Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a security check based on FriendsOfPHP/security-advisories #1726

Closed
Flyingmana opened this issue Jul 10, 2021 · 0 comments · Fixed by #2639
Closed

Add a security check based on FriendsOfPHP/security-advisories #1726

Flyingmana opened this issue Jul 10, 2021 · 0 comments · Fixed by #2639
Assignees
@elidrissidev
Labels
new feature security

Comments

@Flyingmana
Copy link
Contributor

Description (*)

If OpenMage makes use of a composer dependency, which is noted as vulnerable via https://github.com/FriendsOfPHP/security-advisories, we should get a notice.

I dont think we need the check on every PullRequest, but at least a weekly check on our main branches would be good. and on Releases (and manual triggering)
There also is an own github action for this. https://github.com/marketplace/actions/the-php-security-checker

Expected behavior (*)

Benefits

Additional information
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@elidrissidev elidrissidev

Labels
new feature security
Projects
None yet
Milestone
No milestone
3 participants
@Flyingmana @addison74 @elidrissidev