minor #1359 Use 'composer audit' instead of 'symfony check:security' …

…(rosier) This PR was merged into the main branch. Discussion ---------- Use 'composer audit' instead of 'symfony check:security' Since Composer 2.4, there is a new command called audit, that outputs a list of reported security vulnerabilities for the list of packages versions currently installed. This removes the need to download and install Symfony CLI Commits ------- c958cfe Use 'composer audit' instead of 'symfony check:security'
symfony · Oct 28, 2022 · 60783c4 · 60783c4
2 parents fbc76bb + c958cfe
commit 60783c4
Showing 1 changed file with 1 addition and 5 deletions.
diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml
@@ -86,13 +86,9 @@ jobs:
               if: always() && steps.install.outcome == 'success'
               run: composer validate --strict
 
-            - name: Download Symfony CLI
-              if: always() && steps.install.outcome == 'success'
-              run: wget https://get.symfony.com/cli/installer -O - | bash
-
             - name: Check if any dependencies are compromised
               if: always() && steps.install.outcome == 'success'
-              run: /home/runner/.symfony5/bin/symfony check:security
+              run: composer audit
 
             - name: Run PHPStan
               if: always() && steps.install.outcome == 'success'