Dependency Review
The following issues were found:
- ✅ 0 vulnerable package(s)
- ✅ 0 package(s) with incompatible licenses
- ✅ 0 package(s) with invalid SPDX license definitions
- ⚠️ 1 package(s) with unknown licenses.
See the Details below.
License Issues
composer.json
| Package | Version | License | Issue Type |
| php | ~> 8.1.0 || ~> 8.2.0 || ~> 8.3.0 || ~> 8.4.0 | Null | Unknown License |
OpenSSF Scorecard
| Package | Version | Score | Details |
|---|
| composer/php | ~> 8.1.0 || ~> 8.2.0 || ~> 8.3.0 || ~> 8.4.0 |
:green_circle: 5.7 | Details| Check | Score | Reason |
|---|
| Maintained | :green_circle: 10 | 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 | | Code-Review | :green_circle: 4 | Found 9/22 approved changesets -- score normalized to 4 | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | License | :green_circle: 9 | license file detected | | Signed-Releases | :warning: -1 | no releases found | | Packaging | :warning: -1 | packaging workflow not detected | | Token-Permissions | :green_circle: 9 | detected GitHub workflow tokens with excessive permissions | | Security-Policy | :green_circle: 10 | security policy file detected | | Branch-Protection | :green_circle: 3 | branch protection is not maximal on development and all release branches | | Dangerous-Workflow | :warning: 0 | dangerous workflow patterns detected | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | Fuzzing | :green_circle: 10 | project is fuzzed | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 | | Binary-Artifacts | :green_circle: 8 | binaries present in source code | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 |
|
| composer/php | >= 8.1.0,
| :green_circle: 5.7 | Details| Check | Score | Reason |
|---|
| Maintained | :green_circle: 10 | 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 | | Code-Review | :green_circle: 4 | Found 9/22 approved changesets -- score normalized to 4 | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | License | :green_circle: 9 | license file detected | | Signed-Releases | :warning: -1 | no releases found | | Packaging | :warning: -1 | packaging workflow not detected | | Token-Permissions | :green_circle: 9 | detected GitHub workflow tokens with excessive permissions | | Security-Policy | :green_circle: 10 | security policy file detected | | Branch-Protection | :green_circle: 3 | branch protection is not maximal on development and all release branches | | Dangerous-Workflow | :warning: 0 | dangerous workflow patterns detected | | Vulnerabilities | :green_circle: 10 | 0 existing vulnerabilities detected | | Fuzzing | :green_circle: 10 | project is fuzzed | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 | | Binary-Artifacts | :green_circle: 8 | binaries present in source code | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 |
|
Scanned Manifest Files
composer.json
- nikic/php-parser@>= 4.19.1, = 5.0.2,
- php@~> 8.1.0 || ~> 8.2.0 || ~> 8.3.0 || ~> 8.4.0
- nikic/php-parser@>= 4.19.1,
- php@>= 8.1.0,
Code Climate has analyzed commit dd789e34 and detected 0 issues on this pull request.
Too many changed lines in diff
View more on Code Climate.
browser-detector copied to clipboard
mimmi20
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
![codeclimate[bot] avatar](https://avatars.githubusercontent.com/in/9403?v=4 "Published by a pub.dev verified publisher"){kind=small}