Skip to content

Commit 311305a

Browse files
NoResponseMateNoResponseMate
committed
fail-fix
1 parent 76e5742 commit 311305a

File tree

1 file changed

+32
-32
lines changed

1 file changed

+32
-32
lines changed

.github/workflows/build.yaml

Lines changed: 32 additions & 32 deletions
Original file line numberDiff line numberDiff line change
@@ -103,14 +103,6 @@ jobs:
103103
postgresql version: "${{ matrix.postgres }}"
104104
postgresql password: "postgres"
105105

106-
-
107-
name: Run Chrome Headless
108-
run: google-chrome-stable --enable-automation --disable-background-networking --no-default-browser-check --no-first-run --disable-popup-blocking --disable-default-apps --allow-insecure-localhost --disable-translate --disable-extensions --no-sandbox --enable-features=Metal --headless --remote-debugging-port=9222 --window-size=2880,1800 --proxy-server='direct://' --proxy-bypass-list='*' http://127.0.0.1 > /dev/null 2>&1 &
109-
110-
-
111-
name: Run webserver
112-
run: (cd tests/Application && symfony server:start --port=8080 --dir=public --daemon)
113-
114106
-
115107
name: Get Composer cache directory
116108
id: composer-cache
@@ -146,37 +138,37 @@ jobs:
146138
- name: Run security checks
147139
run: |
148140
set -e
149-
150-
composer audit --no-interaction --format=json > composer-audit.json || AUDIT_EXIT=$?
151-
141+
152142
IGNORED=$(jq -r '.config.audit.ignore[]?' composer.json | sort || true)
153-
154-
if [ "${AUDIT_EXIT:-0}" -ne 0 ]; then
155-
FOUND=$(jq -r '
156-
# Collect CVEs from both advisories and ignored-advisories
157-
(.advisories[]?.advisories[]?.cve? // empty),
158-
(.["ignored-advisories"][]?[]?.cve? // empty)
159-
' composer-audit.json | sort | uniq)
160-
161-
DIFF=$(comm -23 <(echo "$FOUND") <(echo "$IGNORED"))
162-
163-
if [ -n "$DIFF" ]; then
164-
echo "❌ New vulnerabilities found by Composer audit:"
165-
echo "$DIFF"
166-
exit 1
167-
else
168-
echo "✅ No new vulnerabilities found by Composer audit."
169-
fi
143+
144+
if [ -n "$IGNORED" ]; then
145+
echo "Ignored CVEs:"
146+
echo "$IGNORED"
147+
echo
148+
fi
149+
150+
composer audit --no-interaction --format=json > composer-audit.json || true
151+
152+
ALL_CVES=$(jq -r '
153+
(.advisories? // [] | .[]? | .cve? // empty),
154+
(.ignored-advisories? // {} | .[] | select(type=="array") | .[]? | .cve? // empty)
155+
' composer-audit.json | sort | uniq)
156+
157+
DIFF=$(comm -23 <(echo "$ALL_CVES") <(echo "$IGNORED"))
158+
159+
if [ -n "$DIFF" ]; then
160+
echo "❌ New vulnerabilities found by Composer audit:"
161+
echo "$DIFF"
162+
exit 1
170163
else
171164
echo "✅ No new vulnerabilities found by Composer audit."
172165
fi
173-
166+
174167
symfony security:check --format=json > symfony-audit.json || true
175-
168+
176169
FOUND=$(jq -r '.[]?.advisories[]?.cve? // empty' symfony-audit.json | sort | uniq)
177-
178170
DIFF=$(comm -23 <(echo "$FOUND") <(echo "$IGNORED"))
179-
171+
180172
if [ -n "$DIFF" ]; then
181173
echo "❌ New vulnerabilities found by Symfony security:check:"
182174
echo "$DIFF"
@@ -258,6 +250,14 @@ jobs:
258250
name: Run PHPUnit
259251
run: vendor/bin/phpunit --colors=always
260252

253+
-
254+
name: Run Chrome Headless
255+
run: google-chrome-stable --enable-automation --disable-background-networking --no-default-browser-check --no-first-run --disable-popup-blocking --disable-default-apps --allow-insecure-localhost --disable-translate --disable-extensions --no-sandbox --enable-features=Metal --headless --remote-debugging-port=9222 --window-size=2880,1800 --proxy-server='direct://' --proxy-bypass-list='*' http://127.0.0.1 > /dev/null 2>&1 &
256+
257+
-
258+
name: Run webserver
259+
run: (cd tests/Application && symfony server:start --port=8080 --dir=public --daemon)
260+
261261
-
262262
name: Run Behat
263263
run: vendor/bin/behat --colors --strict -vvv --no-interaction -f progress || vendor/bin/behat --colors --strict -vvv --no-interaction -f progress --rerun

0 commit comments

Comments
 (0)