Merge pull request #24246 from LukasReschke/add-taint-flow-analysis

Add Psalm Security Analysis
author: Morris Jobke <hey@morrisjobke.de> 2020-11-21 00:04:37 +0100
committer: GitHub <noreply@github.com> 2020-11-21 00:04:37 +0100
commit: 6811274cfd642fa5a4bbfcdab46b43cfafc65441 (patch)
tree: 8e37a9827937c16bddd0ba694727a0304a714f51 /.github
parent: c31e4266c71fa34707455fc41b728a50db2c606e (diff)
parent: 47ac8e0028d88f3f103412df1574eb8212d57765 (diff)
download: nextcloud-server-6811274cfd642fa5a4bbfcdab46b43cfafc65441.tar.gz
nextcloud-server-6811274cfd642fa5a4bbfcdab46b43cfafc65441.zip
1 files changed, 26 insertions, 0 deletions
diff --git a/.github/workflows/psalm-security.yml b/.github/workflows/psalm-security.yml
new file mode 100644
index 00000000000..0e19cda2d33
--- /dev/null
+++ b/.github/workflows/psalm-security.yml
@@ -0,0 +1,26 @@
+name: Psalm Security Analysis
+
+on:
+  push:
+  pull_request:
+  schedule:
+  - cron: '0 0 * * 0'
+
+jobs:
+  psalm:
+    name: Psalm
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+        with:
+          submodules: recursive
+      - name: Psalm
+        uses: docker://vimeo/psalm-github-actions
+        with:
+          security_analysis: true
+          report_file: results.sarif
+      - name: Upload Security Analysis results to GitHub
+        uses: github/codeql-action/upload-sarif@v1
+        with:
+          sarif_file: results.sarif
author	Morris Jobke <hey@morrisjobke.de>	2020-11-21 00:04:37 +0100
committer	GitHub <noreply@github.com>	2020-11-21 00:04:37 +0100
commit	6811274cfd642fa5a4bbfcdab46b43cfafc65441 (patch)
tree	8e37a9827937c16bddd0ba694727a0304a714f51 /.github
parent	c31e4266c71fa34707455fc41b728a50db2c606e (diff)
parent	47ac8e0028d88f3f103412df1574eb8212d57765 (diff)
download	nextcloud-server-6811274cfd642fa5a4bbfcdab46b43cfafc65441.tar.gz nextcloud-server-6811274cfd642fa5a4bbfcdab46b43cfafc65441.zip