padosoft /
laravel-composer-security
@@ -50,7 +50,7 @@ |
||
| 50 | 50 | /** |
| 51 | 51 | * Get the services provided by the provider. |
| 52 | 52 | * |
| 53 | - * @return array |
|
| 53 | + * @return string[] |
|
| 54 | 54 | */ |
| 55 | 55 | public function provides() |
| 56 | 56 | { |
@@ -2,7 +2,6 @@ |
||
| 2 | 2 | namespace Padosoft\LaravelComposerSecurity; |
| 3 | 3 | |
| 4 | 4 | use Illuminate\Support\ServiceProvider; |
| 5 | -use GuzzleHttp\Client; |
|
| 6 | 5 | |
| 7 | 6 | class ComposerSecurityCheckServiceProvider extends ServiceProvider |
| 8 | 7 | { |
@@ -21,13 +21,13 @@ discard block |
||
| 21 | 21 | public function boot() |
| 22 | 22 | { |
| 23 | 23 | $this->publishes([ |
| 24 | - __DIR__ . '/config/composer-security-check.php' => config_path('composer-security-check.php'), |
|
| 24 | + __DIR__.'/config/composer-security-check.php' => config_path('composer-security-check.php'), |
|
| 25 | 25 | ], 'config'); |
| 26 | 26 | |
| 27 | - $this->loadViewsFrom(__DIR__ . '/views', 'composer-security-check'); |
|
| 27 | + $this->loadViewsFrom(__DIR__.'/views', 'composer-security-check'); |
|
| 28 | 28 | |
| 29 | 29 | $this->publishes([ |
| 30 | - __DIR__ . '/views' => base_path('resources/views/vendor/composer-security-check'), |
|
| 30 | + __DIR__.'/views' => base_path('resources/views/vendor/composer-security-check'), |
|
| 31 | 31 | ]); |
| 32 | 32 | } |
| 33 | 33 | |
@@ -39,7 +39,7 @@ discard block |
||
| 39 | 39 | public function register() |
| 40 | 40 | { |
| 41 | 41 | $this->app['command.composer-security:check'] = $this->app->share( |
| 42 | - function ($app) { |
|
| 42 | + function($app) { |
|
| 43 | 43 | return new ComposerSecurityCheck(new client); |
| 44 | 44 | } |
| 45 | 45 | ); |
@@ -13,12 +13,12 @@ discard block |
||
| 13 | 13 | */ |
| 14 | 14 | public function findFiles($path, $fileName) |
| 15 | 15 | { |
| 16 | - if ($path=='') { |
|
| 16 | + if ($path == '') { |
|
| 17 | 17 | $path = base_path(); |
| 18 | 18 | } |
| 19 | 19 | |
| 20 | 20 | if (is_dir($path)) { |
| 21 | - $path=str_finish($path, '/'); |
|
| 21 | + $path = str_finish($path, '/'); |
|
| 22 | 22 | |
| 23 | 23 | } |
| 24 | 24 | $path .= $fileName; |
@@ -35,7 +35,7 @@ discard block |
||
| 35 | 35 | |
| 36 | 36 | $p = explode(",", str_replace('\\', '/', $path)); |
| 37 | 37 | |
| 38 | - $pathList = array_map(function ($item) { |
|
| 38 | + $pathList = array_map(function($item) { |
|
| 39 | 39 | return str_finish($item, '/'); |
| 40 | 40 | }, |
| 41 | 41 | $p |
@@ -12,4 +12,4 @@ |
||
| 12 | 12 | 'mailFromName' => env('SECURITY_CHECK_MESSAGE_FROM_NAME', 'Info Example'), |
| 13 | 13 | 'mailViewName' => env('SECURITY_CHECK_MAIL_VIEW_NAME', 'composer-security-check::mail'), |
| 14 | 14 | 'logFilePath' => env('SECURITY_CHECK_LOG_FILE_PATH', storage_path().'/composersecurityCheck.log') |
| 15 | - ); |
|
| 15 | + ); |
|
@@ -129,7 +129,7 @@ discard block |
||
| 129 | 129 | /** |
| 130 | 130 | * @param $key |
| 131 | 131 | * @param $vulnerability |
| 132 | - * @param $tuttoOk |
|
| 132 | + * @param boolean $tuttoOk |
|
| 133 | 133 | * @return array |
| 134 | 134 | */ |
| 135 | 135 | public function checkResponse($key, $vulnerability, $tuttoOk) |
@@ -144,7 +144,7 @@ discard block |
||
| 144 | 144 | } |
| 145 | 145 | |
| 146 | 146 | /** |
| 147 | - * @param $msg |
|
| 147 | + * @param string $msg |
|
| 148 | 148 | * @param bool|false $error |
| 149 | 149 | */ |
| 150 | 150 | private function addVerboseLog($msg, $error = false) |
@@ -8,8 +8,8 @@ |
||
| 8 | 8 | |
| 9 | 9 | namespace Padosoft\LaravelComposerSecurity; |
| 10 | 10 | |
| 11 | -use Illuminate\Console\Command; |
|
| 12 | 11 | use GuzzleHttp\Client; |
| 12 | +use Illuminate\Console\Command; |
|
| 13 | 13 | |
| 14 | 14 | class SensiolabHelper |
| 15 | 15 | { |
