name: Psalm Security Analysis
on:
pull_request:
push:
branches:
- master
- stable*
jobs:
psalm:
name: Psalm
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
with:
submodules: recursive
- name: Psalm
uses: docker://vimeo/psalm-github-actions
security_analysis: true
composer_ignore_platform_reqs: false
report_file: results.sarif
- name: Upload Security Analysis results to GitHub
uses: github/codeql-action/upload-sarif@v1
sarif_file: results.sarif