Update php.yml #489

Workflow file for this run

	name: Lion-Framework (CI Workflow)

	on:
	push:
	branches:
	- actions
	pull_request:
	branches:
	- main
	- 4.x
	paths:
	- '.github/workflows/php.yml'
	- 'app/**'
	- 'config/**'
	- 'database/**'
	- 'routes/**'
	- 'storage/**'
	- 'tests/**'
	- '.env.actions'
	- 'composer.json'
	- 'composer.lock'
	- 'phpstan.neon'
	- 'phpunit.xml'

	jobs:
	install-dependencies:
	runs-on: ubuntu-latest
	name: Install PHP Dependencies
	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Setup PHP
	uses: shivammathur/setup-php@v2
	with:
	php-version: 8.4
	extensions: mbstring, gd, zip

	- name: Install PHP dependencies
	run: composer install

	- name: Cache vendor directory
	uses: actions/cache@v4
	with:
	path: vendor
	key: php-vendor-${{ runner.os }}-${{ github.run_id }}
	restore-keys: php-vendor-${{ runner.os }}-${{ github.run_id }}

	- name: Cache composer.lock
	uses: actions/cache@v4
	with:
	path: composer.lock
	key: php-composer-lock-${{ runner.os }}-${{ github.run_id }}
	restore-keys: php-composer-lock-${{ runner.os }}-${{ github.run_id }}

	composer-validation:
	runs-on: ubuntu-latest
	name: Composer Validation
	needs: install-dependencies

	steps:
	- name: Check out the repository
	uses: actions/checkout@v4

	- name: Set up PHP
	uses: shivammathur/setup-php@v2
	with:
	php-version: '8.4'
	extensions: mbstring, gd, zip

	- name: Restore composer.lock from cache
	uses: actions/cache@v4
	with:
	path: composer.lock
	key: php-composer-lock-${{ runner.os }}-${{ github.run_id }}
	restore-keys: php-composer-lock-${{ runner.os }}-${{ github.run_id }}

	- name: Restore vendor directory from cache
	uses: actions/cache@v4
	with:
	path: vendor
	key: php-vendor-${{ runner.os }}-${{ github.run_id }}
	restore-keys: php-vendor-${{ runner.os }}-${{ github.run_id }}

	- name: Composer Validate
	run: composer validate --strict

	- name: Composer Check for vulnerabilities
	run: composer audit --locked

	- name: Composer Dump-Autoload
	run: composer dump-autoload --optimize --strict-psr

	dependency-review:
	runs-on: ubuntu-latest
	name: Dependency Review
	needs: install-dependencies

	permissions:
	pull-requests: write

	steps:
	- name: Check out the repository
	uses: actions/checkout@v4

	- name: Restore composer.lock from cache
	uses: actions/cache@v4
	with:
	path: composer.lock
	key: php-composer-lock-${{ runner.os }}-${{ github.run_id }}
	restore-keys: php-composer-lock-${{ runner.os }}-${{ github.run_id }}

	- name: Dependency Review
	uses: actions/dependency-review-action@v4
	with:
	base-ref: main
	head-ref: ${{ github.sha }}
	comment-summary-in-pr: true
	# Possible values: "critical", "high", "moderate", "low"
	fail-on-severity: critical
	license-check: true

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Update php.yml #489

Workflow file

Update php.yml #489

Uh oh!

Jobs

Run details

Workflow file for this run