mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 1008 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
74966 Commits
421 Branches
Tree: ff92ab1fb1
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ff92ab1fb1'
${ noResults }
nextcloud/.github/workflows/static-code-analysis.yml

static-code-analysis.yml 3.0KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103 
  1. # SPDX-FileCopyrightText: 2020 Nextcloud GmbH and Nextcloud contributors

  2. # SPDX-License-Identifier: MIT

  3. name: Psalm static code analysis

  4. 

  5. on:

  6.   pull_request:

  7. 

  8. concurrency:

  9.   group: static-code-analysis-${{ github.head_ref || github.run_id }}

  10.   cancel-in-progress: true

  11. 

  12. jobs:

  13.   static-code-analysis:

  14.     runs-on: ubuntu-latest

  15. 

  16.     if: ${{ github.repository_owner != 'nextcloud-gmbh' }}

  17. 

  18.     steps:

  19.       - name: Checkout

  20.         uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29

  21.         with:

  22.           submodules: true

  23. 

  24.       - name: Set up php

  25.         uses: shivammathur/setup-php@v2

  26.         with:

  27.           php-version: '8.1'

  28.           extensions: apcu,ctype,curl,dom,fileinfo,ftp,gd,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip

  29.           coverage: none

  30.         env:

  31.           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

  32. 

  33.       - name: Composer install

  34.         run: composer i

  35. 

  36.       - name: Psalm

  37.         run: composer run psalm:ci -- --monochrome --no-progress --output-format=github --update-baseline --report=results.sarif

  38. 

  39.       - name: Show potential changes in Psalm baseline

  40.         if: always()

  41.         run: git diff -- . ':!lib/composer'

  42. 

  43.       - name: Upload Analysis results to GitHub

  44.         if: always()

  45.         uses: github/codeql-action/upload-sarif@v3

  46.         with:

  47.           sarif_file: results.sarif

  48. 

  49.   static-code-analysis-security:

  50.     runs-on: ubuntu-latest

  51. 

  52.     steps:

  53.       - name: Checkout code

  54.         uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29

  55.         with:

  56.           submodules: true

  57. 

  58.       - name: Set up php

  59.         uses: shivammathur/setup-php@master

  60.         with:

  61.           php-version: '8.1'

  62.           extensions: ctype,curl,dom,fileinfo,ftp,gd,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip

  63.           coverage: none

  64. 

  65.       - name: Composer install

  66.         run: composer i

  67. 

  68.       - name: Psalm taint analysis

  69.         run: composer run psalm:ci -- --monochrome --no-progress --output-format=github --report=results.sarif --taint-analysis

  70. 

  71.       - name: Upload Security Analysis results to GitHub

  72.         if: always()

  73.         uses: github/codeql-action/upload-sarif@v3

  74.         with:

  75.           sarif_file: results.sarif

  76. 

  77.   static-code-analysis-ocp:

  78.     runs-on: ubuntu-latest

  79. 

  80.     steps:

  81.       - name: Checkout

  82.         uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29

  83.         with:

  84.           submodules: true

  85. 

  86.       - name: Set up php

  87.         uses: shivammathur/setup-php@v2

  88.         with:

  89.           php-version: '8.1'

  90.           extensions: ctype,curl,dom,fileinfo,gd,intl,json,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip

  91.           coverage: none

  92.         env:

  93.           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

  94. 

  95.       - name: Composer install

  96.         run: composer i

  97. 

  98.       - name: Psalm

  99.         run: composer run psalm:ci -- -c psalm-ocp.xml --monochrome --no-progress --output-format=github --update-baseline

  100. 

  101.       - name: Show potential changes in Psalm baseline

  102.         if: always()

  103.         run: git diff -- . ':!lib/composer'