Bump dependencies #28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: CI | |
on: # yamllint disable-line rule:truthy | |
push: | |
branches: ['**'] | |
paths-ignore: | |
- '**.md' | |
pull_request: | |
branches: [master, release-*] | |
paths-ignore: | |
- '**.md' | |
jobs: | |
linter: | |
name: Linter | |
runs-on: ['ubuntu-latest'] | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
# super-linter needs the full git history to get the | |
# list of files that changed across commits | |
fetch-depth: 0 | |
- name: Lint Code Base | |
uses: github/super-linter/slim@v5 | |
env: | |
# To report GitHub Actions status checks | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
LINTER_RULES_PATH: 'tools/linters' | |
VALIDATE_ALL_CODEBASE: true | |
VALIDATE_JSON: true | |
VALIDATE_PHP_BUILTIN: true | |
VALIDATE_YAML: true | |
VALIDATE_XML: true | |
VALIDATE_GITHUB_ACTIONS: true | |
quality: | |
name: Quality control | |
runs-on: [ubuntu-latest] | |
steps: | |
- name: Setup PHP, with composer and extensions | |
id: setup-php | |
# https://github.com/shivammathur/setup-php | |
uses: shivammathur/setup-php@v2 | |
with: | |
# Should be the higest supported version, so we can use the newest tools | |
php-version: '8.3' | |
tools: composer, composer-require-checker, composer-unused, phpcs, psalm | |
# optional performance gain for psalm: opcache | |
extensions: ctype, date, dom, filter, hash, intl, mbstring, opcache, openssl, pcre, spl, xml | |
- name: Setup problem matchers for PHP | |
run: echo "::add-matcher::${{ runner.tool_cache }}/php.json" | |
- uses: actions/checkout@v4 | |
- name: Get composer cache directory | |
run: echo COMPOSER_CACHE="$(composer config cache-files-dir)" >> "$GITHUB_ENV" | |
- name: Cache composer dependencies | |
uses: actions/cache@v4 | |
with: | |
path: $COMPOSER_CACHE | |
key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} | |
restore-keys: ${{ runner.os }}-composer- | |
- name: Validate composer.json and composer.lock | |
run: composer validate | |
- name: Install Composer dependencies | |
run: composer install --no-progress --prefer-dist --optimize-autoloader | |
#- name: Check code for hard dependencies missing in composer.json | |
# run: composer-require-checker check composer.json | |
- name: Check code for unused dependencies in composer.json | |
run: | | |
composer-unused \ | |
--excludePackage=slevomat/coding-standard | |
- name: PHP Code Sniffer | |
run: phpcs | |
- name: Psalm | |
continue-on-error: true | |
run: | | |
psalm -c psalm.xml \ | |
--show-info=true \ | |
--shepherd \ | |
--php-version=${{ steps.setup-php.outputs.php-version }} | |
- name: Psalter | |
run: | | |
psalm --alter \ | |
--issues=UnnecessaryVarAnnotation \ | |
--dry-run \ | |
--php-version=${{ steps.setup-php.outputs.php-version }} | |
security: | |
name: Security checks | |
runs-on: [ubuntu-latest] | |
steps: | |
- name: Setup PHP, with composer and extensions | |
# https://github.com/shivammathur/setup-php | |
uses: shivammathur/setup-php@v2 | |
with: | |
# Should be the lowest supported version | |
php-version: '8.1' | |
extensions: ctype, date, dom, filter, hash, intl, mbstring, openssl, pcre, spl, xml | |
tools: composer | |
coverage: none | |
- name: Setup problem matchers for PHP | |
run: echo "::add-matcher::${{ runner.tool_cache }}/php.json" | |
- uses: actions/checkout@v4 | |
- name: Get composer cache directory | |
run: echo COMPOSER_CACHE="$(composer config cache-files-dir)" >> "$GITHUB_ENV" | |
- name: Cache composer dependencies | |
uses: actions/cache@v4 | |
with: | |
path: $COMPOSER_CACHE | |
key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} | |
restore-keys: ${{ runner.os }}-composer- | |
- name: Install Composer dependencies | |
run: composer install --no-progress --prefer-dist --optimize-autoloader | |
- name: Security check for locked dependencies | |
run: composer audit | |
- name: Update Composer dependencies | |
run: composer update --no-progress --prefer-dist --optimize-autoloader | |
- name: Security check for updated dependencies | |
run: composer audit |