chore(deps): bump github/codeql-action from 2 to 3 #49
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# GitHub Actions Documentation: https://docs.github.com/en/actions | |
name: "Continuous Integration" | |
on: | |
push: | |
branches: | |
- "main" | |
tags: | |
- "*" | |
pull_request: | |
branches: | |
- "main" | |
# Cancels all previous workflow runs for the same branch that have not yet completed. | |
concurrency: | |
# The concurrency group contains the workflow name and the branch name. | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
env: | |
COMPOSER_ROOT_VERSION: "1.99.99" | |
jobs: | |
coding-standards: | |
name: "Coding standards" | |
runs-on: "ubuntu-latest" | |
steps: | |
- name: "Checkout repository" | |
uses: "actions/[email protected]" | |
- name: "Install PHP" | |
uses: "shivammathur/[email protected]" | |
with: | |
php-version: "latest" | |
coverage: "none" | |
- name: "Install dependencies (Composer)" | |
uses: "ramsey/[email protected]" | |
- name: "Check syntax (php-parallel-lint)" | |
run: "composer dev:lint:syntax" | |
- name: "Check coding standards (PHP_CodeSniffer)" | |
run: "composer dev:lint:style" | |
static-analysis: | |
name: "Static analysis" | |
runs-on: "ubuntu-latest" | |
steps: | |
- name: "Checkout repository" | |
uses: "actions/[email protected]" | |
- name: "Install PHP" | |
uses: "shivammathur/[email protected]" | |
with: | |
php-version: "latest" | |
coverage: "none" | |
ini-values: "memory_limit=-1" | |
- name: "Install dependencies (Composer)" | |
uses: "ramsey/[email protected]" | |
- name: "Statically analyze code (PHPStan)" | |
run: "composer dev:analyze:phpstan" | |
- name: "Statically analyze code (Psalm)" | |
run: "composer dev:analyze:psalm -- --shepherd" | |
security-analysis: | |
name: "Security analysis" | |
needs: ["coding-standards", "static-analysis"] | |
runs-on: "ubuntu-latest" | |
permissions: | |
security-events: write | |
steps: | |
- name: "Checkout repository" | |
uses: "actions/[email protected]" | |
- name: "Install PHP" | |
uses: "shivammathur/[email protected]" | |
with: | |
php-version: "latest" | |
coverage: "none" | |
- name: "Install dependencies (Composer)" | |
uses: "ramsey/[email protected]" | |
- name: "Analyze security of code (Psalm)" | |
run: "./vendor/bin/psalm --taint-analysis --report=build/logs/psalm.sarif" | |
- name: "Upload security analysis results to GitHub" | |
uses: "github/codeql-action/upload-sarif@v3" | |
with: | |
sarif_file: "build/logs/psalm.sarif" | |
code-coverage: | |
name: "Code coverage" | |
needs: ["coding-standards", "static-analysis"] | |
runs-on: "ubuntu-latest" | |
steps: | |
- name: "Checkout repository" | |
uses: "actions/[email protected]" | |
- name: "Install PHP" | |
uses: "shivammathur/[email protected]" | |
with: | |
php-version: "latest" | |
coverage: "pcov" | |
ini-values: "memory_limit=-1" | |
- name: "Install dependencies (Composer)" | |
uses: "ramsey/[email protected]" | |
- name: "Run unit tests (PHPUnit)" | |
run: "composer dev:test:coverage:ci" | |
- name: "Publish coverage report to Codecov" | |
uses: "codecov/[email protected]" | |
unit-tests: | |
name: "Unit tests" | |
needs: ["code-coverage"] | |
runs-on: "ubuntu-latest" | |
strategy: | |
fail-fast: false | |
matrix: | |
php: | |
- "8.2" | |
composer-deps: | |
- "lowest" | |
- "highest" | |
steps: | |
- name: "Checkout repository" | |
uses: "actions/[email protected]" | |
- name: "Install PHP" | |
uses: "shivammathur/[email protected]" | |
with: | |
php-version: "${{ matrix.php }}" | |
coverage: "none" | |
- name: "Install dependencies (Composer)" | |
uses: "ramsey/[email protected]" | |
with: | |
dependency-versions: "${{ matrix.composer-deps }}" | |
composer-options: "${{ matrix.composer-options }}" | |
- name: "Run unit tests (PHPUnit)" | |
shell: "bash" | |
run: "composer dev:test:unit" |