eacg-gmbh / ecs-composer
Module for Composer allowing the transfer of package dependencies to ECS for further legal and vulnerability analysis. See https://ecs.eacg.de for a detailed service description.
Requires
- php: >=5.4
- composer/composer: ^1.4
- curl/curl: ^1.6
- league/climate: ^3.2
Requires (Dev)
- phpunit/phpunit: 5.2.*
This package is not auto-updated.
Last update: 2024-04-13 23:41:22 UTC
README
Composer module to transfer dependency information to TrustSource server (Open Source Compliance Solution). Find more information about TrustSource at https://www.trustsource.io
Requirements
- PHP >= 5.4
- composer/composer >= 1.4
- curl/curl >= 1.6
- league/climate >= 3.2
Installation
Run: composer require eacg-gmbh/ecs-composer
Add post-autoload-dump script to the composer.json file to transfer dependency information right after composer install, composer update or composer dumpautoload:
"scripts": {
"post-autoload-dump": [
"EacgGmbh\\ECSComposer\\Application::postAutoloadDump"
]
}
To store your credentials for automated transfer you may create .ecsrc.json in your project directory or in your home directory to set credentials globally (not recommended!)
.ecsrc.json example:
{
"userName": "UserName",
"apiKey": "apiKey",
"url": "url",
"project": "Project Description"
}
Usage
You also may initiate transfer to TrustSource server manually by executing following command via terminal:
./vendor/bin/ecs-composer
./vendor/bin/ecs-composer -u userName -k apiKey -p Project
./vendor/bin/ecs-composer -c config.json
Usage: ./bin/ecs-composer [-k apiKey, --apiKey apiKey] [-c config, --config config] [--help]
[-p project, --project project] [--url url] [-u userName, --userName userName] [-v, --version]
Optional Arguments:
-u userName, --userName userName
UserName
-k apiKey, --apiKey apiKey
apiKey
-p project, --project project
project name
--url url
url
-c config, --config config
config path
--help
Prints a usage statement
-v, --version
Prints a version