PHPackages argus-dep/sdk - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [API Development](/categories/api) 4. / 5. argus-dep/sdk ActiveLibrary[API Development](/categories/api) argus-dep/sdk ============= Official PHP SDK for the Argus dependency monitoring API 00PHP Since May 28Pushed 1w agoCompare [ Source](https://github.com/Argus-Dep/sdk-php)[ Packagist](https://packagist.org/packages/argus-dep/sdk)[ RSS](/packages/argus-dep-sdk/feed)WikiDiscussions main Synced 1w ago READMEChangelogDependenciesVersions (1)Used By (0) argus-dep/sdk ============= [](#argus-depsdk) Official PHP SDK for the [Argus](https://argus-dep.app) dependency monitoring API. Push Composer and npm dependency snapshots to Argus so it can track vulnerabilities, outdated packages, and dependency drift across your projects. Requirements ------------ [](#requirements) - PHP 8.2+ - [Composer](https://getcomposer.org/) Installation ------------ [](#installation) ``` composer require argus-dep/sdk ``` Quick Start — Standalone PHP ---------------------------- [](#quick-start--standalone-php) ``` use ArgusSDK\ArgusClient; use ArgusSDK\Reporters\ComposerReporter; $client = new ArgusClient(token: getenv('ARGUS_TOKEN')); $reporter = new ComposerReporter(client: $client, projectName: 'My App'); $response = $reporter->send(); echo "Queued snapshot {$response->snapshotId} — {$response->packagesReceived} packages received.\n"; ``` For npm projects, swap `ComposerReporter` for `NpmReporter` and point it at your `package-lock.json` / `package.json` files. Quick Start — Laravel --------------------- [](#quick-start--laravel) ### 1. Add environment variables [](#1-add-environment-variables) ``` ARGUS_TOKEN=your-secret-project-token ARGUS_PROJECT_NAME="My Laravel App" ``` ### 2. Publish the config (optional) [](#2-publish-the-config-optional) ``` php artisan vendor:publish --tag=argus-config ``` ### 3. Report dependencies on demand [](#3-report-dependencies-on-demand) ``` php artisan argus:report # Report npm as well: php artisan argus:report --ecosystem=all # Override the environment label: php artisan argus:report --env=staging ``` ### Auto-scheduling [](#auto-scheduling) The service provider registers the `argus:report` command with Laravel's scheduler automatically based on the `schedule` config values. Once `ARGUS_TOKEN` is set and the [Laravel scheduler is running](https://laravel.com/docs/scheduling#running-the-scheduler), no further setup is required. ``` # Make sure the scheduler is running (production) * * * * * php /var/www/html/artisan schedule:run >> /dev/null 2>&1 ``` Configuration Reference ----------------------- [](#configuration-reference) Publish `config/argus.php` with `php artisan vendor:publish --tag=argus-config` to customise any value. KeyEnv variableDefaultDescription`token``ARGUS_TOKEN``null`**Required.** Your project API token.`url``ARGUS_URL``https://app.argus-dep.app`Base URL for the Argus API.`project_name``ARGUS_PROJECT_NAME``APP_NAME` / `"My App"`Name shown in the Argus dashboard.`environment``ARGUS_ENV``APP_ENV` / `"production"`Environment label (e.g. production, staging).`timeout``ARGUS_TIMEOUT``10`HTTP request timeout in seconds.`composer.enabled``ARGUS_COMPOSER_ENABLED``true`Enable Composer reporting.`composer.lock_file``ARGUS_COMPOSER_LOCK``base_path('composer.lock')`Path to `composer.lock`.`composer.manifest_file``ARGUS_COMPOSER_MANIFEST``base_path('composer.json')`Path to `composer.json`.`composer.schedule``ARGUS_COMPOSER_SCHEDULE``"daily"`Auto-schedule frequency: `daily`, `hourly`, `weekly`, or `false` to disable.`npm.enabled``ARGUS_NPM_ENABLED``false`Enable npm reporting.`npm.lock_file``ARGUS_NPM_LOCK``base_path('package-lock.json')`Path to `package-lock.json`.`npm.manifest_file``ARGUS_NPM_MANIFEST``base_path('package.json')`Path to `package.json`.