Skip to content
This repository has been archived by the owner on Jan 23, 2021. It is now read-only.

bitExpert/phing-securitychecker

Repository files navigation

phing-securitychecker

A Phing task for interacting with the SensioLabs Security Advisories Checker to check if your application uses dependencies with known security vulnerabilities.

Build Status Coverage Status

Installation

The preferred way of installing bitexpert/phing-securitychecker is through Composer. Add bitexpert/phing-securitychecker as a dependency to composer.json:

composer.phar require --dev bitexpert/phing-securitychecker

Example

Import the default build.xml to let Phing know about the Security Checker task:

    <import file="vendor/bitexpert/phing-securitychecker/build.xml" />

If you imported the default build.xml, you are able to define the lock file path as well the as the webservice endpoint by defining two properties in your main build.xml file:

    <property name="securitychecker.lockfile" value="composer.lock" />
    <property name="securitychecker.endpoint" value="https://security.symfony.com/check_lock" />

Or define the securitychecker task on your own:

     <taskdef name="securitychecker" classname="bitExpert\Phing\SecurityChecker\SecurityCheckerTask" />

Call the task from your build target:

    <securitychecker lockfile="composer.lock" />

License

phing-securitychecker is released under the Apache 2.0 license.