From 95bafb49804ba893e40f3f367c55ef9b0fa9e963 Mon Sep 17 00:00:00 2001
From: Joas Schilling <coding@schilljs.com>
Date: Mon, 30 Sep 2024 23:53:53 +0200
Subject: [PATCH] ci: Improve usability of running different psalm modes
 locally

Signed-off-by: Joas Schilling <coding@schilljs.com>
---
 .github/workflows/static-code-analysis.yml | 6 +++---
 .gitignore                                 | 1 +
 composer.json                              | 3 ++-
 3 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/static-code-analysis.yml b/.github/workflows/static-code-analysis.yml
index 83b7452ee89..1fd77dccea4 100644
--- a/.github/workflows/static-code-analysis.yml
+++ b/.github/workflows/static-code-analysis.yml
@@ -34,7 +34,7 @@ jobs:
         run: composer i
 
       - name: Psalm
-        run: composer run psalm:ci -- --monochrome --no-progress --output-format=github --update-baseline --report=results.sarif
+        run: composer run psalm -- --threads=1 --monochrome --no-progress --output-format=github --update-baseline --report=results.sarif
 
       - name: Show potential changes in Psalm baseline
         if: always()
@@ -66,7 +66,7 @@ jobs:
         run: composer i
 
       - name: Psalm taint analysis
-        run: composer run psalm:ci -- --monochrome --no-progress --output-format=github --report=results.sarif --taint-analysis --ignore-baseline
+        run: composer run psalm:security -- --threads=1 --monochrome --no-progress --output-format=github --report=results.sarif
 
       - name: Upload Security Analysis results to GitHub
         if: always()
@@ -96,7 +96,7 @@ jobs:
         run: composer i
 
       - name: Psalm
-        run: composer run psalm:ci -- -c psalm-ocp.xml --monochrome --no-progress --output-format=github --update-baseline
+        run: composer run psalm:ocp -- --threads=1 --monochrome --no-progress --output-format=github --update-baseline
 
       - name: Show potential changes in Psalm baseline
         if: always()
diff --git a/.gitignore b/.gitignore
index 5b747559a82..60be4581331 100644
--- a/.gitignore
+++ b/.gitignore
@@ -151,6 +151,7 @@ Vagrantfile
 
 # Tests - auto-generated files
 /data-autotest
+/results.sarif
 /tests/.phpunit.result.cache
 /tests/coverage*
 /tests/css
diff --git a/composer.json b/composer.json
index d54807e9c8e..86908c10c88 100644
--- a/composer.json
+++ b/composer.json
@@ -59,7 +59,8 @@
 		"cs:check": "php-cs-fixer fix --dry-run --diff",
 		"lint": "find . -name \\*.php -not -path './lib/composer/*' -not -path './build/stubs/*' -print0 | xargs -0 -n1 php -l",
 		"psalm": "psalm --no-cache --threads=$(nproc)",
-		"psalm:ci": "psalm --no-cache --threads=1",
+		"psalm:ocp": "psalm --no-cache --threads=$(nproc) -c psalm-ocp.xml",
+		"psalm:security": "psalm --no-cache --threads=$(nproc) --taint-analysis --ignore-baseline",
 		"psalm:update-baseline": "psalm --no-cache --threads=$(nproc) --update-baseline",
 		"serve": [
 			"Composer\\Config::disableProcessTimeout",