@@ -42,19 +42,19 @@ discard block |
||
| 42 | 42 | */ |
| 43 | 43 | public function getSensiolabVulnerabilties($fileLock) |
| 44 | 44 | { |
| 45 | - $this->addVerboseLog('Send request to sensiolab: <info>' . $fileLock . '</info>'); |
|
| 45 | + $this->addVerboseLog('Send request to sensiolab: <info>'.$fileLock.'</info>'); |
|
| 46 | 46 | |
| 47 | - $debug = false;//set to true to log into console output |
|
| 47 | + $debug = false; //set to true to log into console output |
|
| 48 | 48 | $headers = [ |
| 49 | 49 | //OPTIONS |
| 50 | 50 | 'allow_redirects' => [ |
| 51 | - 'max' => 3, // allow at most 10 redirects. |
|
| 52 | - 'strict' => true, // use "strict" RFC compliant redirects. |
|
| 53 | - 'referer' => true, // add a Referer header |
|
| 51 | + 'max' => 3, // allow at most 10 redirects. |
|
| 52 | + 'strict' => true, // use "strict" RFC compliant redirects. |
|
| 53 | + 'referer' => true, // add a Referer header |
|
| 54 | 54 | 'protocols' => ['http', 'https'], // only allow http and https URLs |
| 55 | 55 | 'track_redirects' => false |
| 56 | 56 | ], |
| 57 | - 'connect_timeout' => 20,//Use 0 to wait connection indefinitely |
|
| 57 | + 'connect_timeout' => 20, //Use 0 to wait connection indefinitely |
|
| 58 | 58 | 'timeout' => 30, //Use 0 to wait response indefinitely |
| 59 | 59 | 'debug' => $debug, |
| 60 | 60 | //HEADERS |
@@ -76,17 +76,17 @@ discard block |
||
| 76 | 76 | $responseBody = $iResponse->getBody()->getContents(); |
| 77 | 77 | $response = json_decode($responseBody, true); |
| 78 | 78 | } catch (\GuzzleHttp\Exception\ClientException $e) { |
| 79 | - $this->command->error("ClientException!\nMessage: " . $e->getMessage()); |
|
| 79 | + $this->command->error("ClientException!\nMessage: ".$e->getMessage()); |
|
| 80 | 80 | $colorTag = $this->getColorTagForStatusCode($e->getResponse()->getStatusCode()); |
| 81 | - $this->command->line("HTTP StatusCode: <{$colorTag}>" . $e->getResponse()->getStatusCode() . "<{$colorTag}>"); |
|
| 81 | + $this->command->line("HTTP StatusCode: <{$colorTag}>".$e->getResponse()->getStatusCode()."<{$colorTag}>"); |
|
| 82 | 82 | $this->printMessage($e->getResponse()); |
| 83 | 83 | $this->printMessage($e->getRequest()); |
| 84 | 84 | } catch (\GuzzleHttp\Exception\RequestException $e) { |
| 85 | - $this->command->error("RequestException!\nMessage: " . $e->getMessage()); |
|
| 85 | + $this->command->error("RequestException!\nMessage: ".$e->getMessage()); |
|
| 86 | 86 | $this->printMessage($e->getRequest()); |
| 87 | 87 | if ($e->hasResponse()) { |
| 88 | 88 | $colorTag = $this->getColorTagForStatusCode($e->getResponse()->getStatusCode()); |
| 89 | - $this->command->line("HTTP StatusCode: <{$colorTag}>" . $e->getResponse()->getStatusCode() . "<{$colorTag}>"); |
|
| 89 | + $this->command->line("HTTP StatusCode: <{$colorTag}>".$e->getResponse()->getStatusCode()."<{$colorTag}>"); |
|
| 90 | 90 | $this->printMessage($e->getResponse()); |
| 91 | 91 | } |
| 92 | 92 | } |
@@ -119,7 +119,7 @@ discard block |
||
| 119 | 119 | 'advisories' => $data2["title"] |
| 120 | 120 | ]; |
| 121 | 121 | |
| 122 | - $this->addVerboseLog($data['name'] . " " . $data['version'] . " " . $data2["title"], true); |
|
| 122 | + $this->addVerboseLog($data['name']." ".$data['version']." ".$data2["title"], true); |
|
| 123 | 123 | $this->tableVulnerabilities[] = $dataTable; |
| 124 | 124 | } |
| 125 | 125 | |
@@ -174,7 +174,7 @@ discard block |
||
| 174 | 174 | $this->command->info("$type:"); |
| 175 | 175 | $headers = ''; |
| 176 | 176 | foreach ($message->getHeaders() as $name => $values) { |
| 177 | - $headers .= $name . ': ' . implode(', ', $values) . "\r\n"; |
|
| 177 | + $headers .= $name.': '.implode(', ', $values)."\r\n"; |
|
| 178 | 178 | } |
| 179 | 179 | $this->command->comment($headers); |
