Skip to content

updated security fix on composer.lock #170

updated security fix on composer.lock

updated security fix on composer.lock #170

Workflow file for this run

name: Security
on:
pull_request:
branches:
- main
concurrency:
group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && github.head_ref || github.ref }}
cancel-in-progress: true
jobs:
security:
name: 'Security Check'
runs-on: ubuntu-latest
# Ensure the cron job runs only on the main repository, not forks.
if: github.event_name != 'schedule' || (github.event_name == 'schedule' && github.repository_owner == 'webdevstudios')
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Cache Composer dependencies
# Automatically uses Node.js 20 after March 2024
uses: actions/cache@v3
with:
path: ~/.composer/cache
key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
restore-keys: |
${{ runner.os }}-composer-
- name: Install PHP dependencies
run: composer install --no-progress --no-suggest --prefer-dist
- name: Run Security Check
uses: symfonycorp/security-checker-action@v5
with:
lock: ./composer.lock
format: ansi
disable-exit-code: true
- name: Post Security Check Summary
if: always()
run: |
echo "Security check completed. Review the output for any detected vulnerabilities."