2022-03-16 07:11:40 -07:00
|
|
|
# This workflow runs PHPStan security analysis tool
|
|
|
|
|
# More information: https://github.com/phpstan/phpstan
|
2022-03-16 04:14:18 -07:00
|
|
|
name: PHPStan Security Scan
|
|
|
|
|
on:
|
|
|
|
|
push:
|
|
|
|
|
branches: [ master ]
|
|
|
|
|
pull_request:
|
|
|
|
|
branches: [ master ]
|
|
|
|
|
jobs:
|
|
|
|
|
phpstan-security-scan:
|
|
|
|
|
name: PHPStan Security Scan
|
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
|
steps:
|
|
|
|
|
- name: Check out repository code
|
|
|
|
|
uses: actions/checkout@v2
|
|
|
|
|
- name: Setup PHP
|
|
|
|
|
uses: shivammathur/setup-php@v2
|
|
|
|
|
with:
|
|
|
|
|
php-version: '8.0'
|
2022-03-16 07:22:27 -07:00
|
|
|
#coverage: none
|
2022-03-16 04:14:18 -07:00
|
|
|
ini-values: "memory_limit=-1"
|
2022-03-16 07:22:27 -07:00
|
|
|
#extensions: mbstring, intl
|
2022-03-16 04:14:18 -07:00
|
|
|
- name: Download deps
|
|
|
|
|
run: composer update --no-interaction --no-progress
|
|
|
|
|
- name: Download PHPStan
|
2022-03-16 07:11:40 -07:00
|
|
|
run: composer require --dev phpstan/phpstan
|
|
|
|
|
- name: Download Larastan v1 # (Laravel Framework 6.20.44), v2 is for Laravel >=9
|
2022-03-16 04:14:18 -07:00
|
|
|
run: composer require nunomaduro/larastan:^1.0 --dev
|
|
|
|
|
- name: Download mcrypt helper
|
|
|
|
|
run: wget https://raw.githubusercontent.com/JetBrains/phpstorm-stubs/master/mcrypt/mcrypt.php -O _mcrypt_helper.php
|
|
|
|
|
- name: Delete conflicting file
|
|
|
|
|
run: rm -f database/migrations/2015_11_05_183749_image.php
|
|
|
|
|
- name: Execute PHPStan
|
|
|
|
|
run: vendor/bin/phpstan analyze app config routes --no-progress --error-format=github -l 5
|
2022-03-16 07:22:27 -07:00
|
|
|
env:
|
|
|
|
|
APP_KEY: APP_KEY_CREATED_FOR_PHPSTAN_SDLC
|
