ISO-codes
SecurityAdvisories
Our great sponsors
| ISO-codes | SecurityAdvisories | |
|---|---|---|
| 1 | 6 | |
| 787 | 2,644 | |
| - | 0.9% | |
| 2.9 | 9.6 | |
| 2 months ago | 4 days ago | |
| PHP | ||
| GNU General Public License v3.0 only | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ISO-codes
-
PHP libraries and tools
ronanguilloux/isocodes: PHP library - Validators for standards from ISO, International Finance, Public Administrations, GS1, Manufacturing Industry, Phone numbers & Zipcodes for many countries
SecurityAdvisories
-
Preventing Installing Composer Dependencies with Known Security Vulnerabilities
To reduce the chance of introducing vulnerable dependencies into your projects, you can use tools such as "Roave Security Advisories" (roave/security-advisories).
- With the recent scandal over the 'node-ipc' package, is Composer also vulnerable like this? Is there any security measure in the Composer to prevent this type of attack?
- Open source is not a place for politics
-
Composer conflict, how can we use it?
In order to avoid accepting third-party code with well-known security issues you can take advantage of SecurityAdvisories by Roave, a library which uses conflict as shown in this article to block unsafe packages. Give it a look!
-
PHP libraries and tools
roave/security-advisories: Security advisories as a simple composer exclusion list, updated daily
-
Laravel QR Code Generator Infected with Malware
Every composer user should use at least https://github.com/Roave/SecurityAdvisories
What are some alternatives?
Respect Validation - The most awesome validation engine ever created for PHP
local-php-security-checker - PHP security vulnerabilities checker
DMS Filter - Library that offers Input Filtering based on Annotations for use with Objects. Check out 2.dev for 2.0 pre-release.
enlightn - Your performance & security consultant, an artisan command away.
Valitron - Valitron is a simple, elegant, stand-alone validation library with NO dependencies
PHPStan - PHP Static Analysis Tool - discover bugs in your code without running it!
Linio Input - Abstracts HTTP request input handling, providing an easy interface for data hydration and validation
ruby-advisory-db - A database of vulnerable Ruby Gems
MetaYaml - A powerful schema validator!
Serializer - Library for (de-)serializing data of any complexity (supports JSON, and XML)
PHP validate - Lightweight and feature-rich PHP validation and filtering library. Support scene grouping, pre-filtering, array checking, custom validators, custom messages. 轻量且功能丰富的PHP验证、过滤库。支持场景分组,前置过滤,数组检查,自定义验证器,自定义消息。
Deptrac - Keep your architecture clean.