Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Security Advisories Checker on Travis/Circle CI
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
Ryo Shibayama
January 13, 2016
Technology
0
34
Security Advisories Checker on Travis/Circle CI
Ryo Shibayama
January 13, 2016
Tweet
Share
More Decks by Ryo Shibayama
See All by Ryo Shibayama
技術広報の集い #3 Lightning Talk - LayerX
serima
0
420
採用は全員で | Chuo TECH #1
serima
4
1.5k
高専 5 年時に 7 泊 8 日の合宿型ビジコンに参加したら人生が変わった
serima
0
430
カジュアル面談を通して “自社”のことを知る
serima
0
270
倒れても進捗 / Progress even if I fall
serima
1
850
CircleCI 導入への入門 / Introduction to CircleCI
serima
0
130
GameWithを支えるインフラ基盤 - スケールイン・アウト戦略編 / GameWith infrastructure - Scale in and out strategy
serima
0
91
エンジニア採用と PHP / Engineer Recruitment and PHP
serima
0
110
できることから始める OSS Contribution / Start OSS Contribution With What You Know
serima
1
260
Other Decks in Technology
See All in Technology
AI時代のオンプレ-クラウドキャリアチェンジ考
yuu0w0yuu
0
630
Oracle Cloud Infrastructure:2026年3月度サービス・アップデート
oracle4engineer
PRO
0
200
Zephyr(RTOS)でOpenPLCを実装してみた
iotengineer22
0
160
タスク管理も1on1も、もう「管理」じゃない - KiroとBedrock AgentCoreで変わった“判断の仕事”
yusukeshimizu
0
140
Bref でサービスを運用している話
sgash708
0
210
SaaSに宿る21g
kanyamaguc
2
180
AI時代のシステム開発者の仕事_20260328
sengtor
0
310
20260323_データ分析基盤でGeminiを使う話
1210yuichi0
0
200
Cursor Subagentsはいいぞ
yug1224
2
120
TUNA Camp 2026 京都Stage ヒューリスティックアルゴリズム入門
terryu16
0
630
パワポ作るマンをMCP Apps化してみた
iwamot
PRO
0
240
MIX AUDIO EN BROADCAST
ralpherick
0
130
Featured
See All Featured
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
32
2.6k
Building Better People: How to give real-time feedback that sticks.
wjessup
370
20k
How to Talk to Developers About Accessibility
jct
2
160
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
333
22k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
21
1.4k
Rails Girls Zürich Keynote
gr2m
96
14k
Marketing Yourself as an Engineer | Alaka | Gurzu
gurzu
0
170
How to train your dragon (web standard)
notwaldorf
97
6.6k
Scaling GitHub
holman
464
140k
Music & Morning Musume
bryan
47
7.1k
Pawsitive SEO: Lessons from My Dog (and Many Mistakes) on Thriving as a Consultant in the Age of AI
davidcarrasco
0
94
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
27k
Transcript
Security Advisories Checker on (Travis|Circle) CI PHP BLT#2 @serima
@serima • PHP Developer @ Zappallas • mag2 -> GREE
-> Zappallas • http://serima.co/blog • Recent topics • WordPress on PHP 7, HTTP/2 • Setup Sakura-VPS with Ansible • ࠷ۙͷڵຯ • ೋࢎԽૉೱͷܭଌʢ·ͩͬͯͳ͍ʂʣ
SensioLabs Security Advisories Checker • SensioLabs ࣾͷϥΠϒϥϦ੬ऑੑνΣοΧʔ
SensioLabs • Symfony / Twig / Silex ͳͲΛ։ൃ͍ͯ͠Δϑϥϯεͷ ձࣾ •
࠷ۙͩͱɺϓϩϑΝΠϥπʔϧ blackfire.io ΛϦϦʔε ͨ͠
composer.lock Ͱఆ • Online Checker • Σϒ্Ͱ composer.lock ΛΞοϓϩʔυ •
CLI Checker • CLI Tool Λμϯϩʔυͯ͠ίϚϯυϥΠϯ࣮ߦ • Web API • SensioLabs ্ʹΤϯυϙΠϯτ͕༻ҙ͞Ε͍ͯΔ
ܧଓత੬ऑੑνΣοΫ • ֤छΠϯλϑΣʔε͕ఏڙ͞Ε͍ͯΔͷͰɺCI ʹΈ ࠐΈɺܧଓత੬ऑੑνΣοΫ͕؆୯ʹՄೳ
How to integrate • composer require sensiolabs/security-checker • composer update
• git add composer.json composer.lock • git commit -m ‘Integrate security-checker’
TravisCI - .travis.yml language: php php: - 5.6 before_script: -
composer self-update - composer install - chmod -R 777 storage script: - vendor/bin/security-checker security:check - phpunit
CircleCI - circle.yml machine: timezone: Asia/Tokyo php: version: 5.6.14 test:
override: - vendor/bin/security-checker security:check - vendor/bin/phpunit
Test • swiftmailer/swiftmailer 5.2.1 ະຬͷόʔδϣϯʹ੬ ऑੑ͕͋Δ • ͨΊ͠ʹ 5.0.0
Λ Πϯετʔϧ͢ΔΑ͏ ࢦఆͯ͠ΈΔ
Test • ͪΌΜͱ fail ͠·ͨ͠ • ੬ऑੑͷ༰දࣔ͞Ε͍ͯ·͢
Test • ࠷৽൛ΛೖΕΔΑ͏ʹઃఆͯ͠࠶νϟϨϯδ • ͪΌΜͱ green ʹͳΓ·ͨ͠
੬ऑੑσʔλϕʔε • ͜ͷϦϙδτϦʹొ͞Ε͍ͯΔͷ͕੬ऑੑσʔλϕʔ εͱͯ͠ΘΕ͍ͯΔ • https://github.com/FriendsOfPHP/security- advisories • This database
must not serve as the primary source of information for security issues, it is not authoritative for any referenced software, but it allows to centralize information for convenience and easy consumption.
·ͱΊ • ΄΅ίετθϩͰϥΠϒϥϦͷ੬ऑੑνΣοΫ͕Մೳ ʹͳΔͷͰɺೖΕ͓͍ͯͯଛͳ͍Ͱ͢ • ͕ɺઌఔݴͬͨͱ͓Γશʹ৴པͯ͠͠·Θͳ͍Α ͏ʹҙ • JVN ͳͲଞͷσʔλϕʔεผ్νΣοΫ͠·͠ΐ͏
• https://github.com/serima/security-checker-on-lumen • αϯϓϧΛஔ͍͓͖ͯ·ͨ͠
͓ΘΓ
SiteGround - Reliable hosting with speed, security, and support you can count on.
serima
yuu0w0yuu
oracle4engineer
iotengineer22
yusukeshimizu
sgash708
kanyamaguc
sengtor
1210yuichi0
yug1224
terryu16
iwamot
ralpherick
garrettdimon
wjessup
jct
caitiem20
sergeychernyshev
gr2m
gurzu
notwaldorf
holman
bryan
davidcarrasco
cassininazir
