github-actions(deps): bump shivammathur/setup-php from 2.30.0 to 2.30.4 in the dependencies group across 1 directory #579
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Validate Phar" | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - "[0-9]+.[0-9]+.x" | |
| - main | |
| pull_request: | |
| env: | |
| COMPOSER_VERSION: "^2.1" | |
| PHP_EXTENSIONS: "mbstring, ds" | |
| PHP_INI_VALUES: "memory_limit=-1, phar.readonly=0" | |
| jobs: | |
| phar: | |
| name: "Validate Phar" | |
| runs-on: "ubuntu-latest" | |
| strategy: | |
| matrix: | |
| php-version: | |
| - "7.4" | |
| env: | |
| COMPOSER_UNUSED_PHAR: "build/composer-unused.phar" | |
| COMPOSER_UNUSED_PHAR_SIGNATURE: "build/composer-unused.phar.asc" | |
| steps: | |
| - name: "Checkout" | |
| uses: "actions/checkout@v4" | |
| - name: "Install PHP with extensions" | |
| uses: "shivammathur/setup-php@2.30.4" | |
| with: | |
| coverage: "none" | |
| tools: "composer:v2" | |
| extensions: "${{ env.PHP_EXTENSIONS }}" | |
| ini-values: "${{ env.PHP_INI_VALUES }}" | |
| php-version: "${{ matrix.php-version }}" | |
| - name: "Remove dev dependencies" | |
| run: "composer update --no-progress" | |
| - name: "Fetch latest version tag" | |
| run: "echo `git describe --abbrev=0 --tags` > .version" | |
| - name: "Validate configuration for humbug/box" | |
| run: "vendor/bin/box validate box.json" | |
| - name: "Compile composer-unused.phar with humbug/box" | |
| run: "vendor/bin/box compile --config=box.json --no-parallel" | |
| - name: "Show info about composer-unused.phar with humbug/box" | |
| run: "vendor/bin/box info ${{ env.COMPOSER_UNUSED_PHAR }}" | |
| - name: "Import GPG key" | |
| id: "import_gpg" | |
| uses: "crazy-max/ghaction-import-gpg@v6" | |
| with: | |
| gpg_private_key: "${{ secrets.GPG_PRIVATE_KEY }}" | |
| passphrase: "${{ secrets.GPG_PASSPHRASE }}" | |
| - name: "Sign composer-unused.phar" | |
| run: "gpg --default-key ${{ steps.import_gpg.outputs.keyid }} --sign ${{ env.COMPOSER_UNUSED_PHAR }}" | |
| - name: "Detach signature" | |
| run: "gpg --default-key ${{ steps.import_gpg.outputs.keyid }} --output ${{ env.COMPOSER_UNUSED_PHAR_SIGNATURE }} --detach-sig ${{ env.COMPOSER_UNUSED_PHAR }}" | |
| - name: "Verify signature" | |
| run: "gpg --verify ${{ env.COMPOSER_UNUSED_PHAR_SIGNATURE }} ${{ env.COMPOSER_UNUSED_PHAR }}" | |
| - name: "Validate composer-unused.phar against code" | |
| run: "php ${{ env.COMPOSER_UNUSED_PHAR }} --excludeDir=data" |