vulnsvc-composer ================ Consumes a Composer .lock file, returns a set of vulnerabilities associated with the project dependencies, if any. Used data set: https://github.com/FriendsOfPHP/security-advisories Usage ----- # Run in CLI mode $ printf '{"packages":[{"name":"symfony/yaml","version":"2.0.0"}]}' | php ./src/index.php | jq . # Using curl(1) against a web server running the service: $ printf '{"packages": [{"name":"symfony/yaml","version":"2.0.0"}]}' | curl -H 'Content-Type: application/json' --data @- <URL> # With an existing composer.lock $ curl -H 'Content-Type: application/json' --data @composer.lock <URL> Responses --------- On failure: { "success":false, "errmsg": "str" } On success: { "success":true, "data": { "vulns": [...] } }