rolebi/composer-dependencies-security-checker

This package is abandoned and no longer maintained. No replacement package was suggested.

A composer script that use Sensio Labs Security advisories checker API to check known vulnerabilities of your dependencies whenever you update and/or install them using composer.

v1.0.0 2013-11-29 16:24 UTC

This package is not auto-updated.

Last update: 2020-04-03 16:08:42 UTC


README

Build Status Code Coverage Scrutinizer Quality Score

!!! DEPRECATED in favor of https://github.com/sensiolabs/security-checker !!!

What is Dependencies security checker for composer ?

A composer script that use Sensio Labs Security advisories checker API to check known vulnerabilities of your dependencies whenever you update and/or install them using composer.

More informations about Sensio Labs Security advisories checker at https://security.sensiolabs.org/

Installation

Add those lines in your composer.json

"require" : {
    "rolebi/composer-dependencies-security-checker": "dev-master"
}
"scripts" : {
    "post-update-cmd" : [
        "Rolebi\\ComposerDependenciesSecurityChecker\\ScriptHandler::checkForSecurityIssues"
    ],
    "post-install-cmd" : [
        "Rolebi\\ComposerDependenciesSecurityChecker\\ScriptHandler::checkForSecurityIssues"
    ],
}

Configuration

If you don't want to trigger an error when vulnerabilities are found, just add those lines in you composer.json:

"extra" : {
    "rolebi-dependencies-security-checker" : {
        "error-on-vulnerabilities" : false
    }
}

If you want to ignore vulnerabilities for certain packages, just add those lines in you composer.json:

"extra" : {
    "rolebi-dependencies-security-checker" : {
        "ignored-packages" : [ "your/package_name" ]
    }
}

Run Tests

php composer.phar install --dev; vendor/bin/phpunit