- This topic has 2 replies, 1 voice, and was last updated 1 month, 4 weeks ago by SaraMG.
- November 20, 2020 at 8:36 pm #2705lightswitch05Participant
These are all regularly scheduled security releases and all users are encouraged to upgrade:
If you are still here, I would like to share a little automation tool I created to notify of these updates in an automated pipeline environment: [PHP Version Audit](https://www.github.developerdan.com/php-version-audit/)
If you ran it today against 7.4.10, you would now see this output informing you about the new version and CVEs:
docker run –rm -t lightswitch05/php-version-audit:latest –version=7.4.10
The descriptions for the CVEs are null because the [National Vulnerability Database](https://nvd.nist.gov/vuln/search) does not have descriptions yet, but the information will be updated once it is available. The tool works by pulling down this JSON file that is automatically updated twice a day, which you are also welcome to use directly https://www.github.developerdan.com/php-version-audit/rules-v1.json
Feel free to checkout the code if you are interested: https://github.com/lightswitch05/php-version-auditNovember 20, 2020 at 8:36 pm #2706tehnologieGuest
>I would like to share a little automation tool I created to notify of these updates in an automated pipeline environment
Thank you Developer Dan.November 20, 2020 at 8:36 pm #2707SaraMGGuest
Looks like you’re parsing Changelog-#.php which is probably for the best so that you can pick up references to CVEs (directly or indirectly via bug numbers), but I just want to make sure you’re aware of these two APIs on [php.net](https://php.net):
- You must be logged in to reply to this topic.