Inquiry / Support Request for PHP Module in Dependency-Check #8278
Unanswered
mehdimezianeext-ai
asked this question in
Q&A
Replies: 1 comment
-
|
There is a composer analyzer: https://dependency-check.github.io/DependencyCheck/analyzers/composer-lock.html It is still listed as experimental and may have a both false positives and false negatives. The more usage and reports back regarding problems the better the analyzer will become. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
I am reaching out regarding the PHP module of Dependency-Check. As part of our vulnerability tracking project, we use Dependency-Check to analyze our PHP dependencies, and we plan to integrate the results directly into our ticketing system (Jira).
Before proceeding, we would like some clarification and guidance on the following points:
PHP Module Coverage:
Which PHP versions and dependency managers (Composer, PEAR, etc.) are fully supported?
Are there any known limitations when analyzing complex PHP projects?
JSON Report Format:
Is there specific documentation for the fields and structure of JSON reports generated by the PHP module?
Thank you in advance for your help and guidance. Please let me know if you need more details about our environment or project.
Beta Was this translation helpful? Give feedback.
All reactions