Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ Run these commands to see some sample behavior:
composer audit
composer audit --format=simple
composer audit --format=json
composer audit --format=json --output-file=report.json
composer validate
composer require symfony/symfony --update-with-all-dependencies
composer audit
Expand Down
14 changes: 13 additions & 1 deletion src/Command/AuditCommand.php
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
use FancyGuy\Composer\SecurityCheck\Formatter\JsonFormatter;
use FancyGuy\Composer\SecurityCheck\Formatter\SimpleFormatter;
use FancyGuy\Composer\SecurityCheck\Formatter\TextFormatter;
use FancyGuy\Composer\SecurityCheck\Output\FileOutput;
use Symfony\Component\Console\Input\InputOption;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;
Expand All @@ -26,6 +27,7 @@ protected function configure()
->setDefinition(array(
new InputOption('audit-db', '', InputOption::VALUE_REQUIRED, 'Path to the advisory database'),
new InputOption('format', '', InputOption::VALUE_REQUIRED, 'Output format', 'text'),
new InputOption('output-file', '', InputOption::VALUE_REQUIRED, 'File to append the report output to'),
new InputOption('endpoint', '', InputOption::VALUE_REQUIRED, 'Security checker server URL', HttpCheckerInterface::DEFAULT_ENDPOINT),
new InputOption('timeout', '', InputOption::VALUE_REQUIRED, 'HTTP timeout in seconds', HttpCheckerInterface::DEFAULT_TIMEOUT),
new InputOption('file', '', InputOption::VALUE_REQUIRED, 'Path to composer.lock file', './composer.lock'),
Expand Down Expand Up @@ -87,7 +89,17 @@ protected function execute(InputInterface $input, OutputInterface $output)
return 127;
}

$formatter->displayResults($output, $composerFile, $vulnerabilities);
if ($outputFile = $input->getOption('output-file')) {
$formatter->displayResults(
new FileOutput($outputFile, $output->getVerbosity(), $output->isDecorated(), $output->getFormatter()),
$composerFile,
$vulnerabilities
);
$output->writeln(sprintf('Report written to: %s', $outputFile));
} else {
$formatter->displayResults($output, $composerFile, $vulnerabilities);
}


if ($checker->getLastVulnerabilityCount() > 0) {
return 1;
Expand Down
36 changes: 36 additions & 0 deletions src/Output/FileOutput.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
<?php

namespace FancyGuy\Composer\SecurityCheck\Output;

use FancyGuy\Composer\SecurityCheck\Exception\RuntimeException;
use Symfony\Component\Console\Formatter\OutputFormatterInterface;
use Symfony\Component\Console\Output\StreamOutput;

class FileOutput extends StreamOutput
{
/**
* @param string $filePath Full path to the file to append to
* @param int $verbosity The verbosity level (one of the VERBOSITY constants in OutputInterface)
* @param bool|null $decorated Whether to decorate messages (null for auto-guessing)
* @param OutputFormatterInterface|null $formatter Output formatter instance (null to use default OutputFormatter)
*
* @see Symfony\Component\Console\Output\StreamOutput::__construct
*/
public function __construct(string $filePath, int $verbosity = self::VERBOSITY_NORMAL, bool $decorated = null, OutputFormatterInterface $formatter = null)
{
if (false === ($writeStream = fopen($filePath, 'a', false))) {
throw new RuntimeException(sprintf('Could not open write stream to: %s', $filePath));
}
parent::__construct($writeStream, $verbosity, $decorated, $formatter);
}

/**
* @throws RuntimeException Unable to close output file stream handle
*/
public function __destruct()
{
if (!fclose($this->getStream())) {
throw new RuntimeException('Unable to close write stream handle');
}
}
}