This package is abandoned and no longer maintained. No replacement package was suggested.

Security Checker Phing Task

v0.4.0 2019-03-04 20:49 UTC


A Phing task for interacting with the SensioLabs Security Advisories Checker to check if your application uses dependencies with known security vulnerabilities.

Build Status Coverage Status


The preferred way of installing bitexpert/phing-securitychecker is through Composer. Add bitexpert/phing-securitychecker as a dependency to composer.json:

composer.phar require --dev bitexpert/phing-securitychecker


Import the default build.xml to let Phing know about the Security Checker task:

    <import file="vendor/bitexpert/phing-securitychecker/build.xml" />

If you imported the default build.xml, you are able to define the lock file path as well the as the webservice endpoint by defining two properties in your main build.xml file:

    <property name="securitychecker.lockfile" value="composer.lock" />
    <property name="securitychecker.endpoint" value="" />

Or define the securitychecker task on your own:

     <taskdef name="securitychecker" classname="bitExpert\Phing\SecurityChecker\SecurityCheckerTask" />

Call the task from your build target:

    <securitychecker lockfile="composer.lock" />


phing-securitychecker is released under the Apache 2.0 license.