summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJohn Molakvoæ <skjnldsv@users.noreply.github.com>2023-06-08 16:19:59 +0200
committerGitHub <noreply@github.com>2023-06-08 16:19:59 +0200
commit09464c6453af74e5b5442337e48ec945446b9cf7 (patch)
tree533f00bacd8ef4a6ac4424d51c4cb0e3ddee9fc7
parentfb20f258d5b51e5ec909b1b832a95446194aeaef (diff)
parent9c8e229ee91267c6123495d92047d956c9daacba (diff)
downloadnextcloud-server-09464c6453af74e5b5442337e48ec945446b9cf7.tar.gz
nextcloud-server-09464c6453af74e5b5442337e48ec945446b9cf7.zip
Merge pull request #38702 from nextcloud/backport/38486/stable27
-rw-r--r--.github/workflows/block-merge-eol.yml13
-rw-r--r--.github/workflows/block-merge-freeze.yml17
-rw-r--r--.github/workflows/command-compile.yml34
-rw-r--r--.github/workflows/command-rebase.yml12
-rw-r--r--.github/workflows/dependabot-approve-merge.yml15
-rw-r--r--.github/workflows/fixup.yml19
-rw-r--r--.github/workflows/lint-eslint.yml36
-rw-r--r--.github/workflows/lint-php-cs.yml11
-rw-r--r--.github/workflows/lint-php.yml7
-rw-r--r--.github/workflows/node.yml25
-rw-r--r--.github/workflows/npm-audit-fix.yml12
-rw-r--r--.github/workflows/oci.yml19
-rw-r--r--.github/workflows/static-code-analysis.yml8
-rw-r--r--composer.json1
14 files changed, 159 insertions, 70 deletions
diff --git a/.github/workflows/block-merge-eol.yml b/.github/workflows/block-merge-eol.yml
index a24acea15a0..8c7653eac9e 100644
--- a/.github/workflows/block-merge-eol.yml
+++ b/.github/workflows/block-merge-eol.yml
@@ -3,10 +3,17 @@
# https://github.com/nextcloud/.github
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
-name: Pull request checks
+name: Block merges for EOL
on: pull_request
+permissions:
+ contents: read
+
+concurrency:
+ group: block-merge-eol-${{ github.head_ref || github.run_id }}
+ cancel-in-progress: true
+
jobs:
block-merges-eol:
name: Block merges for EOL branches
@@ -24,7 +31,7 @@ jobs:
# retrieve version number from branch reference
server_major=$(echo "${{ github.base_ref }}" | sed -En 's/stable//p')
echo "server_major=$server_major" >> $GITHUB_ENV
-
+
- name: Checking if ${{ env.server_major }} is EOL
run: |
- php -r 'echo json_encode(require_once "config.php");' | jq --arg version "${{ env.server_major }}" '.stable[$version]["100"].eol' | grep --silent -i 'false'
+ php -r 'echo json_encode(require_once "config.php");' | jq --arg version "${{ env.server_major }}" '.stable[$version]["100"].eol // .beta[$version]["100"].eol' | grep --silent -i 'false'
diff --git a/.github/workflows/block-merge-freeze.yml b/.github/workflows/block-merge-freeze.yml
index bfe58551d11..f2d029c9927 100644
--- a/.github/workflows/block-merge-freeze.yml
+++ b/.github/workflows/block-merge-freeze.yml
@@ -3,13 +3,24 @@
# https://github.com/nextcloud/.github
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
-name: Pull request checks
+name: Block merges during freezes
-on: pull_request
+on:
+ pull_request:
+ types: [opened, ready_for_review, reopened, synchronize]
+
+permissions:
+ contents: read
+
+concurrency:
+ group: block-merge-freeze-${{ github.head_ref || github.run_id }}
+ cancel-in-progress: true
jobs:
block-merges-during-freeze:
- name: Block merges during feature freezes
+ name: Block merges during freezes
+
+ if: github.event.pull_request.draft == false
runs-on: ubuntu-latest
