roave/security-advisories is a PHP library that prevents installation of Composer packages with known security vulnerabilities: no API, simply require it. This means that roave/security-advisories keeps known security vulnerabilities out of your project.
roave/security-advisories means you don't have to install and run an additional CLI tool for something that Composer can provide directly.
What does that mean?
roave/security-advisories compiles a list of conflict versions from into a composer metapackage, which has tons of advantages, like:
roave/security-advisories has been downloaded more than 9 million times.
You can learn more about roave/security-advisories in this blog post written by the creator.
roave/security-advisories is available via the Packagist package manager.
Start building a paved path for your organization with our catalogs of known-good, proactively maintained components, like security-advisories.
Java users get SPDX-formatted licenses for 55,933 package releases
Python users get SPDX-formatted licenses for 11,191 package releases
Conda users get SPDX-formatted licenses for 201 package releases
Python users get vulnerability remediation advice for 10,840 package releases