ci: fix and upgrade workflow

Author: DannyvdSluijs

.github/workflows/main.yml

@@ -52,17 +52,6 @@ jobs:
           extensions: dom, libxml, mbstring, intl, xml, fileinfo, zip
           coverage: xdebug
 
-      - name: Get composer cache directory
-        id: composer-cache
-        run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
-
-      - name: Cache dependencies
-        uses: actions/cache@v4
-        with:
-          path: ${{ steps.composer-cache.outputs.dir }}
-          key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.json') }}
-          restore-keys: ${{ runner.os }}-composer-
-
       - name: Install dependencies
         run: composer install --prefer-dist --no-ansi --no-interaction --no-progress --optimize-autoloader
 
@@ -79,6 +68,7 @@ jobs:
         continue-on-error: ${{ matrix.allow_fail }}
 
       - name: Check for vulnerabilities
+        if: ${{ contains(matrix.composer_update_flags, '--prefer-lowest') == false }}
         run: composer security-checker
         continue-on-error: ${{ matrix.allow_fail }}
 

composer.json

@@ -49,7 +49,7 @@
         }
     },
     "scripts": {
-        "security-checker": "security-checker security:check"
+        "security-checker": "security-checker security:check --no-dev"
     },
     "scripts-descriptions": {
         "security-checker": "Checks if your application uses dependencies with known security vulnerabilities."