Enhancement: Run GitHub Actions analysis with zizmor
#673
integrate.yaml
on: pull_request
GitHub Actions Analysis
11s
Matrix: Backward-Compatibility Analysis
Matrix: Code Coverage
Matrix: Coding Standards
Matrix: Dependency Analysis
Matrix: Mutation Tests
Matrix: Refactoring
Matrix: Security Analysis
Matrix: Static Code Analysis
Matrix: Tests
Annotations
17 errors and 27 warnings
|
GitHub Actions Analysis
Process completed with exit code 14.
|
|
dangerous-triggers:
workflows/triage.yaml#L5
triage.yaml:5: use of fundamentally insecure workflow trigger: pull_request_target is almost always used insecurely
|
|
bot-conditions:
workflows/merge.yaml#L23
merge.yaml:23: spoofable bot actor check: actor context may be spoofable
|
|
dangerous-triggers:
workflows/merge.yaml#L5
merge.yaml:5: use of fundamentally insecure workflow trigger: workflow_run is almost always used insecurely
|
|
Tests (8.1, lowest)
Process completed with exit code 2.
|
|
Tests (8.1, lowest)
Your requirements could not be resolved to an installable set of packages.
Problem 1
- Root composer.json requires infection/infection ~0.27.11 -> satisfiable by infection/infection[0.27.11].
- Root composer.json requires roave/backward-compatibility-check ^8.6.0 -> satisfiable by roave/backward-compatibility-check[8.6.0, ..., 8.21.0].
- composer/composer 2.9.8 requires justinrainbow/json-schema ^6.5.1 -> satisfiable by justinrainbow/json-schema[6.5.1, ..., 6.8.2].
- infection/infection 0.27.11 requires justinrainbow/json-schema ^5.2.10 -> satisfiable by justinrainbow/json-schema[5.2.10, ..., 5.3.4].
- roave/backward-compatibility-check[8.7.0, ..., 8.11.0] require php ~8.2.0 || ~8.3.0 -> your php version (8.1.34) does not satisfy that requirement.
- roave/backward-compatibility-check[8.12.0, ..., 8.14.0] require php ~8.2.0 || ~8.3.0 || ~8.4.0 -> your php version (8.1.34) does not satisfy that requirement.
- roave/backward-compatibility-check 8.15.0 requires php ~8.3.0 || ~8.4.0 -> your php version (8.1.34) does not satisfy that requirement.
- roave/backward-compatibility-check[8.16.0, ..., 8.19.0] require php ~8.3.0 || ~8.4.0 || ~8.5.0 -> your php version (8.1.34) does not satisfy that requirement.
- roave/backward-compatibility-check[8.20.0, ..., 8.21.0] require php ~8.4.0 || ~8.5.0 -> your php version (8.1.34) does not satisfy that requirement.
- roave/backward-compatibility-check 8.6.0 requires composer/composer ^2.6.4 -> satisfiable by composer/composer[2.9.8].
- Conclusion: don't install justinrainbow/json-schema 5.2.10 (conflict analysis result)
- Conclusion: don't install justinrainbow/json-schema 5.2.12 (conflict analysis result)
- You can only install one version of a package, so only one of these can be installed: justinrainbow/json-schema[5.2.10, ..., 5.3.4, 6.0.0, ..., 6.8.2].
Use the option --with-all-dependencies (-W) to allow upgrades, downgrades and removals for packages currently locked to specific versions.
|
|
Tests (8.3, lowest)
Process completed with exit code 2.
|
|
Tests (8.3, lowest)
Your requirements could not be resolved to an installable set of packages.
Problem 1
- Root composer.json requires ergebnis/composer-normalize ^2.48.2 -> satisfiable by ergebnis/composer-normalize[2.48.2, ..., 2.52.0].
- Root composer.json requires infection/infection ~0.27.11 -> satisfiable by infection/infection[0.27.11].
- Root composer.json requires roave/backward-compatibility-check ^8.6.0 -> satisfiable by roave/backward-compatibility-check[8.6.0, ..., 8.21.0].
- composer/composer 2.9.8 requires justinrainbow/json-schema ^6.5.1 -> satisfiable by justinrainbow/json-schema[6.5.1, ..., 6.8.2].
- infection/infection 0.27.11 requires justinrainbow/json-schema ^5.2.10 -> satisfiable by justinrainbow/json-schema[5.2.10, ..., 5.3.4].
- Conclusion: don't install justinrainbow/json-schema 5.2.10 (conflict analysis result)
- Conclusion: don't install one of composer/composer[2.9.8], justinrainbow/json-schema[5.2.12] (conflict analysis result)
- Conclusion: install composer/composer 2.9.8 (conflict analysis result)
- You can only install one version of a package, so only one of these can be installed: justinrainbow/json-schema[5.2.10, ..., 5.3.4, 6.0.0, ..., 6.8.2].
