GitHub - sensiolabs/security-checker: PHP frontend for security.symfony.com
source link: https://github.com/sensiolabs/security-checker
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
README.md
SensioLabs Security Checker
The SensioLabs Security Checker is a command line tool that checks if your application uses dependencies with known security vulnerabilities. It uses the Security Check Web service and the Security Advisories Database.
TIP: As an alternative, you can use the Symfony CLI tool that has the following advantages: it does not depend on PHP, all checks are done locally (no calls to the security.symfony.com API):
$ symfony security:check
Usage
Download the security-checker.phar file:
$ php security-checker.phar security:check /path/to/composer.lock
Use the code from the repository directly:
$ composer install
$ php security-checker security:check /path/to/composer.lock
Integration
The checker uses the Symfony Console component; so, you can easily integrate the checker into your own project:
-
by using the
SecurityCheckerCommand
class into your Symfony Console application; -
by using the
SecurityChecker
class directly into your own code:use SensioLabs\Security\SecurityChecker; $checker = new SecurityChecker(); $result = $checker->check('/path/to/composer.lock', 'json'); $alerts = json_decode((string) $result, true);
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK