diff --git a/.gitattributes b/.gitattributes
index 9cb0bdd8917..beddb2ed446 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -186,7 +186,7 @@ Dockerfile text eol=lf
 /php_cs.xml export-ignore
 /codacy.yml export-ignore
 /codeception.dist.yml export-ignore
-/.codecov.yml export-ignore
+/codecov.yml export-ignore
 /.php_cs.dist export-ignore
 /.travis.yml export-ignore
 travis.php.ini export-ignore
diff --git a/.github/workflows/php.yml b/.github/workflows/php.yml
new file mode 100644
index 00000000000..437e9479df1
--- /dev/null
+++ b/.github/workflows/php.yml
@@ -0,0 +1,57 @@
+name: PHP Composer
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+
+jobs:
+  build:
+    name: Composer
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Validate composer.json and composer.lock
+        run: composer validate
+
+      - name: CodeCov validation check
+        run: curl --data-binary @codecov.yml https://codecov.io/validate
+
+      - name: Cache Composer packages
+        id: composer-cache
+        uses: actions/cache@v2
+        with:
+          path: vendor
+          key: ${{ runner.os }}-php-${{ hashFiles('**/composer.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-php-
+
+      - name: Install dependencies
+        run: composer install --prefer-dist --no-progress
+
+  code:
+    name: Code
+    runs-on: ubuntu-latest
+    steps:
+      - name: Code checkout
+        uses: actions/checkout@v2
+
+      - name: Lint PHP files
+        uses: overtrue/phplint@7.4
+
+  security:
+    name: Security
+    runs-on: ubuntu-latest
+    steps:
+      - name: Code checkout
+        uses: actions/checkout@v2
+
+      - name: DevSkim security scan
+        uses: microsoft/DevSkim-Action@v1
+
+      - name: Dependency vulnerability check
+        uses: symfonycorp/security-checker-action@v2
+        with:
+          disable-exit-code: 1
diff --git a/.phplint.yml b/.phplint.yml
new file mode 100644
index 00000000000..79ab8230d6c
--- /dev/null
+++ b/.phplint.yml
@@ -0,0 +1,9 @@
+path: .
+jobs: 10
+cache: build/phplint.cache
+extensions:
+  - php
+exclude:
+  - vendor
+  - modules/AOS_PDF_Templates/PDF_Lib
+  - include/SugarObjects
diff --git a/.travis.yml b/.travis.yml
index 565143c14c8..98ea44ef6a9 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -10,12 +10,6 @@ matrix:
     - name: "PHP 7.4 / MySQL 5.7"
       php: "7.4"
       dist: xenial
-    # Run composer validate to make sure the composer.json and composer.lock are in sync.
-    - name: "composer validate"
-      php: "7.3"
-      dist: xenial
-      before_script: composer install
-      script: composer validate
     - name: "code coverage"
       php: "7.4"
       dist: xenial
@@ -40,12 +34,9 @@ before_install:
   - wget https://chromedriver.storage.googleapis.com/2.36/chromedriver_linux64.zip
   - unzip -o chromedriver_linux64.zip
   - ./chromedriver --url-base=/wd/hub &
-  # Lint PHP
-  - for file in $(git diff --name-status HEAD~1 HEAD | egrep "^[ACMR].*\.php$" | cut -c 3-); do php -l $file; done
 
 install:
   - phpenv config-add travis.php.ini
-  - composer self-update --stable && composer --version
 
 before_script:
   # Set up MySQL
diff --git a/.codecov.yml b/codecov.yml
similarity index 100%
rename from .codecov.yml
rename to codecov.yml