From 4b5fb72efeaa7bdbbb427b0caf38edf2e7e08fe5 Mon Sep 17 00:00:00 2001
From: Ulrich Eckhardt <ulrich.eckhardt@base-42.de>
Date: Fri, 19 Jan 2024 15:40:09 +0100
Subject: [PATCH] Github: Run PHPStan as action on every push

This should prevent regressions in code flaws detected by PHPStan. Also,
PHPStan complains when the baseline is not advanced after fixing a flaw.
This should prevent a flaw from reappearing later on.
---
 .github/workflows/phpstan.yaml | 39 ++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)
 create mode 100644 .github/workflows/phpstan.yaml

diff --git a/.github/workflows/phpstan.yaml b/.github/workflows/phpstan.yaml
new file mode 100644
index 00000000..151fc124
--- /dev/null
+++ b/.github/workflows/phpstan.yaml
@@ -0,0 +1,39 @@
+name: PHPStan Static Analyzer
+on: [push]
+jobs:
+  run-phpstan:
+    name: Run PHPStan
+    runs-on: ubuntu-latest
+    steps:
+
+    - name: Setup PHP
+      uses: shivammathur/setup-php@v2
+      with:
+        php-version: '8.3'
+        extensions: json, xdebug
+        tools: composer:v2
+
+    - name: Check out code
+      uses: actions/checkout@v2
+
+    - name: Get Composer cache directory
+      id: composer-cache
+      run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
+
+    - name: Connect downloaded dependencies with a cache in GitHub
+      uses: actions/cache@v3
+      with:
+        path: ${{ steps.composer-cache.outputs.dir }}
+        # Note: Normally, we'd use the composer.lock to generate a hash,
+        # but the lock file is currently not versioned.
+        key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.json') }}
+        restore-keys: ${{ runner.os }}-composer-
+
+    - name: Install dependencies
+      run: composer install --prefer-dist
+
+    - name: Audit dependencies
+      run: composer audit
+
+    - name: Run PHPStan
+      run: vendor/bin/phpstan analyse