The PHP Security Checker as a Docker image
On top of the database, I've also developed various tools to help people check their projects against the database, from an online API, to a command line tool. One of the main "issue" is that the command line tool is also an interface to the API, meaning that all checks depend on the availability of the API server. The traffic on the server is huge and maintaining it is an unnecessary burden.
So, more recently, we've incorporated a security:check` command in the `Symfony CLI that does everything locally (downloading the database from Github directly).
Today, I want to share yet some other ways that don't use the API. If you don't use the Symfony CLI, you might not necessarily want to download it and keep it updated. As of today, it is not needed anymore and you can use the new Symfony CLI Docker image instead:
docker run --rm -v $(pwd):$(pwd) -w $(pwd) symfonycorp/cli check:security
If you are using Github Actions, you can also use the The PHP Security Checker action. The README contains everything you need to know. You can even integrate it into a workflow that makes decisions depending on found vulnerabilities:
1 2 3
steps: - uses: actions/checkout@v2 - uses: symfonycorp/security-checker-action@v2
Comments are closed.
To ensure that comments stay relevant, they are closed for old posts.