name: Psalm Security Analysis on: push: branches: - main jobs: psalm: name: Psalm runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v3 - name: Psalm uses: docker://ghcr.io/nextcloud/all-in-one-psalm with: relative_dir: php security_analysis: true composer_ignore_platform_reqs: false report_file: results.sarif - name: Upload Security Analysis results to GitHub uses: github/codeql-action/upload-sarif@v2 with: sarif_file: php/results.sarif