From a5ced62ebe460127dd553fa76ebe96f997d25291 Mon Sep 17 00:00:00 2001
From: Jonathan Miller <jmiller@noreply.git.mokoconsulting.tech>
Date: Wed, 20 May 2026 00:52:41 +0000
Subject: [PATCH] feat(ci): add Joomla version audit to security-audit workflow

Authored-by: Moko Consulting
---
 .gitea/workflows/security-audit.yml | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/.gitea/workflows/security-audit.yml b/.gitea/workflows/security-audit.yml
index 789325a..f316b90 100644
--- a/.gitea/workflows/security-audit.yml
+++ b/.gitea/workflows/security-audit.yml
@@ -80,3 +80,19 @@ jobs:
             -H "Priority: high" \
             -d "Security audit found vulnerabilities. Review dependency updates." \
             "${NTFY_URL}/${NTFY_TOPIC}" || true
+
+
+      - name: Joomla version audit
+        if: always()
+        run: |
+          if [ -f "monitoring/joomla-version-audit.php" ] && [ -n "$JOOMLA_SITES" ]; then
+            echo "$JOOMLA_SITES" > /tmp/sites.json
+            php monitoring/joomla-version-audit.php --sites /tmp/sites.json || true
+            echo "### Joomla Version Audit" >> $GITHUB_STEP_SUMMARY
+            rm -f /tmp/sites.json
+          else
+            echo "Joomla audit skipped (no script or JOOMLA_SITES_JSON not configured)"
+          fi
+        env:
+          JOOMLA_SITES: ${{ vars.JOOMLA_SITES_JSON }}
+