rolebi / composer-dependencies-security-checker
A composer script that use Sensio Labs Security advisories checker API to check known vulnerabilities of your dependencies whenever you update and/or install them using composer.
Installs: 7 105
Dependents: 0
Suggesters: 0
Security: 0
Stars: 4
Watchers: 3
Forks: 0
Open Issues: 0
Requires
- php: >=5.3.3
- sensiolabs/security-checker: 1.3.*@dev
Requires (Dev)
- composer/composer: 1.0.*@dev
- phpunit/phpunit: 3.7.*
This package is not auto-updated.
Last update: 2020-04-03 16:08:42 UTC
README
!!! DEPRECATED in favor of https://github.com/sensiolabs/security-checker !!!
What is Dependencies security checker for composer ?
A composer script that use Sensio Labs Security advisories checker API to check known vulnerabilities of your dependencies whenever you update and/or install them using composer.
More informations about Sensio Labs Security advisories checker at https://security.sensiolabs.org/
Installation
Add those lines in your composer.json
"require" : { "rolebi/composer-dependencies-security-checker": "dev-master" }
"scripts" : { "post-update-cmd" : [ "Rolebi\\ComposerDependenciesSecurityChecker\\ScriptHandler::checkForSecurityIssues" ], "post-install-cmd" : [ "Rolebi\\ComposerDependenciesSecurityChecker\\ScriptHandler::checkForSecurityIssues" ], }
Configuration
If you don't want to trigger an error when vulnerabilities are found, just add those lines in you composer.json:
"extra" : { "rolebi-dependencies-security-checker" : { "error-on-vulnerabilities" : false } }
If you want to ignore vulnerabilities for certain packages, just add those lines in you composer.json:
"extra" : { "rolebi-dependencies-security-checker" : { "ignored-packages" : [ "your/package_name" ] } }
Run Tests
php composer.phar install --dev; vendor/bin/phpunit