PHPackages                             encoredigitalgroup/heimdall - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. encoredigitalgroup/heimdall

ActiveComposer-plugin[Security](/categories/security)

encoredigitalgroup/heimdall
===========================

Heimdall — a Composer plugin that guards the bridge between Packagist and your vendor directory against supply chain attacks.

v0.1.3(1w ago)035↓14.3%BSD-3-ClausePHP ^8.4

Since May 27Compare

[ Source](https://gitlab.encoredigitalgroup.com/oss/composer-security-plugin)[ Packagist](https://packagist.org/packages/encoredigitalgroup/heimdall)[ RSS](/packages/encoredigitalgroup-heimdall/feed)WikiDiscussions Synced 1w ago

READMEChangelogDependencies (13)Versions (9)Used By (0)

### README not available

The README for this package hasn't been synced yet. View it on [GitHub](https://gitlab.encoredigitalgroup.com/oss/composer-security-plugin).

###  Health Score

42

—

FairBetter than 88% of packages

Maintenance98

Actively maintained with recent releases

Popularity11

Limited adoption so far

Community2

Small or concentrated contributor base

Maturity46

Maturing project, gaining track record

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~0 days

Total

4

Last Release

12d ago

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/50760632?v=4)[Marc Beinder](/maintainers/onairmarc)[@onairmarc](https://github.com/onairmarc)

###  Code Quality

TestsPest

Static AnalysisPHPStan, Rector

Code StylePHP CS Fixer

Type Coverage Yes

### Embed Badge

![Health badge](/badges/encoredigitalgroup-heimdall/health.svg)

```
[![Health](https://phpackages.com/badges/encoredigitalgroup-heimdall/health.svg)](https://phpackages.com/packages/encoredigitalgroup-heimdall)
```

###  Alternatives

[symfony/runtime

Enables decoupling PHP applications from global state

74694.9M933](/packages/symfony-runtime)[drupal/core-composer-scaffold

A flexible Composer project scaffold builder.

5344.1M525](/packages/drupal-core-composer-scaffold)[drupal/core-vendor-hardening

Hardens the vendor directory for when it's in the docroot.

174.7M40](/packages/drupal-core-vendor-hardening)[drupal/core-project-message

Adds a message after Composer installation.

2124.0M192](/packages/drupal-core-project-message)[drupal-composer/drupal-paranoia

Composer Plugin for improving the security of composer-based Drupal projects by moving all PHP files out of docroot.

652.2M3](/packages/drupal-composer-drupal-paranoia)[altis/core

Core module for Altis

19222.5k2](/packages/altis-core)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)