narrowspark / security-advisories
The security.sensiolabs.org database as json file.
Fund package maintenance!
prisis
Requires (Dev)
- php: ^7.4.0
- ext-curl: *
- ext-mbstring: *
- narrowspark/coding-standard: ^5.1.0
- php-http/curl-client: ^2.2.0
- phpunit/phpunit: ^9.5.2
- symfony/process: ^5.2.4
- symfony/yaml: ^5.2.5
- thecodingmachine/phpstan-safe-rule: ^1.0
- thecodingmachine/safe: ^1.3
- viserio/console: ^1.0@dev
- viserio/filesystem: ^1.0@dev
- viserio/finder: ^1.0@dev
- viserio/http: ^1.0@dev
- viserio/parser: ^1.0@dev
This package is auto-updated.
Last update: 2023-03-26 11:34:32 UTC
README
This project is responsible for generating a PHP Security Advisories Database as a JSON file.
Stability
This package can only be required in its dev-master
version: there will never be stable/tagged versions because of
the nature of the problem being targeted. Security issues are in fact a moving target, and locking your project to a
specific tagged version of the package would not make any sense.
This package is therefore only suited for installation in the root of your deployable project.
Sources
This package extracts information about existing security issues in various composer projects from the FriendsOfPHP/security-advisories repository and the Github security advisories db.
NOTE: Travis cron is configured to run once a day, to check if PHP Security Advisories Database was updated.
NOTE: The sha in
security-advisories-sha
file is always the last commit sha of a count of merged security vulnerabilities and git rev-parse --verify HEAD of PHP Security Advisories Database and Github security advisories db.