Skip to content

pplotka/local-php-security-checker-github-actions

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
.github/workflows
.github/workflows
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
action.yaml
action.yaml
 
 
entrypoint.sh
entrypoint.sh
 
 

Repository files navigation

GitHub Actions for Local PHP Security Checker

Run Local PHP Security Checker via GitHub Actions.

How to use

name: Security scanner

on: [push, pull_request]

jobs:
  security:
    name: Local PHP Security Checker
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v2

      - name: Local PHP Security Checker
        uses: docker://pplotka/local-php-security-checker-github-actions

You can specify version of Local PHP Security Checker:

      - name: Local PHP Security Checker
-       uses: docker://pplotka/local-php-security-checker-github-actions
+       uses: docker://pplotka/local-php-security-checker-github-actions:v1.0.0

You can also pass a path to check a specific directory:

      - name: Local PHP Security Checker
        uses: docker://pplotka/local-php-security-checker-github-actions
+       with:
+         path: path/to/php/project/composer.lock

By default, the output is optimized for terminals, change it via the format parameter (supported formats: ansi, markdown, json, and yaml):

      - name: Local PHP Security Checker
        uses: docker://pplotka/local-php-security-checker-github-actions
+       with:
+         format: markdown

You might also get the output (with vulnerabilities) in specified format and do something with them in another step:

      - name: Local PHP Security Checker
+       id: local_php_security_checker
        uses: docker://pplotka/local-php-security-checker-github-actions
        with:
         format: markdown
+     - name: Display the output
+       run: echo "${{ steps.local_php_security_checker.outputs.security }}"

You can also pass a cache_dir to cache the vulnerability database and speed up security checks:

+     - uses: actions/cache@v3
+       with:
+         path: ~/.cache/local-php-security-checker
+         key: local-php-security-checker-cache
      - name: Local PHP Security Checker
        uses: docker://pplotka/local-php-security-checker-github-actions
+       with:
+         cache_dir: ~/.cache/local-php-security-checker

Use without GitHub Actions

The Docker Image is located here: https://hub.docker.com/r/pplotka/local-php-security-checker-github-actions

You can run checking any directory with composer.lock file with this command:

docker run --rm -it -w /app -v $(pwd):/app pplotka/local-php-security-checker-github-actions --format=yaml

About

Run Local PHP Security Checker via GitHub Actions.

Resources

Readme

License

AGPL-3.0 license
Activity

Stars

7 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases 4

1.1.2 Latest
Jan 14, 2022
+ 3 releases

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages