alfred-nutile-inc/larscanner

There is no license information available for the latest version (v1.0.1) of this package.

misc tools to scan apps after being deployed

v1.0.1 2018-03-06 20:11 UTC

This package is not auto-updated.

Last update: 2024-12-15 08:32:54 UTC


README

Latest Version on Packagist Build Status Coverage Status Quality Score Total Downloads Software License

Tons more to do this just one tool

Installation

composer require alfred-nutile-inc/larscanner:dev-master

Add to config/app.php

 AlfredNutileInc\LarScanner\Providers\LarScannerProvider::class

SensioLabs Composer Checker

by https://github.com/sensiolabs/security-checker

Make sure to add to your env

SECURITY_NOTICE_SLACK_URL=https://room_to_slack

Then add to app/Console/Kernel.php

        $schedule->command('larscanner:sensio')->daily()
        ->appendOutputTo('/tmp/security_issues.log')
        ->emailOutputTo('some@email.com');

The output is optional. By default it will send it to slack.

You can turn slack off if needed by (todo)

Testing

$ composer test

Contributing

Please see CONTRIBUTING and CONDUCT for details.

TODO

  • Allow slack to be turned off

Roadmap

  • Can we scan our code? Something like http://brakemanscanner.org/

  • What other well known libraries are there?

  • Some good links phparch nov 2016 good article with links to a number of services and php tools

  • can we find laravel vulnerabilities and scan our site nightly

  • use behat to try and break into our sites?