FIX: Replace sensiolabs/security-checker with signify-nz/composer-security-checker

bringyourownideas / silverstripe-composer-security-checker

Provides information if your SilverStripe application uses dependencies with known vulnerabilities.

https://bringyourownideas.com

BSD 3-Clause "New" or "Revised" License

9 stars 6 forks source link

FIX: Replace sensiolabs/security-checker with signify-nz/composer-security-checker #59

Closed GuySartorelli closed 2 years ago

GuySartorelli commented 2 years ago

Fixes #57

GuySartorelli commented 2 years ago

Scrutinizer failed because the composer1 cache hasn't got the new package yet (though why scrutinizer is using composer1 I couldn't tell you). Should be visible to composer1 in a day or so.

GuySartorelli commented 2 years ago

Scrutinizer failed this time because it's trying to use PHP 5.6... someone with access and appropriate know-how will need to update the configuration for this package's scrutinizer run.

GuySartorelli commented 2 years ago

Closing this as it's not an accepted approach. Some cool Guy has created a PR in composer/composer which will add a PHP API for consuming the packagist security advisory API, so when that's merged I'll create a new PR that leverages it.