updated security fix on composer.lock #167
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Security | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && github.head_ref || github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| security: | |
| name: 'Security Check' | |
| runs-on: ubuntu-latest | |
| # Don't run the cronjob in this workflow on forks. | |
| if: github.event_name != 'schedule' || (github.event_name == 'schedule' && github.repository_owner == 'webdevstudios') | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Cache Composer dependencies | |
| uses: actions/cache@v3 | |
| with: | |
| path: ~/.composer/cache | |
| key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-composer- | |
| - name: Install PHP dependencies | |
| run: composer install --no-progress --no-suggest --prefer-dist | |
| - name: Run Security Check | |
| uses: symfonycorp/security-checker-action@v5 | |
| with: | |
| lock: ./composer.lock | |
| format: ansi | |
| disable-exit-code: true # Prevents pipeline failures on warnings | |
| - name: Post Security Check Summary | |
| if: always() | |
| run: | | |
| echo "Security check completed. Review the output for any detected vulnerabilities." |