Need help with local-php-security-checker?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

fabpot
690 Stars 37 Forks GNU Affero General Public License v3.0 29 Commits 12 Opened issues

Description

PHP security vulnerabilities checker

Services available

!
?

Need anything else?

Contributors list

# 815
PHP
Symfony
mailer
skeleto...
8 commits
# 244,015
PHP
HTML
csv-con...
Compose...
4 commits
# 6,626
PHP
Symfony
Compose...
phpstor...
2 commits
# 332,168
Symfony
PHP
rabbitm...
rabbit
1 commit
# 373,486
PHP
HTML
Securit...
Compose...
1 commit

Local PHP Security Checker

The Local PHP Security Checker is a command line tool that checks if your PHP application depends on PHP packages with known security vulnerabilities. It uses the Security Advisories Database behind the scenes.

Download a binary from the Releases page on Github, rename it to

local-php-security-checker
and make it executable.

From a directory containing a PHP project that uses Composer, check for known vulnerabilities by running the binary without arguments or flags:

$ local-php-security-checker

You can also pass a

--path
to check a specific directory:
$ local-php-security-checker --path=/path/to/php/project
$ local-php-security-checker --path=/path/to/php/project/composer.lock

By default, the output is optimized for terminals, change it via the

--format
flag (supported formats:
ansi
,
markdown
,
json
,
junit
, and
yaml
):
$ local-php-security-checker --format=json

When running the command, it checks for an updated vulnerability database and downloads it from Github if it changed since the last run. If you want to avoid the HTTP round-trip, use

--local
. To force a database update without checking for a project, use
--update-cache
.

If you want to continuously check for security issues on your applications in production, you can use this tool in combination with croncape to get an email whenever a new security issue is detected:

[email protected]
50 23 * * * croncape php-security-checker --path=/path/to/php/project

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.