chore: Updated ci workflow

.github/workflows/composer-dependency-health.yml

@@ -12,30 +12,56 @@ jobs:
   dependency-check:
     runs-on: ubuntu-latest
 
+    env:
+      PHP_VERSION: '8.3'
+      COMPOSER_SETUP_VERSION: 'v2'
+      CHECKOUT_VERSION: 'v4'
+      SECURITY_CHECKER_VERSION: 'v5'
+      UPLOAD_ARTIFACT_VERSION: 'v3'
+
     steps:
-      - uses: actions/checkout@v4
+      - name: Checkout code
+        uses: actions/checkout@${{ env.CHECKOUT_VERSION }}
 
       - name: Setup PHP
-        uses: shivammathur/setup-php@v2
+        uses: shivammathur/setup-php@${{ env.COMPOSER_SETUP_VERSION }}
         with:
-          php-version: '8.3'
+          php-version: ${{ env.PHP_VERSION }}
           extensions: mbstring, xml, ctype, iconv, intl, pdo_sqlite, dom, filter, gd, iconv, json, mbstring, pdo
 
       - name: Install dependencies
         run: composer install --prefer-dist --no-progress --no-suggest
 
       - name: Check for outdated dependencies
-        run: composer outdated --direct --format=json > outdated.json || echo "{}" > outdated.json
+        run: composer outdated --direct --format=json || echo '{"installed":[]}' > outdated.json
 
       - name: Security Check
-        uses: symfonycorp/security-checker-action@v5
+        uses: symfonycorp/security-checker-action@${{ env.SECURITY_CHECKER_VERSION }}
         with:
           disable-exit-code: true
         continue-on-error: true
 
       - name: Process and Output Dependency Health Results
         if: always()
         run: |
+          if [ ! -f outdated.json ]; then
+            echo '{"installed":[]}' > outdated.json
+          fi
+
+          OUTDATED=$(jq '.installed | length' outdated.json)
+
+          if [ ! -f security-checker.json ]; then
+            VULNERABILITIES=0
+          else
+            VULNERABILITIES=$(jq 'length' security-checker.json)
+          fi
+
+          if [ "$OUTDATED" != "0" ] || [ "$VULNERABILITIES" != "0" ]; then
+            echo "status=issues_found" >> $GITHUB_OUTPUT
+          else
+            echo "status=healthy" >> $GITHUB_OUTPUT
+          fi
+
           echo "# Composer Dependency Health Report" >> $GITHUB_STEP_SUMMARY
           echo "## Outdated Packages:" >> $GITHUB_STEP_SUMMARY
           if [ "$OUTDATED" != "0" ]; then
@@ -45,19 +71,16 @@ jobs:
           fi
 
           echo "## Security Vulnerabilities:" >> $GITHUB_STEP_SUMMARY
-          if [ -f "${{ steps.security-check.outputs.logfile }}" ] && [ -s "${{ steps.security-check.outputs.logfile }}" ]; then
-            cat ${{ steps.security-check.outputs.logfile }} >> $GITHUB_STEP_SUMMARY
+          if [ -f security-checker.json ] && [ -s security-checker.json ]; then
+            jq -r '.[] | "- \(.message) in \(.file) on line \(.line)"' security-checker.json >> $GITHUB_STEP_SUMMARY
           else
             echo "No security vulnerabilities detected." >> $GITHUB_STEP_SUMMARY
           fi
 
-          echo "This report was automatically generated by the Composer Dependency Health Check workflow." >> $GITHUB_STEP_SUMMARY
-
-      - name: Check for Critical Issues
-        if: always()
-        run: |
-          VULNERABILITIES=$([ -f "${{ steps.security-check.outputs.logfile }}" ] && cat "${{ steps.security-check.outputs.logfile }}" | wc -l || echo "0")
-          OUTDATED=$(jq '.installed | length' outdated.json)
-          if [ "$VULNERABILITIES" != "0" ] || [ "$OUTDATED" != "0" ]; then
-            echo "::warning::Dependency issues detected. Please check the workflow summary for details."
-          fi
+      - name: Upload artifact
+        uses: actions/upload-artifact@${{ env.UPLOAD_ARTIFACT_VERSION }}
+        with:
+          name: composer-dependency-report
+          path: |
+            outdated.json
+            security-checker.json