You are here

Home » API reference » Composer Manager 7.2 » composer_manager_sa.module

function composer_manager_sa_vulnerabilities in Composer Manager 7.2

Same name and namespace in other branches
  1. 7 composer_manager_sa/composer_manager_sa.module \composer_manager_sa_vulnerabilities()

Find any known vulnerabilities in a composer.lock file.

Vulnerability reports are cached for one hour, based on the contents of composer.lock.

Parameters

string $lock_file: The URI to the composer.lock file.

bool $force_refresh: (optional) Set to TRUE to force a refresh of cached data.

Return value

array An array of known security issues, or an empty array if all libraries passed.

2 calls to composer_manager_sa_vulnerabilities()
composer_manager_sa_check in composer_manager_sa/composer_manager_sa.module
Check for security advisories against Composer libraries.
composer_manager_sa_cron in composer_manager_sa/composer_manager_sa.module
Implements hook_cron().

File

composer_manager_sa/composer_manager_sa.module, line 77
Check for known security issues in Composer libraries.

Code

function composer_manager_sa_vulnerabilities($lock_file, $force_refresh = FALSE) {

  // 'drush composer-manager' doesn't run a full bootstrap, so on install and
  // update the Composer autoloader may not be registered.
  composer_manager_register_autoloader();
  if ($force_refresh || !($vulnerabilities = composer_manager_sa_cache($lock_file))) {
    $checker = new SecurityChecker();
    $vulnerabilities =& drupal_static('composer_manager_sa_cache');
    $vulnerabilities = $checker
      ->check(drupal_realpath($lock_file));
    cache_set(composer_manager_sa_cache_cid($lock_file), $vulnerabilities, 'cache', 3600);
  }
  return $vulnerabilities;
}