-
Notifications
You must be signed in to change notification settings - Fork 76
34 lines (28 loc) · 1.06 KB
/
security.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
name: Security
on:
# Run on all pushes and on all pull requests.
push:
pull_request:
# Also run this workflow every Monday at 6:00.
schedule:
- cron: '0 6 * * 1'
# Allow manually triggering the workflow.
workflow_dispatch:
# Cancels all previous workflow runs for the same branch that have not yet completed.
concurrency:
# The concurrency group contains the workflow name and the branch name.
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
security:
name: 'Security check'
runs-on: ubuntu-latest
# Don't run the cronjob in this workflow on forks.
if: github.event_name != 'schedule' || (github.event_name == 'schedule' && github.repository_owner == 'refactor-ring')
steps:
- name: Checkout code
uses: actions/checkout@v4
# This action checks the `composer.lock` file against known security vulnerabilities in the dependencies.
# https://github.com/marketplace/actions/the-php-security-checker
- name: Run Security Check
uses: symfonycorp/security-checker-action@v5