composer audit

Analyze a PHP project’s dependencies to detect known security vulnerabilities and list affected packages. See also: composer. More information: https://getcomposer.org/doc/03-cli.md#audit.

• Check for security vulnerabilities in your current project:

composer audit

• Omit dev dependencies in the audit:

composer audit --no-dev

• Filter vulnerabilities by output format:

composer audit --format {{table|plain|json|summary}}

• Output audit results to a file in JSON format:

composer audit --format json > audit_report.json

• Verify whether a specific package in your project is affected by security issues:

composer audit {{vendor}}/{{package}}