AspireSync/.github/workflows/run-checks.yaml
StepSecurity Bot 60668e093d
[StepSecurity] Apply security best practices (#53)
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2025-03-15 12:51:14 -06:00

37 lines
823 B
YAML

name: Commit Pipeline
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Harden the runner (Audit all outbound calls)
uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
with:
egress-policy: audit
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup PHP
uses: shivammathur/setup-php@9e72090525849c5e82e596468b86eb55e9cc5401 # v2
with:
php-version: '8.3'
- name: Build Dependencies
run: |
composer install
- name: Run tests
run: |
composer run style:check
composer run phpstan
composer run test