diff --git a/.github/workflows/command-compile.yml b/.github/workflows/command-compile.yml
index db8f976eb52..a1255cffc8f 100644
--- a/.github/workflows/command-compile.yml
+++ b/.github/workflows/command-compile.yml
@@ -18,43 +18,43 @@ jobs:
steps:
- name: Check actor permission
- uses: skjnldsv/check-actor-permission@v2
+ uses: skjnldsv/check-actor-permission@e591dbfe838300c007028e1219ca82cc26e8d7c5 # v2
with:
require: write
- name: Add reaction on start
- uses: peter-evans/create-or-update-comment@v1
+ uses: peter-evans/create-or-update-comment@ca08ebd5dc95aa0cd97021e9708fcd6b87138c9b # v3.0.1
with:
token: ${{ secrets.COMMAND_BOT_PAT }}
repository: ${{ github.event.repository.full_name }}
comment-id: ${{ github.event.comment.id }}
- reaction-type: "+1"
+ reactions: "+1"
- name: Parse command
- uses: skjnldsv/parse-command-comment@master
+ uses: skjnldsv/parse-command-comment@7cef1df370a99dfd5bf896d50121390c96785db8 # v2
id: command
# Init path depending on which command is run
- name: Init path
id: git-path
- run: |
+ run: |
if ${{ startsWith(steps.command.outputs.arg1, '/') }}; then
- echo "::set-output name=path::${{ github.workspace }}${{steps.command.outputs.arg1}}"
+ echo "path=${{ github.workspace }}${{steps.command.outputs.arg1}}" >> $GITHUB_OUTPUT
else
- echo "::set-output name=path::${{ github.workspace }}${{steps.command.outputs.arg2}}"
+ echo "path=${{ github.workspace }}${{steps.command.outputs.arg2}}" >> $GITHUB_OUTPUT
fi
- name: Init branch
- uses: xt0rted/pull-request-comment-branch@v1
+ uses: xt0rted/pull-request-comment-branch@d97294d304604fa98a2600a6e2f916a84b596dc7 # v1
id: comment-branch
-
+
process:
runs-on: ubuntu-latest
needs: init
steps:
- name: Checkout ${{ needs.init.outputs.head_ref }}
- uses: actions/checkout@v3
+ uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
with:
token: ${{ secrets.COMMAND_BOT_PAT }}
fetch-depth: 0
@@ -66,14 +66,14 @@ jobs:
git config --local user.name "nextcloud-command"
- name: Read package.json node and npm engines version
- uses: skjnldsv/read-package-engines-version-actions@v1
+ uses: skjnldsv/read-package-engines-version-actions@0ce2ed60f6df073a62a77c0a4958dd0fc68e32e7 # v2.1
id: package-engines-versions
with:
- fallbackNode: '^12'
- fallbackNpm: '^6'
+ fallbackNode: '^16'
+ fallbackNpm: '^7'
- name: Set up node ${{ steps.package-engines-versions.outputs.nodeVersion }}
- uses: actions/setup-node@v2
+ uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3
with:
node-version: ${{ steps.package-engines-versions.outputs.nodeVersion }}
cache: npm
@@ -90,7 +90,7 @@ jobs:
if: ${{ needs.init.outputs.arg1 != 'fixup' && needs.init.outputs.arg1 != 'amend' }}
run: |
git add ${{ needs.init.outputs.git_path }}
- git commit --signoff -m 'Compile assets'
+ git commit --signoff -m 'chore(assets): Recompile assets'
git push origin ${{ needs.init.outputs.head_ref }}
- name: Commit and push fixup
@@ -108,10 +108,10 @@ jobs:
git push --force origin ${{ needs.init.outputs.head_ref }}
- name: Add reaction on failure
- uses: peter-evans/create-or-update-comment@v1
+ uses: peter-evans/create-or-update-comment@ca08ebd5dc95aa0cd97021e9708fcd6b87138c9b # v3.0.1
if: failure()
with:
token: ${{ secrets.COMMAND_BOT_PAT }}
repository: ${{ github.event.repository.full_name }}
comment-id: ${{ github.event.comment.id }}
- reaction-type: "-1"
+ reactions: "-1"
