minor #1572 install security patches (xabbuh) #956
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Lint" | |
| on: | |
| pull_request: | |
| push: | |
| branches: | |
| - main | |
| env: | |
| fail-fast: true | |
| permissions: | |
| contents: read | |
| jobs: | |
| php-cs-fixer: | |
| name: PHP-CS-Fixer | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: "Checkout code" | |
| uses: actions/checkout@v4 | |
| - name: PHP-CS-Fixer | |
| uses: docker://oskarstark/php-cs-fixer-ga | |
| with: | |
| args: --diff --dry-run | |
| linters: | |
| name: Linters | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| php-version: ['8.2'] | |
| steps: | |
| - name: "Checkout code" | |
| uses: actions/checkout@v4 | |
| - name: "Install PHP with extensions" | |
| uses: shivammathur/setup-php@v2 | |
| with: | |
| coverage: "none" | |
| extensions: intl | |
| php-version: ${{ matrix.php-version }} | |
| tools: composer:v2 | |
| - name: Lint Composer config | |
| run: composer validate --no-check-publish --strict | |
| - name: "Install dependencies" | |
| id: install | |
| run: composer install --ansi --no-interaction --no-progress | |
| - name: Lint YAML files | |
| if: always() && steps.install.outcome == 'success' | |
| run: ./bin/console lint:yaml config --parse-tags | |
| - name: Lint Twig templates | |
| if: always() && steps.install.outcome == 'success' | |
| run: ./bin/console lint:twig templates --env=prod | |
| - name: Lint XLIFF translation files | |
| if: always() && steps.install.outcome == 'success' | |
| run: ./bin/console lint:xliff translations | |
| - name: Lint translation contents | |
| if: always() && steps.install.outcome == 'success' | |
| run: ./bin/console lint:translations | |
| - name: Lint Parameters and Services | |
| if: always() && steps.install.outcome == 'success' | |
| run: ./bin/console lint:container --no-debug | |
| - name: Lint Doctrine entities | |
| if: always() && steps.install.outcome == 'success' | |
| run: ./bin/console doctrine:schema:validate --skip-sync -vvv --no-interaction | |
| - name: Check if any dependencies are compromised | |
| if: always() && steps.install.outcome == 'success' | |
| run: composer audit | |
| static-analysis: | |
| name: PHPStan | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Setup PHP | |
| uses: shivammathur/setup-php@v2 | |
| with: | |
| coverage: none | |
| php-version: '8.3' | |
| - name: Install dependencies | |
| run: composer install --ansi --no-interaction --no-progress | |
| - name: Run PHPStan | |
| run: vendor/bin/phpstan analyze --no-progress |