feat(workflows): Ajoute tests et revue dépendances

.github/workflows/install-deps.yml

@@ -117,3 +117,32 @@ jobs:
               uses: symfonycorp/security-checker-action@v5
               with:
                   lock: composer.lock
+
+            - name: Run PHPUnit Tests
+              run: php vendor/bin/phpunit --coverage-text
+
+            - name: SonarQube Scan
+              if: github.event_name == 'push' && github.ref == 'refs/heads/master'
+              uses: SonarSource/sonarqube-scan-action@master
+              env:
+                  SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+                  SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
+    # =================================================================
+    # JOB 3: DEPENDENCY REVIEW - Analyse les dépendances
+    # =================================================================
+    dependency-review:
+        name: '🛡️ Dependency Review'
+        runs-on: ubuntu-latest
+        steps:
+            - name: 'Checkout Repository'
+              uses: actions/checkout@v4
+              with:
+                  fetch-depth: 0
+
+            - name: 'Run Dependency Review'
+              uses: actions/dependency-review-action@v4
+              with:
+                  license-check: true
+                  base-ref: ${{ github.event_name == 'push' && github.event.before || github.event.pull_request.base.sha }}
+                  head-ref: ${{ github.event_name == 'push' && github.sha || github.event.pull_request.head.sha }}
+