Nothing Special   »   [go: up one dir, main page]

Skip to content

psalm/psalm-github-security-scan

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace

Repository files navigation

Psalm Github Security Scan

Run Psalm’s Security Analysis as a Github action (a more general version can be found here).

name: Psalm Security Scan

on: [push, pull_request]

jobs:
  psalm-security-scan:
    name: Psalm
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v3

      - name: Psalm Security Scan
        uses: docker://ghcr.io/psalm/psalm-security-scan
        
      - name: Import Security Analysis results into GitHub Security Code Scanning
        uses: github/codeql-action/upload-sarif@v2
        with:
          sarif_file: results.sarif

Specify Psalm version

You can also specify a version.

-        uses: docker://ghcr.io/psalm/psalm-security-scan
+        uses: docker://ghcr.io/psalm/psalm-security-scan:5.7.7