https://github.com/psalm/psalm-github-security-scan
Psalm Security Scanning for GitHub Actions
https://github.com/psalm/psalm-github-security-scan
Last synced: 10 months ago
JSON representation
Psalm Security Scanning for GitHub Actions
- Host: GitHub
- URL: https://github.com/psalm/psalm-github-security-scan
- Owner: psalm
- Created: 2020-11-21T00:14:07.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2024-06-20T08:36:33.000Z (almost 2 years ago)
- Last Synced: 2025-06-11T20:41:54.627Z (about 1 year ago)
- Language: Dockerfile
- Size: 85 KB
- Stars: 53
- Watchers: 6
- Forks: 19
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Psalm Github Security Scan
Run [Psalm’s Security Analysis](https://psalm.dev/docs/security_analysis/) as a Github action (a more general version [can be found here](https://github.com/psalm/psalm-github-actions)).
```yaml
name: Psalm Security Scan
on: [push, pull_request]
jobs:
psalm-security-scan:
name: Psalm
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Psalm Security Scan
uses: docker://ghcr.io/psalm/psalm-security-scan
- name: Import Security Analysis results into GitHub Security Code Scanning
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: results.sarif
```
## Specify Psalm version
You can also specify a version.
```diff
- uses: docker://ghcr.io/psalm/psalm-security-scan
+ uses: docker://ghcr.io/psalm/psalm-security-scan:5.7.7
```