From f06684c6604226cc33e0bd1c95ab4ea0748fad01 Mon Sep 17 00:00:00 2001
From: Daniel Siepmann <coding@daniel-siepmann.de>
Date: Fri, 7 Aug 2020 11:56:20 +0200
Subject: [PATCH] Add sensiolabs secutiy checker to ci

---
 .github/workflows/ci.yaml | 24 ++++++++++++++++++++++++
 composer.json             |  3 ++-
 2 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index a7e678b..e2547d7 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -163,3 +163,27 @@ jobs:
 
       - name: Code Quality (by PHPStan)
         run: ./vendor/bin/phpstan analyse
+
+  security-test:
+    runs-on: ubuntu-latest
+    needs: [check-dependencies]
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Get Composer Cache Directory
+        id: composer-cache
+        run: |
+            echo "::set-output name=dir::$(composer config cache-files-dir)"
+
+      - uses: actions/cache@v1
+        with:
+          path: ${{ steps.composer-cache.outputs.dir }}
+          key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-composer-
+
+      - name: Install dependencies
+        run: composer install --prefer-dist --no-progress --no-suggest
+
+      - name: PHP Security test
+        run: ./vendor/bin/security-checker security:check --no-ansi
diff --git a/composer.json b/composer.json
index e864d1a..91735b6 100644
--- a/composer.json
+++ b/composer.json
@@ -47,7 +47,8 @@
         "maglnet/composer-require-checker": "^2.1",
         "phpspec/prophecy-phpunit": "^2.0",
         "typo3/testing-framework": "^6.3",
-        "saschaegerer/phpstan-typo3": "^0.13.1"
+        "saschaegerer/phpstan-typo3": "^0.13.1",
+        "sensiolabs/security-checker": "^6.0"
     },
     "minimum-stability": "dev",
     "prefer-stable": true,