Docker image that check your PHP dependencies managed by composer for known vulnerabilities using security.sensiolabs.org or versioneye.com.
docker run -v $(pwd)/composer.lock:/scripts/composer.lock:ro texthtml/composer-cve-check
You can set env var to customize composer-cve-check behavior
SENSIOLABS=false: disable check on sensiolabs.orgVERSIONEYE_PROJECT_ID=.......: versioneye project id to activate check on versioneyeVERSIONEYE_API_KEY=.......: your versioneye API key