davidepastore/composer-audit

Composer plugin to check your composer.lock

Sunday, August 6, 2017
by DavidePastore
Repository
2 Watchers
5 Stars
5 Installations

PHP
0 Dependents
0 Suggesters
1 Forks
6 Open issues
3 Versions
0 % Grown

Warning This project is not maintained anymore. Since version 2.4.0-RC1, Composer officially supports the audit command that checks for known security vulnerabilities., _(*1)

composer-audit

, _(*2)

A composer plugin that checks if your application uses dependencies with known security vulnerabilities (it uses SensioLabs Security Checker)., _(*3)

Installation

Using the composer command:, _(*4)

$ composer require davidepastore/composer-audit:0.1.*

Manually adding in composer.json:, _(*5)

"require": {
  "davidepastore/composer-audit": "0.1.*"
}

Usage

The checker will be executed when you launch composer install or composer update. If you have alerts in your composer.lock, composer-audit will print them. An example could be this:, _(*6)

ALERTS from SensioLabs security advisories.

 *** dompdf/dompdf[v0.6.0] ***

 * dompdf/dompdf/CVE-2014-2383.yaml
Arbitrary file read in dompdf
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2383/
CVE-2014-2383


Please fix these alerts from SensioLabs security advisories.

If no alert is found, you'll get this:, _(*7)

All good from SensioLabs security advisories.

Issues

If you have issues, just open one [here][2]., _(*8)

06/08 2017

dev-try-adding-tests

Composer plugin to check your composer.lock

Sources Download

MIT

The Requires

composer-plugin-api ^1.0
sensiolabs/security-checker 2.*

The Development Requires

by Davide Pastore

plugin composer security-checker

13/06 2015

dev-master

9999999-dev

Composer plugin to check your composer.lock

Sources Download

MIT

The Requires

sensiolabs/security-checker 2.*
composer-plugin-api ^1.0

by Davide Pastore

plugin composer security-checker

10/02 2015

v0.1.0

0.1.0.0

Composer plugin to check your composer.lock

Sources Download

MIT

The Requires

composer-plugin-api 1.0.0
sensiolabs/security-checker 2.*

by Davide Pastore

plugin composer security-checker

composer-plugin composer-audit

Composer plugin to check your composer.lock

davidepastore/composer-audit

The README.md

composer-audit

Installation

Usage

Issues

The Versions

dev-try-adding-tests

The Requires

The Development Requires

by Davide Pastore

dev-master

The Requires

by Davide Pastore

v0.1.0

The Requires

by Davide Pastore