Skip to content

Local PHP Security Checker

Run local php security checker via GitHub Actions
Star (7)

GitHub Actions for Local PHP Security Checker

Run Local PHP Security Checker via GitHub Actions.

How to use

name: Security scanner

on: [push, pull_request]

    name: Local PHP Security Checker
    runs-on: ubuntu-latest
      - name: Checkout code
        uses: actions/checkout@v2

      - name: Local PHP Security Checker
        uses: docker://pplotka/local-php-security-checker-github-actions

You can specify version of Local PHP Security Checker:

      - name: Local PHP Security Checker
-       uses: docker://pplotka/local-php-security-checker-github-actions
+       uses: docker://pplotka/local-php-security-checker-github-actions:v1.0.0

You can also pass a path to check a specific directory:

      - name: Local PHP Security Checker
        uses: docker://pplotka/local-php-security-checker-github-actions
+       with:
+         path: path/to/php/project/composer.lock

By default, the output is optimized for terminals, change it via the format parameter (supported formats: ansi, markdown, json, and yaml):

      - name: Local PHP Security Checker
        uses: docker://pplotka/local-php-security-checker-github-actions
+       with:
+         format: markdown

You might also get the output (with vulnerabilities) in specified format and do something with them in another step:

      - name: Local PHP Security Checker
+       id: local_php_security_checker
        uses: docker://pplotka/local-php-security-checker-github-actions
         format: markdown
+     - name: Display the output
+       run: echo "${{ }}"

You can also pass a cache_dir to cache the vulnerability database and speed up security checks:

+     - uses: actions/cache@v3
+       with:
+         path: ~/.cache/local-php-security-checker
+         key: local-php-security-checker-cache
      - name: Local PHP Security Checker
        uses: docker://pplotka/local-php-security-checker-github-actions
+       with:
+         cache_dir: ~/.cache/local-php-security-checker

Use without GitHub Actions

The Docker Image is located here:

You can run checking any directory with composer.lock file with this command:

docker run --rm -it -w /app -v $(pwd):/app pplotka/local-php-security-checker-github-actions --format=yaml

Local PHP Security Checker is not certified by GitHub. It is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.


Run local php security checker via GitHub Actions

Local PHP Security Checker is not certified by GitHub. It is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.