Ensemble provides detailed, automated, real-time alerting about the Composer dependencies of all of your apps.
Free while in beta.Sign up
The last thing you need is to find out too late that one of your dependencies has a vulnerability that has been compromised. Ensemble alert you as soon as a vulnerability is found with any of the packages your project requires.
There are plenty of OS licenses out there. Occasionally dependencies change license. Knowing what your dependencies licenses are at a moments notice helps with compliance.
Even without vulnerabilities and license changes, just having an insight into outdated dependencies can remind you to check in on that project that's been deployed and untouched for a while.
Setting up Ensemble couldn't be simpler. Just follow a few easy steps to get the protection your apps deserve.
It only takes a moment! And you only need to do this once - unless you really enjoyed it, then who am I to stop you?
Get an App Key by adding your app to Ensemble. All Ensemble needs to know is a name and a URL.
The plugin is a Composer package that adds a single endpoint to your app.
Add your App Key in config or env.
Deploy your app to production where it's publicly accessible.
If everything is configured and your app is available publicly, within a few minutes you'll see your Composer dependencies loaded into Ensemble. Tomorrow you'll get an email telling you which of your apps have outdated dependencies.
When Ensemble's out of beta, all I ask is that you support my efforts by paying a modest subscription fee to help cover costs, if you still find the service useful and the price reasonable.
Hopefully this will allow me to continue development of Ensemble and also give something back to the huge community that has made Ensemble's existence possible.