Our great sponsors
-
trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
Checkout laravel enlghtn, scans all dependencies, we have it wired for all prs and nightly on all code bases. https://www.laravel-enlightn.com/
We use snyk, but I have found symfonys security checker to be the quickest to catch vulns: https://github.com/fabpot/local-php-security-checker
snyk/cli - scans a project dir for composer.json and package.json dependencies and list any vulns against the installed versions
NOTE:
The number of mentions on this list indicates mentions on common posts plus user suggested alternatives.
Hence, a higher number means a more popular project.