From 2d7bfb97b8ad9e4a32e4a7f76fdd3b68baa4e43e Mon Sep 17 00:00:00 2001
From: Atsushi Matsuo <famlog@gmail.com>
Date: Sat, 20 Jul 2024 21:30:53 +0900
Subject: [PATCH] Run phpcs-security-audit on CI

---
 .github/workflows/phpcs-security-audit.yml | 32 ++++++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100644 .github/workflows/phpcs-security-audit.yml

diff --git a/.github/workflows/phpcs-security-audit.yml b/.github/workflows/phpcs-security-audit.yml
new file mode 100644
index 000000000..7236dbf37
--- /dev/null
+++ b/.github/workflows/phpcs-security-audit.yml
@@ -0,0 +1,32 @@
+name: phpcs-security-audit
+
+on:
+  push:
+    branches:
+      - "*"
+  pull_request:
+    branches: [ 'master', 'main' ]
+
+jobs:
+  run:
+    name: phpcs-security-audit
+    runs-on: 'ubuntu-latest'
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup PHP
+        uses: shivammathur/setup-php@c541c155eee45413f5b09a52248675b1a2575231 # v2.31.1
+        with:
+          php-version: '8.3'
+
+      - name: Install phpcs-security-audit
+        run: |
+          composer require --dev pheromone/phpcs-security-audit
+          composer config allow-plugins.dealerdirect/phpcodesniffer-composer-installer true
+          composer require --dev dealerdirect/phpcodesniffer-composer-installer:"^1.0"
+
+      - name: Run phpcs
+        continue-on-error: true
+        run: |
+          ./vendor/bin/phpcs --extensions=php,inc,lib,module,info --standard=./vendor/pheromone/phpcs-security-audit/example_base_ruleset.xml --warning-severity=6 src
+          exit 0