Security Checker Phing Task
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
src/bitExpert/Phing/SecurityChecker
tests
.coveralls.yml
.travis.yml
CHANGELOG.md
CONTRIBUTING.md
LICENSE
README.md
build.xml
clover.xml
composer.json
composer.lock
phpunit.xml.dist

README.md

phing-securitychecker

A Phing task for interacting with the SensioLabs Security Advisories Checker to check if your application uses dependencies with known security vulnerabilities.

Build Status Coverage Status

Installation

The preferred way of installing bitexpert/phing-securitychecker is through Composer. Add bitexpert/phing-securitychecker as a dependency to composer.json:

composer.phar require bitexpert/phing-securitychecker

Example

Import the default build.xml to let Phing know about the Security Checker task:

    <import file="vendor/bitexpert/phing-securitychecker/build.xml" />

If you imported the default build.xml, you are able to define the lock file path as well the as the webservice endpoint by defining two properties in your main build.xml file:

    <property name="securitychecker.lockfile" value="composer.lock" />
    <property name="securitychecker.endpoint" value="https://security.sensiolabs.org/check_lock" />

Or define the securitychecker task on your own:

     <taskdef name="securitychecker" classname="bitExpert\Phing\SecurityChecker\SecurityCheckerTask" />

Call the task from your build target:

    <securitychecker lockfile="composer.lock" />

License

phing-securitychecker is released under the Apache 2.0 license.