security-checker
checkout
security-checker | checkout | |
---|---|---|
2 | 62 | |
2,031 | 5,242 | |
- | 2.2% | |
2.2 | 7.6 | |
over 3 years ago | 7 days ago | |
PHP | TypeScript | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
security-checker
-
Github Actions for Symfony 5 PHPUnit and more
name: Symfony 5 Tests on: push: branches: - main - dev pull_request: jobs: symfony: name: Symfony 5.0 (PHP ${{ matrix.php-versions }}) # https://hub.docker.com/_/ubuntu/ runs-on: ubuntu-latest strategy: fail-fast: true matrix: php-versions: ['7.4'] steps: # https://github.com/actions/checkout (official) - name: Checkout uses: actions/checkout@v2 # https://github.com/shivammathur/setup-php (community) - name: Setup PHP, extensions and composer with shivammathur/setup-php uses: shivammathur/setup-php@verbose with: php-version: ${{ matrix.php-versions }} extensions: mbstring, xml, ctype, iconv, intl, pdo_sqlite, dom, filter, gd, iconv, json, mbstring, pdo # Composer - name: Get composer cache directory id: composer-cache run: echo "::set-output name=dir::$(composer config cache-files-dir)" # https://help.github.com/en/actions/configuring-and-managing-workflows/caching-dependencies-to-speed-up-workflows - name: Cache composer dependencies uses: actions/cache@v1 with: path: ${{ steps.composer-cache.outputs.dir }} key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} restore-keys: ${{ runner.os }}-composer- - name: Install Composer dependencies run: composer install --no-progress --no-suggest --prefer-dist --optimize-autoloader # https://github.com/sensiolabs/security-checker - name: Security check installed dependencies uses: symfonycorp/security-checker-action@v2 # https://github.com/chekalsky/phpcs-action (community) - name: Check PSR12 code style (PHP_CodeSniffer) uses: chekalsky/[email protected] with: enable_warnings: true installed_paths: '${{ github.workspace }}/vendor/squizlabs/php_codesniffer' phpcs_bin_path: './vendor/bin/phpcs src --ignore="Migrations/"' # https://github.com/phpmd/phpmd # - name: Analyses PHP Code (PHP Mess Detector) # run: vendor/bin/phpmd src,tests text .phpmd-ruleset.xml # https://github.com/phpstan/phpstan - name: Analyse PHP Code (PHPStan) run: vendor/bin/phpstan analyse src - name: Cache node_modules uses: actions/cache@v1 id: yarn-cache-node-modules with: path: node_modules key: ${{ runner.os }}-yarn-cache-node-modules-${{ hashFiles('**/yarn.lock') }} restore-keys: | ${{ runner.os }}-yarn-cache-node-modules- - name: Yarn install if: steps.yarn-cache-node-modules.outputs.cache-hit != 'true' run: yarn install - name: Yarn build run: yarn run encore production - name: Archive production artifacts uses: actions/upload-artifact@v1 with: name: build path: public/build # Symfony - name: Check the Symfony console run: | php bin/console -V php bin/console about # Tests - name: Run unit and functional tests run: | php bin/phpunit --stop-on-failure # - name: Run Behat/Mink tests # run: | # php vendor/bin/behat
- SensioLabs Security Checker will stop working at the end of January 2021
checkout
-
Learning GitHub Actions in a Simple Way
checkout
-
Secure GitHub Actions by pull_request_target
To checkout the merged commit with actions/checkout on pull_request_target event, you need to get the pull request by GitHub API and set the merge commit hash to actions/checkout input ref.
-
Tell HN: PR GitHub Actions don't run over your commit by default
If you re-run GHA after master changes, CI is testing over different code.
You can [disable](https://github.com/actions/checkout#checkout-pull-request-head-commit-instead-of-merge-commit) on the checkout action:
```
-
GitHub Is Down
There was an outage yesterday too when the GitHub action “checkout@v3” broke when they released “checkout@v4”
Yes, they broke the ability for GitHub CI to checkout repos…
https://github.com/actions/checkout/issues/1448
- Can't use 'tar -xzf' extract archive file
-
Building project docs for GitHub Pages
The first two steps are setting up the job's environment. The checkout action will checkout out the repository at the triggering ref. The setup-python action will setup the desired Python runtime. My package supports Python 3.9+ so I'm targeting the minimum version for my build environments.
-
Automating GitHub Profile Updates with GitHub Actions
These first few steps demonstrate how you can run commands like npm install or import other workflows such as how it uses the actions/checkout to copy the contents of the repository into a working directory on the runner host. Read Reusable workflows for more about the syntax for referencing them.
-
Automate Docker Image Builds and Push to Docker Hub Using GitHub Actions 🐳🐙
Check out the repo: We will use the actions/checkout action to checkout the repository.
-
[Actions] How do I take my dev branch, build it, and then create a pull request to main with the latest build artifacts?
Take a look at the checkout action usage here https://github.com/actions/checkout
-
Using Github Actions to publish your Flutter APP to Firebase App Distribution
Then, we have two important initial steps to define. The first one is an official GitHub Action used to check-out a repository so a workflow can access it. The second one it's pretty more complex but, briefly, downloads and set up a requested version of Java.
What are some alternatives?
PHP Code Sniffer - PHP_CodeSniffer tokenizes PHP files and detects violations of a defined set of coding standards.
ssh-action - GitHub Actions for executing remote ssh commands.
phpcs-action - Github Action helps you check your code with PHP_CodeSniffer
cache - Cache dependencies and build outputs in GitHub Actions
PHP Mess Detector - PHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.
setup-node - Set up your GitHub Actions workflow with a specific version of node.js
AntiXSS - ㊙️ AntiXSS | Protection against Cross-site scripting (XSS) via PHP
upload-artifact
setup-php - GitHub action to set up PHP with extensions, php.ini configuration, coverage drivers, and various tools.
FTP-Deploy-Action - Deploys a GitHub project to a FTP server using GitHub actions
Halite - High-level cryptography interface powered by libsodium
add-and-commit - :octocat: Automatically commit changes made in your workflow run directly to your repo