https://github.com/symfonycorp/security-checker-action

The PHP Security Checker
https://github.com/symfonycorp/security-checker-action

cve php security

Last synced: about 1 year ago
JSON representation

The PHP Security Checker

• Host: GitHub
• URL: https://github.com/symfonycorp/security-checker-action
• Owner: symfonycorp
• Created: 2020-07-11T08:50:39.000Z (over 5 years ago)
• Default Branch: master
• Last Pushed: 2024-02-12T09:35:40.000Z (about 2 years ago)
• Last Synced: 2024-10-22T03:24:38.209Z (over 1 year ago)
• Topics: cve, php, security
• Homepage: https://symfony.com/
• Size: 16.6 KB
• Stars: 153
• Watchers: 4
• Forks: 10
• Open Issues: 1
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
PHP Security Checker

====================

This action checks your `composer.lock` for known vulnerabilities in your package dependencies.

Inputs

------

* `lock` *optional* The path to the `composer.lock` file (defaults to the repository root directory).

* `format` *optional* The output format (defaults to `ansi`, supported: `ansi`, `junit`, `markdown`, `json`, or `yaml`).

* `disable-exit-code` *optional* Set it to `1` if you don't want the step to fail in case of detected vulnerabilities

Outputs

-------

* `vulns` A JSON payload containing all detected vulnerabilities

Usage

-----

If you want the step to fail whenever there is a security issue in one of your

dependencies, use this action:

    steps:

        - uses: actions/checkout@v4

        - uses: symfonycorp/security-checker-action@v5

To speed up security checks, you can cache the vulnerability database:

    steps:

        - uses: actions/checkout@v4

        - uses: actions/cache@v2

          id: cache-db

          with:

              path: ~/.symfony/cache

              key: db

        - uses: symfonycorp/security-checker-action@v5

If the `composer.lock` is not in the repository root directory, pass is as an

input:

    steps:

        - uses: actions/checkout@v4

        - uses: symfonycorp/security-checker-action@v5

          with:

              lock: subdir/composer.lock

Instead of failing, you can also get the vulnerabilities as a JSON output and

do something with them in another step:

    steps:

        - uses: actions/checkout@v4

        - uses: symfonycorp/security-checker-action@v5

          with:

              disable-exit-code: 1

          id: security-check

        - name: Display the vulnerabilities as JSON

          run: echo ${{ steps.security-check.outputs.vulns }}