aleblanc/security-checker

A PHP security checker for your composer.lock with github/advisory-database

Maintainers

Details

github.com/aleblanc/security-checker

Source

Installs: 687

Dependents: 0

Suggesters: 0

Security: 0

Stars: 3

Watchers: 0

Forks: 115

v7.0.3 2022-03-15 10:15 UTC

Requires

MIT 3b56d34bf32e37aad7811cb96a432aa7574d9f50

  • Alexandre LEBLANC

This package is auto-updated.

Last update: 2024-10-28 21:19:38 UTC

README

Use Github advisory database for perform a Symfony security check.

Installation / use :

composer require aleblanc/security-checker --dev
php vendor/aleblanc/security-checker/security-checker security:check

Perform a security scan with Github Actions / Github CI from Github advisory database

  api_security_checker_github:
    name: Github Advisory Security checker (PHP ${{ matrix.php }})
    runs-on: ubuntu-latest
    timeout-minutes: 20
    strategy:
      matrix:
        php:
          - '8.1'
      fail-fast: false
    steps:
      - name: Checkout
        uses: actions/checkout@v3
        with:
          token: "${{ secrets.GITHUB_TOKEN }}"
      - name: Setup PHP
        uses: shivammathur/setup-php@v2
        with:
          php-version: ${{ matrix.php }}
          extensions: intl, bcmath, curl, openssl, mbstring, zip
          ini-values: memory_limit=-1
          tools: pecl, composer
          coverage: none
      - run: composer require aleblanc/security-checker --dev
      - run: php vendor/aleblanc/security-checker/security-checker security:check

Fork from https://github.com/sensiolabs/security-checker