`npm.schedule``ARGUS_NPM_SCHEDULE``"daily"`Auto-schedule frequency for npm.CI/CD Integration (GitHub Actions) ---------------------------------- [](#cicd-integration-github-actions) Add a step to your deployment workflow to push a fresh snapshot after every deploy: ``` - name: Report dependencies to Argus env: ARGUS_TOKEN: ${{ secrets.ARGUS_TOKEN }} run: php artisan argus:report --ecosystem=all ``` For non-Laravel projects: ``` - name: Report dependencies to Argus env: ARGUS_TOKEN: ${{ secrets.ARGUS_TOKEN }} run: | php -r " require 'vendor/autoload.php'; \$client = new \ArgusSDK\ArgusClient(getenv('ARGUS_TOKEN')); \$reporter = new \ArgusSDK\Reporters\ComposerReporter(\$client, 'My App'); \$r = \$reporter->send(); echo 'Snapshot ' . \$r->snapshotId . ' queued (' . \$r->packagesReceived . ' packages).' . PHP_EOL; " ``` > **Security:** Store your `ARGUS_TOKEN` as a [GitHub Actions secret](https://docs.github.com/en/actions/security-guides/encrypted-secrets). Never commit the token to your repository or print it in logs. Advanced — Standalone Usage with Custom Files --------------------------------------------- [](#advanced--standalone-usage-with-custom-files) ``` use ArgusSDK\ArgusClient; use ArgusSDK\Reporters\ComposerReporter; use ArgusSDK\Reporters\NpmReporter; $client = new ArgusClient( token: getenv('ARGUS_TOKEN'), baseUrl: 'https://app.argus-dep.app', timeout: 15, ); // Composer with explicit paths $reporter = new ComposerReporter( client: $client, projectName: 'My App', lockFilePath: '/path/to/composer.lock', manifestFilePath: '/path/to/composer.json', ); $reporter->send(); // npm $npmReporter = new NpmReporter( client: $client, projectName: 'My App', lockFilePath: '/path/to/package-lock.json', manifestFilePath: '/path/to/package.json', ); $npmReporter->send(); ``` Error Handling -------------- [](#error-handling) All errors throw `ArgusSDK\ArgusException`: ``` use ArgusSDK\ArgusException; try { $reporter->send(); } catch (ArgusException $e) { echo $e->getMessage(); // human-readable message echo $e->getHttpStatusCode(); // e.g. 429 echo $e->getApiErrorCode(); // e.g. "RATE_LIMITED" } ``` Security Notes -------------- [](#security-notes) - The `ARGUS_TOKEN` is **never** written to log files. If debug logging is enabled, the `Authorization` header is redacted to `Bearer [REDACTED]`. - The SDK is read-only with respect to your lock/manifest files — it never writes to them. - Using an HTTP (non-HTTPS) URL in non-local environments emits a PHP warning. License ------- [](#license) MIT ### Health Score 20 — LowBetter than 13% of packages Maintenance64 Regular maintenance activity Popularity0 Limited adoption so far Community6 Small or concentrated contributor base Maturity11 Early-stage or recently created project Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://www.gravatar.com/avatar/bcc754aa9c84b502f0fade69790c525a42e8e898447157acce899469038bb3b1?d=identicon)[LukasKaemmerling](/maintainers/LukasKaemmerling) --- Top Contributors [![LKaemmerling](https://avatars.githubusercontent.com/u/4281581?v=4)](https://github.com/LKaemmerling "LKaemmerling (1 commits)") ### Embed Badge ![Health badge](/badges/argus-dep-sdk/health.svg) ``` [![Health](https://phpackages.com/badges/argus-dep-sdk/health.svg)](https://phpackages.com/packages/argus-dep-sdk) ``` ### Alternatives [facebook/php-business-sdk PHP SDK for Facebook Business 90923.5M35](/packages/facebook-php-business-sdk)[exsyst/swagger A php library to manipulate Swagger specifications 35916.3M7](/packages/exsyst-swagger)[hubspot/api-client Hubspot API client 24015.5M18](/packages/hubspot-api-client)[botman/driver-telegram Telegram driver for BotMan 93452.6k6](/packages/botman-driver-telegram) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)