PHP
PHP package analysis and vulnerability scanning capabilities
Package analysis
| Cataloger + Evidence | License | Dependencies | Package Manager Claims | ||||
|---|---|---|---|---|---|---|---|
| Depth | Edges | Kinds | Files | Digests | Integrity Hash | ||
php-composer-installed-cataloger installed.json | Transitive | Runtime, Dev | |||||
php-composer-lock-cataloger composer.lock | Transitive | Runtime | |||||
php-interpreter-cataloger php*/**/*.so, php-fpm*, apache*/**/libphp*.so | Direct | Flat | Runtime | ||||
php-pear-serialized-cataloger php/.registry/**/*.reg | Direct | Runtime | |||||
php-pecl-serialized-cataloger deprecated php/.registry/.channel.*/*.reg | Direct | Runtime | |||||
Vulnerability scanning
| Data Source | Disclosures | Fixes | Track by Source Package | ||
|---|---|---|---|---|---|
| Affected | Date | Versions | Date | ||
| National Vulnerability Database (NVD) | |||||
Grype Configuration
| Configuration Key | Description |
|---|---|
match.stock.using-cpes | Use CPE package identifiers to find vulnerabilities |