Commit 02a6bc9
Install dependencies before composer audit in CI
The composer-audit workflow job ran `composer audit` with no prior
install. Because this bundle does not commit composer.lock, the audit
had no resolved dependency set to scan. Add a `composer install` step
first (mirroring the composer-normalized job) so the audit runs against
the actually-resolved packages.
Note: .github/workflows/composer.yaml is generated from
itk-dev/devops_itkdev-docker; this fix should be upstreamed there too,
or it will be lost on the next workflow sync.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>1 parent 1defa13 commit 02a6bc9
1 file changed
Lines changed: 1 addition & 0 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
80 | 80 | | |
81 | 81 | | |
82 | 82 | | |
| 83 | + | |
83 | 84 | | |
0 commit comments