diff --git a/.github/workflows/command-rebase.yml b/.github/workflows/command-rebase.yml
index 78fcf5d1918..ec95ccbbf4b 100644
--- a/.github/workflows/command-rebase.yml
+++ b/.github/workflows/command-rebase.yml
@@ -9,8 +9,8 @@ on:
issue_comment:
types: created
-permissions:
- contents: read
+permissions:
+ contents: read
jobs:
rebase:
@@ -23,7 +23,7 @@ jobs:
steps:
- name: Add reaction on start
- uses: peter-evans/create-or-update-comment@v2
+ uses: peter-evans/create-or-update-comment@ca08ebd5dc95aa0cd97021e9708fcd6b87138c9b # v3.0.1
with:
token: ${{ secrets.COMMAND_BOT_PAT }}
repository: ${{ github.event.repository.full_name }}
@@ -31,18 +31,18 @@ jobs:
reaction-type: "+1"
- name: Checkout the latest code
- uses: actions/checkout@v3
+ uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
with:
fetch-depth: 0
token: ${{ secrets.COMMAND_BOT_PAT }}
- name: Automatic Rebase
- uses: cirrus-actions/rebase@1.7
+ uses: cirrus-actions/rebase@b87d48154a87a85666003575337e27b8cd65f691 # 1.8
env:
GITHUB_TOKEN: ${{ secrets.COMMAND_BOT_PAT }}
- name: Add reaction on failure
- uses: peter-evans/create-or-update-comment@v2
+ uses: peter-evans/create-or-update-comment@ca08ebd5dc95aa0cd97021e9708fcd6b87138c9b # v3.0.1
if: failure()
with:
token: ${{ secrets.COMMAND_BOT_PAT }}
diff --git a/.github/workflows/dependabot-approve-merge.yml b/.github/workflows/dependabot-approve-merge.yml
index 19a1311b4e7..9951547f76a 100644
--- a/.github/workflows/dependabot-approve-merge.yml
+++ b/.github/workflows/dependabot-approve-merge.yml
@@ -8,22 +8,33 @@ name: Dependabot
on:
pull_request_target:
branches:
+ - main
- master
- stable*
+permissions:
+ contents: read
+
+concurrency:
+ group: dependabot-approve-merge-${{ github.head_ref || github.run_id }}
+ cancel-in-progress: true
+
jobs:
auto-approve-merge:
if: github.actor == 'dependabot[bot]'
runs-on: ubuntu-latest
+ permissions:
+ # for hmarr/auto-approve-action to approve PRs
+ pull-requests: write
steps:
# Github actions bot approve
- - uses: hmarr/auto-approve-action@v2
+ - uses: hmarr/auto-approve-action@b40d6c9ed2fa10c9a2749eca7eb004418a705501 # v2
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
# Nextcloud bot approve and merge request
- - uses: ahmadnassri/action-dependabot-auto-merge@v2
+ - uses: ahmadnassri/action-dependabot-auto-merge@45fc124d949b19b6b8bf6645b6c9d55f4f9ac61a # v2
with:
target: minor
github-token: ${{ secrets.DEPENDABOT_AUTOMERGE_TOKEN }}
diff --git a/.github/workflows/fixup.yml b/.github/workflows/fixup.yml
index 6092cc3a5f8..9548d19f2d5 100644
--- a/.github/workflows/fixup.yml
+++ b/.github/workflows/fixup.yml
@@ -3,18 +3,31 @@
# https://github.com/nextcloud/.github
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
-name: Pull request checks
+name: Block fixup and squash commits
-on: pull_request
+on:
+ pull_request:
+ types: [opened, ready_for_review, reopened, synchronize]
+
+permissions:
+ contents: read
+
+concurrency:
+ group: fixup-${{ github.head_ref || github.run_id }}
+ cancel-in-progress: true
jobs:
commit-message-check:
+ if: github.event.pull_request.draft == false
+
+ permissions:
+ pull-requests: write
name: Block fixup and squash commits
runs-on: ubuntu-latest
steps:
- name: Run check
- uses: xt0rted/block-autosquash-commits-action@v2
+ uses: skjnldsv/block-fixup-merge-action@42d26e1b536ce61e5cf467d65fb76caf4aa85acf # v1
