# PHP - Composer
The support for this language is currently in beta. Vulnerability results may be less accurate than normal.
We support tracking PHP dependencies by using Composer's (opens new window) lock file
composer.lock. This file is generated whenever one of the following is run.
By keeping this file committed to your repository, we will automatically scan it for dependencies when you have done any of our integrations to your CI/CD pipeline.