PHPackages narrowspark/security-advisories - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. narrowspark/security-advisories AbandonedArchivedLibrary[Security](/categories/security) narrowspark/security-advisories =============================== The security.sensiolabs.org database as json file. 271[1 issues](https://github.com/narrowspark/security-advisories/issues)[1 PRs](https://github.com/narrowspark/security-advisories/pulls)PHP Since Jun 11Pushed 3y ago1 watchersCompare [ Source](https://github.com/narrowspark/security-advisories)[ Packagist](https://packagist.org/packages/narrowspark/security-advisories)[ RSS](/packages/narrowspark-security-advisories/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependenciesVersions (2)Used By (0) Narrowspark Security Advisories Database ======================================== [](#narrowspark-security-advisories-database) [![](https://camo.githubusercontent.com/afc8fb7590bdc8cc506b5de0673cf596e7463272deda0c726458c12cccc3f683/68747470733a2f2f696d672e736869656c64732e696f2f7472617669732f6e6172726f77737061726b2f73656375726974792d61647669736f726965732f6d61737465722e7376673f6c6f6e6743616368653d66616c7365267374796c653d666c61742d737175617265)](https://travis-ci.org/narrowspark/security-advisories) [![](https://camo.githubusercontent.com/55c0218c8f8009f06ad4ddae837ddd05301481fcf0dff8e0ed9dadda8780713e/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d627269676874677265656e2e7376673f7374796c653d666c61742d737175617265)](http://opensource.org/licenses/MIT) This project is responsible for generating a PHP Security Advisories Database as a JSON file. Stability --------- [](#stability) This package can only be required in its `dev-master` version: there will never be stable/tagged versions because of the nature of the problem being targeted. Security issues are in fact a moving target, and locking your project to a specific tagged version of the package would not make any sense. This package is therefore only suited for installation in the root of your deployable project. Sources ------- [](#sources) This package extracts information about existing security issues in various composer projects from the [FriendsOfPHP/security-advisories](https://github.com/FriendsOfPHP/security-advisories) repository and the [Github security advisories db](https://developer.github.com/v4/object/securityvulnerability/). > NOTE: Travis cron is configured to run once a day, to check if [PHP Security Advisories Database](https://github.com/FriendsOfPHP/security-advisories) was updated. > NOTE: The sha in `security-advisories-sha` file is always the last commit sha of a count of merged security vulnerabilities and git rev-parse --verify HEAD of [PHP Security Advisories Database](https://github.com/FriendsOfPHP/security-advisories) and [Github security advisories db](https://developer.github.com/v4/object/securityvulnerability/). ### Health Score 16 — LowBetter than 5% of packages Maintenance10 Infrequent updates — may be unmaintained Popularity8 Limited adoption so far Community10 Small or concentrated contributor base Maturity31 Early-stage or recently created project Bus Factor1 Top contributor holds 57.8% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://www.gravatar.com/avatar/ca62e19a98f43cce88fa6733762bebbe26f4e7ee0b3d8defdadfd0b7082f77a0?d=identicon)[dani33](/maintainers/dani33) --- Top Contributors [![prisis](https://avatars.githubusercontent.com/u/2716058?v=4)](https://github.com/prisis "prisis (201 commits)")[![dependabot-preview[bot]](https://avatars.githubusercontent.com/in/2141?v=4)](https://github.com/dependabot-preview[bot] "dependabot-preview[bot] (147 commits)") --- Tags advisoriesgithub-security-advisoriesjsonnarrowsparkphpsecuritysecurity-advisoriessecurity-vulnerability ### Embed Badge ![Health badge](/badges/narrowspark-security-advisories/health.svg) ``` [![Health](https://phpackages.com/badges/narrowspark-security-advisories/health.svg)](https://phpackages.com/packages/narrowspark-security-advisories) ``` ### Alternatives [defuse/php-encryption Secure PHP Encryption Library 3.9k162.4M212](/packages/defuse-php-encryption)[roave/security-advisories Prevents installation of composer packages with known security vulnerabilities: no API, simply require it 2.9k97.3M6.4k](/packages/roave-security-advisories)[mews/purifier Laravel 5/6/7/8/9/10 HtmlPurifier Package 2.0k16.7M112](/packages/mews-purifier)[robrichards/xmlseclibs A PHP library for XML Security 41278.1M118](/packages/robrichards-xmlseclibs)[bjeavons/zxcvbn-php Realistic password strength estimation PHP library based on Zxcvbn JS 86917.5M63](/packages/bjeavons-zxcvbn-php)[enlightn/security-checker A PHP dependency vulnerabilities scanner based on the Security Advisories Database. 33732.2M110](/packages/enlightn-security-checker) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)