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/lint-eslint.yml b/.github/workflows/lint-eslint.yml
index c08763ea946..08709bf1e2b 100644
--- a/.github/workflows/lint-eslint.yml
+++ b/.github/workflows/lint-eslint.yml
@@ -2,15 +2,31 @@
#
# https://github.com/nextcloud/.github
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
-
-name: Lint
-
-on: pull_request
+#
+# Use lint-eslint together with lint-eslint-when-unrelated to make eslint a required check for GitHub actions
+# https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/defining-the-mergeability-of-pull-requests/troubleshooting-required-status-checks#handling-skipped-but-required-checks
+
+name: Lint eslint
+
+on:
+ pull_request:
+ paths:
+ - '.github/workflows/**'
+ - 'src/**'
+ - 'apps/**/appinfo/info.xml'
+ - 'package.json'
+ - 'package-lock.json'
+ - 'tsconfig.json'
+ - '.eslintrc.*'
+ - '.eslintignore'
+ - '**.js'
+ - '**.ts'
+ - '**.vue'
permissions:
contents: read
-concurrency:
+concurrency:
group: lint-eslint-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
@@ -22,17 +38,17 @@ jobs:
steps:
- name: Checkout
- uses: actions/checkout@v3
+ uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
- name: Read package.json node and npm engines version
- uses: skjnldsv/read-package-engines-version-actions@v1.2
+ uses: skjnldsv/read-package-engines-version-actions@0ce2ed60f6df073a62a77c0a4958dd0fc68e32e7 # v2.1
id: versions
with:
- fallbackNode: '^12'
- fallbackNpm: '^6'
+ fallbackNode: '^16'
+ fallbackNpm: '^7'
- name: Set up node ${{ steps.versions.outputs.nodeVersion }}
- uses: actions/setup-node@v3
+ uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3
with:
node-version: ${{ steps.versions.outputs.nodeVersion }}
diff --git a/.github/workflows/lint-php-cs.yml b/.github/workflows/lint-php-cs.yml
index 21133ab68b4..f8d3375111f 100644
--- a/.github/workflows/lint-php-cs.yml
+++ b/.github/workflows/lint-php-cs.yml
@@ -3,7 +3,7 @@
# https://github.com/nextcloud/.github
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
-name: Lint
+name: Lint php-cs
on: pull_request
@@ -22,13 +22,14 @@ jobs:
steps:
- name: Checkout
- uses: actions/checkout@v3
+ uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
- name: Set up php
- uses: shivammathur/setup-php@v2
+ uses: shivammathur/setup-php@c5fc0d8281aba02c7fda07d3a70cc5371548067d # v2
with:
- php-version: "8.0"
+ php-version: 8.1
coverage: none
+ ini-file: development
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -36,4 +37,4 @@ jobs:
run: composer i
- name: Lint
- run: composer run cs:check || ( echo "Please run `composer run cs:fix` to format your code" && exit 1 )
+ run: composer run cs:check || ( echo 'Please run `composer run cs:fix` to format your code' && exit 1 )
diff --git a/.github/workflows/lint-php.yml b/.github/workflows/lint-php.yml
index 5a7cbffb099..8d7f63f84b4 100644
--- a/.github/workflows/lint-php.yml
+++ b/.github/workflows/lint-php.yml
@@ -3,7 +3,7 @@
# https://github.com/nextcloud/.github
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
-name: Lint
+name: Lint php
on:
pull_request:
@@ -31,13 +31,14 @@ jobs:
steps:
- name: Checkout
- uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3
+ uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
- name: Set up php ${{ matrix.php-versions }}
