pm:security-php¶
Check non-Drupal PHP packages for pending security updates.
Packages are discovered via composer.lock file. An exit code of 3 indicates that the check completed, and insecure packages were found.
Examples¶
drush pm:security-php --format=json
. Get security data in JSON format.HTTP_PROXY=tcp://localhost:8125 pm:security
. Proxy Guzzle requests through an http proxy.
Options¶
- --format[=FORMAT]. Format the result data. Available formats: csv,json,list,null,php,print-r,tsv,var_dump,var_export,xml,yaml [default: yaml]
- --no-dev. Only check production dependencies.
- --fields=FIELDS. Limit output to only the listed elements. Name top-level elements by key, e.g. "--fields=name,date", or use dot notation to select a nested element, e.g. "--fields=a.b.c as example".
- --field=FIELD. Select just one field, and force format to string.
Global Options¶
- -v|vv|vvv, --verbose. Increase the verbosity of messages: 1 for normal output, 2 for more verbose output and 3 for debug
- -y, --yes. Auto-accept the default for all user prompts. Equivalent to --no-interaction.
- -l, --uri=URI. A base URL for building links and selecting a multi-site. Defaults to https://default.
- To see all global options, run
drush topic
and pick the first choice.
Aliases¶
- sec-php
- pm-security-php
Legend
- An argument or option with square brackets is optional.
- Any default value is listed at end of arg/option description.
- An ellipsis indicates that an argument accepts multiple values separated by a space.