Download the PHP package dgtlss/warden without Composer
On this page you can find all versions of the php package dgtlss/warden. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download dgtlss/warden
More information about dgtlss/warden
Files in dgtlss/warden
Package warden
Short Description A Laravel package that proactively monitors your dependencies for security vulnerabilities by running automated composer audits and sending notifications via webhooks and email
License MIT
Informations about the package warden
Warden
Warden is a comprehensive Laravel security audit package that proactively monitors your dependencies and application configuration for security vulnerabilities. Built for enterprise-grade security scanning, Warden provides powerful features for modern Laravel applications.
🚀 Key Features
✅ Core Security Audits
- 🔍 Dependency Scanning: Composer and NPM vulnerability detection
- ⚙️ Configuration Audits: Environment, storage permissions, and Laravel config
- 📝 Code Analysis: PHP syntax validation and security checks
- 🔧 Custom Audit Rules: Organization-specific security policies
✅ Performance & Scalability
- ⚡ Parallel Execution: Up to 5x faster audit performance
- 🗄️ Intelligent Caching: Prevents redundant scans with configurable TTL
- 🎯 Severity Filtering: Focus on critical issues only
✅ Integration & Automation
- 📊 Multiple Output Formats: JSON, GitHub Actions, GitLab CI, Jenkins
- 🔔 Rich Notifications: Slack, Discord, Email with formatted reports
- ⏰ Automated Scheduling: Laravel scheduler integration
- 🔄 CI/CD Ready: Native support for all major platforms
Perfect for continuous security monitoring and DevOps pipelines.
📋 Table of Contents
- Installation
- Quick Start
- Configuration
- Security Audits
- Usage Examples
- Notifications
- Custom Audits
- Scheduling
- CI/CD Integration
- Advanced Features
🚀 Installation
Install via Composer:
Publish configuration:
This creates config/warden.php
with all available options.
⚡ Quick Start
Basic Security Audit
With NPM Dependencies
JSON Output for CI/CD
Silent Mode (No Notifications)
⚙️ Configuration
Environment Variables
Add these to your .env
file:
🔔 Notifications
⚡ Performance
⏰ Scheduling
📊 Output & Filtering
🔍 Security Audits
Warden performs comprehensive security analysis across multiple areas:
1. Composer Dependencies
- Scans PHP dependencies for known vulnerabilities
- Uses official
composer audit
command - Identifies abandoned packages with replacement suggestions
2. NPM Dependencies
- Analyzes JavaScript dependencies (when
--npm
flag used) - Detects vulnerable packages in
package.json
- Validates
package-lock.json
integrity
3. Environment Configuration
- Verifies
.env
file presence and.gitignore
status - Checks for missing critical environment variables
- Validates sensitive key configuration
4. Storage & Permissions
- Audits Laravel storage directories (
storage/
,bootstrap/cache/
) - Ensures proper write permissions
- Identifies missing or misconfigured paths
5. Laravel Configuration
- Debug mode status verification
- Session security settings
- CSRF protection validation
- General security misconfigurations
6. PHP Syntax Analysis
- Code syntax validation across your application
- Configurable directory exclusions
- Integration with existing audit workflow
💡 Usage Examples
Basic Commands
Output Formats
Advanced Usage
🔔 Notifications
Warden supports multiple notification channels with rich formatting:
✅ Slack (Recommended)
- Color-coded severity levels
- Organized finding blocks
- Clickable CVE links
- Professional formatting
✅ Discord
- Rich embeds with color coding
- Grouped findings by source
- Custom branding
✅ Microsoft Teams
- Adaptive Cards with structured layouts
- Color-coded severity indicators
- Action buttons and rich formatting
- Professional HTML templates with modern styling
- Severity-based color coding and summary statistics
- Grouped findings by source with detailed information
- Separate templates for vulnerabilities and abandoned packages
Multiple Channels
Configure multiple channels simultaneously - Warden sends to all configured endpoints.
🔧 Custom Audits
Create organization-specific security rules:
1. Implement Custom Audit
2. Register Custom Audit
Add to config/warden.php
:
⏰ Scheduling
Enable Automated Audits
Configure Schedule
Laravel Cron Setup
Ensure Laravel's scheduler is running:
🔄 CI/CD Integration
GitHub Actions
GitLab CI
Jenkins
🎯 Advanced Features
Performance Optimization
- Parallel Execution: Enabled by default for 5x speed improvement
- Intelligent Caching: Configurable cache duration prevents redundant API calls
- Severity Filtering: Focus resources on critical issues
Audit Results
Exit Codes:
0
: No vulnerabilities found1
: Vulnerabilities detected2
: Audit process failures
Severity Levels:
critical
: Immediate attention requiredhigh
: Address as soon as possiblemedium
: Should be reviewed and fixedlow
: Minor security concerns
Configuration Examples
🆕 What's New in v1.3.0
- ✅ Parallel audit execution for 5x faster performance
- ✅ Complete notification suite (Slack, Discord, Teams, Enhanced Email)
- ✅ Professional email templates with severity colors and statistics
- ✅ Microsoft Teams integration with Adaptive Cards
- ✅ CI/CD output formats (GitHub Actions, GitLab CI, Jenkins)
- ✅ Automated scheduling via Laravel scheduler
- ✅ Custom audit rules for organization-specific policies
- ✅ Intelligent caching with force refresh capability
- ✅ Severity filtering to focus on critical issues
📈 Roadmap
Coming Soon
- 📊 Audit history tracking and trend analysis
- 🔍 Additional audit types (Docker, Git, API security)
- 📋 Web dashboard for audit management
- 🤖 AI-powered vulnerability analysis and recommendations
🛠️ Troubleshooting
Common Issues
Command not found:
Composer audit failures:
📄 License
This package is open source and released under the MIT License.
🤝 Contributing
We welcome contributions! Please see our CONTRIBUTING GUIDELINES for details on:
- 🐛 Bug reports
- ✨ Feature requests
- 🔧 Code contributions
- 📚 Documentation improvements
💬 Support
- 🐛 Issues: GitHub Issues
- 💬 Discussions: GitHub Discussions
- 📋 Releases: Version History & Changelogs
💝 Support Development
If you find Warden useful for your organization's security needs, please consider supporting its development.
All versions of warden with dependencies
illuminate/support Version ^7.0|^8.0|^9.0|^10.0|^11.0|^12.0
guzzlehttp/guzzle Version ^7.0
laravel/prompts Version ^0.3