| 180 | 180 | if ($type == 'REQUEST') { |
@@ -82,9 +82,9 @@ discard block |
||
| 82 | 82 | private function hardWork($argument, $option) |
| 83 | 83 | { |
| 84 | 84 | $path = $argument['path']; |
| 85 | - $this->line('path: <info>' . $path . '</info>.\nCheck composer.lock files...'); |
|
| 85 | + $this->line('path: <info>'.$path.'</info>.\nCheck composer.lock files...'); |
|
| 86 | 86 | $lockFiles = $this->findFilesComposerLock($path); |
| 87 | - $this->line('Find <info>' . count($lockFiles) . '</info> composer.lock files.'); |
|
| 87 | + $this->line('Find <info>'.count($lockFiles).'</info> composer.lock files.'); |
|
| 88 | 88 | |
| 89 | 89 | $this->tableVulnerabilities = []; |
| 90 | 90 | $tuttoOk = true; |
@@ -94,7 +94,7 @@ discard block |
||
| 94 | 94 | |
| 95 | 95 | foreach ($lockFiles as $fileLock) { |
| 96 | 96 | |
| 97 | - $this->line("Analizing <info>" . ($numLock + 1) . "</info> di <info>" . count($lockFiles) . "</info>"); |
|
| 97 | + $this->line("Analizing <info>".($numLock + 1)."</info> di <info>".count($lockFiles)."</info>"); |
|
| 98 | 98 | |
| 99 | 99 | $tuttoOk = $this->checkFile($fileLock, $whitelist); |
| 100 | 100 | |
@@ -117,12 +117,12 @@ discard block |
||
| 117 | 117 | |
| 118 | 118 | $nomailok_bool = false; |
| 119 | 119 | |
| 120 | - if ($nomailok!='' && strtolower($nomailok)=='true') { |
|
| 120 | + if ($nomailok != '' && strtolower($nomailok) == 'true') { |
|
| 121 | 121 | $nomailok_bool = true; |
| 122 | 122 | } |
| 123 | 123 | |
| 124 | 124 | //send email |
| 125 | - if(!$nomailok_bool || !$tuttoOk) { |
|
| 125 | + if (!$nomailok_bool || !$tuttoOk) { |
|
| 126 | 126 | $this->sendEmail($mail, $tuttoOk); |
| 127 | 127 | } |
| 128 | 128 | |
@@ -168,11 +168,11 @@ discard block |
||
| 168 | 168 | $file = new FileHelper(); |
| 169 | 169 | $lockFiles = array(); |
| 170 | 170 | foreach ($file->adjustPath($path) as $item) { |
| 171 | - $lockFiles = array_merge($lockFiles,$file->findFiles($item, 'composer.lock')); |
|
| 171 | + $lockFiles = array_merge($lockFiles, $file->findFiles($item, 'composer.lock')); |
|
| 172 | 172 | } |
| 173 | 173 | |
| 174 | 174 | |
| 175 | - if(!is_array($lockFiles)){ |
|
| 175 | + if (!is_array($lockFiles)) { |
|
| 176 | 176 | $lockFiles = array(); |
| 177 | 177 | } |
| 178 | 178 | |
@@ -205,7 +205,7 @@ discard block |
||
| 205 | 205 | if (count($response) == 0) { |
| 206 | 206 | return true; |
| 207 | 207 | } |
| 208 | - $this->error("Trovate " . count($response) . " vulnerabilita' in $fileLock"); |
|
| 208 | + $this->error("Trovate ".count($response)." vulnerabilita' in $fileLock"); |
|
| 209 | 209 | |
| 210 | 210 | $tuttoOk = in_array(rtrim(str_replace('\\', '/', $fileLock), 'composer.lock'), $whitelist); |
| 211 | 211 | |
@@ -43,10 +43,10 @@ discard block |
||
| 43 | 43 | */ |
| 44 | 44 | public function sendEmail($tuttoOk, $mail, $vul) |
| 45 | 45 | { |
| 46 | - $soggetto=Config::get('composer-security-check.mailSubjectSuccess'); |
|
| 46 | + $soggetto = Config::get('composer-security-check.mailSubjectSuccess'); |
|
| 47 | 47 | |
| 48 | 48 | if (!$tuttoOk) { |
| 49 | - $soggetto=Config::get('composer-security-check.mailSubjetcAlarm'); |
|
| 49 | + $soggetto = Config::get('composer-security-check.mailSubjetcAlarm'); |
|
| 50 | 50 | } |
| 51 | 51 | |
| 52 | 52 | $validator = Validator::make(['email' => $mail], [ |
@@ -61,7 +61,7 @@ discard block |
||
| 61 | 61 | Mail::send( |
| 62 | 62 | Config::get('composer-security-check.mailViewName'), |
| 63 | 63 | ['vul' => $vul], |
| 64 | - function ($message) use ($mail, $soggetto) { |
|
| 64 | + function($message) use ($mail, $soggetto) { |
|
| 65 | 65 | $message->from( |
| 66 | 66 | Config::get('composer-security-check.mailFrom'), |
| 67 | 67 | Config::get('composer-security-check.mailFromName') |
