PHPackages elijahcruz/composer-security-adviser - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. elijahcruz/composer-security-adviser ActiveLibrary[Security](/categories/security) elijahcruz/composer-security-adviser ==================================== Check for security vulnerabilities in your composer project in one command. 1.1.1(5y ago)015MITPHP Since Jan 20Pushed 5y ago1 watchersCompare [ Source](https://github.com/elijahcruz12/composer-security-adviser)[ Packagist](https://packagist.org/packages/elijahcruz/composer-security-adviser)[ RSS](/packages/elijahcruz-composer-security-adviser/feed)WikiDiscussions master Synced yesterday READMEChangelogDependencies (2)Versions (5)Used By (0) Composer Security Adviser ========================= [](#composer-security-adviser) With this program, you can check to see if theres any security advisories for packages in your composer.json How it works. ------------- [](#how-it-works) This works by getting the require/require-dev lists from your composer.json, and check each package you have for all of it's security advisories via the Packagist API. You can also search individual packages as well. Installation ------------ [](#installation) You just need to install this globally using composer: ` composer global require elijahcruz/composer-security-adviser` Usage ----- [](#usage) This is a pretty simple program to use. If you are ever unsure of how to use it, just run `composer-security-adviser help` to view the help screen. ### run:check [](#runcheck) Aliases: run, r ``` composer-security-adviser run:check ``` Options: ``` -D, --dev If require-dev should be checked as well -G, --global If you wish to check your global composer requires. -f, --first If you want to check view only the latest advisory for each package. ``` ### run:single [](#runsingle) Aliases: rs, single ``` composer-security-advisor run:single laravel/framework ``` Options ``` -f, --first If you want to only get the latest advisory. ``` Contributing ------------ [](#contributing) If you want to contribute to this, or have any issues, feel free to open an issue, or pr on GitHub. ### Health Score 24 — LowBetter than 32% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity6 Limited adoption so far Community4 Small or concentrated contributor base Maturity56 Maturing project, gaining track record How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 4 Last Release 1938d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/3cd86be6ae99ffef0c65552b89e188d783330f4f33af68e9b7a08dc1fd60ee77?d=identicon)[elijahcruz12](/maintainers/elijahcruz12) ### Embed Badge ![Health badge](/badges/elijahcruz-composer-security-adviser/health.svg) ``` [![Health](https://phpackages.com/badges/elijahcruz-composer-security-adviser/health.svg)](https://phpackages.com/packages/elijahcruz-composer-security-adviser) ``` ### Alternatives [matomo/matomo Matomo is the leading Free/Libre open analytics platform 21.4k37.3k](/packages/matomo-matomo)[enlightn/security-checker A PHP dependency vulnerabilities scanner based on the Security Advisories Database. 33732.2M110](/packages/enlightn-security-checker)[spatie/ssl-certificate-chain-resolver SSL certificate chain resolver 3069.6k](/packages/spatie-ssl-certificate-chain-resolver)[dgtlss/warden A Laravel package that proactively monitors your dependencies for security vulnerabilities by running automated composer audits and sending notifications via webhooks and email 8745.6k](/packages/dgtlss-warden)[aedart/athenaeum Athenaeum is a mono repository; a collection of various PHP packages 255.2k](/packages/aedart-athenaeum)[open-dxp/opendxp Content & Product Management Framework (CMS/PIM) 7310.3k29](/packages/open-dxp-opendxp) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)