From cc14a0d3ff6edf734078b24061268eab16d9b4e5 Mon Sep 17 00:00:00 2001
From: Valentinas Bakaitis
 <88299840+ls-valentinas-bakaitis@users.noreply.github.com>
Date: Wed, 14 May 2025 15:14:10 +1200
Subject: [PATCH 1/2] Create code-security-analysis-psalm.yml

---
 .github/workflows/code-security-analysis-psalm.yml | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 .github/workflows/code-security-analysis-psalm.yml

diff --git a/.github/workflows/code-security-analysis-psalm.yml b/.github/workflows/code-security-analysis-psalm.yml
new file mode 100644
index 0000000..7f312ab
--- /dev/null
+++ b/.github/workflows/code-security-analysis-psalm.yml
@@ -0,0 +1,11 @@
+name: Static Code Security Analysis (Psalm)
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+
+jobs:
+  analyze:
+    uses: lightspeed-security/code-scanning-workflows/.github/workflows/psalm-php.yml@reusable-psalm-workflow

From f2081c517b3cb91c39bb5afc34474d4a95964581 Mon Sep 17 00:00:00 2001
From: Valentinas Bakaitis
 <88299840+ls-valentinas-bakaitis@users.noreply.github.com>
Date: Wed, 14 May 2025 15:15:05 +1200
Subject: [PATCH 2/2] Update code-security-analysis-psalm.yml

---
 .../workflows/code-security-analysis-psalm.yml  | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/code-security-analysis-psalm.yml b/.github/workflows/code-security-analysis-psalm.yml
index 7f312ab..ea143ee 100644
--- a/.github/workflows/code-security-analysis-psalm.yml
+++ b/.github/workflows/code-security-analysis-psalm.yml
@@ -7,5 +7,18 @@ on:
     branches: [ master ]
 
 jobs:
-  analyze:
-    uses: lightspeed-security/code-scanning-workflows/.github/workflows/psalm-php.yml@reusable-psalm-workflow
+  psalm:
+    name: Psalm
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+      - name: Psalm
+        uses: docker://ghcr.io/psalm/psalm-github-actions:6.10.3
+        with:
+          security_analysis: true
+          report_file: results.sarif
+      - name: Upload Security Analysis results to GitHub
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: results.sarif