add roave security advisories, and psalm taint analysis (#31)

2024-11-26 20:34:59 +01:00 · 2020-07-12 00:06:11 +02:00 · 2020-07-12 00:06:11 +02:00 · 1c5398202f
commit 1c5398202f
parent 5029dc6bf8
2 changed files with 14 additions and 2 deletions
--- a/.travis.yml
+++ b/.travis.yml
@ -27,6 +27,7 @@ script:
  - composer test:unit
  - if [[ $NIGHTLY_BUILD != 'true' ]]; then composer cs:check; fi
  - if [[ $NIGHTLY_BUILD != 'true' ]]; then composer type:check; fi
+  - if [[ $NIGHTLY_BUILD != 'true' ]]; then composer security:analysis; fi

 after_script:
  - if [[ $NIGHTLY_BUILD != 'true' ]]; then composer code:coverage; fi
--- a/composer.json
+++ b/composer.json
@ -19,7 +19,8 @@
        "vimeo/psalm": "dev-master",
        "phpunit/phpunit": "^8.5",
        "friendsofphp/php-cs-fixer": "^2.16",
-        "php-coveralls/php-coveralls": "^2.2"
+        "php-coveralls/php-coveralls": "^2.2",
+        "roave/security-advisories": "dev-master"
    },
    "autoload": {
        "psr-4": {
@ -41,6 +42,16 @@
        "type:check": "psalm",
        "type:coverage": "psalm --shepherd",
        "test:unit": "phpunit",
-        "code:coverage": "php-coveralls -v"
+        "code:coverage": "php-coveralls -v",
+        "security:analysis": "psalm --taint-analysis",
+        "check": [
+            "@cs:check",
+            "@type:check",
+            "@security:analysis",
+            "@test:unit"
+        ]
+    },
+    "config": {
+        "process-timeout": 1200
    }
 }