tldr/pages/common/composer-audit.md

# composer audit

> Analyze a PHP project's dependencies to detect known security vulnerabilities and list affected packages.
> See also: `composer`.
> More information: <https://getcomposer.org/doc/03-cli.md#audit>.

- Check for security vulnerabilities in your current project:

`composer audit`

- Omit dev dependencies in the audit:

`composer audit --no-dev`

- Filter vulnerabilities by output format:

`composer audit --format {{table|plain|json|summary}}`

- Output audit results to a file in JSON format:

`composer audit --format json > audit_report.json`

- Verify whether a specific package in your project is affected by security issues:

`composer audit {{vendor}}/{{package}}`
composer-audit: add page (#15828) * vagrant-plugin: add page * Update pages/common/vagrant-plugin.md Co-authored-by: Lena <126529524+acuteenvy@users.noreply.github.com> * Update pages/common/vagrant-plugin.md Co-authored-by: Wiktor Perskawiec <git@spageektti.cc> * vagrant: add french translation. * vagrant-plugin: add french translation. * Update pages.fr/common/vagrant-plugin.md Co-authored-by: Alexandre ZANNI <16578570+noraj@users.noreply.github.com> * vagrant-plugin: update french translation. * vagrant: update french translation. * Update pages.fr/common/vagrant.md Co-authored-by: Alexandre ZANNI <16578570+noraj@users.noreply.github.com> * Update pages.fr/common/vagrant-plugin.md Co-authored-by: Alexandre ZANNI <16578570+noraj@users.noreply.github.com> * Update pages.fr/common/vagrant.md Co-authored-by: Alexandre ZANNI <16578570+noraj@users.noreply.github.com> * Update pages.fr/common/vagrant.md Co-authored-by: Alexandre ZANNI <16578570+noraj@users.noreply.github.com> * Update pages.fr/common/vagrant.md Co-authored-by: Alexandre ZANNI <16578570+noraj@users.noreply.github.com> * vagrant-plugin: fix quote style * vagrant-plugin: fix quote style * composer-audit: add page * Update pages/common/composer-audit.md Co-authored-by: Managor <42655600+Managor@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Managor <42655600+Managor@users.noreply.github.com> * Update pages/common/composer-audit.md Co-authored-by: Juri Dispan <juri.dispan@posteo.net> * Update pages/common/composer-audit.md Co-authored-by: Managor <42655600+Managor@users.noreply.github.com> --------- Co-authored-by: Lena <126529524+acuteenvy@users.noreply.github.com> Co-authored-by: Wiktor Perskawiec <git@spageektti.cc> Co-authored-by: Alexandre ZANNI <16578570+noraj@users.noreply.github.com> Co-authored-by: Managor <42655600+Managor@users.noreply.github.com> Co-authored-by: Juri Dispan <juri.dispan@posteo.net> 2025-03-03 17:15:34 +01:00			`# composer audit`

			`> Analyze a PHP project's dependencies to detect known security vulnerabilities and list affected packages.`
			> See also: `composer`.
			`> More information: <https://getcomposer.org/doc/03-cli.md#audit>.`

			`- Check for security vulnerabilities in your current project:`

			`composer audit`

			`- Omit dev dependencies in the audit:`

			`composer audit --no-dev`

			`- Filter vulnerabilities by output format:`

			`composer audit --format {{table\|plain\|json\|summary}}`

			`- Output audit results to a file in JSON format:`

			`composer audit --format json > audit_report.json`

			`- Verify whether a specific package in your project is affected by security issues:`

			`composer audit {{vendor}}/{{package}}`