Files
laravel-gost-template/app/Console/Commands/SecurityAuditDependenciesCommand.php
2026-06-24 17:20:43 +09:00

36 lines
1.1 KiB
PHP
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
namespace App\Console\Commands;
use Illuminate\Console\Command;
use Symfony\Component\Process\Process;
/**
* Анализ уязвимостей в зависимостях (мера УКФ.4, ОЦЛ).
*
* Запускает `composer audit`. В CI/CD дополните Trivy/OWASP ZAP.
*/
class SecurityAuditDependenciesCommand extends Command
{
protected $signature = 'security:audit-deps';
protected $description = 'Проверить зависимости на известные уязвимости (composer audit)';
public function handle(): int
{
$process = new Process(['composer', 'audit', '--no-interaction'], base_path());
$process->setTimeout(300);
$process->run(fn ($type, $buffer) => $this->output->write($buffer));
if (! $process->isSuccessful()) {
$this->error('Обнаружены уязвимости в зависимостях. Требуется обновление.');
return self::FAILURE;
}
$this->info('Уязвимостей в зависимостях не обнаружено.');
return self::SUCCESS;
}
}