From b1fd891e448ec5d7ba84d0d503b95562e28d121a Mon Sep 17 00:00:00 2001
From: Michele Locati <michele@locati.it>
Date: Sun, 26 Sep 2021 12:12:59 +0200
Subject: [PATCH 1/2] Use psalm without docker://vimeo/psalm-github-actions

---
 .github/workflows/psalm.yml | 27 ++++++++++++++++++++++-----
 1 file changed, 22 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/psalm.yml b/.github/workflows/psalm.yml
index c3b9875..4199137 100644
--- a/.github/workflows/psalm.yml
+++ b/.github/workflows/psalm.yml
@@ -7,14 +7,31 @@ jobs:
     name: Psalm
     runs-on: ubuntu-latest
     steps:
+
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: '7.4'
+          tools: composer:v2
+          coverage: none
+
+      - name: Install Psalm
+        run: |
+          composer global require vimeo/psalm --prefer-dist --ansi --no-interaction --no-cache --dev
+          PATH=$(composer global config bin-dir --absolute --quiet):$PATH
+          psalm --version
+
       - name: Checkout code
         uses: actions/checkout@v2
 
-      - name: Psalm
-        uses: docker://vimeo/psalm-github-actions
-        with:
-          security_analysis: true
-          report_file: results.sarif
+      - name: Configure environment
+        run: composer config platform.php '7.1'
+
+      - name: Install dependencies
+        run: composer install --ansi --no-interaction --no-cache
+
+      - name: Run Psalm
+        run: psalm --taint-analysis --show-info=true --output-format=github --report=results.sarif
 
       - name: Upload Security Analysis results to GitHub
         uses: github/codeql-action/upload-sarif@v1

From 9f3e0320e9de325d33dfc6b43b3550fcf9011dfe Mon Sep 17 00:00:00 2001
From: Michele Locati <michele@locati.it>
Date: Thu, 30 Sep 2021 20:48:45 +0200
Subject: [PATCH 2/2] Try avoiding GitHub/git integration

---
 .github/workflows/psalm.yml | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/psalm.yml b/.github/workflows/psalm.yml
index 4199137..46bc1bd 100644
--- a/.github/workflows/psalm.yml
+++ b/.github/workflows/psalm.yml
@@ -31,7 +31,13 @@ jobs:
         run: composer install --ansi --no-interaction --no-cache
 
       - name: Run Psalm
-        run: psalm --taint-analysis --show-info=true --output-format=github --report=results.sarif
+        env:
+          GITHUB_REF: ""
+          GITHUB_REPOSITORY: ""
+          GITHUB_EVENT_PATH: ""
+        run: |
+          rm -rf .git
+          psalm --taint-analysis --show-info=true --output-format=github --report=results.sarif
 
       - name: Upload Security Analysis results to GitHub
         uses: github/codeql-action/upload-sarif@v1