From 18f7fe85f9071431c05cddb96960d67651ee494f Mon Sep 17 00:00:00 2001
From: Jonny Barnes <jonny@jonnybarnes.uk>
Date: Fri, 9 Sep 2016 12:00:11 +0100
Subject: [PATCH 1/5] =?UTF-8?q?Add=20sensiolab=E2=80=99s=20securty=20check?=
 =?UTF-8?q?er=20tool?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 composer.json |  3 ++-
 composer.lock | 48 ++++++++++++++++++++++++++++++++++++++++++++++--
 2 files changed, 48 insertions(+), 3 deletions(-)

diff --git a/composer.json b/composer.json
index f4656161..dd483484 100644
--- a/composer.json
+++ b/composer.json
@@ -21,7 +21,8 @@
         "spatie/laravel-medialibrary": "^4.0",
         "league/flysystem-aws-s3-v3": "^1.0",
         "phaza/laravel-postgis": "~3.1",
-        "lcobucci/jwt": "^3.1"
+        "lcobucci/jwt": "^3.1",
+        "sensiolabs/security-checker": "^3.0"
     },
     "require-dev": {
         "fzaninotto/faker": "~1.4",
diff --git a/composer.lock b/composer.lock
index 54a9227d..262b7a9a 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,8 +4,8 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
         "This file is @generated automatically"
     ],
-    "hash": "7a7231eebef62c0fb518cf030d531d95",
-    "content-hash": "3815acce9215a64c27a68ada0123dc48",
+    "hash": "37eb5ade7abcb0c16b9c6af08db1b116",
+    "content-hash": "a87758569765f8b751e2c0cf72e3a1f0",
     "packages": [
         {
             "name": "anahkiasen/underscore-php",
@@ -2793,6 +2793,50 @@
             ],
             "time": "2016-08-02 18:39:32"
         },
+        {
+            "name": "sensiolabs/security-checker",
+            "version": "v3.0.2",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/sensiolabs/security-checker.git",
+                "reference": "21696b0daa731064c23cfb694c60a2584a7b6e93"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/sensiolabs/security-checker/zipball/21696b0daa731064c23cfb694c60a2584a7b6e93",
+                "reference": "21696b0daa731064c23cfb694c60a2584a7b6e93",
+                "shasum": ""
+            },
+            "require": {
+                "symfony/console": "~2.0|~3.0"
+            },
+            "bin": [
+                "security-checker"
+            ],
+            "type": "library",
+            "extra": {
+                "branch-alias": {
+                    "dev-master": "3.0-dev"
+                }
+            },
+            "autoload": {
+                "psr-0": {
+                    "SensioLabs\\Security": ""
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Fabien Potencier",
+                    "email": "fabien.potencier@gmail.com"
+                }
+            ],
+            "description": "A security checker for your composer.lock",
+            "time": "2015-11-07 08:07:40"
+        },
         {
             "name": "spatie/laravel-glide",
             "version": "3.0.1",

From c2a8d22d91e232386f0d9583a43262eb65fe14ea Mon Sep 17 00:00:00 2001
From: Jonny Barnes <jonny@jonnybarnes.uk>
Date: Fri, 9 Sep 2016 12:12:35 +0100
Subject: [PATCH 2/5] Add the artisan command to check for security vulns

---
 app/Console/Commands/SecurityCheck.php | 53 ++++++++++++++++++++++++++
 1 file changed, 53 insertions(+)
 create mode 100644 app/Console/Commands/SecurityCheck.php

diff --git a/app/Console/Commands/SecurityCheck.php b/app/Console/Commands/SecurityCheck.php
new file mode 100644
index 00000000..a1260e75
--- /dev/null
+++ b/app/Console/Commands/SecurityCheck.php
@@ -0,0 +1,53 @@
+<?php
+
+namespace App\Console\Commands;
+
+use Illuminate\Console\Command;
+use SensioLabs\Security\SecurityChecker;
+
+class SecurityCheck extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'security:check';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Run the SensioLab’s Security Check tool';
+
+    /**
+     * The Security Checker intergation service.
+     *
+     * @var SecurityChecker
+     */
+    protected $securityChecker;
+
+    /**
+     * Create a new command instance.
+     *
+     * @param  SecurityChecker $SecurityChecker
+     * @return void
+     */
+    public function __construct(SecurityChecker $securityChecker)
+    {
+        parent::__construct();
+
+        $this->securityChecker = $securityChecker;
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+        return $this->securityChecker->check(base_path() . '/composer.lock');
+    }
+}

From 4060e449a1128d18f2ef89f57c20e318f9cf9694 Mon Sep 17 00:00:00 2001
From: Jonny Barnes <jonny@jonnybarnes.uk>
Date: Fri, 9 Sep 2016 12:14:00 +0100
Subject: [PATCH 3/5] Register the artisan command

---
 app/Console/Kernel.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/Console/Kernel.php b/app/Console/Kernel.php
index 622e774b..ad10b8f8 100644
--- a/app/Console/Kernel.php
+++ b/app/Console/Kernel.php
@@ -13,7 +13,7 @@ class Kernel extends ConsoleKernel
      * @var array
      */
     protected $commands = [
-        //
+        Commands\SecurityCheck::class,
     ];
 
     /**

From 929b36be52e9d633f3d9025dd22e0e96959982c2 Mon Sep 17 00:00:00 2001
From: Jonny Barnes <jonny@jonnybarnes.uk>
Date: Fri, 9 Sep 2016 12:21:22 +0100
Subject: [PATCH 4/5] Improve command output from nothing

---
 app/Console/Commands/SecurityCheck.php | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/app/Console/Commands/SecurityCheck.php b/app/Console/Commands/SecurityCheck.php
index a1260e75..c2888b0f 100644
--- a/app/Console/Commands/SecurityCheck.php
+++ b/app/Console/Commands/SecurityCheck.php
@@ -48,6 +48,14 @@ class SecurityCheck extends Command
      */
     public function handle()
     {
-        return $this->securityChecker->check(base_path() . '/composer.lock');
+        $alerts = $this->securityChecker->check(base_path() . '/composer.lock');
+        if (count($alerts) === 0) {
+            $this->info('No security vulnerabilities found.');
+
+            return 0;
+        }
+        $this->error('vulnerabilities found');
+
+        return 1;
     }
 }

From 6892402352ba8f374a3048ef74f190186f210163 Mon Sep 17 00:00:00 2001
From: Jonny Barnes <jonny@jonnybarnes.uk>
Date: Fri, 9 Sep 2016 12:29:52 +0100
Subject: [PATCH 5/5] Add the security check to travis

---
 .travis.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.travis.yml b/.travis.yml
index cd687b56..9d921301 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -40,3 +40,4 @@ before_script:
 
 script:
   - phpdbg -qrr vendor/bin/phpunit --coverage-text
+  - php artisan security:check