public-mirrors
/
composer
mirror of https://github.com/composer/composer
1
0
Fork 0
Code

Update docs for `audit` command (#12220)

main
Javier Spagnoletti 2024-12-01 09:26:21 -03:00 committed by GitHub
parent 74f68adeb1
commit 666dc93fcc
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
doc/03-cli.md
View File

@ -1068,13 +1068,18 @@ php composer.phar archive vendor/package 2.0.21 --format=zip
## audit
This command is used to audit the packages you have installed
for potential security issues. It checks for and
lists security vulnerability advisories using the
[Packagist.org api](https://packagist.org/apidoc#list-security-advisories)
by default or other repositories if specified in the `repositories` section of `composer.json`.
This command is used to audit the packages you have installed for potential security issues. It checks for and lists security
vulnerability advisories using the [Packagist.org api](https://packagist.org/apidoc#list-security-advisories) by default
or other repositories if specified in the `repositories` section of `composer.json`.
The command also detects abandoned packages.
The audit command returns the amount of vulnerabilities found. `0` if successful, and up to `255` otherwise.
The audit command determines if there are vulnerable or abandoned packages and returns the following exit codes based on
the findings:
* `0` No issues;
* `1` Vulnerable packages;
* `2` Abandoned packages;
* `3` Vulnerable and abandoned packages.
```shell
php composer.phar audit