Legoktm has uploaded a new change for review. https://gerrit.wikimedia.org/r/192264
Change subject: Use sensiolabs/security-checker to check for any reported security issues ...................................................................... Use sensiolabs/security-checker to check for any reported security issues Uses the database from https://github.com/FriendsOfPHP/security-advisories to check if any of the installed dependencies in our composer.lock file have security issues. Bug: T74193 Change-Id: Iea618bb15b073f1893536e1638aa261e3c4a600d --- M composer.json M composer.lock 2 files changed, 9 insertions(+), 2 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/vendor refs/changes/64/192264/1 diff --git a/composer.json b/composer.json index c4bdd20..d852942 100644 --- a/composer.json +++ b/composer.json @@ -15,6 +15,9 @@ "wikimedia/composer-merge-plugin": "1.0.0", "zordius/lightncandy": "0.18" }, + "require-dev": { + "sensiolabs/security-checker": "~2.0" + }, "prefer-stable": true, "config": { "autoloader-suffix": "_mediawiki_vendor", @@ -22,5 +25,9 @@ "vendor-dir": ".", "prepend-autoloader": false, "optimize-autoloader": true + }, + "scripts": { + "test": "security-checker security:check composer.lock" } } + diff --git a/composer.lock b/composer.lock index b79bf57..25757fd 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file";, "This file is @generated automatically" ], - "hash": "6188811094b69e07d37639aa9419dcf1", + "hash": "0843edcb89920e6d6e2251a0a74ed818", "packages": [ { "name": "cssjanus/cssjanus", @@ -414,7 +414,7 @@ "time": "2015-01-01 04:37:19" } ], - "packages-dev": [], + "packages-dev": null, "aliases": [], "minimum-stability": "stable", "stability-flags": [], -- To view, visit https://gerrit.wikimedia.org/r/192264 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Iea618bb15b073f1893536e1638aa261e3c4a600d Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/vendor Gerrit-Branch: master Gerrit-Owner: Legoktm <[email protected]> _______________________________________________ MediaWiki-commits mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
