This check works by comparing the composer.lock against an open vulnerability database. A clean check does not mean there are absolutely no security problems whatsoever.
This extension provides a way to automatically or manually check your installed vendor extensions and the Contao core against the open vulnerability database at FriendsOfPHP/security-advisories.
- Perform the check regularly.
- Get an E-Mail if the audit failed in any way. (Or always get an email if a check was performed. Your choice.)
- Start the check manually.
- Suppress notifications for manually started checks.
Note: A clean check does not imply that there are no security problems present, it just means that the test against the underlying database reveiled nothing.