From cc06fca6371923fbf4054cf787d6f8d73f40ef88 Mon Sep 17 00:00:00 2001
From: shimomo <yuichi@shimomo.net>
Date: Fri, 29 Aug 2025 17:24:15 +0900
Subject: [PATCH] ci: add security workflow

---
 .github/workflows/security.yml | 36 ++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 .github/workflows/security.yml

diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
new file mode 100644
index 00000000..ca1c8773
--- /dev/null
+++ b/.github/workflows/security.yml
@@ -0,0 +1,36 @@
+name: security
+
+on:
+  push:
+    branches:
+      - 'gh-pages'
+  pull_request:
+  schedule:
+    - cron: '0 0 * * *'
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  security:
+    name: Security on PHP ${{ matrix.php-version }} (Ubuntu 24.04)
+    runs-on: ubuntu-24.04
+    strategy:
+      matrix:
+        php-version:
+          - '8.4'
+    steps:
+      - name: Setup PHP ${{ matrix.php-version }}
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: ${{ matrix.php-version }}
+
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+
+      - name: Install Dependencies
+        run: composer install --prefer-dist --no-interaction --no-progress --dev
+
+      - name: Run Composer Audit
+        run: composer audit