Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

BitExpert Blog:
Security Checker Phing Task
Nov 04, 2014 @ 18:40:35

Stephan Hochdörfer has a quick post to the BitExpert blog sharing a new tool he's created to help integrate the checks against the SensioLabs Advisories Checker into the Phing build system as a custom task.

About a year and a half ago Fabien Potencier announced the PHP Security Advisories Database initiative. Part of the initiative the SensioLabs Security Advisories Checker (beta) website came to life. The website and the api behind it makes it very easy to check your composer.lock file for dependencies which "have issues". Either upload your composer.lock file to the website or use the CLI tool to communicate with the api directly. About 2 weeks ago Fabien took the next step forward and announced that the Security Advisories Database is distributed as public domain and as such can now be "controlled" by the community. To compliment Fabien's move I decided to put the Security Checker Phing task which I built for us a few months ago out in the wild.

The custom task is easily installed via Composer (instructions included) right along side Phing, also installable via the same method. He also includes the markup and configuration to have the task read your "composer.lock" file and execute the checks against the service.

tagged: phing, task, custom, sensiolabs, security, checker, composer

Link: http://blog.bitexpert.de/blog/security-checker-phing-task/


Trending Topics: