2017 © Pedro Peláez
 

silverstripe-vendormodule silverstripe-composer-security-checker

Provides information if your SilverStripe application uses dependencies with known vulnerabilities.

image

bringyourownideas/silverstripe-composer-security-checker

Provides information if your SilverStripe application uses dependencies with known vulnerabilities.

  • Wednesday, June 27, 2018
  • by robbieaverill
  • Repository
  • 2 Watchers
  • 4 Stars
  • 884 Installations
  • PHP
  • 2 Dependents
  • 1 Suggesters
  • 3 Forks
  • 1 Open issues
  • 20 Versions
  • 12529 % Grown

The README.md

SilverStripe Security Checker

WARNING: As of January 2021, this module no longer works because the underlying service has been shut down (see announcement and discussion)., (*1)

NOTE: This module is no longer commercially supported in Silverstripe CMS 5 and it does not provide a CMS5-compatible version., (*2)

Build Status Scrutinizer Code Quality codecov, (*3)

Adds a task which runs a check if any of the dependencies has known security vulnerabilities. It uses the SensioLabs Security Check Web service and the Security Advisories Database., (*4)

BSD 3-clause License, (*5)

Requirements

  • SilverStripe Framework ^4
  • SilverStripe QueuedJobs ^4

Suggested Module

This module will automatically amend the SiteSummary report provided by the SilverStripe Maintenance module, adding alerts if security updates are present for installed modules., (*6)

Installation

The following installation commands includes schedulding a queuedjob to populate the data. Run the following command to install this package as a development dependency:, (*7)

composer require bringyourownideas/silverstripe-composer-security-checker 2.x-dev

vendor/bin/sake dev/build
vendor/bin/sake dev/tasks/ProcessJobQueueTask

Usage

The information gets updated via a BuildTask, which in turn can be run via a queuedjob. You will need to set up a scheduled process (e.g. cron) to run either the buildtask directly, or the task to process the queuedjobs queue in order to refresh the information., (*8)

Use the information is stored in the SecurityAlert object, and can be consumed as needed. Please be careful how you expose this information. If the SilverStripe Maintenance module is present, a relationship will be connected between Package and SecurityAlert., (*9)

Documentation

Please see the user guide section of the SilverStripe Maintenance module., (*10)

The Versions

27/06 2018

dev-master

9999999-dev https://github.com/bringyourownideas/silverstripe-composer-security-checker

Provides information if your SilverStripe application uses dependencies with known vulnerabilities.

  Sources   Download

BSD-3-Clause

The Requires

 

The Development Requires

composer security silverstripe environment vulnerabilities updates

27/06 2018

2.0.x-dev

2.0.9999999.9999999-dev https://github.com/bringyourownideas/silverstripe-composer-security-checker

Provides information if your SilverStripe application uses dependencies with known vulnerabilities.

  Sources   Download

BSD-3-Clause

The Requires

 

The Development Requires

composer security silverstripe environment vulnerabilities updates

27/06 2018

1.x-dev

1.9999999.9999999.9999999-dev https://github.com/bringyourownideas/silverstripe-composer-security-checker

Provides information if your SilverStripe application uses dependencies with known vulnerabilities.

  Sources   Download

BSD-3-Clause

The Requires

 

composer security silverstripe environment vulnerabilities updates

25/06 2018

1.0.0

1.0.0.0 https://github.com/bringyourownideas/silverstripe-composer-security-checker

Provides information if your SilverStripe application uses dependencies with known vulnerabilities.

  Sources   Download

BSD-3-Clause

The Requires

 

composer security silverstripe environment vulnerabilities updates

25/06 2018

1.0.x-dev

1.0.9999999.9999999-dev https://github.com/bringyourownideas/silverstripe-composer-security-checker

Provides information if your SilverStripe application uses dependencies with known vulnerabilities.

  Sources   Download

BSD-3-Clause

The Requires

 

composer security silverstripe environment vulnerabilities updates

13/06 2018

2.0.0

2.0.0.0 https://github.com/bringyourownideas/silverstripe-composer-security-checker

Provides information if your SilverStripe application uses dependencies with known vulnerabilities.

