fix: DockerSecretsResolver - don't normalize absolute paths like /var/www/html/...
Some checks failed
Deploy Application / deploy (push) Has been cancelled
Some checks failed
Deploy Application / deploy (push) Has been cancelled
This commit is contained in:
@@ -11,14 +11,22 @@ declare(strict_types=1);
|
||||
|
||||
require_once __DIR__ . '/../../vendor/autoload.php';
|
||||
|
||||
use App\Framework\Composer\Services\ComposerLockReader;
|
||||
|
||||
final class DependencySecurityChecker
|
||||
{
|
||||
private const SECURITY_ADVISORIES_URL = 'https://packagist.org/api/security-advisories/';
|
||||
|
||||
public function __construct(
|
||||
private readonly ComposerLockReader $lockReader
|
||||
) {
|
||||
}
|
||||
|
||||
public function checkDependencies(): array
|
||||
{
|
||||
$composerLock = $this->loadComposerLock();
|
||||
$packages = $this->extractPackages($composerLock);
|
||||
$basePath = __DIR__ . '/../..';
|
||||
$composerLock = $this->lockReader->readFromProjectRoot($basePath);
|
||||
$packages = $composerLock->getPackagesWithType();
|
||||
|
||||
echo "🔍 Checking " . count($packages) . " dependencies for security vulnerabilities...\n\n";
|
||||
|
||||
@@ -69,52 +77,6 @@ final class DependencySecurityChecker
|
||||
echo "\n⚠️ RECOMMENDATION: Update vulnerable packages immediately!\n";
|
||||
}
|
||||
|
||||
private function loadComposerLock(): array
|
||||
{
|
||||
$lockFile = __DIR__ . '/../../composer.lock';
|
||||
|
||||
if (!file_exists($lockFile)) {
|
||||
throw new \RuntimeException('composer.lock not found');
|
||||
}
|
||||
|
||||
$content = file_get_contents($lockFile);
|
||||
$data = json_decode($content, true);
|
||||
|
||||
if ($data === null) {
|
||||
throw new \RuntimeException('Failed to parse composer.lock');
|
||||
}
|
||||
|
||||
return $data;
|
||||
}
|
||||
|
||||
private function extractPackages(array $composerLock): array
|
||||
{
|
||||
$packages = [];
|
||||
|
||||
// Production dependencies
|
||||
if (isset($composerLock['packages'])) {
|
||||
foreach ($composerLock['packages'] as $package) {
|
||||
$packages[] = [
|
||||
'name' => $package['name'],
|
||||
'version' => $package['version'],
|
||||
'type' => 'production'
|
||||
];
|
||||
}
|
||||
}
|
||||
|
||||
// Development dependencies
|
||||
if (isset($composerLock['packages-dev'])) {
|
||||
foreach ($composerLock['packages-dev'] as $package) {
|
||||
$packages[] = [
|
||||
'name' => $package['name'],
|
||||
'version' => $package['version'],
|
||||
'type' => 'development'
|
||||
];
|
||||
}
|
||||
}
|
||||
|
||||
return $packages;
|
||||
}
|
||||
|
||||
private function checkPackage(string $name, string $version): array
|
||||
{
|
||||
@@ -142,7 +104,8 @@ final class DependencySecurityChecker
|
||||
|
||||
// Run the checker
|
||||
try {
|
||||
$checker = new DependencySecurityChecker();
|
||||
$lockReader = new ComposerLockReader();
|
||||
$checker = new DependencySecurityChecker($lockReader);
|
||||
$vulnerabilities = $checker->checkDependencies();
|
||||
$checker->printReport($vulnerabilities);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user