Tools - replace abandoned Sensiolabs security checker

README.md

@@ -49,7 +49,7 @@ you want to use them.
 
 Tool | PHP | Supported since | Description |
 ---- | --- | --------------- | ----------- |
-[security-checker](https://github.com/sensiolabs/security-checker) | `>= 5.3` | `1.16` | Check composer.lock for known security issues |
+[security-checker](https://github.com/enlightn/security-checker) | `>= 7.2.5` | `1.2` | Check composer.lock for known security issues |
 [php-cs-fixer](http://cs.sensiolabs.org/) | [`>= 5.3`](https://github.com/EdgedesignCZ/phpqa/pull/66#discussion_r115206573) | `1.12` | Automatically detect and fix PHP coding standards issues |
 [phpunit](https://github.com/phpunit/phpunit) | `>= 5.3` | `1.13` | The PHP Unit Testing framework |
 [phpstan](https://github.com/phpstan/phpstan) | `>= 7.0` | `1.9` | Discover bugs in your code without running it |

bin/suggested-tools.sh

@@ -13,12 +13,12 @@ then
     echo "Installing suggested tools"
     if [ ! -z "$requireMode" ]; then
         # docker build OR travis + php 7.0 OR symfony2 (default composer.lock)
-        composer require symfony/filesystem:~2 symfony/process:~2 symfony/finder:~2 php-parallel-lint/php-parallel-lint php-parallel-lint/php-console-highlighter phpstan/phpstan nette/neon friendsofphp/php-cs-fixer:~2.2 vimeo/psalm:~2 sensiolabs/security-checker $requireMode 
+        composer require symfony/filesystem:~2 symfony/process:~2 symfony/finder:~2 php-parallel-lint/php-parallel-lint php-parallel-lint/php-console-highlighter phpstan/phpstan nette/neon friendsofphp/php-cs-fixer:~2.2 vimeo/psalm:~2 enlightn/security-checker $requireMode 
     else
         # symfony 3
-        composer require php-parallel-lint/php-parallel-lint php-parallel-lint/php-console-highlighter phpstan/phpstan nette/neon friendsofphp/php-cs-fixer vimeo/psalm sensiolabs/security-checker
+        composer require php-parallel-lint/php-parallel-lint php-parallel-lint/php-console-highlighter phpstan/phpstan nette/neon friendsofphp/php-cs-fixer vimeo/psalm enlightn/security-checker
     fi
 else
     echo "Removing suggested tools"
-    composer remove php-parallel-lint/php-parallel-lint php-parallel-lint/php-console-highlighter phpstan/phpstan friendsofphp/php-cs-fixer vimeo/psalm sensiolabs/security-checker
+    composer remove php-parallel-lint/php-parallel-lint php-parallel-lint/php-console-highlighter phpstan/phpstan friendsofphp/php-cs-fixer vimeo/psalm enlightn/security-checker
 fi

composer.json

@@ -34,7 +34,7 @@
         "phpmetrics/phpmetrics": "*"
     },
     "suggest": {
-        "sensiolabs/security-checker": "Check composer.lock for known security issues",
+        "enlightn/security-checker": "Check composer.lock for known security issues",
         "friendsofphp/php-cs-fixer": "A tool to automatically fix PHP coding standards issues",
         "phpunit/phpunit": "The PHP Unit Testing framework",
         "phpstan/phpstan": "PHP Static Analysis Tool - discover bugs in your code without running it!",

src/Tools/Analyzer/SecurityChecker.php

@@ -8,9 +8,9 @@ class SecurityChecker extends \Edge\QA\Tools\Tool
 {
     public static $SETTINGS = array(
         'optionSeparator' => '=',
-        'internalClass' => 'SensioLabs\Security\SecurityChecker',
+        'internalClass' => 'Enlightn\SecurityChecker\AdvisoryAnalyzer',
         'outputMode' => OutputMode::RAW_CONSOLE_OUTPUT,
-        'composer' => 'sensiolabs/security-checker',
+        'composer' => 'enlightn/security-checker',
     );
 
     public function __invoke()