Skip to content

Commit

Permalink
Add dependancies audit
Browse files Browse the repository at this point in the history
  • Loading branch information
Valentin Bonneaud committed Apr 10, 2024
1 parent a9edab8 commit f5ef6df
Showing 1 changed file with 43 additions and 0 deletions.
43 changes: 43 additions & 0 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,3 +61,46 @@ jobs:
- name: Code Coverage
uses: codecov/codecov-action@v3
if: matrix.coverage != 'none'
dependencies-audit:
name: Dependencies audit (PHP ${{ matrix.php-versions }})
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
php-versions: ['7.4', '8.0', '8.1', '8.2', '8.3']
coverage: ['pcov']
code-analysis: ['no']
include:
- php-versions: '7.4'
coverage: 'none'
code-analysis: 'yes'
steps:
- name: Checkout
uses: actions/checkout@v4

- name: Setup PHP, with composer and extensions
uses: shivammathur/setup-php@v2 #https://github.com/shivammathur/setup-php
with:
php-version: ${{ matrix.php-versions }}
extensions: mbstring, dom, fileinfo, mysql, redis, opcache
coverage: ${{ matrix.coverage }}
tools: composer

- name: Get composer cache directory
id: composer-cache
run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT

- name: Cache composer dependencies
uses: actions/cache@v3
with:
path: ${{ steps.composer-cache.outputs.dir }}
# Use composer.json for key, if composer.lock is not committed.
# key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.json') }}
key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.json') }}
restore-keys: ${{ runner.os }}-composer-

- name: Install composer dependencies
run: composer install --no-progress --prefer-dist --optimize-autoloader

- name: Composer audit
run: composer audit

0 comments on commit f5ef6df

Please sign in to comment.