name: Psalm Security Analysis
on:
push:
pull_request:
schedule:
- cron: '0 0 * * 0'
jobs:
psalm:
name: Psalm
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
with:
submodules: recursive
- name: Psalm
uses: docker://vimeo/psalm-github-actions
security_analysis: true
report_file: results.sarif
- name: Upload Security Analysis results to GitHub
uses: github/codeql-action/upload-sarif@v1
sarif_file: results.sarif