- uses: shivammathur/setup-php@1a18b2267f80291a81ca1d33e7c851fe09e7dfc4 # v2
+ uses: shivammathur/setup-php@c5fc0d8281aba02c7fda07d3a70cc5371548067d # v2
with:
php-version: ${{ matrix.php-versions }}
coverage: none
+ ini-file: development
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/node.yml b/.github/workflows/node.yml
index 443ed95dd24..856454f7941 100644
--- a/.github/workflows/node.yml
+++ b/.github/workflows/node.yml
@@ -7,6 +7,16 @@ name: Node
on:
pull_request:
+ paths:
+ - '.github/workflows/**'
+ - 'src/**'
+ - 'apps/**/appinfo/info.xml'
+ - 'package.json'
+ - 'package-lock.json'
+ - 'tsconfig.json'
+ - '**.js'
+ - '**.ts'
+ - '**.vue'
push:
branches:
- main
@@ -16,6 +26,10 @@ on:
permissions:
contents: read
+concurrency:
+ group: node-${{ github.head_ref || github.run_id }}
+ cancel-in-progress: true
+
jobs:
build:
runs-on: ubuntu-latest
@@ -23,17 +37,17 @@ jobs:
name: node
steps:
- name: Checkout
- uses: actions/checkout@v3
+ uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
- name: Read package.json node and npm engines version
- uses: skjnldsv/read-package-engines-version-actions@v1.2
+ uses: skjnldsv/read-package-engines-version-actions@0ce2ed60f6df073a62a77c0a4958dd0fc68e32e7 # v2.1
id: versions
with:
- fallbackNode: '^12'
- fallbackNpm: '^6'
+ fallbackNode: '^16'
+ fallbackNpm: '^7'
- name: Set up node ${{ steps.versions.outputs.nodeVersion }}
- uses: actions/setup-node@v3
+ uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3
with:
node-version: ${{ steps.versions.outputs.nodeVersion }}
@@ -55,4 +69,3 @@ jobs:
git status
git --no-pager diff
exit 1 # make it red to grab attention
-
diff --git a/.github/workflows/npm-audit-fix.yml b/.github/workflows/npm-audit-fix.yml
index dededbc97ff..5fa7f69e5b5 100644
--- a/.github/workflows/npm-audit-fix.yml
+++ b/.github/workflows/npm-audit-fix.yml
@@ -3,7 +3,7 @@
# https://github.com/nextcloud/.github
# https://docs.github.com/en/actions/learn-github-actions/sharing-workflows-with-your-organization
-name: npm audit fix and compile
+name: Npm audit fix and compile
on:
workflow_dispatch:
@@ -18,25 +18,25 @@ jobs:
strategy:
fail-fast: false
matrix:
- branches: ["main", "master", "stable26", "stable25", "stable24"]
+ branches: ["main", "master", "stable27", "stable26", "stable25", "stable24"]
name: npm-audit-fix-${{ matrix.branches }}
steps:
- name: Checkout
- uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3
+ uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
with:
ref: ${{ matrix.branches }}
- name: Read package.json node and npm engines version
- uses: skjnldsv/read-package-engines-version-actions@1bdcee71fa343c46b18dc6aceffb4cd1e35209c6 # v1.2
+ uses: skjnldsv/read-package-engines-version-actions@0ce2ed60f6df073a62a77c0a4958dd0fc68e32e7 # v2.1
id: versions
with:
fallbackNode: '^16'
fallbackNpm: '^7'
- name: Set up node ${{ steps.versions.outputs.nodeVersion }}
- uses: actions/setup-node@8c91899e586c5b171469028077307d293428b516 # v3
+ uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3
with:
node-version: ${{ steps.versions.outputs.nodeVersion }}
@@ -55,7 +55,7 @@ jobs:
- name: Create Pull Request
if: always()
- uses: peter-evans/create-pull-request@18f7dc018cc2cd597073088f7c7591b9d1c02672 # v3
+ uses: peter-evans/create-pull-request@284f54f989303d2699d373481a0cfa13ad5a6666 # v5
with:
token: ${{ secrets.COMMAND_BOT_PAT }}
