Merge pull request #260 from kbond/security-checker

[minor] replace abandoned Sensiolabs security checker
[minor] disable scrutinizer code coverage

Author: kbond

.github/workflows/ci.yml

@@ -90,12 +90,7 @@ jobs:
           composer-options: --prefer-dist
 
       - name: Run code coverage
-        run: vendor/bin/phpunit -v --coverage-text --coverage-clover=coverage.clover
-
-      - name: Send code coverage
-        run: |
-          wget https://scrutinizer-ci.com/ocular.phar
-          php ocular.phar code-coverage:upload --format=php-clover coverage.clover
+        run: vendor/bin/phpunit -v --coverage-text
 
   composer-validate:
     name: Validate composer.json

.scrutinizer.yml

@@ -2,6 +2,3 @@ filter:
   dependency_paths: [vendor/]
 checks:
   php: true
-tools:
-  external_code_coverage:
-    timeout: 900

DependencyInjection/Configuration.php

@@ -350,7 +350,7 @@ private function createGroupsNode()
                         ->end()
                     ->end()
                     ->arrayNode('security_advisory')
-                        ->info('Checks installed composer dependencies against the SensioLabs Security Advisory database')
+                        ->info('Checks installed composer dependencies against the Security Advisory database')
                         ->children()
                             ->scalarNode('lock_file')->defaultValue('%kernel.project_dir%/composer.lock')->end()
                         ->end()

composer.json

@@ -30,6 +30,7 @@
     "require-dev": {
         "matthiasnoback/symfony-dependency-injection-test": "^3.0 || ^4.0",
         "sensiolabs/security-checker": "^5.0 || ^6.0",
+        "enlightn/security-checker": "^1.2",
         "guzzlehttp/guzzle": "^5.3.2 || ^6.3.3 || ^7.0.1",
         "symfony/expression-language": "^3.4 || ^4.0 || ^5.0",
         "swiftmailer/swiftmailer": "^5.4 || ^6.1",