From a2160dda247d27bf8ee736cfd9d991a2637214a7 Mon Sep 17 00:00:00 2001 From: Paul Rijke Date: Thu, 8 Feb 2024 11:09:18 +0100 Subject: [PATCH] Change security check to composer audit --- .github/workflows/daily-security-check.yml | 8 +- composer.json | 1 - composer.lock | 220 +-------------------- 3 files changed, 5 insertions(+), 224 deletions(-) diff --git a/.github/workflows/daily-security-check.yml b/.github/workflows/daily-security-check.yml index 51d7d58b..25a73ff2 100644 --- a/.github/workflows/daily-security-check.yml +++ b/.github/workflows/daily-security-check.yml @@ -19,9 +19,9 @@ jobs: uses: andstor/file-existence-action@v2 with: files: "composer.lock" - - name: Run php local security checker - if: steps.check_composer.outputs.files_exists == 'true' - uses: symfonycorp/security-checker-action@v4 + - name: Vulnerability check + run: php composer audit + if: steps.check_composer.outputs.files_exists == 'true' # node-yarn checks - name: Check for node-yarn project @@ -99,4 +99,4 @@ jobs: SLACK_MESSAGE: 'Dependency check failed :crying_cat_face:' SLACK_TITLE: ${{ github.repository }} wants attention SLACK_USERNAME: NightlySecurityCheck - SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} \ No newline at end of file + SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} diff --git a/composer.json b/composer.json index 4cfdeb3b..71bd290c 100644 --- a/composer.json +++ b/composer.json @@ -20,7 +20,6 @@ "knplabs/knp-paginator-bundle": "^5.9", "nelmio/security-bundle": "^2.12", "openconext/monitor-bundle": "^3.0", - "sensiolabs/security-checker": "^6.0", "surfnet/stepup-bundle": "^5.0", "surfnet/stepup-middleware-client-bundle": "^4.1", "surfnet/stepup-saml-bundle": "^4.3.2", diff --git a/composer.lock b/composer.lock index 5204c543..b1b84a97 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "d3f1f0c1f844f20992a4a9127014a0b9", + "content-hash": "26a0847c52456cae4aa6409fddb413d4", "packages": [ { "name": "beberlei/assert", @@ -2906,59 +2906,6 @@ }, "time": "2020-08-25T19:10:18+00:00" }, - { - "name": "sensiolabs/security-checker", - "version": "v6.0.3", - "source": { - "type": "git", - "url": "https://github.com/sensiolabs/security-checker.git", - "reference": "a576c01520d9761901f269c4934ba55448be4a54" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/sensiolabs/security-checker/zipball/a576c01520d9761901f269c4934ba55448be4a54", - "reference": "a576c01520d9761901f269c4934ba55448be4a54", - "shasum": "" - }, - "require": { - "php": ">=7.1.3", - "symfony/console": "^2.8|^3.4|^4.2|^5.0", - "symfony/http-client": "^4.3|^5.0", - "symfony/mime": "^4.3|^5.0", - "symfony/polyfill-ctype": "^1.11" - }, - "bin": [ - "security-checker" - ], - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "6.0-dev" - } - }, - "autoload": { - "psr-4": { - "SensioLabs\\Security\\": "SensioLabs/Security" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Fabien Potencier", - "email": "fabien.potencier@gmail.com" - } - ], - "description": "A security checker for your composer.lock", - "support": { - "issues": "https://github.com/sensiolabs/security-checker/issues", - "source": "https://github.com/sensiolabs/security-checker/tree/master" - }, - "abandoned": "https://github.com/fabpot/local-php-security-checker", - "time": "2019-11-01T13:20:14+00:00" - }, { "name": "simplesamlphp/saml2", "version": "v3.2.6", @@ -4570,87 +4517,6 @@ ], "time": "2022-11-05T15:42:31+00:00" }, - { - "name": "symfony/http-client", - "version": "v4.4.49", - "source": { - "type": "git", - "url": "https://github.com/symfony/http-client.git", - "reference": "0185497cd61440bdf68df7d81241b97a543e9c3f" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/symfony/http-client/zipball/0185497cd61440bdf68df7d81241b97a543e9c3f", - "reference": "0185497cd61440bdf68df7d81241b97a543e9c3f", - "shasum": "" - }, - "require": { - "php": ">=7.1.3", - "psr/log": "^1|^2|^3", - "symfony/http-client-contracts": "^1.1.10|^2", - "symfony/polyfill-php73": "^1.11", - "symfony/polyfill-php80": "^1.16", - "symfony/service-contracts": "^1.0|^2" - }, - "provide": { - "php-http/async-client-implementation": "*", - "php-http/client-implementation": "*", - "psr/http-client-implementation": "1.0", - "symfony/http-client-implementation": "1.1|2.0" - }, - "require-dev": { - "guzzlehttp/promises": "^1.4", - "nyholm/psr7": "^1.0", - "php-http/httplug": "^1.0|^2.0", - "psr/http-client": "^1.0", - "symfony/dependency-injection": "^4.3|^5.0", - "symfony/http-kernel": "^4.4.13", - "symfony/process": "^4.2|^5.0" - }, - "type": "library", - "autoload": { - "psr-4": { - "Symfony\\Component\\HttpClient\\": "" - }, - "exclude-from-classmap": [ - "/Tests/" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Nicolas Grekas", - "email": "p@tchwork.com" - }, - { - "name": "Symfony Community", - "homepage": "https://symfony.com/contributors" - } - ], - "description": "Provides powerful methods to fetch HTTP resources synchronously or asynchronously", - "homepage": "https://symfony.com", - "support": { - "source": "https://github.com/symfony/http-client/tree/v4.4.49" - }, - "funding": [ - { - "url": "https://symfony.com/sponsor", - "type": "custom" - }, - { - "url": "https://github.com/fabpot", - "type": "github" - }, - { - "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", - "type": "tidelift" - } - ], - "time": "2022-11-03T19:03:45+00:00" - }, { "name": "symfony/http-client-contracts", "version": "v2.5.2", @@ -5069,90 +4935,6 @@ ], "time": "2022-10-03T15:15:11+00:00" }, - { - "name": "symfony/mime", - "version": "v5.4.35", - "source": { - "type": "git", - "url": "https://github.com/symfony/mime.git", - "reference": "ee94d9b538f93abbbc1ee4ccff374593117b04a9" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/symfony/mime/zipball/ee94d9b538f93abbbc1ee4ccff374593117b04a9", - "reference": "ee94d9b538f93abbbc1ee4ccff374593117b04a9", - "shasum": "" - }, - "require": { - "php": ">=7.2.5", - "symfony/deprecation-contracts": "^2.1|^3", - "symfony/polyfill-intl-idn": "^1.10", - "symfony/polyfill-mbstring": "^1.0", - "symfony/polyfill-php80": "^1.16" - }, - "conflict": { - "egulias/email-validator": "~3.0.0", - "phpdocumentor/reflection-docblock": "<3.2.2", - "phpdocumentor/type-resolver": "<1.4.0", - "symfony/mailer": "<4.4", - "symfony/serializer": "<5.4.35|>=6,<6.3.12|>=6.4,<6.4.3" - }, - "require-dev": { - "egulias/email-validator": "^2.1.10|^3.1|^4", - "phpdocumentor/reflection-docblock": "^3.0|^4.0|^5.0", - "symfony/dependency-injection": "^4.4|^5.0|^6.0", - "symfony/property-access": "^4.4|^5.1|^6.0", - "symfony/property-info": "^4.4|^5.1|^6.0", - "symfony/serializer": "^5.4.35|~6.3.12|^6.4.3" - }, - "type": "library", - "autoload": { - "psr-4": { - "Symfony\\Component\\Mime\\": "" - }, - "exclude-from-classmap": [ - "/Tests/" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Fabien Potencier", - "email": "fabien@symfony.com" - }, - { - "name": "Symfony Community", - "homepage": "https://symfony.com/contributors" - } - ], - "description": "Allows manipulating MIME messages", - "homepage": "https://symfony.com", - "keywords": [ - "mime", - "mime-type" - ], - "support": { - "source": "https://github.com/symfony/mime/tree/v5.4.35" - }, - "funding": [ - { - "url": "https://symfony.com/sponsor", - "type": "custom" - }, - { - "url": "https://github.com/fabpot", - "type": "github" - }, - { - "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", - "type": "tidelift" - } - ], - "time": "2024-01-30T08:00:51+00:00" - }, { "name": "symfony/monolog-bridge", "version": "v4.4.43",