52 lines
1.3 KiB
YAML
52 lines
1.3 KiB
YAML
name: audit
|
|
on:
|
|
workflow_call:
|
|
push:
|
|
branches-ignore:
|
|
- main
|
|
paths:
|
|
- "projects/backend/**"
|
|
- ".github/workflows/backend/**"
|
|
pull_request:
|
|
branches-ignore:
|
|
- main
|
|
paths:
|
|
- "projects/backend/**"
|
|
- ".github/workflows/backend/**"
|
|
defaults:
|
|
run:
|
|
working-directory: projects/backend
|
|
jobs:
|
|
audit:
|
|
name: Security Audit
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup PHP
|
|
uses: shivammathur/setup-php@v2
|
|
with:
|
|
php-version: 8.4
|
|
tools: composer:v2
|
|
|
|
- name: Setup cache
|
|
run: echo "COMPOSER_CACHE_DIR=$(composer config cache-dir)" >> $GITHUB_ENV
|
|
|
|
- name: Cache dependencies installed with composer
|
|
uses: actions/cache@v4
|
|
with:
|
|
path: ${{ env.COMPOSER_CACHE_DIR }}
|
|
key: php8.3-composer-${{ hashFiles('projects/backend/composer.lock') }}
|
|
restore-keys: |
|
|
php8.3-composer-latest-
|
|
- name: Update composer
|
|
run: composer self-update
|
|
|
|
- name: Install dependencies with composer
|
|
run: composer install --prefer-dist --no-interaction --no-progress --optimize-autoloader --ansi
|
|
|
|
- name: Security Audit with composer
|
|
run: composer audit
|
|
continue-on-error: true
|