{"id":30704175,"url":"https://github.com/fortify/fortify-ssc-parser-symfony-security-checker","last_synced_at":"2025-09-02T17:49:16.366Z","repository":{"id":40544236,"uuid":"264852504","full_name":"fortify/fortify-ssc-parser-symfony-security-checker","owner":"fortify","description":"Fortify SSC Parser Plugin for Symfony Security Checker","archived":false,"fork":false,"pushed_at":"2023-04-07T08:42:56.000Z","size":158,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":4,"default_branch":"main","last_synced_at":"2024-04-24T13:08:03.861Z","etag":null,"topics":["fortify","fortify-integration","fortify-parser-plugin","fortify-ssc","symfony-security-checker"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/fortify.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.txt","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-05-18T06:49:45.000Z","updated_at":"2023-03-08T20:31:31.000Z","dependencies_parsed_at":"2023-02-17T21:00:49.144Z","dependency_job_id":null,"html_url":"https://github.com/fortify/fortify-ssc-parser-symfony-security-checker","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/fortify/fortify-ssc-parser-symfony-security-checker","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fortify%2Ffortify-ssc-parser-symfony-security-checker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fortify%2Ffortify-ssc-parser-symfony-security-checker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fortify%2Ffortify-ssc-parser-symfony-security-checker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fortify%2Ffortify-ssc-parser-symfony-security-checker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/fortify","download_url":"https://codeload.github.com/fortify/fortify-ssc-parser-symfony-security-checker/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fortify%2Ffortify-ssc-parser-symfony-security-checker/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273324819,"owners_count":25085488,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-02T02:00:09.530Z","response_time":77,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["fortify","fortify-integration","fortify-parser-plugin","fortify-ssc","symfony-security-checker"],"created_at":"2025-09-02T17:49:14.820Z","updated_at":"2025-09-02T17:49:16.332Z","avatar_url":"https://github.com/fortify.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Fortify SSC Parser Plugin for Symfony Security Checker \n\n\n\u003c!-- START-INCLUDE:p.marketing-intro.md --\u003e\n\n[Fortify Application Security](https://www.microfocus.com/en-us/solutions/application-security) provides your team with solutions to empower [DevSecOps](https://www.microfocus.com/en-us/cyberres/use-cases/devsecops) practices, enable [cloud transformation](https://www.microfocus.com/en-us/cyberres/use-cases/cloud-transformation), and secure your [software supply chain](https://www.microfocus.com/en-us/cyberres/use-cases/securing-the-software-supply-chain). As the sole Code Security solution with over two decades of expertise and acknowledged as a market leader by all major analysts, Fortify delivers the most adaptable, precise, and scalable AppSec platform available, supporting the breadth of tech you use and integrated into your preferred toolchain. We firmly believe that your great code [demands great security](https://www.microfocus.com/cyberres/application-security/developer-security), and with Fortify, go beyond 'check the box' security to achieve that.\n\n\u003c!-- END-INCLUDE:p.marketing-intro.md --\u003e\n\n\n\n\u003c!-- START-INCLUDE:repo-intro.md --\u003e\n\nThis Fortify SSC parser plugin allows for importing scan results from Symfony Security Checker.\n\n### Deprecation notice\n\nThe Symfony/SensioLabs PHP Security Checker is no longer functional as stated at https://github.com/sensiolabs/security-checker#readme, and as such this parser plugin has been deprecated. \n\nAt the time of writing the JSON output of the alternative [Local PHP Security Checker](https://github.com/fabpot/local-php-security-checker) is compatible with the Symfony Security Checker parser plugin, so existing users may consider sticking with this parser plugin to avoid having to re-audit their existing results. It is however strongly recommended to migrate to the new [Local PHP Security Checker parser plugin](https://github.com/fortify-ps/fortify-ssc-parser-php-security-checker).