Use the option --with-all-dependencies (-W) to allow upgrades, downgrades and removals for packages currently locked to specific versions.
|
|
Tests (8.2, lowest)
Process completed with exit code 2.
|
|
Tests (8.2, lowest)
Your requirements could not be resolved to an installable set of packages.
Problem 1
- Root composer.json requires ergebnis/composer-normalize ^2.48.2 -> satisfiable by ergebnis/composer-normalize[2.48.2, ..., 2.52.0].
- Root composer.json requires infection/infection ~0.27.11 -> satisfiable by infection/infection[0.27.11].
- Root composer.json requires roave/backward-compatibility-check ^8.6.0 -> satisfiable by roave/backward-compatibility-check[8.6.0, ..., 8.21.0].
- composer/composer 2.9.8 requires justinrainbow/json-schema ^6.5.1 -> satisfiable by justinrainbow/json-schema[6.5.1, ..., 6.8.2].
- infection/infection 0.27.11 requires justinrainbow/json-schema ^5.2.10 -> satisfiable by justinrainbow/json-schema[5.2.10, ..., 5.3.4].
- Conclusion: don't install justinrainbow/json-schema 5.2.10 (conflict analysis result)
- Conclusion: don't install one of composer/composer[2.9.8], justinrainbow/json-schema[5.2.12] (conflict analysis result)
- Conclusion: install composer/composer 2.9.8 (conflict analysis result)
- You can only install one version of a package, so only one of these can be installed: justinrainbow/json-schema[5.2.10, ..., 5.3.4, 6.0.0, ..., 6.8.2].
Use the option --with-all-dependencies (-W) to allow upgrades, downgrades and removals for packages currently locked to specific versions.
|
|
Security Analysis (8.1, locked)
Process completed with exit code 1.
|
|
Tests (8.3, highest)
Process completed with exit code 2.
|
|
Tests (8.3, highest)
Your requirements could not be resolved to an installable set of packages.
Problem 1
- Root composer.json requires infection/infection ~0.27.11 -> satisfiable by infection/infection[0.27.11].
- Root composer.json requires roave/backward-compatibility-check ^8.6.0 -> satisfiable by roave/backward-compatibility-check[8.6.0, ..., 8.21.0].
- Root composer.json requires vimeo/psalm ^5.26.1 -> satisfiable by vimeo/psalm[5.26.1].
- composer/composer 2.9.8 requires justinrainbow/json-schema ^6.5.1 -> satisfiable by justinrainbow/json-schema[6.5.1, ..., 6.8.2].
- infection/infection 0.27.11 requires justinrainbow/json-schema ^5.2.10 -> satisfiable by justinrainbow/json-schema[5.2.10, ..., 5.3.4].
- Conclusion: don't install justinrainbow/json-schema 6.8.2 (conflict analysis result)
- Conclusion: install composer/composer 2.9.8 (conflict analysis result)
- You can only install one version of a package, so only one of these can be installed: justinrainbow/json-schema[5.2.12, ..., 5.3.4, 6.0.0, ..., 6.8.2].
Use the option --with-all-dependencies (-W) to allow upgrades, downgrades and removals for packages currently locked to specific versions.
|
|
Tests (8.2, highest)
Process completed with exit code 2.
|
|
Tests (8.2, highest)
Your requirements could not be resolved to an installable set of packages.
Problem 1
- Root composer.json requires infection/infection ~0.27.11 -> satisfiable by infection/infection[0.27.11].
- Root composer.json requires roave/backward-compatibility-check ^8.6.0 -> satisfiable by roave/backward-compatibility-check[8.6.0, ..., 8.21.0].
- Root composer.json requires vimeo/psalm ^5.26.1 -> satisfiable by vimeo/psalm[5.26.1].
- composer/composer 2.9.8 requires justinrainbow/json-schema ^6.5.1 -> satisfiable by justinrainbow/json-schema[6.5.1, ..., 6.8.2].
- infection/infection 0.27.11 requires justinrainbow/json-schema ^5.2.10 -> satisfiable by justinrainbow/json-schema[5.2.10, ..., 5.3.4].
- Conclusion: don't install justinrainbow/json-schema 6.8.2 (conflict analysis result)
- Conclusion: install composer/composer 2.9.8 (conflict analysis result)
- You can only install one version of a package, so only one of these can be installed: justinrainbow/json-schema[5.2.12, ..., 5.3.4, 6.0.0, ..., 6.8.2].
Use the option --with-all-dependencies (-W) to allow upgrades, downgrades and removals for packages currently locked to specific versions.
|
|
Tests (8.1, highest)
Process completed with exit code 2.
|
|
Tests (8.1, highest)
Your requirements could not be resolved to an installable set of packages.
