GitHub Workflows security hardening #1121

	name: Checks

	on:
	push:
	branches:
	- master
	pull_request:

	permissions:
	contents: read # to fetch code (actions/checkout)

	jobs:
	composer-normalize:
	name: Composer Normalize
	runs-on: ubuntu-22.04

	steps:
	- name: Checkout code
	uses: actions/checkout@v3

	- name: Composer normalize
	uses: docker://ergebnis/composer-normalize-action

	roave-bc-check:
	name: Roave BC Check
	runs-on: ubuntu-22.04

	steps:
	- name: Checkout code
	uses: actions/checkout@v3

	- name: Roave BC Check
	uses: docker://nyholm/roave-bc-check-ga

Provide feedback