PHPackages dkd/kula-audit - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. dkd/kula-audit ActiveTypo3-cms-extension[Security](/categories/security) dkd/kula-audit ============== TYPO3 extension audit: upgrade readiness, vulnerabilities, and SBOM via Kula API v1.0.0(2mo ago)00GPL-2.0-or-laterPHPPHP ^8.1 Since Mar 2Pushed 2mo agoCompare [ Source](https://github.com/dkd-dobberkau/kula-audit)[ Packagist](https://packagist.org/packages/dkd/kula-audit)[ RSS](/packages/dkd-kula-audit/feed)WikiDiscussions main Synced 1mo ago READMEChangelogDependencies (2)Versions (2)Used By (0) EXT:kula\_audit — TYPO3 Extension Audit ======================================= [](#extkula_audit--typo3-extension-audit) Audit your TYPO3 installation directly from the backend: upgrade readiness, known vulnerabilities, and CycloneDX SBOM — powered by the [Kula](https://github.com/dkd/kula-graph) API. Features -------- [](#features) - **CLI Command** — `vendor/bin/typo3 kula:audit` reads `composer.lock` and checks against the Kula API - **Dashboard Widget** — Traffic light overview (green/yellow/red) with package stats - **Backend Module** — Full detail tables under Admin Tools with upgrade readiness and vulnerability data Requirements ------------ [](#requirements) - TYPO3 12.4 or 13.x - PHP 8.1+ - Access to a running Kula instance (default: `https://app.kula-audit.de/api/audit`) Installation ------------ [](#installation) ``` composer require dkd/kula-audit ``` Then activate the extension in the TYPO3 Extension Manager or via CLI: ``` vendor/bin/typo3 extension:activate kula_audit ``` Configuration ------------- [](#configuration) Set the API URL and target TYPO3 version in `config/system/settings.php` or via the Settings module: ``` $GLOBALS['TYPO3_CONF_VARS']['EXTENSIONS']['kula_audit'] = [ 'apiUrl' => 'https://app.kula-audit.de/api/audit', 'targetMajor' => 13, ]; ``` Usage ----- [](#usage) ### CLI [](#cli) ``` # Run audit (uses 24h cache) vendor/bin/typo3 kula:audit # Force fresh check vendor/bin/typo3 kula:audit --force # JSON output (for CI/CD pipelines) vendor/bin/typo3 kula:audit --json ``` ### Scheduler [](#scheduler) The `kula:audit` command is schedulable via the TYPO3 Scheduler. Recommended frequency: once daily. ### Dashboard [](#dashboard) Add the "Extension Audit" widget to your TYPO3 Dashboard for a quick overview. ### Backend Module [](#backend-module) Find the full audit report under **Admin Tools > Kula Audit**. License ------- [](#license) GPL-2.0-or-later ### Health Score 35 — LowBetter than 80% of packages Maintenance85 Actively maintained with recent releases Popularity0 Limited adoption so far Community6 Small or concentrated contributor base Maturity42 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 77d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/65bbe8d95947658a4961afd1655306d6dbf5666b3696729d16f7e5fab0569d92?d=identicon)[dkd](/maintainers/dkd) --- Top Contributors [![dkd-dobberkau](https://avatars.githubusercontent.com/u/9196831?v=4)](https://github.com/dkd-dobberkau "dkd-dobberkau (2 commits)") --- Tags securityAuditupgradetypo3SBOM ### Embed Badge ![Health badge](/badges/dkd-kula-audit/health.svg) ``` [![Health](https://phpackages.com/badges/dkd-kula-audit/health.svg)](https://phpackages.com/packages/dkd-kula-audit) ``` ### Alternatives [leuchtfeuer/secure-downloads "Secure Download": Apply TYPO3 access rights to ALL file assets (PDFs, TGZs or JPGs etc. - configurable) - protect them from direct access. 22234.7k1](/packages/leuchtfeuer-secure-downloads)[spooner-web/be_secure_pw You can set password conventions to force secure passwords for BE users. 10461.3k](/packages/spooner-web-be-secure-pw)[georgringer/noopener Add rel="noopener noreferrer" to all external links 1535.1k](/packages/georgringer-noopener)[causal/fal-protect Protect everything within /fileadmin/ based on associated folder and file restrictions (visibility, user groups and dates of publication). 1269.5k](/packages/causal-fal-protect)[mxr576/ddqg-composer-audit Drupal Dependency Quality Gate Composer Audit plugin 1056.7k2](/packages/mxr576-ddqg-composer-audit)[plan2net/typo3-update-check A Composer plugin that checks for TYPO3 updates and provides detailed information about breaking changes and security updates 204.5k](/packages/plan2net-typo3-update-check) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)