智慧物流>> ContaoSecurityCheckerBundle>> 返回
项目作者: 1up-lab

项目描述 :
Contao composer security check
高级语言: PHP
项目地址: git://github.com/1up-lab/ContaoSecurityCheckerBundle.git
创建时间: 2016-05-18T07:59:13Z
项目社区:https://github.com/1up-lab/ContaoSecurityCheckerBundle
开源协议:MIT License
下载


WARNING:

Don’t use this piece of software anymore as the underlying web
service will stop working at the end of January 2021. Instead, use the
Open-Source CLI tool that does the same locally, or use the Symfony
CLI tool.

Contao Security Checker Bundle

This extension provides a way to automatically or manually check your installed vendor extensions and the Contao core against the open vulnerability database at FriendsOfPHP/security-advisories.

Author
Software License
Total Downloads

Features included:

  • Perform the check regularly.
  • Get an E-Mail if the audit failed in any way. (Or always get an email if a check was performed. Your choice.)
  • Start the check manually.
  • Suppress notifications for manually started checks.

Screenshot

Note: A clean check does not imply that there are no security problems present, it just means that the test against the underlying database reveiled nothing.

Documentation

Installation

Perform the following steps to install and use the basic functionality of the OneupUploaderBundle:

  • Download the ContaoSecurityCheckerBundle using Composer
  • Enable the bundle
  • Configure the bundle

Step 1: Download the ContaoSecurityCheckerBundle

Add OneupUploaderBundle to your composer.json using the following construct:

  1. $ composer require oneup/contao-security-checker-bundle "^0.4"

Composer will install the bundle to your project’s vendor/oneup/contao-security-checker-bundle directory.

Step 2: Enable the bundle

Enable the bundle in the kernel:

  1. <?php
  2. // app/AppKernel.php
  4. public function registerBundles()
  5. {
  6.     $bundles = [
  7.         // ...
  8.         new Oneup\Bundle\ContaoSecurityCheckerBundle\OneupContaoSecurityCheckerBundle(),
  9.     ];
  10. }

Enable the bundles api route:

  2. # app/config/routing.yml
  4. oneup_contao_security_checker:
  5.     prefix: /security-advisories
  6.     resource: "@OneupContaoSecurityCheckerBundle/Resources/config/routing.yml"
  7. # ...

Step 3: Configure the bundle

Add this little configuration to your app/config/config.yml and adjust it to your needs.

  1. # app/config/config.yml
  3. # OneupContaoSecurityChecker configuration
  4. oneup_contao_security_checker:
  5.     enable_notifications: true
  6.     suppress_manual_audits: false
  7.     notify_only_failed_audits: true
  8.     notification_email: your@email.here
  9.     cron_cycle: daily
  10.     enable_cron: true
  11.     enable_api: false
  12.     api_key: ~

Upgrade Notes

  • Version 0.4.0 Added an API endpoint, per default disabled (see #7)
  • Version 0.3.0 Added Contao Manager Plugin
  • Version 0.2.0 Renamed Bundle (update/check your app/config/config.yml)
  • Version 0.1.0 Initial release

License

This bundle is under the MIT license. See the complete license in the bundle.

Reporting an issue or a feature request

Issues and feature requests are tracked in the Github issue tracker.

When reporting a bug, it may be a good idea to reproduce it in a basic project
built using the Contao Standard Edition
to allow developers of the bundle to reproduce the issue by simply cloning it
and following some steps.