update pr request #53

	name: EasyAudit – scan

	on:
	push:
	pull_request:
	workflow_dispatch:
	inputs:
	format:
	description: "Output format for the scan"
	required: true
	type: choice
	options:
	- sarif
	- json
	- html
	default: sarif

	permissions:
	contents: read
	security-events: write

	jobs:
	scan:
	runs-on: ubuntu-latest
	container:
	image: ghcr.io/crealoz/easyaudit:latest

	env:
	SCAN_FORMAT: ${{ inputs.format \|\| 'sarif' }}

	steps:
	- uses: actions/checkout@v6

	- name: Run EasyAudit
	run: \|
	mkdir -p report
	easyaudit scan \
	--format=$SCAN_FORMAT \
	--output=report/easyaudit-report.$SCAN_FORMAT \
	"$GITHUB_WORKSPACE" \
	--exclude="vendor,generated,var,pub/static,pub/media"

	- name: Upload SARIF
	if: env.SCAN_FORMAT == 'sarif' && (success() \|\| failure())
	uses: github/codeql-action/upload-sarif@v4
	continue-on-error: true # Fails on private repos without GitHub Advanced Security
	with:
	sarif_file: report/easyaudit-report.sarif

	- name: Upload report artifact
	if: always()
	uses: actions/upload-artifact@v4
	with:
	name: easyaudit-report
	path: report/easyaudit-report.${{ env.SCAN_FORMAT }}

Provide feedback