Skip to content
Lion-Framework (CI Workflow)

build(deps-dev): bump lion/test from 3.11.0 to 3.12.0 #514

Sign in to view logs

build(deps-dev): bump lion/test from 3.11.0 to 3.12.0

build(deps-dev): bump lion/test from 3.11.0 to 3.12.0 #514

Workflow file for this run

.github/workflows/php.yml at 7e93c5a
name: Lion-Framework (CI Workflow)
on:
push:
branches:
- actions
pull_request:
branches:
- main
- 4.x
paths:
- '.github/workflows/php.yml'
- 'app/**'
- 'config/**'
- 'database/**'
- 'routes/**'
- 'storage/**'
- 'tests/**'
- '.env.actions'
- 'composer.json'
- 'composer.lock'
- 'phpstan.neon'
- 'phpunit.xml'
jobs:
install-dependencies:
runs-on: ubuntu-latest
name: Install PHP Dependencies
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: 8.4
extensions: mbstring, gd, zip
- name: Install PHP dependencies
run: composer install
- name: Cache vendor directory
uses: actions/cache@v4
with:
path: vendor
key: php-vendor-${{ runner.os }}-${{ github.run_id }}
restore-keys: php-vendor-${{ runner.os }}-${{ github.run_id }}
- name: Cache composer.lock
uses: actions/cache@v4
with:
path: composer.lock
key: php-composer-lock-${{ runner.os }}-${{ github.run_id }}
restore-keys: php-composer-lock-${{ runner.os }}-${{ github.run_id }}
composer-validation:
runs-on: ubuntu-latest
name: Composer Validation
needs: install-dependencies
steps:
- name: Check out the repository
uses: actions/checkout@v4
- name: Set up PHP
uses: shivammathur/setup-php@v2
with:
php-version: '8.4'
extensions: mbstring, gd, zip
- name: Restore composer.lock from cache
uses: actions/cache@v4
with:
path: composer.lock
key: php-composer-lock-${{ runner.os }}-${{ github.run_id }}
restore-keys: php-composer-lock-${{ runner.os }}-${{ github.run_id }}
- name: Restore vendor directory from cache
uses: actions/cache@v4
with:
path: vendor
key: php-vendor-${{ runner.os }}-${{ github.run_id }}
restore-keys: php-vendor-${{ runner.os }}-${{ github.run_id }}
- name: Composer Validate
run: composer validate --strict
- name: Composer Check for vulnerabilities
run: composer audit --locked
- name: Composer Dump-Autoload
run: composer dump-autoload --optimize --strict-psr
dependency-review:
runs-on: ubuntu-latest
name: Dependency Review
needs: install-dependencies
permissions:
pull-requests: write
steps:
- name: Check out the repository
uses: actions/checkout@v4
- name: Restore composer.lock from cache
uses: actions/cache@v4
with:
path: composer.lock
key: php-composer-lock-${{ runner.os }}-${{ github.run_id }}
restore-keys: php-composer-lock-${{ runner.os }}-${{ github.run_id }}
- name: Dependency Review
uses: actions/dependency-review-action@v4
with:
base-ref: main
head-ref: ${{ github.sha }}
comment-summary-in-pr: true
# Possible values: "critical", "high", "moderate", "low"
fail-on-severity: critical
license-check: true