How it works?

  1. Once a composer.lock is uploaded, it is scanned and all registered package details are extracted;
  2. For each package, a deep source inspection is executed in its source code;
  3. Once the analysis is complete, a report is generated and the uploaded composer.lock is removed;
  4. The analysis report is then available for the next 24 hours through its unique link.

Go back