Skip to content

Added composer install to composer audit Github Actions workflow #112

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: develop
Choose a base branch
from
Open

Added composer install to composer audit Github Actions workflow #112

wants to merge 2 commits into from

Conversation

tuj
Copy link
Contributor

@tuj tuj commented Jul 1, 2025

No description provided.

@tuj tuj requested a review from rimi-itk July 1, 2025 09:15
@tuj tuj self-assigned this Jul 1, 2025
@tuj tuj added the bug Something isn't working label Jul 1, 2025
turegjorup
turegjorup requested changes Jul 1, 2025
View reviewed changes
github/workflows/composer.yaml Outdated
@@ -65,4 +65,5 @@ jobs:
- uses: actions/checkout@v4
- run: |
docker network create frontend
docker compose run --rm phpfpm composer install
docker compose run --rm phpfpm composer audit
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
docker compose run --rm phpfpm composer audit
docker compose run --rm phpfpm composer audit --locked

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

composer audit --help
Description:
  Checks for security vulnerability advisories for installed packages

Usage:
  audit [options]

Options:
      --locked.   Audit based on the lock file instead of the installed packages.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Then remove composer install

rimi-itk
rimi-itk requested changes Jul 1, 2025
View reviewed changes
@tuj @rimi-itk
Update github/workflows/composer.yaml
c82fce5 
Co-authored-by: Mikkel Ricky <rimi@aarhus.dk>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@turegjorup turegjorup turegjorup requested changes

@rimi-itk rimi-itk rimi-itk requested changes

@sinejespersen sinejespersen sinejespersen approved these changes

Assignees

@tuj tuj

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@tuj @turegjorup @rimi-itk @sinejespersen