mirror of
https://github.com/DanielSiepmann/tracking.git
synced 2024-11-22 05:56:08 +01:00
Add sensiolabs secutiy checker to ci
This commit is contained in:
parent
2c4db3078d
commit
f06684c660
2 changed files with 26 additions and 1 deletions
24
.github/workflows/ci.yaml
vendored
24
.github/workflows/ci.yaml
vendored
|
|
@ -163,3 +163,27 @@ jobs:
|
||||||
|
|
||||||
- name: Code Quality (by PHPStan)
|
- name: Code Quality (by PHPStan)
|
||||||
run: ./vendor/bin/phpstan analyse
|
run: ./vendor/bin/phpstan analyse
|
||||||
|
|
||||||
|
security-test:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
needs: [check-dependencies]
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v2
|
||||||
|
|
||||||
|
- name: Get Composer Cache Directory
|
||||||
|
id: composer-cache
|
||||||
|
run: |
|
||||||
|
echo "::set-output name=dir::$(composer config cache-files-dir)"
|
||||||
|
|
||||||
|
- uses: actions/cache@v1
|
||||||
|
with:
|
||||||
|
path: ${{ steps.composer-cache.outputs.dir }}
|
||||||
|
key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
|
||||||
|
restore-keys: |
|
||||||
|
${{ runner.os }}-composer-
|
||||||
|
|
||||||
|
- name: Install dependencies
|
||||||
|
run: composer install --prefer-dist --no-progress --no-suggest
|
||||||
|
|
||||||
|
- name: PHP Security test
|
||||||
|
run: ./vendor/bin/security-checker security:check --no-ansi
|
||||||
|
|
|
||||||
|
|
@ -47,7 +47,8 @@
|
||||||
"maglnet/composer-require-checker": "^2.1",
|
"maglnet/composer-require-checker": "^2.1",
|
||||||
"phpspec/prophecy-phpunit": "^2.0",
|
"phpspec/prophecy-phpunit": "^2.0",
|
||||||
"typo3/testing-framework": "^6.3",
|
"typo3/testing-framework": "^6.3",
|
||||||
"saschaegerer/phpstan-typo3": "^0.13.1"
|
"saschaegerer/phpstan-typo3": "^0.13.1",
|
||||||
|
"sensiolabs/security-checker": "^6.0"
|
||||||
},
|
},
|
||||||
"minimum-stability": "dev",
|
"minimum-stability": "dev",
|
||||||
"prefer-stable": true,
|
"prefer-stable": true,
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue