Skip to content

IBX-11717: [GHA] Prepared Ibexa composer-audit-ignore action #96

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
alongosz merged 5 commits into from
May 20, 2026
+51 −1
Merged

IBX-11717: [GHA] Prepared Ibexa composer-audit-ignore action #96

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
fbde1a8
[Composer Install] Bumped `ramsey/composer-install` to `v4`
alongosz May 18, 2026
48d182c
[Composer Audit ignore] Created `composer-audit-ignore` Action
alongosz May 18, 2026
e007ed3
[Composer Install] Used `composer-audit-ignore` action
alongosz May 18, 2026
26f9c9d
[Composer Audit Ignore] Added `twig/twig` advisories
alongosz May 20, 2026
e095422
[Composer Audit Ignore] Added `twig/intl-extra` advisory
alongosz May 20, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
44 changes: 44 additions & 0 deletions actions/composer-audit-ignore/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
name: "Configure ignoring known unsolvable advisories"
author: 'Ibexa AS'
description: >-
Configures Composer `audit.ignore` list for CI tests in an allow-list way.

inputs:
php-version:
description: 'PHP version'
required: true

runs:
using: "composite"
steps:
- if: startsWith(inputs.php-version, '7.4.')
name: Configure advisory ignore list for PHP 7.4
shell: bash
run: |
reason="The affected version of 3rd party component is installed on PHP 7.4. There's no alternative supporting PHP 7.4. Consider upgrading to PHP 8"

for advisory in \
PKSA-xwpn-zs9j-6wy5 \
PKSA-sf9j-1gs7-xzvx \
PKSA-7h5p-prw9-w5nr \
PKSA-5k7f-wvjj-jrgw \
PKSA-sjvz-tbbr-vwth \
PKSA-h8hf-ytnd-5t9q \
PKSA-wwb1-81rc-pd65 \
PKSA-hgmw-wn4d-hpcy \
PKSA-kvv6-36cr-fkzb \
PKSA-n14z-jjjg-g8vd \
PKSA-3mcc-k66d-pydb \
PKSA-gw7n-z4yx-7xjt \
PKSA-dpx1-78wg-1kqs \
PKSA-21g2-dzjv-sky5 \
PKSA-v3kg-5xkr-pykw \
PKSA-yhcn-xrg3-68b1 \
PKSA-2wrf-1xmk-1pky \
PKSA-6319-ffpf-gx66 \
PKSA-n7sg-8f52-pqtf \
PKSA-8kk8-h2xr-h5nx \
PKSA-2rbx-bjdx-4d4d
do
composer config audit.ignore --json --merge "{\"$advisory\":\"$reason\"}"
done
8 changes: 7 additions & 1 deletion actions/composer-install/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ runs:

- name: Setup PHP Action
uses: shivammathur/setup-php@v2
id: setup_php
with:
php-version: ${{ matrix.php }}
coverage: ${{ inputs.coverage }}
Expand Down Expand Up @@ -73,7 +74,12 @@ runs:
env:
GITHUB_ACTION_PATH: ${{ github.action_path }}

- uses: ramsey/composer-install@v3
- name: 'Ignore known unsolvable advisories'
uses: ibexa/gh-workflows/actions/composer-audit-ignore@main
with:
php-version: ${{ steps.setup_php.outputs.php-version }}

- uses: ramsey/composer-install@v4
with:
dependency-versions: highest
composer-options: ${{ inputs.composer-options }}
Loading