lowerends / laravel-security-checker
The Symfony Security Advisories Checker for Laravel
Installs: 1 468
Dependents: 0
Suggesters: 0
Security: 0
Stars: 27
Watchers: 2
Forks: 2
Open Issues: 0
Requires
- php: >=5.5.9
- illuminate/support: 5.1.*
- sensiolabs/security-checker: 3.x
This package is not auto-updated.
Last update: 2024-04-13 15:39:25 UTC
README
This package makes it easy to integrate the Symfony Security Advisories Checker into your Laravel project. It exposes an artisan command to check against the Security Advisories Database.
Installation
Require this package with composer:
composer require lowerends/laravel-security-checker
Then, add the ServiceProvider to the providers array in config/app.php:
'providers' => [
...
'Lowerends\SecurityChecker\ServiceProvider',
Usage
You can now check your Laravel project for known security issues by running the following artisan command:
artisan security:check
A convenient way to use this command is to add it to the post-update scripts in your project's composer.json file (extracted from the default Laravel composer.json file):
...
"scripts": {
"post-install-cmd": [
"php artisan clear-compiled",
"php artisan optimize"
],
"pre-update-cmd": [
"php artisan clear-compiled"
],
"post-update-cmd": [
"php artisan optimize",
"php artisan security:check"
],
"post-root-package-install": [
"php -r \"copy('.env.example', '.env');\""
],
"post-create-project-cmd": [
"php artisan key:generate"
]
},
...
The output will tell you if there are known security issues and if so, list them in order for you to take the necessary actions.
License
The Laravel Security Checker is open-sourced software licensed under the MIT license.