checker = $checker; parent::__construct(); } /** * @see Command */ protected function configure() { $this ->setName('security:check') ->setDefinition(array( new InputArgument('lockfile', InputArgument::OPTIONAL, 'The path to the composer.lock file', 'composer.lock'), new InputOption('format', '', InputOption::VALUE_REQUIRED, 'The output format', 'text'), new InputOption('end-point', '', InputOption::VALUE_REQUIRED, 'The security checker server URL'), new InputOption('timeout', '', InputOption::VALUE_REQUIRED, 'The HTTP timeout in seconds'), )) ->setDescription('Checks security issues in your project dependencies') ->setHelp(<<%command.name% command looks for security issues in the project dependencies: php %command.full_name% You can also pass the path to a composer.lock file as an argument: php %command.full_name% /path/to/composer.lock By default, the command displays the result in plain text, but you can also configure it to output JSON instead by using the --format option: php %command.full_name% /path/to/composer.lock --format=json EOF ); } /** * @see Command * @see SecurityChecker */ protected function execute(InputInterface $input, OutputInterface $output) { if ($endPoint = $input->getOption('end-point')) { $this->checker->getCrawler()->setEndPoint($endPoint); } if ($timeout = $input->getOption('timeout')) { $this->checker->getCrawler()->setTimeout($timeout); } try { $vulnerabilities = $this->checker->check($input->getArgument('lockfile')); } catch (ExceptionInterface $e) { $output->writeln($this->getHelperSet()->get('formatter')->formatBlock($e->getMessage(), 'error', true)); return 1; } switch ($input->getOption('format')) { case 'json': $formatter = new JsonFormatter(); break; case 'simple': $formatter = new SimpleFormatter($this->getHelperSet()->get('formatter')); break; case 'text': default: $formatter = new TextFormatter($this->getHelperSet()->get('formatter')); } if (!is_array($vulnerabilities)) { $output->writeln($this->getHelperSet()->get('formatter')->formatBlock('Security Checker Server returned garbage.', 'error', true)); return 127; } $formatter->displayResults($output, $input->getArgument('lockfile'), $vulnerabilities); if ($this->checker->getLastVulnerabilityCount() > 0) { return 1; } } }