This plugin connects to Sensiolab Security Advisories, to check if your composer.lock contains any reference to vulnerable components.
pipeline:
test-composer-deps:
image: phpdrone/composer-sa-checker
# lock_file: composer.lock
Security Report
===============
No known* vulnerabilities detected.
* Disclaimer: This checker can only detect vulnerabilities that are referenced
in the SensioLabs security advisories database.