PHPackages oneup/contao-security-advisories - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. oneup/contao-security-advisories ActiveContao-module[Security](/categories/security) oneup/contao-security-advisories ================================ This check works by comparing the composer.lock against an open vulnerability database. A clean check does not mean there are absolutely no security problems whatsoever. 2.0.3(8y ago)83.6k1MITPHPPHP >=5.4 Since Jan 7Pushed 8y ago3 watchersCompare [ Source](https://github.com/1up-lab/contao-security-advisories)[ Packagist](https://packagist.org/packages/oneup/contao-security-advisories)[ Docs](http://1up.io)[ RSS](/packages/oneup-contao-security-advisories/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependencies (4)Versions (20)Used By (0) Contao Security Advisories ========================== [](#contao-security-advisories) This extension provides a way to automatically or manually check your installed vendor extensions and the Contao core against the open vulnerability database at [FriendsOfPHP/security-advisories](https://github.com/FriendsOfPHP/security-advisories). [![Author](https://camo.githubusercontent.com/a1ca831710cc70c5c356e8dbc27e1212ed4d41a3ad0c6d9f7afbb02d78250cf4/687474703a2f2f696d672e736869656c64732e696f2f62616467652f617574686f722d40317570676d62682d626c75652e7376673f7374796c653d666c61742d737175617265)](https://twitter.com/1upgmbh)[![Software License](https://camo.githubusercontent.com/30597ff9a350144f03bffdd9183e16468e0b3ca1193e1d08591d992622738d55/687474703a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d627269676874677265656e2e7376673f7374796c653d666c61742d737175617265)](LICENSE)[![Total Downloads](https://camo.githubusercontent.com/92b0762e1b4c581f6d7862a2d84ad43ddc04414b715d115fdfd1f2abaee0f1ba/687474703a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f6f6e6575702f636f6e74616f2d73656375726974792d61647669736f726965732e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/oneup/contao-security-advisories) \-- Features included: - Perform the check regularly. - Get an E-Mail if the audit failed in any way. (Or always get an email if a check was performed. Your choice.) - Start the check manually. - Suppress notifications for manually started checks. \-- [![Screenshot](https://camo.githubusercontent.com/0a00430b30e0f4a0b00ce10f9ae37d4313b206a8a136d06b0823d76d6ff58898/687474703a2f2f692e696d6775722e636f6d2f4a6f386a32304e2e706e67)](https://camo.githubusercontent.com/0a00430b30e0f4a0b00ce10f9ae37d4313b206a8a136d06b0823d76d6ff58898/687474703a2f2f692e696d6775722e636f6d2f4a6f386a32304e2e706e67) **Note**: A clean check does not imply that there are no security problems present, it just means that the test against the underlying database reveiled nothing. ### Health Score 34 — LowBetter than 77% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity23 Limited adoption so far Community14 Small or concentrated contributor base Maturity67 Established project with proven stability Bus Factor1 Top contributor holds 63.9% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~75 days Recently: every ~122 days Total 17 Last Release 2944d ago Major Versions 1.0.10 → 2.0.02016-11-07 1.0.11 → 2.0.32018-04-20 ### Community Maintainers ![](https://www.gravatar.com/avatar/87bf1d07a851471e5d0ba2052e6a7a78d6313378214087a2919ff9979656ad0b?d=identicon)[bytehead](/maintainers/bytehead) ![](https://www.gravatar.com/avatar/851cd6cc31c9f924bd4d61793ea7a68e24304632ccf03babf0acab6118f70758?d=identicon)[sheeep](/maintainers/sheeep) --- Top Contributors [![bytehead](https://avatars.githubusercontent.com/u/754921?v=4)](https://github.com/bytehead "bytehead (39 commits)")[![sheeep](https://avatars.githubusercontent.com/u/607530?v=4)](https://github.com/sheeep "sheeep (21 commits)")[![wrflsckr](https://avatars.githubusercontent.com/u/3274039?v=4)](https://github.com/wrflsckr "wrflsckr (1 commits)") --- Tags checksecurityextensionsmodulescontao ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/oneup-contao-security-advisories/health.svg) ``` [![Health](https://phpackages.com/badges/oneup-contao-security-advisories/health.svg)](https://phpackages.com/packages/oneup-contao-security-advisories) ``` ### Alternatives [enlightn/security-checker A PHP dependency vulnerabilities scanner based on the Security Advisories Database. 33732.2M110](/packages/enlightn-security-checker)[akaunting/laravel-firewall Web Application Firewall (WAF) package for Laravel 999465.8k2](/packages/akaunting-laravel-firewall)[jorijn/laravel-security-checker Added Laravel functionality to the Enlightn Security Checker. Adds a command to check for, and optionally emails you, vulnerabilities when they affect you. 2021.8M1](/packages/jorijn-laravel-security-checker)[mlocati/ocsp Library to query HTTPS Certificates revocation status using the Online Certificate Status Protocol (OCSP) 40754.7k2](/packages/mlocati-ocsp)[dgtlss/warden A Laravel package that proactively monitors your dependencies for security vulnerabilities by running automated composer audits and sending notifications via webhooks and email 8745.6k](/packages/dgtlss-warden)[mxrxdxn/pwned-passwords A library to query Troy Hunt's Pwned Passwords service to see whether or not a password has been included in a public breach. 3270.9k2](/packages/mxrxdxn-pwned-passwords) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)