From 14397e550640ec9ca957ddff7f97572dcbe97f0c Mon Sep 17 00:00:00 2001
From: lotyp <lotyp7@gmail.com>
Date: Sat, 18 May 2024 16:14:16 +0300
Subject: [PATCH] ci: add dependency-analysis workflow

---
 ...ge-release.yaml => auto-merge-release.yml} |  0
 .github/workflows/coding-standards.yml        |  2 +-
 .github/workflows/dependency-analysis.yml     | 79 +++++++++++++++++++
 .github/workflows/security-analysis.yml       |  2 +-
 .github/workflows/static-analysis.yml         |  2 +-
 .github/workflows/testing.yml                 |  2 +-
 6 files changed, 83 insertions(+), 4 deletions(-)
 rename .github/workflows/{auto-merge-release.yaml => auto-merge-release.yml} (100%)
 create mode 100644 .github/workflows/dependency-analysis.yml

diff --git a/.github/workflows/auto-merge-release.yaml b/.github/workflows/auto-merge-release.yml
similarity index 100%
rename from .github/workflows/auto-merge-release.yaml
rename to .github/workflows/auto-merge-release.yml
diff --git a/.github/workflows/coding-standards.yml b/.github/workflows/coding-standards.yml
index ba95304..b3feeef 100644
--- a/.github/workflows/coding-standards.yml
+++ b/.github/workflows/coding-standards.yml
@@ -74,7 +74,7 @@ jobs:
         os:
           - ubuntu-latest
         php-version:
-          - '8.2'
+          - '8.1'
         dependencies:
           - locked
     permissions:
diff --git a/.github/workflows/dependency-analysis.yml b/.github/workflows/dependency-analysis.yml
new file mode 100644
index 0000000..d0ff44a
--- /dev/null
+++ b/.github/workflows/dependency-analysis.yml
@@ -0,0 +1,79 @@
+---
+
+name: 🔐 Dependency analysis
+
+on:  # yamllint disable-line rule:truthy
+  pull_request:
+    paths:
+      - 'src/**'
+      - 'tests/**'
+      - '.php-cs-fixer.dist.php'
+      - 'composer.json'
+      - 'composer.lock'
+  push:
+    paths:
+      - 'src/**'
+      - 'tests/**'
+      - '.php-cs-fixer.dist.php'
+      - 'composer.json'
+      - 'composer.lock'
+
+jobs:
+  dependency-analysis:
+    timeout-minutes: 4
+    runs-on: ${{ matrix.os }}
+    concurrency:
+      cancel-in-progress: true
+      group: dependency-analysis-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+    strategy:
+      fail-fast: true
+      matrix:
+        os:
+          - ubuntu-latest
+        php-version:
+          - '8.1'
+        dependencies:
+          - locked
+
+    steps:
+      - name: 📦 Check out the codebase
+        uses: actions/checkout@v4.1.5
+
+      - name: 🛠️ Setup PHP
+        uses: shivammathur/setup-php@2.30.4
+        with:
+          php-version: ${{ matrix.php-version }}
+          extensions: none, ctype, dom, json, mbstring, phar, simplexml, tokenizer, xml, xmlwriter, sockets
+          ini-values: error_reporting=E_ALL
+          coverage: none
+          tools: phive
+
+      - name: 🛠️ Setup problem matchers
+        run: echo "::add-matcher::${{ runner.tool_cache }}/php.json"
+
+      - name: 🤖 Validate composer.json and composer.lock
+        run: composer validate --ansi --strict
+
+      - name: 🔍 Get composer cache directory
+        uses: wayofdev/gh-actions/actions/composer/get-cache-directory@v3.1.0
+
+      - name: ♻️ Restore cached dependencies installed with composer
+        uses: actions/cache@v4.0.2
+        with:
+          path: ${{ env.COMPOSER_CACHE_DIR }}
+          key: php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-${{ hashFiles('composer.lock') }}
+          restore-keys: php-${{ matrix.php-version }}-composer-${{ matrix.dependencies }}-
+
+      - name: 📥 Install "${{ matrix.dependencies }}" dependencies
+        uses: wayofdev/gh-actions/actions/composer/install@v3.1.0
+        with:
+          dependencies: ${{ matrix.dependencies }}
+
+      - name: 📥 Install dependencies with phive
+        uses: wayofdev/gh-actions/actions/phive/install@3.1.0
+        with:
+          phive-home: '.phive'
+          trust-gpg-keys: 0xC00543248C87FB13,0x033E5F8D801A2F8D
+
+      - name: 🔬 Run maglnet/composer-require-checker
+        run: .phive/composer-require-checker check --ansi --config-file="$(pwd)/composer-require-checker.json" --verbose
diff --git a/.github/workflows/security-analysis.yml b/.github/workflows/security-analysis.yml
index 7c92c9d..019d855 100644
--- a/.github/workflows/security-analysis.yml
+++ b/.github/workflows/security-analysis.yml
@@ -19,7 +19,7 @@ jobs:
         os:
           - ubuntu-latest
         php-version:
-          - '8.2'
+          - '8.1'
         dependencies:
           - locked
     steps:
diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml
index f0fff75..df4888a 100644
--- a/.github/workflows/static-analysis.yml
+++ b/.github/workflows/static-analysis.yml
@@ -33,7 +33,7 @@ jobs:
         os:
           - ubuntu-latest
         php-version:
-          - '8.2'
+          - '8.1'
         dependencies:
           - locked
     steps:
diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml
index af08a01..2bcf0af 100644
--- a/.github/workflows/testing.yml
+++ b/.github/workflows/testing.yml
@@ -23,7 +23,7 @@ jobs:
         os:
           - ubuntu-latest
         php-version:
-          - '8.2'
+          - '8.1'
         dependencies:
           - locked
     steps: