Skip to content

Security

Security #1740

Workflow file for this run

name: Security
on:
push:
branches: [ main ]
pull_request: ~
schedule:
# Do not make it the first of the month and/or midnight since it is a very busy time
- cron: "* 10 5 * *"
release:
types: [ created ]
# See https://stackoverflow.com/a/72408109
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
env:
TERM: xterm
jobs:
security:
runs-on: ubuntu-latest
name: Audit Dependencies
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Cache the vulnerability database
uses: actions/cache@v4
id: cache-db
with:
path: ~/.symfony/cache
key: db
- name: Checks dependencies for known vulnerabilities
uses: symfonycorp/security-checker-action@v5