diff --git a/.github/workflows/psalm-analysis.yml b/.github/workflows/psalm-analysis.yml
new file mode 100644
index 00000000..9326a948
--- /dev/null
+++ b/.github/workflows/psalm-analysis.yml
@@ -0,0 +1,18 @@
+name: Psalm Analysis
+
+on:
+ pull_request:
+ push:
+
+jobs:
+ psalm:
+ name: Psalm
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v2
+ - name: Psalm
+ uses: docker://ghcr.io/nextcloud/all-in-one-psalm
+ with:
+ composer_ignore_platform_reqs: false
+ relative_dir: php
diff --git a/.github/workflows/psalm-security.yml b/.github/workflows/psalm-security.yml
new file mode 100644
index 00000000..6ea2ebda
--- /dev/null
+++ b/.github/workflows/psalm-security.yml
@@ -0,0 +1,25 @@
+name: Psalm Security Analysis
+
+on:
+ push:
+ branches:
+ - main
+
+jobs:
+ psalm:
+ name: Psalm
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v2
+ - name: Psalm
+ uses: docker://ghcr.io/nextcloud/all-in-one-psalm
+ with:
+ relative_dir: php
+ security_analysis: true
+ composer_ignore_platform_reqs: false
+ report_file: results.sarif
+ - name: Upload Security Analysis results to GitHub
+ uses: github/codeql-action/upload-sarif@v1
+ with:
+ sarif_file: results.sarif
diff --git a/php/psalm-baseline.xml b/php/psalm-baseline.xml
new file mode 100644
index 00000000..283b7a39
--- /dev/null
+++ b/php/psalm-baseline.xml
@@ -0,0 +1,3 @@
+
+
+
\ No newline at end of file
diff --git a/php/psalm.xml b/php/psalm.xml
new file mode 100644
index 00000000..49c40fd4
--- /dev/null
+++ b/php/psalm.xml
@@ -0,0 +1,15 @@
+
+
+
+
+
+
+
+