Announcing PHP Language Support

We are proud to announce that we are adding language support for PHP. You can now scan your PHP projects and identify vulnerable libraries. We currently support the Composer package manager.

Scanning a PHP Project

Prerequisites

The SourceClear Agent must be already installed and activated. If this is your first scan please click here to get started. We currently support the Composer package manager. Make sure it’s installed and your development environment is configured accordingly. Click here to get more details on installing Composer and PHP.

Scanning an example project

You can scan your own PHP project or the example project provided below. To scan the example project open your terminal and type the following:

$ git clone git@github.com:srcclr/example-php-composer
$ cd example-php-composer
$ srcclr scan .

Scanning your project

To scan your own project, open a terminal and type the following:

$ cd /my/project/directory (your project directory)
$ srcclr scan .

Access your results

Once the scan finishes, you should see an output similar to this:

Access the scan report by copying the link right to “Full Report Details” and pasting into your browser. This will take you to SourceClear where you can access the scan results and additional insights about your projects.

Click here to learn more about SourceClear project reports.

This new functionality will help you and your team ship more secure PHP applications. As always, we’re here to help. Contact us, or email our helpful support team.