Run Local PHP Security Checker via GitHub Actions.
name: Security scanner
on: [push, pull_request]
jobs:
security:
name: Local PHP Security Checker
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Local PHP Security Checker
uses: docker://pplotka/local-php-security-checker-github-actionsYou can specify version of Local PHP Security Checker:
- name: Local PHP Security Checker
- uses: docker://pplotka/local-php-security-checker-github-actions
+ uses: docker://pplotka/local-php-security-checker-github-actions:v1.0.0You can also pass a path to check a specific directory:
- name: Local PHP Security Checker
uses: docker://pplotka/local-php-security-checker-github-actions
+ with:
+ path: path/to/php/project/composer.lockBy default, the output is optimized for terminals, change it via the format parameter (supported formats: ansi, markdown, json, and yaml):
- name: Local PHP Security Checker
uses: docker://pplotka/local-php-security-checker-github-actions
+ with:
+ format: markdownYou might also get the output (with vulnerabilities) in specified format and do something with them in another step:
- name: Local PHP Security Checker
+ id: local_php_security_checker
uses: docker://pplotka/local-php-security-checker-github-actions
with:
format: markdown
+ - name: Display the output
+ run: echo "${{ steps.local_php_security_checker.outputs.security }}"The Docker Image is located here: https://hub.docker.com/r/pplotka/local-php-security-checker-github-actions
You can run checking any directory with composer.lock file with this command:
docker run --rm -it -w /app -v $(pwd):/app pplotka/local-php-security-checker-github-actions --format=yaml