Checks security issues in your project dependencies. It wraps FriendsOfPHP/security-advisories and warns about any found issues.
composer require --dev spryker-sdk/security-checker
After the installation you will need to enable it in your ConsoleDependencyProvider:
use SecurityChecker\Command\SecurityCheckerCommand;
protected function getConsoleCommands(Container $container): array
{
...
$commands[] = new SecurityCheckerCommand();Security checker provides the following command:
console security:check- check for security issues in composer.lock file.