Common report formats for Composer Audit

This package provides several common report formats for the composer audit command, that was introduced in Composer 2.4. The plugin uses the output generated by the composer audit format, augments the data where needed, and outputs it in the requested format.

Currently, JUnit and Trivy formats are supported.

Installation

You can either require the package globally or as a dev dependency for your project.

To make the plugin globally available run the following command:

composer global require nedbase/composer-audit-common-report-formats-plugin 

To add the plugin available for a specific project, you may add it as a dev dependency:

composer require --dev nedbase/composer-audit-common-report-formats-plugin

Usage

To generate a JUnit formatted audit report, run the following command:

composer audit:junit

To generate a Trivy formatted audit report, run the following command:

composer audit:trivy

The same options and arguments that exist on Composer's native audit command are available for the audit:[format] command, except for the --format option, as the report format is implied by the audit:[format] command itself. So to generate a JUnit formatted audit report of regular dependencies only (so no dev dependencies) you may run:

composer audit:junit --no-dev

Technical documentation

For the full documentation, including the technical documentation of the code, see the Documentation.

Developed and maintained in 🇳🇱 by Nedbase.