# PHP - Composer


The support for this language is currently in beta. Vulnerability results may be less accurate than normal.

We support tracking PHP dependencies by using Composer's (opens new window) lock file composer.lock. This file is generated whenever one of the following is run.

composer install
composer required
composer update

By keeping this file committed to your repository, we will automatically scan it for dependencies when you have done any of our integrations to your CI/CD pipeline.