PHP
Applicability
Snyk supports PHP for code analysis and PHP for open source.
Check the language availability to be imported as an application, tested, or monitored using the Snyk products.
Supported PHP versions
You can use PHP versions 5.2 up to 8.0.
Available functions:
SCM import, available for Snyk Open Source and Snyk Code.
Test or monitor your app through CLI and IDE, available for Snyk Open Source and Snyk Code.
Test your app's SBOM using
pkg:composer
Test your app's packages using
pkg:composer
Package managers and supported file extensions
Snyk for PHP supports Composer as a package manager and packagist.org as a package registry and supports the following file formats:
Snyk Open Source:
composer.json
,composer.lock
Snyk Code:
.php
,.phtml
,.module
,.inc
,.install
,
Frameworks and libraries
The following frameworks and libraries are supported in Snyk for PHP:
Laravel - Partial
llphant - Comprehensive
openai-php/client - Comprehensive
orhanerday/open-ai - Comprehensive
Pclzip - Comprehensive
Symfony - Partial
theodo-group/llphant - Comprehensive
Features
The following features are supported in Snyk for PHP:
License scanning
Reports
Reports
Custom rules
Interfile analysis
Snyk CLI for PHP
There are no unique options for use when running Snyk for PHP.
SCM integrations and PHP
PHP Projects can be imported from any of the available Snyk SCM integrations. After Projects have been imported, Snyk analyzes your Projects based on their supported manifest files.
After you select a Project for import, Snyk builds the dependency tree based on these manifest files. Both of the following files are required:
composer.json
composer.lock
If the composer.lock
file is not present in the repository, the import will not process the composer.json manifest.
By default, Snyk scans your production dependencies. Using the Snyk Web UI, you can configure whether or not to include your development dependencies (require_dev
) in the scan for vulnerabilities.
To update language preferences:
Log in to your account and navigate to the relevant Group and Organization that you want to manage.
Select Settings, then Languages.
Select Edit settings for PHP and select Scan dev dependencies to set your PHP projects in the specific Organization to include both development and production dependencies.
Select Update settings.
These settings are applied to all newly imported Projects and to all existing Projects when they are re-tested.
Troubleshooting Snyk for PHP
If you need help, contact Snyk Support.
Last updated