CWE-434: Unrestricted Upload of File with Dangerous Type. Polyglot fi… #563
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build | |
on: [push, pull_request] | |
env: | |
COMPOSER_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
jobs: | |
phpstan: | |
runs-on: ubuntu-22.04 | |
name: PHPStan | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Setup PHP | |
uses: shivammathur/setup-php@v2 | |
with: | |
php-version: 8.1 | |
- run: | | |
composer require --no-update doctrine/annotations:"^2.0" liip/imagine-bundle:"^2.8" phpstan/extension-installer phpstan/phpstan-phpunit:1.3.* phpstan/phpstan:1.9.* | |
composer config --no-plugins allow-plugins.phpstan/extension-installer true | |
composer install --ignore-platform-reqs | |
XDEBUG_MODE=off vendor/bin/phpstan | |
cs-fixer: | |
runs-on: ubuntu-22.04 | |
name: PHP-CS-Fixer | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Fix CS | |
uses: docker://oskarstark/php-cs-fixer-ga | |
twig-cs-fixer: | |
runs-on: ubuntu-22.04 | |
name: Twig-CS-Fixer | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Require the vendor | |
run: composer require --dev --no-update vincentlanglet/twig-cs-fixer ^3.1 | |
- name: Update | |
run: composer update --no-interaction --no-progress | |
- name: Run | |
run: vendor/bin/twig-cs-fixer lint templates | |
validate-markdown: | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Validate | |
uses: avto-dev/markdown-lint@v1 | |
with: | |
config: './.github/workflows/config/config.json' | |
args: './docs ./CONTRIBUTING.md ./README.md ./UPDATE.md' | |
tests: | |
runs-on: ubuntu-22.04 | |
strategy: | |
matrix: | |
php: | |
- '8.1' | |
- '8.2' | |
dependencies: [highest] | |
symfony: ['*'] | |
with_imagine: [false] | |
with_oneupbundle: [true] | |
max_deprecations: [0] | |
include: | |
- extra: | |
php: '8.1' | |
symfony: '5.4.*' | |
dependencies: lowest | |
with_imagine: false | |
with_oneupbundle: false | |
max_deprecations: 5 | |
- php: '8.1' | |
symfony: '6.4.*' | |
dependencies: highest | |
with_imagine: false | |
with_oneupbundle: true | |
max_deprecations: 0 | |
- php: '8.2' | |
symfony: '6.4.*' | |
dependencies: highest | |
with_imagine: false | |
with_oneupbundle: false | |
max_deprecations: 0 | |
- php: '8.3' | |
symfony: '7.1.*' | |
dependencies: highest | |
with_imagine: false | |
with_oneupbundle: false | |
max_deprecations: 0 | |
name: PHP ${{ matrix.php }} with Symfony ${{ matrix.symfony }} tests with ${{ matrix.dependencies }} dependencies | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Cache | |
uses: actions/cache@v4 | |
with: | |
path: ~/.composer/cache/files | |
key: ${{ matrix.php }}-${{ matrix.symfony }}-${{ matrix.dependencies }} | |
- name: Setup PHP | |
uses: shivammathur/setup-php@v2 | |
with: | |
php-version: ${{ matrix.php }} | |
extensions: mongodb-stable, pdo_sqlite | |
- run: composer require --no-update doctrine/annotations:^1.14 | |
- run: | | |
sed -i 's/"league\/flysystem": "<2.0"/"league\/flysystem": "<2.0",\n"symfony\/http-kernel": "6.4.*,>6.4.8 || 7.1.*,>7.1.1"/' composer.json | |
- run: | | |
composer global config --no-plugins allow-plugins.symfony/flex true | |
composer global require --no-interaction --no-progress symfony/flex:^2.2 | |
composer config extra.symfony.require ${{ matrix.symfony }} | |
if: matrix.symfony != '*' | |
- run: composer require --no-update liip/imagine-bundle:"^2.0" | |
if: matrix.with_imagine | |
- run: composer require --no-update oneup/flysystem-bundle:"^4.0.1" | |
if: matrix.with_oneupbundle | |
- name: Update project dependencies | |
uses: ramsey/composer-install@v2 | |
with: | |
dependency-versions: ${{ matrix.dependencies }} | |
- name: Run tests | |
run: vendor/bin/phpunit | |
env: | |
SYMFONY_DEPRECATIONS_HELPER: max[self]=${{matrix.max_deprecations}} |