search

psalm / psalm-github-security-scan

Psalm Security Scanning for GitHub Actions
53 stars 17 forks source link

Add missing PHP extentions #21

Closed melroy89 closed 10 months ago

melroy89 commented 10 months ago

@orklah Despite PHP version upgrade, I now see other errors during composer install, which are missing PHP extensions. There are required for some composer packages to be present and installed.

orklah commented 10 months ago

That's weird that it wasn't needed before. Nothing changed with your last PR other than the PHP version, I'm really not sure why we would need to include extensions to this after years of working without it

Are you sure it's not something you have to set up differentlly?

melroy89 commented 10 months ago

I'm a new user of your docker / action. Meaning I want to use your project, but it's for the first time!

See my failing job: https://github.com/MbinOrg/mbin/actions/runs/6589081617/job/17962676237?pr=83

Part of pr: https://github.com/MbinOrg/mbin/pull/83

Again, it's nothing that I changed. I'm trying to use this psalm security checker for the first time on my project.

orklah commented 10 months ago

Well, like I said on the issue, I'm really not an expert on Docker so I might be wrong here, however, having to install every extension in the Psalm Dockerfile is not sustainable and will lead to countless PR to add this or that.

My naive vision is that the PHP installation that is needed to install Symfony should probably not be the same as the one that make Psalm run. That way you can have two sets of requirements.

If everything else fails, maybe you could try to install symfony with something like --ignore-platform-reqs so it will install the project even with missing core requirements

melroy89 commented 10 months ago

Well, like I said on the issue, I'm really not an expert on Docker so I might be wrong here, however, having to install every extension in the Psalm Dockerfile is not sustainable and will lead to countless PR to add this or that.

My naive vision is that the PHP installation that is needed to install Symfony should probably not be the same as the one that make Psalm run. That way you can have two sets of requirements.

If everything else fails, maybe you could try to install symfony with something like --ignore-platform-reqs so it will install the project even with missing core requirements

nevermind.. I will fork this project.