A Phing task for interacting with the SensioLabs Security Advisories Checker to check if your application uses dependencies with known security vulnerabilities.
The preferred way of installing bitexpert/phing-securitychecker is through Composer. Add bitexpert/phing-securitychecker as a dependency to
composer.json:
composer.phar require --dev bitexpert/phing-securitychecker
Import the default build.xml to let Phing know about the Security Checker task:
<import file="vendor/bitexpert/phing-securitychecker/build.xml" />If you imported the default build.xml, you are able to define the lock file path as well the as the webservice endpoint by defining two properties in your main build.xml file:
<property name="securitychecker.lockfile" value="composer.lock" />
<property name="securitychecker.endpoint" value="https://security.symfony.com/check_lock" />Or define the securitychecker task on your own:
<taskdef name="securitychecker" classname="bitExpert\Phing\SecurityChecker\SecurityCheckerTask" />Call the task from your build target:
<securitychecker lockfile="composer.lock" />phing-securitychecker is released under the Apache 2.0 license.