  Sources   Download

BSD-3-Clause

The Requires

 

The Development Requires

composer security silverstripe environment vulnerabilities updates

14/05 2018

0.3.4

0.3.4.0 https://github.com/bringyourownideas/silverstripe-composer-security-checker

Provides information if your SilverStripe application uses dependencies with known vulnerabilities.

  Sources   Download

BSD-3-Clause

The Requires

 

composer security silverstripe environment vulnerabilities updates

20/04 2018

0.3.3

0.3.3.0 https://github.com/bringyourownideas/silverstripe-composer-security-checker

Provides information if your SilverStripe application uses dependencies with known vulnerabilities.

  Sources   Download

BSD-3-Clause

The Requires

 

composer security silverstripe environment vulnerabilities updates

09/07 2016

0.3.2

0.3.2.0 https://github.com/spekulatius/silverstripe-composer-security-checker

Provides information if your SilverStripe application uses dependencies with known vulnerabilities.

  Sources   Download

BSD-3-Clause

The Requires

 

composer security silverstripe environment vulnerabilities updates

22/05 2016

0.3.1

0.3.1.0 https://github.com/spekulatius/silverstripe-composer-security-checker

Provides information if your SilverStripe application uses dependencies with known vulnerabilities.

  Sources   Download

BSD-3-Clause

The Requires

 

composer security silverstripe environment vulnerabilities updates

16/04 2016

0.2.7

0.2.7.0 https://github.com/spekulatius/silverstripe-composer-security-checker

Provides information if your SilverStripe application uses dependencies with known vulnerabilities.

  Sources   Download

BSD-3-Clause

The Requires

 

composer security silverstripe environment vulnerabilities updates

21/02 2016

0.3.0

0.3.0.0 https://github.com/spekulatius/silverstripe-composer-security-checker

Provides information if your SilverStripe application uses dependencies with known vulnerabilities.

  Sources   Download

BSD-3-Clause

The Requires

 

composer security silverstripe environment vulnerabilities updates

20/02 2016

0.2.6

0.2.6.0 https://github.com/spekulatius/silverstripe-composer-security-checker

Task which checks if any composer dependencies has known vulnerabilities.

  Sources   Download

BSD-3-Clause

The Requires

 

composer security silverstripe environment vulnerabilities updates

14/02 2016

0.2.5

0.2.5.0 https://github.com/spekulatius/silverstripe-composer-security-checker

Task which checks if any composer dependencies has known vulnerabilities.

  Sources   Download

BSD-3-Clause

The Requires

 

composer security silverstripe environment vulnerabilities updates

06/01 2016

0.2.4

0.2.4.0

Task which checks if any composer dependencies has known vulnerabilities.

  Sources   Download

BSD-3-Clause

The Requires

 

composer security silverstripe environment vulnerabilities updates

13/12 2015

0.2.3

0.2.3.0

Task which checks if any composer dependencies has known vulnerabilities.

  Sources   Download

BSD-3-Clause

The Requires

 

composer security silverstripe environment vulnerabilities updates

19/10 2015

0.2.2

0.2.2.0

Task which checks if any composer dependencies has known vulnerabilities.

  Sources   Download

BSD-3-Clause

The Requires

 

composer security silverstripe environment vulnerabilities updates

03/10 2015

0.2.1

0.2.1.0

Task which checks if any composer dependencies has known vulnerabilities.

  Sources   Download

BSD-3-Clause

The Requires

 

composer security silverstripe environment vulnerabilities updates

20/09 2015

0.2.0

0.2.0.0

Task which checks if any composer dependencies has known vulnerabilities.

  Sources   Download

BSD-3-Clause

The Requires

 

composer security silverstripe environment vulnerabilities updates

16/09 2015

0.1.0

0.1.0.0

Task which checks if any composer dependencies has known vulnerabilities.

  Sources   Download

BSD-3-Clause

The Requires

 

composer security silverstripe environment vulnerabilities updates