{"id":48843640,"url":"https://github.com/violinist-dev/symfony-cloud-security-checker","last_synced_at":"2026-04-15T03:31:06.413Z","repository":{"id":57078223,"uuid":"160728289","full_name":"violinist-dev/symfony-cloud-security-checker","owner":"violinist-dev","description":"Wraps the symfony command, so we can check for security updates, with local cache","archived":false,"fork":false,"pushed_at":"2024-10-10T10:50:21.000Z","size":9047,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-10-26T18:30:31.419Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/violinist-dev.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-12-06T20:29:43.000Z","updated_at":"2024-10-10T10:49:37.000Z","dependencies_parsed_at":"2024-09-10T20:03:02.836Z","dependency_job_id":"e116b4f3-b039-478b-b02f-258ab4d97e75","html_url":"https://github.com/violinist-dev/symfony-cloud-security-checker","commit_stats":{"total_commits":29,"total_committers":1,"mean_commits":29.0,"dds":0.0,"last_synced_commit":"2e1be89f8ac1d0952c663ea97ebea9a87b0c32b5"},"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/violinist-dev/symfony-cloud-security-checker","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/violinist-dev%2Fsymfony-cloud-security-checker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/violinist-dev%2Fsymfony-cloud-security-checker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/violinist-dev%2Fsymfony-cloud-security-checker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/violinist-dev%2Fsymfony-cloud-security-checker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/violinist-dev","download_url":"https://codeload.github.com/violinist-dev/symfony-cloud-security-checker/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/violinist-dev%2Fsymfony-cloud-security-checker/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31825513,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-14T18:05:02.291Z","status":"online","status_checked_at":"2026-04-15T02:00:06.175Z","response_time":63,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-04-15T03:31:05.285Z","updated_at":"2026-04-15T03:31:06.400Z","avatar_url":"https://github.com/violinist-dev.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# symfony-cloud-security-checker\n[![Test](https://github.com/violinist-dev/symfony-cloud-security-checker/actions/workflows/test.yml/badge.svg)](https://github.com/violinist-dev/symfony-cloud-security-checker/actions/workflows/test.yml)\n[![Coverage Status](https://coveralls.io/repos/github/violinist-dev/symfony-cloud-security-checker/badge.svg?branch=master)](https://coveralls.io/github/violinist-dev/symfony-cloud-security-checker?branch=master)\n[![Violinist enabled](https://img.shields.io/badge/violinist-enabled-brightgreen.svg)](https://violinist.io)\n\nWraps the symfony command, so we can check for security updates, with local cache.\n\n## Why?\n\nBecause if you try to use a service like the sensiolabs security checker (https://github.com/sensiolabs/security-checker / https://security.symfony.com/) it has a rate limit. The symfony command uses a local cache.\n\n## Installation\n\n```bash\ncomposer require violinist-dev/symfony-cloud-security-checker\n```\n\nYou also need to download the [symfony client](https://symfony.com/download) and make it available in your `$PATH`.\n\n## Usage\n\n```php\n$checker = new \\Violinist\\SymfonyCloudSecurityChecker\\SecurityChecker();\n$directory = '/my/project/directory/with/composer/lock/file';\ntry {\n    $result = $checker-\u003echeckDirectory($directory);\n    // Result will now be an array keyed with projects that has security advisories. Like so, for the example in the\n    // tests (dompdf/dompdf):\n    //array (\n    //    'dompdf/dompdf' =\u003e\n    //        array (\n    //            'version' =\u003e 'v0.6.0',\n    //            'advisories' =\u003e\n    //                array (\n    //                    0 =\u003e\n    //                        array (\n    //                            'title' =\u003e 'PHP remote file inclusion vulnerability in dompdf.php',\n    //                            'link' =\u003e 'https://github.com/dompdf/dompdf/releases/tag/v0.6.2',\n    //                            'cve' =\u003e 'CVE-2010-4879',\n    //                        ),\n    //                    1 =\u003e\n    //                        array (\n    //                            'title' =\u003e 'Arbitrary file read in dompdf',\n    //                            'link' =\u003e 'https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2383/',\n    //                            'cve' =\u003e 'CVE-2014-2383',\n    //                        ),\n    //                    2 =\u003e\n    //                        array (\n    //                            'title' =\u003e 'Information Disclosure',\n    //                            'link' =\u003e 'https://github.com/dompdf/dompdf/releases/tag/v0.6.2',\n    //                            'cve' =\u003e 'CVE-2014-5011',\n    //                        ),\n    //                    3 =\u003e\n    //                        array (\n    //                            'title' =\u003e 'Denial Of Service Vector',\n    //                            'link' =\u003e 'https://github.com/dompdf/dompdf/releases/tag/v0.6.2',\n    //                            'cve' =\u003e 'CVE-2014-5012',\n    //                        ),\n    //                    4 =\u003e\n    //                        array (\n    //                            'title' =\u003e 'Remote Code Execution (complement of CVE-2014-2383)',\n    //                            'link' =\u003e 'https://github.com/dompdf/dompdf/releases/tag/v0.6.2',\n    //                            'cve' =\u003e 'CVE-2014-5013',\n    //                        ),\n    //                ),\n    //        ),\n    //)\n}\ncatch (Exception $e) {\n    // This can happen if you do not have the symfony command installed, and available in your PATH.\n    // It can also happen if the command itself creates unexpected output. Like it probably would if you ran it for the\n    // first time without an internet connection, for example.\n}\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fviolinist-dev%2Fsymfony-cloud-security-checker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fviolinist-dev%2Fsymfony-cloud-security-checker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fviolinist-dev%2Fsymfony-cloud-security-checker/lists"}