rhertogh / yii2-security.txt
A Yii2 extension to serve .well-known/security.txt
Installs: 551
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Type:yii2-extension
Requires
- php: >=8.1.0
- yiisoft/yii2: ~2.0.49
Requires (Dev)
- ext-gnupg: *
- ext-xdebug: *
- codeception/codeception: ~5.1.2
- codeception/module-asserts: ~3.0.0
- codeception/module-yii2: ~1.1.10
- lcobucci/clock: ^3.0.0
- pear/crypt_gpg: ^1.6.9
- vlucas/phpdotenv: ~5.3
- yiisoft/yii2-apidoc: ~3.0.6
- yiisoft/yii2-coding-standards: ~2.0
- yiisoft/yii2-debug: ~2.1.18
Suggests
- ext-gnupg: *
- pear/crypt_gpg: ~1.6.9
This package is auto-updated.
Last update: 2024-11-19 19:32:41 UTC
README
A Yii2 extension to serve .well-known/security.txt
RFC 9116: A File Format to Aid in Security Vulnerability Disclosure.
You can view generated examples here.
📑 Contents
- Getting started
- Test Drive
- Documentation
- FAQ
- Versioning & Change Log
- Reporting Security issues
- Directory Structure
- Contributing
- Credits
- License
🐣 Getting started
Requirements:
- The minimum required PHP version is 8.1 (compatibility tested up till and including PHP 8.3).
- The minimum required Yii version is 2.0.49.
Installation:
The preferred way to install this extension is through composer.
composer require rhertogh/yii2-security.txt
Full installation and configuration details can be found in the docs under Installing Yii2 security.txt
🏎️ Test Drive
You can run a local preview instance using Docker:
docker run --rm -p 82:80 --name Yii2SecurityTxt ghcr.io/rhertogh/yii2-securitytxt:master
After the container is started you can access the sample server on localhost:82.
Hint: The port number on the host machine is specified by the first part of the
-pargument. This can be changed if desired (e.g.-p 88:80).
To access the CLI of the Docker container you can run:
docker container exec -it Yii2SecurityTxt bash
📖 Documentation
There are two main sections in the documentation:
- Usage Guide for using the Yii2SecurityTxt in your own project.
- Development Guide for contributing to the Yii2SecurityTxt.
🔮 FAQ
The FAQ can be found here.
📜 Versioning & Change Log
The Yii2 security.txt project follows Semantic Versioning 2.0
Please see the Change Log for more information on version history
and the Upgrading Instructions when upgrading to a newer version.
🔎 Reporting Security issues
In case you found a security issue please contact us directly DO NOT use the issue tracker or discuss it in public as it will cause more damage than help.
Please note that as a non-commercial OpenSource project we are not able to pay bounties.
📂 Directory Structure
docker/ Docker container definition
docs/ Documentation (for both usage and development)
sample/ Sample app for the server
src/ Yii2SecurityTxt source
tests/ Codeception unit and functional tests
🚀 Contributing
The Yii2SecurityTxt extension is Open Source. You can help by:
Thanks in advance for your contribution!
🎉 Credits
✒️ License
The Yii2SecurityTxt extension is free software. It is released under the terms of the Apache License.
Please see LICENSE.md for more information.