From 1779ed04157f0de559e5871897981bad4e11afa8 Mon Sep 17 00:00:00 2001
From: Steve Breker <sbreker@artefactual.com>
Date: Tue, 28 May 2024 15:23:56 -0700
Subject: [PATCH] Add security analysis using Psalm GitHub action

---
 .github/workflows/sast-scan.yml | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 .github/workflows/sast-scan.yml

diff --git a/.github/workflows/sast-scan.yml b/.github/workflows/sast-scan.yml
new file mode 100644
index 0000000000..00346c0085
--- /dev/null
+++ b/.github/workflows/sast-scan.yml
@@ -0,0 +1,21 @@
+name: Psalm Static analysis
+
+on:
+  pull_request:
+  push:
+    branches:
+    - dev/add-sast-security-scan
+    - qa/**
+    - stable/**
+
+jobs:
+  psalm:
+    name: Psalm
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Psalm
+        uses: docker://ghcr.io/psalm/psalm-github-actions
+            
\ No newline at end of file