version }}-composer-\n" + - name: "Install Composer dependencies" + run: "composer install --no-progress" + - name: "Run PHP Security test" + run: "composer ci:security" diff --git a/composer.json b/composer.json index c55a309..f889524 100644 --- a/composer.json +++ b/composer.json @@ -39,9 +39,10 @@ "nimut/testing-framework": "^5.0.3", "phpunit/phpunit": "^7.5.20", "squizlabs/php_codesniffer": "^3.5.5", - "typo3/cms-fluid-styled-content": "^9.5 || 10.4", + "typo3/cms-fluid-styled-content": "^9.5 || ^10.4", "seld/jsonlint": "^1.8", - "phpdocumentor/reflection-docblock": "<= 5.1 || > 5.2" + "phpdocumentor/reflection-docblock": "<= 5.1 || > 5.2", + "sensiolabs/security-checker": "^6.0" }, "replace": { "typo3-ter/tea": "self.version" @@ -72,6 +73,7 @@ "ci:ts:lint": ".Build/vendor/bin/typoscript-lint -c Configuration/TsLint.yml --ansi -n --fail-on-warnings -vvv Configuration/TypoScript", "ci:tests:unit": ".Build/vendor/bin/phpunit -c .Build/vendor/nimut/testing-framework/res/Configuration/UnitTests.xml Tests/Unit", "ci:tests:functional": "find 'Tests/Functional' -wholename '*Test.php' | parallel --gnu 'echo; echo \"Running functional test suite {}\"; .Build/vendor/bin/phpunit -c .Build/vendor/nimut/testing-framework/res/Configuration/FunctionalTests.xml {}';", + "ci:security": ".Build/vendor/bin/security-checker security:check", "ci:tests": [ "@ci:tests:unit", "@ci:tests:functional"