Friday, February 22, 2013

SensioLabs Security Advisories Checker

Nytt initiativ från SensioLabs.
The website explains how it works in details (https://security.sensiolabs.org/), but basically, this initiative gives you several ways to check for security issues in your project dependencies based on the information contained in you composer.lock file (you are using Composer to manage your dependencies, right?):
  • The website itself allows you to upload a composer.lock to check for vulnerabilities;
  • A web service can used with curl or to integrate that tool into your own continuous integration process (it returns its results as plain text or as a JSON array);
  • A command line tool gives you the same feature as the web service and the website but nicely packaged as a simple Symfony command.

No comments: