Add phpstan action

Signed-off-by: Erik Sommer <[email protected]>

.github/workflows/php-code-scanning.yml

@@ -0,0 +1,40 @@
+name: PHP Code Scanning
+
+on:
+  push:
+    branches:
+      - '*'  # This will trigger the action on any commit to any branch
+  pull_request:
+    branches:
+      - 'master'  # This will trigger the action only for PRs targeting the 'master' branch
+
+jobs:
+  phpstan:
+    runs-on: ubuntu-latest
+
+    steps:
+      # Check out the code from the repository
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      # Set up PHP 7.4 environment
+      - name: Set up PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: '7.4'
+
+      # Install dependencies (including PHPStan if it's a dev dependency)
+      - name: Install dependencies
+        run: |
+          composer install --no-interaction --prefer-dist
+
+      # Run PHPStan to analyze code
+      - name: Run PHPStan
+        run: |
+          vendor/bin/phpstan
+
+      # Optional: Upload the results (for GitHub to process as Code Scanning Alerts)
+      - name: Upload Code Scanning Results
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: phpstan.sarif