Problem 1
- Root composer.json requires infection/infection ~0.27.11 -> satisfiable by infection/infection[0.27.11].
- Root composer.json requires roave/backward-compatibility-check ^8.6.0 -> satisfiable by roave/backward-compatibility-check[8.6.0, ..., 8.21.0].
- composer/composer 2.9.8 requires justinrainbow/json-schema ^6.5.1 -> satisfiable by justinrainbow/json-schema[6.5.1, ..., 6.8.2].
- infection/infection 0.27.11 requires justinrainbow/json-schema ^5.2.10 -> satisfiable by justinrainbow/json-schema[5.2.10, ..., 5.3.4].
- roave/backward-compatibility-check[8.7.0, ..., 8.11.0] require php ~8.2.0 || ~8.3.0 -> your php version (8.1.34) does not satisfy that requirement.
- roave/backward-compatibility-check[8.12.0, ..., 8.14.0] require php ~8.2.0 || ~8.3.0 || ~8.4.0 -> your php version (8.1.34) does not satisfy that requirement.
- roave/backward-compatibility-check 8.15.0 requires php ~8.3.0 || ~8.4.0 -> your php version (8.1.34) does not satisfy that requirement.
- roave/backward-compatibility-check[8.16.0, ..., 8.19.0] require php ~8.3.0 || ~8.4.0 || ~8.5.0 -> your php version (8.1.34) does not satisfy that requirement.
- roave/backward-compatibility-check[8.20.0, ..., 8.21.0] require php ~8.4.0 || ~8.5.0 -> your php version (8.1.34) does not satisfy that requirement.
- roave/backward-compatibility-check 8.6.0 requires composer/composer ^2.6.4 -> satisfiable by composer/composer[2.9.8].
- Conclusion: don't install justinrainbow/json-schema 6.8.2 (conflict analysis result)
- You can only install one version of a package, so only one of these can be installed: justinrainbow/json-schema[5.2.12, ..., 5.3.4, 6.0.0, ..., 6.8.2].
Use the option --with-all-dependencies (-W) to allow upgrades, downgrades and removals for packages currently locked to specific versions.
|
|
artipacked:
workflows/integrate.yaml#L447
integrate.yaml:447: credential persistence through GitHub Actions artifacts: does not set persist-credentials: false
|
|
artipacked:
workflows/integrate.yaml#L397
integrate.yaml:397: credential persistence through GitHub Actions artifacts: does not set persist-credentials: false
|
|
artipacked:
workflows/integrate.yaml#L338
integrate.yaml:338: credential persistence through GitHub Actions artifacts: does not set persist-credentials: false
|
|
artipacked:
workflows/integrate.yaml#L286
integrate.yaml:286: credential persistence through GitHub Actions artifacts: does not set persist-credentials: false
|
|
artipacked:
workflows/integrate.yaml#L210
integrate.yaml:210: credential persistence through GitHub Actions artifacts: does not set persist-credentials: false
|
|
artipacked:
workflows/integrate.yaml#L141
integrate.yaml:141: credential persistence through GitHub Actions artifacts: does not set persist-credentials: false
|
|
artipacked:
workflows/integrate.yaml#L80
integrate.yaml:80: credential persistence through GitHub Actions artifacts: does not set persist-credentials: false
|
|
artipacked:
workflows/integrate.yaml#L28
integrate.yaml:28: credential persistence through GitHub Actions artifacts: does not set persist-credentials: false
|
|
dependabot-cooldown:
dependabot.yaml#L27
dependabot.yaml:27: insufficient cooldown in Dependabot updates: missing cooldown configuration
|
|
dependabot-cooldown:
dependabot.yaml#L15
dependabot.yaml:15: insufficient cooldown in Dependabot updates: missing cooldown configuration
|
|
Tests (8.1, lowest)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
|
|
Tests (8.3, lowest)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
|
|
Coding Standards (8.1, locked)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
|
|
Tests (8.2, lowest)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
|
|
Refactoring (8.1, locked)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
|
|
Security Analysis (8.1, locked)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
|
|
Tests (8.3, highest)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
|
|
Tests (8.2, locked)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
|
|
Tests (8.2, highest)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
|
|
Tests (8.1, highest)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
|
|
Backward-Compatibility Analysis (8.1, locked)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
|
|
Tests (8.3, locked)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
|
|
Dependency Analysis (8.1, locked)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/cache@v4.2.4, shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
|
|
Tests (8.1, locked)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
|
|
Static Code Analysis (8.1, locked)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
|
|
Code Coverage (8.1, locked)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea, shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
|
|
Mutation Tests (8.1, locked)
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: shivammathur/setup-php@44454db4f0199b8b9685a5d763dc37cbf79108e1. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
|