\n\nUse the following steps to migrate from this parser plugin to the Local PHP Security Checker parser plugin:\n\n1. Install and enable the Local PHP Security Checker parser plugin\n2. Make sure your application version has no pending audit information\n3. Download the application file for your application version\n4. Make the following changes to the application file you just downloaded, using your favorite zip tool (the FPR file is just a zip file) and editor:\n    * Inside the application file, rename `SYMFONY_SECCHECK.zip` to `PHP_SECCHECK.zip`\n    * Inside `PHP_SECCHECK.zip`, update `scan.info` to show `engineType=PHP_SECCHECK` (instead of `engineType=SYMFONY_SECCHECK`)\n    * Edit `audit.xml`, pre-pending a 'P' to all issue instance id's. For example, search for `instanceId=\"` and replace with `instanceId=\"P`\n5. Upload the modified application file to SSC\n6. Delete all previously uploaded SYMFONY_SECCHECK artifacts after verifying that the audit information has been successfully applied to the PHP_SECCHECK issues\n\n\u003c!-- END-INCLUDE:repo-intro.md --\u003e\n\n\n## Resources\n\n\n\u003c!-- START-INCLUDE:repo-resources.md --\u003e\n\n* **Usage**: [USAGE.md](USAGE.md)\n* **Releases**: https://github.com/fortify/fortify-ssc-parser-symfony-security-checker/releases\n    * _Development releases may be unstable or non-functional. The `*-thirdparty.zip` file is for informational purposes only and does not need to be downloaded._\n* **Sample input files**: [sampleData](sampleData)\n* **Source code**: https://github.com/fortify/fortify-ssc-parser-symfony-security-checker\n* **Automated builds**: https://github.com/fortify/fortify-ssc-parser-symfony-security-checker/actions\n* **Contributing Guidelines**: [CONTRIBUTING.md](CONTRIBUTING.md)\n* **Code of Conduct**: [CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md)\n* **License**: [LICENSE.txt](LICENSE.txt)\n* **Symfony Security Checker resources**:\n\t* Web interface: https://security.symfony.com/\n\t* CLI interface: https://github.com/sensiolabs/security-checker\n\n\u003c!-- END-INCLUDE:repo-resources.md --\u003e\n\n\n\n\u003c!-- START-INCLUDE:h2.support.md --\u003e\n\n## Support\n\nThe only warranties for products and services of Open Text and its affiliates and licensors (“Open Text”) are as may be set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Open Text shall not be liable for technical or editorial errors or omissions contained herein. The information contained herein is subject to change without notice.\n\nThe software is provided \"as is\" and is not supported through the regular OpenText Support channels. Support requests may be submitted through the [GitHub Issues](https://github.com/fortify/fortify-ssc-parser-symfony-security-checker/issues) page for this repository. A (free) GitHub account is required to submit new issues or to comment on existing issues. \n\nSupport requests created through the GitHub Issues page may include bug reports, enhancement requests and general usage questions. Please avoid creating duplicate issues by checking whether there is any existing issue, either open or closed, that already addresses your question, bug or enhancement request. If an issue already exists, please add a comment to provide additional details if applicable.\n\nSupport requests on the GitHub Issues page are handled on a best-effort basis; there is no guaranteed response time, no guarantee that reported bugs will be fixed, and no guarantee that enhancement requests will be implemented. If you require dedicated support for this and other Fortify software, please consider purchasing OpenText Fortify Professional Services. OpenText Fortify Professional Services can assist with general usage questions, integration of the software into your processes, and implementing customizations, bug fixes, and feature requests (subject to feasibility analysis). Please contact your OpenText Sales representative or fill in the [Professional Services Contact Form](https://www.microfocus.com/en-us/cyberres/contact/professional-services) to obtain more information on pricing and the services that OpenText Fortify Professional Services can provide.\n\n\u003c!-- END-INCLUDE:h2.support.md --\u003e\n\n\n---\n\n*[This document was auto-generated from README.template.md; do not edit by hand](https://github.com/fortify/shared-doc-resources/blob/main/USAGE.md)*\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffortify%2Ffortify-ssc-parser-symfony-security-checker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffortify%2Ffortify-ssc-parser-symfony-security-checker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffortify%2Ffortify-ssc-parser-symfony-security-checker/lists"}