Skip to content

update github tests #2580

update github tests

update github tests #2580

Workflow file for this run

name: PHP Static Security Tests
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
schedule:
- cron: '25 17 * * 1'
jobs:
build:
runs-on: ubuntu-22.04
steps:
- name: Checkout Repo
uses: actions/checkout@v3
- name: Setup PHP with PCOV
uses: shivammathur/setup-php@v2
with:
php-version: '8.2'
ini-values: pcov.directory=.
coverage: pcov
extensions: mbstring, intl
- name: Validate composer.json and composer.lock
run: composer validate
- name: Cache Composer packages
id: composer-cache
uses: actions/cache@v3
with:
path: vendor
key: ${{ runner.os }}-php-${{ hashFiles('**/composer.lock') }}
restore-keys: |
${{ runner.os }}-php-
- name: Configure composer and dependencies
run: composer config allow-plugins.third-party/required-plugin true && composer config minimum-stability dev && composer config prefer-stable true && composer require mediawiki/oauthclient:2.0.0 && composer require vimeo/psalm designsecurity/progpilot:1.0.2
- name: Install dependencies
if: steps.composer-cache.outputs.cache-hit != 'true'
run: composer install --prefer-dist -vvv --no-progress
- name: PHP psalm Taint
run: php ./vendor/bin/psalm --taint-analysis --php-version='8.2'
- name: PHP Design Security
run: ./vendor/bin/progpilot --configuration progpilot.yml html_headers.php category.php generate_template.php gitpull.php linked_pages.php process_page.php authenticate.php
- name: The PHP Security Checker
uses: symfonycorp/security-checker-action@v4
- name: PHP Security Checker
uses: StephaneBour/[email protected]