feat(build): added a workflow to find ununsed dependencies (#46)

* feat(build): added a workflow to find ununsed dependencies

* fix(build): removed invalid arg and also installed the deps

* fix(deps): removed the ext-mbstring unused dependency

* fix(dev): added convenience scripts for running the dependency analysis

Author: mridang

.github/workflows/pipeline.yml

@@ -72,6 +72,13 @@ jobs:
       ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.ref }}
     secrets: inherit
 
+  check-deps:
+    name: Run Dependency Checks
+    uses: ./.github/workflows/unused.yml
+    with:
+      ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.ref }}
+    secrets: inherit
+
   all-passed:
     name: Check Build Status
     runs-on: ubuntu-latest
@@ -84,6 +91,7 @@ jobs:
       - run-tests
       - code-inspection
       - build-docker
+      - check-deps
     steps:
       - name: Harden runner
         uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0

.github/workflows/unused.yml

@@ -0,0 +1,36 @@
+name: Dependencies
+
+on:
+  workflow_call:
+    inputs:
+      ref:
+        required: true
+        type: string
+
+permissions:
+  contents: read
+
+jobs:
+  lint-dependencies:
+    permissions:
+      contents: read
+      pull-requests: read
+    runs-on: ubuntu-latest
+    name: Lint Dependencies
+
+    steps:
+      - name: Harden runner
+        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        with:
+          egress-policy: audit
+
+      - name: Checkout code
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          ref: ${{ inputs.ref }}
+
+      - name: Install Dependencies
+        run: composer install --no-progress --no-interaction --prefer-dist --optimize-autoloader
+
+      - name: Inspect Dependencies
+        uses: mridang/action-dependency-insight@v1

composer.json

@@ -23,7 +23,6 @@
         "php": "^8.",
         "ext-curl": "*",
         "ext-json": "*",
-        "ext-mbstring": "*",
         "guzzlehttp/guzzle": "^7.3",
         "guzzlehttp/psr7": "^1.7 || ^2.0",
         "firebase/php-jwt": "^6.10.0",
@@ -40,7 +39,8 @@
         "vlucas/phpdotenv": "^5.6",
         "rector/rector": "^2.0",
         "phpstan/phpstan": "^2.1",
-        "phpdocumentor/phpdocumentor": "^3.7"
+        "phpdocumentor/phpdocumentor": "^3.7",
+        "icanhazstring/composer-unused": "^0.9.3"
     },
     "autoload": {
         "psr-4": {
@@ -65,12 +65,13 @@
         "rector": "rector process",
         "phpstan": "phpstan analyse --memory-limit=-1",
         "format": "php-cs-fixer fix",
-        "docgen": "phpdoc --config=phpdoc.xml"
+        "docgen": "phpdoc --config=phpdoc.xml",
+        "depcheck": "composer-unused"
     },
     "config": {
         "allow-plugins": {
             "php-http/discovery": true
         },
         "process-timeout": 600
     }
-}
+}