Inquiry / Support Request for PHP Module in Dependency-Check #8278
-
|
I am reaching out regarding the PHP module of Dependency-Check. As part of our vulnerability tracking project, we use Dependency-Check to analyze our PHP dependencies, and we plan to integrate the results directly into our ticketing system (Jira). Before proceeding, we would like some clarification and guidance on the following points: PHP Module Coverage: Which PHP versions and dependency managers (Composer, PEAR, etc.) are fully supported? Are there any known limitations when analyzing complex PHP projects? JSON Report Format: Is there specific documentation for the fields and structure of JSON reports generated by the PHP module? Thank you in advance for your help and guidance. Please let me know if you need more details about our environment or project. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
There is a composer analyzer: https://dependency-check.github.io/DependencyCheck/analyzers/composer-lock.html It is still listed as experimental and may have a both false positives and false negatives. The more usage and reports back regarding problems the better the analyzer will become. |
Beta Was this translation helpful? Give feedback.
There is a composer analyzer: https://dependency-check.github.io/DependencyCheck/analyzers/composer-lock.html
It is still listed as experimental and may have a both false positives and false negatives. The more usage and reports back regarding problems the better the analyzer will become.