README

This package contains a Laravel Health check that can report any known security issues with the installed PHP packages in your application.

The security advisories are fetched from Packagist and are sourced from GitHub and other sources.

Usage

You can register this check, typically this happens in a service provider:

use Spatie\Health\Facades\Health;
use Spatie\SecurityAdvisoriesHealthCheck\SecurityAdvisoriesCheck;

Health::checks([
    SecurityAdvisoriesCheck::new()->retryTimes(5),
]);

Caching

By default, this package will make an HTTP request to Packagist every time the health check runs. To reduce API calls and improve performance, you can enable caching by calling cacheResultsForMinutes():

use Spatie\Health\Facades\Health;
use Spatie\SecurityAdvisoriesHealthCheck\SecurityAdvisoriesCheck;

Health::checks([
    SecurityAdvisoriesCheck::new()
        ->retryTimes(5)
        ->cacheResultsForMinutes(60),     // Enables caching for 1 hour
]);

The package uses Laravel's default cache driver.

Configuration Options

SecurityAdvisoriesCheck::new()
    ->retryTimes(3)                     // Number of retry attempts on failure
    ->cacheResultsForMinutes(120)       // Cache duration in minutes
    ->ignorePackage('vendor/package')   // Ignore specific packages
    ->ignoredPackages([                 // Ignore multiple packages
        'vendor/package1',
        'vendor/package2'
    ]);

Documentation

The documentation of this package is available inside the docs of Laravel Health.

Support us

We invest a lot of resources into creating best in class open source packages. You can support us by buying one of our paid products.

We highly appreciate you sending us a postcard from your hometown, mentioning which of our package(s) you are using. You'll find our address on our contact page. We publish all received postcards on our virtual postcard wall.

Testing

composer test

Changelog

Please see CHANGELOG for more information on what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security Vulnerabilities

Please review our security policy on how to report security vulnerabilities.

Credits

• Freek Van der Herten
• All Contributors

License

The MIT License (MIT). Please see License File for more information.