Using security-checker on Github Actions
This Action report PHP Security infomation
as a issue.
e.g. #4
.github/workflows/checker.yml
name: Alert Composer Audit
on:
schedule:
- cron: 0 0 * * 0 # At 00:00 on Sunday.
jobs:
check-validate:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- uses: glassmonkey/actions-php-audit@v1
with:
WORK_DIR: path/to/dir # Relative path of the directory where composer.lock exists
ISSUE_LABELS: bugs # Apply labels to a issue.
env:
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
You can run with A sample composer.lock
docker-composer run app