File tree 1 file changed +38
-0
lines changed
1 file changed +38
-0
lines changed Original file line number Diff line number Diff line change 1+ # This workflow uses actions that are not certified by GitHub.
2+ # They are provided by a third-party and are governed by
3+ # separate terms of service, privacy policy, and support
4+ # documentation.
5+
6+ name : Psalm Security Scan
7+
8+ on :
9+ push :
10+ branches : [ "master" ]
11+ pull_request :
12+ # The branches below must be a subset of the branches above
13+ branches : [ "master" ]
14+ schedule :
15+ - cron : ' 43 21 * * 5'
16+
17+ permissions :
18+ contents : read
19+
20+ jobs :
21+ php-security :
22+ runs-on : ubuntu-latest
23+ permissions :
24+ contents : read # for actions/checkout to fetch code
25+ security-events : write # for github/codeql-action/upload-sarif to upload SARIF results
26+ actions : read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
27+
28+ steps :
29+ - name : Checkout code
30+ uses : actions/checkout@v4
31+
32+ - name : Psalm Security Scan
33+ uses : psalm/psalm-github-security-scan@f3e6fd9432bc3e44aec078572677ce9d2ef9c287
34+
35+ - name : Upload Security Analysis results to GitHub
36+ uses : github/codeql-action/upload-sarif@v2
37+ with :
38+ sarif_file : results.sarif
You can’t perform that action at this time.
0 commit comments