thislg
commented
9 months ago @wslawski-printify There is a composer audit command to look for security vulnerabilities now, which seems to use the same CVE database as local-php-security-checker. I think you can use that instead.
As I understand currently this installer doesn't allow to make a request with proper auth token for github, so all requests are anonymous and
The primary rate limit for unauthenticated requests is 60 requests per hour.. I think sometimes it can be pretty easy to hit it.https://github.com/thislg/local-php-security-checker-installer/blob/main/bin/local-php-security-checker-installer#L5
Imho here we should read access token from env and do request with it.