commit-message: "chore(deps): fix npm audit"
diff --git a/.github/workflows/oci.yml b/.github/workflows/oci.yml
index 67fe9d80663..580824036a6 100644
--- a/.github/workflows/oci.yml
+++ b/.github/workflows/oci.yml
@@ -21,10 +21,25 @@ jobs:
services:
oracle:
- image: deepdiver/docker-oracle-xe-11g # 'wnameless/oracle-xe-11g-r2'
+ image: ghcr.io/gvenzl/oracle-xe:11
+
+ # Provide passwords and other environment variables to container
+ env:
+ ORACLE_RANDOM_PASSWORD: true
+ APP_USER: autotest
+ APP_USER_PASSWORD: owncloud
+
+ # Forward Oracle port
ports:
- 1521:1521/tcp
+ # Provide healthcheck script options for startup
+ options: >-
+ --health-cmd healthcheck.sh
+ --health-interval 10s
+ --health-timeout 5s
+ --health-retries 10
+
steps:
- name: Checkout server
uses: actions/checkout@v3
@@ -35,7 +50,7 @@ jobs:
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php-versions }}
- extensions: ctype, curl, dom, fileinfo, gd, imagick, intl, json, mbstring, oci8, openssl, pdo_sqlite, posix, sqlite, xml, zip
+ extensions: ctype, curl, dom, fileinfo, gd, imagick, intl, json, mbstring, oci8, openssl, pcntl, pdo_sqlite, posix, sqlite, xml, zip
tools: phpunit:9
coverage: none
ini-file: development
diff --git a/.github/workflows/static-code-analysis.yml b/.github/workflows/static-code-analysis.yml
index 6f18f77c48e..22a1a69a977 100644
--- a/.github/workflows/static-code-analysis.yml
+++ b/.github/workflows/static-code-analysis.yml
@@ -23,7 +23,7 @@ jobs:
uses: shivammathur/setup-php@v2
with:
php-version: '8.0'
- extensions: ctype,curl,dom,fileinfo,gd,intl,json,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
+ extensions: apcu,ctype,curl,dom,fileinfo,ftp,gd,intl,json,ldap,mbstring,openssl,pdo_sqlite,posix,sqlite,xml,zip
coverage: none
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -32,7 +32,7 @@ jobs:
run: composer i
- name: Psalm
- run: composer run psalm -- --monochrome --no-progress --output-format=github --update-baseline --report=results.sarif
+ run: composer run psalm:ci -- --monochrome --no-progress --output-format=github --update-baseline --report=results.sarif
- name: Show potential changes in Psalm baseline
if: always()
@@ -64,7 +64,7 @@ jobs:
run: composer i
- name: Psalm taint analysis
- run: composer run psalm -- --monochrome --no-progress --output-format=github --report=results.sarif --taint-analysis
+ run: composer run psalm:ci -- --monochrome --no-progress --output-format=github --report=results.sarif --taint-analysis
- name: Upload Security Analysis results to GitHub
if: always()
@@ -94,7 +94,7 @@ jobs:
run: composer i
- name: Psalm
- run: composer run psalm -- -c psalm-ocp.xml --monochrome --no-progress --output-format=github --update-baseline
+ run: composer run psalm:ci -- -c psalm-ocp.xml --monochrome --no-progress --output-format=github --update-baseline
- name: Show potential changes in Psalm baseline
if: always()
diff --git a/composer.json b/composer.json
index 8615b1ca8db..603bf86b7c0 100644
--- a/composer.json
+++ b/composer.json
@@ -48,6 +48,7 @@
"cs:check": "php-cs-fixer fix --dry-run --diff",
"lint": "find . -name \\*.php -not -path './lib/composer/*' -not -path './build/stubs/*' -print0 | xargs -0 -n1 php -l",
"psalm": "psalm --threads=$(nproc)",
+ "psalm:ci": "psalm --threads=1",
"psalm:update-baseline": "psalm --threads=$(nproc) --update-baseline"
}
}