name: Security Check

on:
  push:
    branches:
      - master
  pull_request:
    branches:
      - master
  schedule:
    - cron: '0 3 * * 0'

jobs:
  build:
    name: Security check
    runs-on: ubuntu-latest
    strategy:
      matrix:
        php-versions: [ '8.0', '8.1' ]

    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - name: Setup PHP
        uses: shivammathur/setup-php@v2
        with:
          php-version: ${{ matrix.php-versions }}

      - name: Install Composer dependencies
        uses: ramsey/composer-install@v2
        with:
          composer-options: '--prefer-stable'

      - name: Check for vulnerabilities
        uses: symfonycorp/security-checker-action@v5
        with:
          disable-exit-code: 1
        id: security-check

      - name: Display vulnerabilities as JSON
        run: echo ${{ steps.security-check.outputs.vulns }}