PHPackages narrowspark/automatic-security-audit - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. narrowspark/automatic-security-audit AbandonedArchivedComposer-plugin[Security](/categories/security) narrowspark/automatic-security-audit ==================================== A composer plugin that checks if your application has known security vulnerabilities. 0.13.1(6y ago)521.8k1MITPHPPHP ^7.1 Since Sep 28Pushed 5y ago1 watchersCompare [ Source](https://github.com/narrowspark/automatic-security-audit)[ Packagist](https://packagist.org/packages/narrowspark/automatic-security-audit)[ Docs](http://github.com/narrowspark/automatic)[ RSS](/packages/narrowspark-automatic-security-audit/feed)WikiDiscussions master Synced 2w ago READMEChangelogDependencies (1)Versions (16)Used By (0) Narrowspark Automatic Security Audit ==================================== [](#narrowspark-automatic-security-audit) [![](https://camo.githubusercontent.com/618f3275c5f430ee1f70dc2e7b396bb5e82ca547a7693abfd95c04f40b34f67f/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f6e6172726f77737061726b2f6175746f6d617469632e7376673f7374796c653d666c61742d737175617265)](https://github.com/narrowspark/automatic/releases) [![](https://camo.githubusercontent.com/a4fe7000eff0deee11fb18648b92bea8bc241cb65e3842d640c073f5c459d4d4/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f7068702d253545372e332e302d3838393242462e7376673f7374796c653d666c61742d737175617265)](https://php.net/) [![](https://camo.githubusercontent.com/480e443bc4f5dddd81f5b7eaa8a97211efd6d2aa940017fc2d5db4dd28395f1f/68747470733a2f2f696d672e736869656c64732e696f2f636f6465636f762f632f6769746875622f6e6172726f77737061726b2f6175746f6d617469632f6d61737465722e7376673f7374796c653d666c61742d737175617265)](https://codecov.io/gh/narrowspark/automatic) [![](https://camo.githubusercontent.com/e43e27acff50e6ee0656e0a112d484ff55f844ff10e79b3d17641033ea51d18f/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f7374796c652d6c6576656c253230372d627269676874677265656e2e7376673f7374796c653d666c61742d737175617265266c6162656c3d7068707374616e)](#) [![](https://camo.githubusercontent.com/55c0218c8f8009f06ad4ddae837ddd05301481fcf0dff8e0ed9dadda8780713e/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d627269676874677265656e2e7376673f7374796c653d666c61742d737175617265)](https://opensource.org/licenses/MIT) > **Note** This package is part of the [Narrowspark automatic](https://github.com/narrowspark/automatic). Installation ------------ [](#installation) Use [Composer](https://getcomposer.org/) to install this package: ``` composer require narrowspark/automatic-security-audit --dev ``` Usage ----- [](#usage) The checker will be executed when you launch `composer require` , `composer install` or `composer update`. If you have alerts in your composer.lock, `composer audit` will print them. Versioning ---------- [](#versioning) This library follows semantic versioning, and additions to the code ruleset are performed in major releases. Changelog --------- [](#changelog) Please have a look at [`CHANGELOG.md`](https://github.com/narrowspark/automatic/blob/master/CHANGELOG.md). Contributing ------------ [](#contributing) Please have a look at [`CONTRIBUTING.md`](https://github.com/narrowspark/automatic/blob/master/.github/CONTRIBUTING.md). Code of Conduct --------------- [](#code-of-conduct) Please have a look at [`CODE_OF_CONDUCT.md`](https://github.com/narrowspark/automatic/blob/master/.github/CODE_OF_CONDUCT.md). Credits ------- [](#credits) - [Daniel Bannert](https://github.com/prisis) - [All Contributors](https://github.com/narrowspark/automatic/graphs/contributors) - Narrowspark Automatic has been inspired by [symfony/flex](https://github.com/symfony/flex) License ------- [](#license) This package is licensed using the MIT License. Please have a look at [`LICENSE.md`](LICENSE.md). ### Health Score 31 — LowBetter than 66% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity26 Limited adoption so far Community8 Small or concentrated contributor base Maturity55 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~35 days Recently: every ~86 days Total 13 Last Release 2405d ago PHP version history (2 changes)0.8.0PHP ^7.2 0.9.0PHP ^7.1 ### Community Maintainers ![](https://avatars.githubusercontent.com/u/6816093?v=4)[DANMEDOC33](/maintainers/dani33)[@dani33](https://github.com/dani33) --- Top Contributors [![prisis](https://avatars.githubusercontent.com/u/2716058?v=4)](https://github.com/prisis "prisis (38 commits)") --- Tags auditautomaticcomposercomposer-pluginnarrowspark-automaticsecuritysecurity-advisoriescomposersecuritylibrarydiscoveryAuditSkeletonautomaticnarrowsparkviserioconfigurators ### Embed Badge ![Health badge](/badges/narrowspark-automatic-security-audit/health.svg) ``` [![Health](https://phpackages.com/badges/narrowspark-automatic-security-audit/health.svg)](https://phpackages.com/packages/narrowspark-automatic-security-audit) ``` ### Alternatives [xxtea/xxtea XXTEA is a fast and secure encryption algorithm. This is a XXTEA library for PHP. 11342.6k](/packages/xxtea-xxtea)[mxr576/ddqg-composer-audit Drupal Dependency Quality Gate Composer Audit plugin 1060.6k3](/packages/mxr576-ddqg-composer-audit)[bringyourownideas/silverstripe-composer-security-checker Provides information if your SilverStripe application uses dependencies with known vulnerabilities. 10103.9k2](/packages/bringyourownideas-silverstripe-composer-security-checker) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)