Strengthen your PHP Composer dependencies

Posted: 2016-12-21 22:38:22 by Alasdair Keyes

Direct Link | RSS feed

For those of you that use Composer to install and manage dependencies in your PHP App, you may be interested in

When updating your dependencies, it will alert if the versions you are using contain known vulnerabilities. It's quite simple in it's operation, the composer.json file populates the conflict key with a list of package versions that are known to be insecure so composer will fail to update.

The list isn't exhaustive, but it contains a number of large packages such as Doctrine, Drupal, Zend, Symfony

If you found this useful, please feel free to donate via bitcoin to 1NT2ErDzLDBPB8CDLk6j1qUdT6FmxkMmNz

© Alasdair Keyes

IT Consultancy Services

I'm now available for IT consultancy and software development services - Cloudee LTD.

Happy user of Digital Ocean (Affiliate link)


Validate HTML 5