timmybee/travel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add code security checks workflow #2

Merged
timmybee merged 1 commits from feature/security-checks into master 2026-03-05 13:54:25 +08:00
Conversation 0 Commits 1 Files Changed 5 +331 -2
timmybee commented 2026-03-05 13:51:31 +08:00
Owner
Copy Link

Summary

  • Adds composer audit to check PHP dependencies for known vulnerabilities
  • Adds npm audit to check Node dependencies for known vulnerabilities
  • Adds PHPStan (with Larastan) static analysis at level 5 with a baseline for existing errors

Test plan

  • Verify the security workflow runs on push/PR to master
  • Confirm PHPStan passes with the baseline
  • Confirm composer audit and npm audit run successfully
## Summary - Adds `composer audit` to check PHP dependencies for known vulnerabilities - Adds `npm audit` to check Node dependencies for known vulnerabilities - Adds PHPStan (with Larastan) static analysis at level 5 with a baseline for existing errors ## Test plan - [ ] Verify the security workflow runs on push/PR to master - [ ] Confirm PHPStan passes with the baseline - [ ] Confirm composer audit and npm audit run successfully
timmybee added 1 commit 2026-03-05 13:51:31 +08:00
Add security workflow with composer audit, npm audit, and PHPStan
All checks were successful
linter / quality (pull_request) Successful in 1m23s
Details
security / Dependency Audit (pull_request) Successful in 1m21s
Details
security / Static Analysis (pull_request) Successful in 1m32s
Details
tests / ci (8.4) (pull_request) Successful in 1m42s
Details
tests / ci (8.5) (pull_request) Successful in 1m31s
Details
39fcb55904 
Adds a new GitHub Actions workflow that runs dependency vulnerability
checks for both PHP and Node packages, plus PHPStan static analysis
with Larastan. Includes a baseline for existing errors.
timmybee merged commit d2f7812432 into master 2026-03-05 13:54:25 +08:00
timmybee deleted branch feature/security-checks 2026-03-05 13:54:39 +08:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
timmybee
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: timmybee/travel#2
Delete Branch "feature/security-checks"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?