|
@@ -1,4 +1,4 @@
|
|
|
-name: Psalm show github
|
|
|
+name: Psalm
|
|
|
|
|
|
on:
|
|
|
pull_request:
|
|
@@ -8,21 +8,62 @@ on:
|
|
|
- stable*
|
|
|
|
|
|
jobs:
|
|
|
- psalm:
|
|
|
- name: Psalm
|
|
|
+ generate-report:
|
|
|
runs-on: ubuntu-latest
|
|
|
+
|
|
|
steps:
|
|
|
- - name: Checkout code
|
|
|
+ - name: Checkout
|
|
|
uses: actions/checkout@v3
|
|
|
with:
|
|
|
- submodules: recursive
|
|
|
+ submodules: true
|
|
|
+
|
|
|
+ - name: Set up php
|
|
|
+ uses: shivammathur/setup-php@v2
|
|
|
+ with:
|
|
|
+ php-version: '8.0'
|
|
|
+ extensions: ctype,curl,dom,fileinfo,gd,intl,json,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
|
|
|
+ coverage: none
|
|
|
+
|
|
|
+ - name: Composer install
|
|
|
+ run: composer i
|
|
|
+
|
|
|
- name: Psalm
|
|
|
- uses: docker://vimeo/psalm-github-actions:4.9.3
|
|
|
+ # Make sure we pass and still upload the report
|
|
|
continue-on-error: true
|
|
|
+ run: composer run psalm -- --monochrome --no-progress --output-format=github --report=psalm.sarif
|
|
|
+
|
|
|
+ - name: Upload report to GitHub
|
|
|
+ if: always()
|
|
|
+ uses: github/codeql-action/upload-sarif@v2
|
|
|
with:
|
|
|
- composer_ignore_platform_reqs: false
|
|
|
- report_file: results.sarif
|
|
|
- - name: Upload Analysis results to GitHub
|
|
|
- uses: github/codeql-action/upload-sarif@v1
|
|
|
+ sarif_file: psalm.sarif
|
|
|
+
|
|
|
+ generate-security-report:
|
|
|
+ runs-on: ubuntu-latest
|
|
|
+
|
|
|
+ steps:
|
|
|
+ - name: Checkout
|
|
|
+ uses: actions/checkout@v3
|
|
|
+ with:
|
|
|
+ submodules: true
|
|
|
+
|
|
|
+ - name: Set up php
|
|
|
+ uses: shivammathur/setup-php@v2
|
|
|
+ with:
|
|
|
+ php-version: '8.0'
|
|
|
+ extensions: ctype,curl,dom,fileinfo,gd,intl,json,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
|
|
|
+ coverage: none
|
|
|
+
|
|
|
+ - name: Composer install
|
|
|
+ run: composer i
|
|
|
+
|
|
|
+ - name: Psalm
|
|
|
+ # Make sure we pass and still upload the report
|
|
|
+ continue-on-error: true
|
|
|
+ run: composer run psalm -- --monochrome --no-progress --output-format=github --taint-analysis --report=psalm.sarif
|
|
|
+
|
|
|
+ - name: Upload report to GitHub
|
|
|
+ if: always()
|
|
|
+ uses: github/codeql-action/upload-sarif@v2
|
|
|
with:
|
|
|
- sarif_file: results.sarif
|
|
|
+ sarif_file: psalm.sarif
|