tithely
diff --git a/‎.github/workflows/codeql.yml‎
Lines changed: 63 additions & 0 deletions b/‎.github/workflows/codeql.yml‎
Lines changed: 63 additions & 0 deletions
diff --git a/‎composer.json‎
Lines changed: 4 additions & 2 deletions b/‎composer.json‎
Lines changed: 4 additions & 2 deletions
@@ -0,0 +1,63 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ "master" ]
+  pull_request:
+    branches: [ "master" ]
+  schedule:
+    - cron: '30 12 * * 1'
+
+jobs:
+  analyze:
+    strategy:
+      matrix:
+        php-versions: [ '8.0', '8.1', '8.2', '8.3' ]
+    name: Analyze PHP ${{ matrix.php-versions }}
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+
+    steps:
+      - uses: actions/checkout@v3
+        name: Check Out Code
+
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: ${{ matrix.php-versions }}
+          tools: pecl
+          extensions: ""
+
+      - name: Validate composer.json and composer.lock
+        run: composer validate
+
+      - name: Setup Composer Access
+        run: composer config -g github-oauth.github.com ${{ secrets.GITHUB_TOKEN }}
+        
+      - name: Cache Composer packages
+        id: composer-cache
+        uses: actions/cache@v4
+        with:
+          path: vendor
+          key: ${{ runner.os }}-composer-${{ matrix.php-versions }}-${{ hashFiles('**/composer.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-composer-${{ matrix.php-versions }}-
+            ${{ runner.os }}-composer-
+
+      - name: Install dependencies
+        if: steps.composer-cache.outputs.cache-hit != 'true'
+        run: composer install --prefer-dist --no-progress --optimize-autoloader
+
+      - name: Perform CodeQL Analysis using Psalm
+        run: |
+          if [ "${{ github.event_name }}" == "pull_request" ]; then
+             vendor/bin/psalm --diff --output-format=sarif --report=psalm-report.sarif || true
+          else
+             vendor/bin/psalm --no-diff --output-format=sarif --report=psalm-report.sarif || true
+          fi
+        continue-on-error: true
+
+      - name: Upload SARIF report
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: psalm-report.sarif
@@ -16,9 +16,11 @@
     "psr-4": {"PicoMapper\\": "src/"}
   },
   "require-dev": {
-    "phpunit/phpunit": "^9.6"
+    "phpunit/phpunit": "^9.6",
+    "vimeo/psalm": "^5.26"
   },
   "scripts": {
-    "test": "phpunit"
+    "test": "phpunit",
+    "psalm": "vendor/bin/psalm"
   }
 }
Original file line number	Diff line number	Diff line change
`@@ -16,9 +16,11 @@`
`16`	`16`	`"psr-4": {"PicoMapper\\": "src/"}`
`17`	`17`	`},`
`18`	`18`	`"require-dev": {`
`19`		`- "phpunit/phpunit": "^9.6"`
	`19`	`+ "phpunit/phpunit": "^9.6",`
	`20`	`+ "vimeo/psalm": "^5.26"`
`20`	`21`	`},`
`21`	`22`	`"scripts": {`
`22`		`- "test": "phpunit"`
	`23`	`+ "test": "phpunit",`
	`24`	`+ "psalm": "vendor/bin/psalm"`
`23`	`25`	`}`
`24`	`26`	`}`