Skip to content

Psalm Security Scanning for GitHub Actions used by Mbin

Notifications You must be signed in to change notification settings

MbinOrg/psalm-github-security-scan

 
 

Repository files navigation

Psalm Github Security Scan by and for Mbin

Run Psalm’s Security Analysis as a Github action (a more general version can be found here).

name: Psalm Security Scan

on: [push, pull_request]

jobs:
  psalm-security-scan:
    name: Psalm
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v3

      - name: Psalm Security Scan
        uses: docker://ghcr.io/mbinorg/psalm-security-scan
        
      - name: Import Security Analysis results into GitHub Security Code Scanning
        uses: github/codeql-action/upload-sarif@v2
        with:
          sarif_file: results.sarif

Specify Psalm version

You can also specify a version.

-        uses: docker://ghcr.io/mbinorg/psalm-security-scan
+        uses: docker://ghcr.io/mbinorg/psalm-security-scan:5.7.7

About

Psalm Security Scanning for GitHub Actions used by Mbin

Resources

Stars

Watchers

Forks

Packages

 
 
 

Languages

  • Dockerfile 71.7%
  • Shell 28.3%