Security advisories | laravel-health | Spatie SPATIE Laravel Health ================= spatie.be/open-source [Docs](https://spatie.be/docs) [Laravel-health](https://spatie.be/docs/laravel-health/v1) Available-checks Security advisories Version v1 Other versions for crawler [v1](https://spatie.be/docs/laravel-health/v1) - [ Introduction ](https://spatie.be/docs/laravel-health/v1/introduction) - [ Support us ](https://spatie.be/docs/laravel-health/v1/support-us) - [ Requirements ](https://spatie.be/docs/laravel-health/v1/requirements) - [ Installation & setup ](https://spatie.be/docs/laravel-health/v1/installation-setup) - [ Questions and issues ](https://spatie.be/docs/laravel-health/v1/questions-issues) - [ Changelog ](https://spatie.be/docs/laravel-health/v1/changelog) - [ About us ](https://spatie.be/docs/laravel-health/v1/about-us) Usage ----- - [ Registering your first check ](https://spatie.be/docs/laravel-health/v1/basic-usage/registering-your-first-check) - [ Creating custom checks ](https://spatie.be/docs/laravel-health/v1/basic-usage/creating-custom-checks) - [ Manually running checks ](https://spatie.be/docs/laravel-health/v1/basic-usage/manually-running-checks) - [ Conditionally running or modifying checks ](https://spatie.be/docs/laravel-health/v1/basic-usage/conditionally-running-or-modifying-checks) - [ Endpoints ](https://spatie.be/docs/laravel-health/v1/basic-usage/endpoints) - [ Pausing and resuming checks ](https://spatie.be/docs/laravel-health/v1/basic-usage/pausing-and-resuming-checks) - [ Registering the same check multiple times ](https://spatie.be/docs/laravel-health/v1/basic-usage/registering-the-same-check-multiple-times) - [ Testing ](https://spatie.be/docs/laravel-health/v1/basic-usage/testing) Storing results --------------- - [ General ](https://spatie.be/docs/laravel-health/v1/storing-results/general) - [ As JSON ](https://spatie.be/docs/laravel-health/v1/storing-results/in-a-json-file) - [ In the cache ](https://spatie.be/docs/laravel-health/v1/storing-results/in-cache) - [ In the database ](https://spatie.be/docs/laravel-health/v1/storing-results/in-the-database) - [ Not storing results ](https://spatie.be/docs/laravel-health/v1/storing-results/not-storing-results) Configuring notifications ------------------------- - [ General ](https://spatie.be/docs/laravel-health/v1/configuring-notifications/general) - [ Via mail ](https://spatie.be/docs/laravel-health/v1/configuring-notifications/via-mail) - [ Via Slack ](https://spatie.be/docs/laravel-health/v1/configuring-notifications/via-slack) - [ Via Oh Dear ](https://spatie.be/docs/laravel-health/v1/configuring-notifications/via-oh-dear) Viewing check results --------------------- - [ General ](https://spatie.be/docs/laravel-health/v1/viewing-results/general) - [ On a webpage ](https://spatie.be/docs/laravel-health/v1/viewing-results/on-a-webpage) - [ On the CLI ](https://spatie.be/docs/laravel-health/v1/viewing-results/on-the-cli) - [ As JSON ](https://spatie.be/docs/laravel-health/v1/viewing-results/as-json) Available checks ---------------- - [ Overview ](https://spatie.be/docs/laravel-health/v1/available-checks/overview) - [ Backups ](https://spatie.be/docs/laravel-health/v1/available-checks/backups) - [ Application Cache ](https://spatie.be/docs/laravel-health/v1/available-checks/cache) - [ Cached config, routes, and events ](https://spatie.be/docs/laravel-health/v1/available-checks/cached-config-routes-and-events) - [ CPU load ](https://spatie.be/docs/laravel-health/v1/available-checks/cpu-load) - [ DB connection ](https://spatie.be/docs/laravel-health/v1/available-checks/db-connection) - [ DB connection count ](https://spatie.be/docs/laravel-health/v1/available-checks/db-connection-count) - [ DB size ](https://spatie.be/docs/laravel-health/v1/available-checks/db-size-check) - [ DB table size ](https://spatie.be/docs/laravel-health/v1/available-checks/db-table-size-check) - [ Debug mode ](https://spatie.be/docs/laravel-health/v1/available-checks/debug-mode) - [ Environment ](https://spatie.be/docs/laravel-health/v1/available-checks/environment) - [ Flare error count ](https://spatie.be/docs/laravel-health/v1/available-checks/flare-error-count) - [ Horizon ](https://spatie.be/docs/laravel-health/v1/available-checks/horizon) - [ Meilisearch ](https://spatie.be/docs/laravel-health/v1/available-checks/meilisearch) - [ Ping ](https://spatie.be/docs/laravel-health/v1/available-checks/ping) - [ Queue ](https://spatie.be/docs/laravel-health/v1/available-checks/queue) - [ Redis ](https://spatie.be/docs/laravel-health/v1/available-checks/redis) - [ Redis memory usage ](https://spatie.be/docs/laravel-health/v1/available-checks/redis-memory-usage) - [ Schedule ](https://spatie.be/docs/laravel-health/v1/available-checks/schedule) - [ Security advisories ](https://spatie.be/docs/laravel-health/v1/available-checks/security-advisories) - [ Used disk space ](https://spatie.be/docs/laravel-health/v1/available-checks/used-disk-space) Security -------- - [ Using Secret Token ](https://spatie.be/docs/laravel-health/v1/security/using-secret-token) Security advisories =================== ### On this page 1. [ Installation ](#content-installation) 2. [ Usage ](#content-usage) This check will check if the PHP packages installed in your project have known security vulnerabilities. This check works using [Packagist's security vulnerability API](https://php.watch/articles/composer-audit#packagist-vuln-list-api). Installation -------------------------------------------------------------------------------------------- You must first install the check using composer ``` composer require spatie/security-advisories-health-check ``` Usage ----------------------------------------------------------------------- To start using the check, you must register the `SecurityAdvisoriesCheck` class. ``` use Spatie\Health\Facades\Health; use Spatie\SecurityAdvisoriesHealthCheck\SecurityAdvisoriesCheck; Health::checks([ SecurityAdvisoriesCheck::new(), ]); ``` The check will pass if there are no security advisories for the packages currently installed in your project. If security advisories are found, the check will fail. The failure message will contain the names of package that have security issues. In the `meta` key of history item of the check, the full vulnerability advisories will be saved. Alternatively, you can run `composer audit` in the root directory of your application to see a list of security issues. ### Ignoring packages To ignore certain packages, you can use the `ignorePackage` method. ``` Health::checks([ SecurityAdvisoriesCheck::new()->ignorePackage('spatie/laravel-backup'), ]); ``` You can ignore multiple packages in one go with the `ignoredPackages` method. ``` Health::checks([ SecurityAdvisoriesCheck::new()->ignoredPackages([ 'spatie/laravel-backup', 'spatie/laravel-medialibrary', ]), ]); ```