.github/workflows/psalm-security.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

name: Psalm Security Analysis

on:
  push:
  pull_request:
  schedule:
  - cron: '0 0 * * 0'

jobs:
  psalm:
    name: Psalm
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v2
        with:
          submodules: recursive
      - name: Psalm
        uses: docker://vimeo/psalm-github-actions:4.9.3
        with:
          security_analysis: true
          report_file: results.sarif
      - name: Upload Security Analysis results to GitHub
        uses: github/codeql-action/upload-sarif@v1
        with:
          sarif_file: results.sarif