PHP download

Download the PHP package xchimx/laravel-security without Composer

On this page you can find all versions of the php package xchimx/laravel-security. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

Table of contents
Download xchimx/laravel-security
More information about xchimx/laravel-security
Files in xchimx/laravel-security

Vendor xchimx
Package laravel-security
Short Description A Laravel package for automated monitoring of security vulnerabilities and outdated packages in Composer and NPM dependencies.
License MIT
Homepage https://github.com/xchimx/laravel-security

Keywords security composer Audit laravel npm Laravel-Security vulnerability xchimx

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:

If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.

Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
To use Composer is sometimes complicated. Especially for beginners.
Composer needs much resources. Sometimes they are not available on a simple webspace.
If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.

Please rate this library. Is it a good library?

Example code of xchimx/laravel-security

Informations about the package laravel-security

Laravel Security Package

A Laravel package for automated monitoring of security vulnerabilities and outdated packages in Composer and NPM dependencies.

Installation

You can install the package via composer:

You can publish and run the migrations with:

You can publish the config file with:

You can publish the views, or you add this line to your app.css:

Customize the config/security.php file according to your requirements or set the corresponding ENV variables:

Optionally, you can publish the views using

Usage

The package automatically registers the following tasks in the Laravel Scheduler:

Security Audit: Daily at 02:00 (configurable)
Outdated Check: Weekly on Mondays at 3:00 a.m. (configurable)

Ensure that the Laravel Scheduler is running:

Manual Usage

Dashboard Component

Integrate the Security Dashboard Component into your Blade views:

Programmatic Access

Notifications

Database notifications

Database notifications are sent to the user ID configured in SECURITY_NOTIFY_USER_ID. If the user has an email address and SECURITY_NOTIFY_DATABASE_MAIL is set to true, the notification is also sent to that address

When database notifications are enabled, notifications are stored in the notifications table. This requires the standard Laravel notifications migration:

Email notifications

Emails are sent to the address configured in SECURITY_MAIL_TO. You can separate multiple addresses with commas:

Slack notifications

Configure your Slack token:

Data model

The security_audits table stores:

type: 'audit' or 'outdated'
source: 'composer' or 'npm'
results: JSON with details about the issues found
vulnerabilities_count: Number of security vulnerabilities
outdated_count: Number of outdated packages
has_issues: Boolean flag
raw_output: Raw output of the command
executed_at: Time of execution

Requirements

PHP ^8.3
Laravel ^13.0
Composer (installed on the server)
NPM (Optional if NPM packages are to be checked)

Testing

Changelog

Please see CHANGELOG for more information on what has changed recently.

Credits

Tobias Schottstädt

License

The MIT License (MIT). Please see License File for more information.

Views

Dashboard

Mail Notification

Slack Notification Audit

Slack Notification Outdated

All versions of laravel-security with dependencies

PHP Build Version

Package Version

Version v1.3 Release 18. Mar 2026
create-project require 0 people chose require and
0 people chose create-project.

Download

Download latest version of laravel-security from vendor xchimx

Requires php Version ^8.3
illuminate/contracts Version ^13.0
illuminate/support Version ^13.0
laravel/slack-notification-channel Version ^3.0
spatie/laravel-package-tools Version ^1.16

Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package xchimx/laravel-security contains the following files

Loading the files please wait ...