Add security checks.

Author: janbarasek

.github/workflows/main.yml

@@ -1,14 +1,21 @@
 name: Integrity check
 
-on: [push]
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+    types: [ assigned, opened, synchronize, reopened ]
+  schedule:
+    - cron: '1 * * * *'
 
 jobs:
   build:
     runs-on: ubuntu-latest
 
     steps:
     - uses: actions/checkout@master
-    
+
     - name: Install PHP
       uses: shivammathur/setup-php@master
       with:
@@ -22,7 +29,9 @@ jobs:
         # Install app deps
         composer install --no-interaction --prefer-dist
 
-    # Check code checker and coding standards
+    - name: The PHP Security Checker
+      uses: symfonycorp/security-checker-action@v2
+
     - name: Check coding standards
       run: |
         php temp/code-checker/code-checker --short-arrays --strict-types --fix --no-progress

LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2020 Baraja packages
+Copyright (c) 2021 Baraja packages
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

composer.json

@@ -20,7 +20,8 @@
 		"phpstan/phpstan": "^0.12.18",
 		"tracy/tracy": "^2.8",
 		"phpstan/phpstan-nette": "^0.12.6",
-		"symplify/easy-coding-standard": "^7.2"
+		"symplify/easy-coding-standard": "^7.2",
+		"spaze/phpstan-disallowed-calls": "^1.1"
 	},
 	"autoload": {
 		"classmap": [

phpstan.neon

@@ -1,6 +1,9 @@
 includes:
 	- vendor/phpstan/phpstan-nette/extension.neon
 	- vendor/phpstan/phpstan-nette/rules.neon
+	- vendor/spaze/phpstan-disallowed-calls/extension.neon
+	- vendor/spaze/phpstan-disallowed-calls/disallowed-dangerous-calls.neon
+	- vendor/spaze/phpstan-disallowed-calls/disallowed-execution-calls.neon
 
 parameters:
 	checkGenericClassInNonGenericObjectType: false