lowerends / laravel-security-checker by lowerends

The Symfony Security Advisories Checker for Laravel
1,468
27
2
Package Data
Maintainer Username: lowerends
Package Create Date: 2015-08-10
Package Last Update: 2015-10-20
Home Page:
Language: PHP
License: MIT
Last Refreshed: 2024-03-27 03:18:00
Package Statistics
Total Downloads: 1,468
Monthly Downloads: 0
Daily Downloads: 0
Total Stars: 27
Total Watchers: 2
Total Forks: 2
Total Open Issues: 0

Laravel Security Checker

Latest Stable Version Total Downloads Latest Unstable Version License

This package makes it easy to integrate the Symfony Security Advisories Checker into your Laravel project. It exposes an artisan command to check against the Security Advisories Database.

Installation

Require this package with composer:

composer require lowerends/laravel-security-checker

Then, add the ServiceProvider to the providers array in config/app.php:

'providers' => [
   ...
   'Lowerends\SecurityChecker\ServiceProvider',

Usage

You can now check your Laravel project for known security issues by running the following artisan command:

artisan security:check

A convenient way to use this command is to add it to the post-update scripts in your project's composer.json file (extracted from the default Laravel composer.json file):

...
"scripts": {
    "post-install-cmd": [
            "php artisan clear-compiled",
            "php artisan optimize"
        ],
        "pre-update-cmd": [
            "php artisan clear-compiled"
        ],
        "post-update-cmd": [
            "php artisan optimize",
            "php artisan security:check"
        ],
        "post-root-package-install": [
            "php -r \"copy('.env.example', '.env');\""
        ],
        "post-create-project-cmd": [
            "php artisan key:generate"
        ]
},
...

The output will tell you if there are known security issues and if so, list them in order for you to take the necessary actions.

License

The Laravel Security Checker is open-sourced software licensed under the MIT license.