This action checks your composer.lock for known vulnerabilities in your package dependencies.
lock optional The path to the composer.lock file (defaults to the repository root directory).format optional The output format (defaults to ansi, supported: ansi, junit, markdown, json, or yaml).disable-exit-code optional Set it to 1 if you don't want the step to fail in case of detected vulnerabilitiesvulns A JSON payload containing all detected vulnerabilitiesIf you want the step to fail whenever there is a security issue in one of your dependencies, use this action:
steps:
- uses: actions/checkout@v4
- uses: symfonycorp/security-checker-action@v5
To speed up security checks, you can cache the vulnerability database:
steps:
- uses: actions/checkout@v4
- uses: actions/cache@v2
id: cache-db
with:
path: ~/.symfony/cache
key: db
- uses: symfonycorp/security-checker-action@v5
If the composer.lock is not in the repository root directory, pass is as an input:
steps:
- uses: actions/checkout@v4
- uses: symfonycorp/security-checker-action@v5
with:
lock: subdir/composer.lock
Instead of failing, you can also get the vulnerabilities as a JSON output and do something with them in another step:
steps:
- uses: actions/checkout@v4
- uses: symfonycorp/security-checker-action@v5
with:
disable-exit-code: 1
id: security-check
- name: Display the vulnerabilities as JSON
run: echo ${{ steps.security-check.outputs.vulns }}
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4