laraSec is a Laravel package that will scan your composer dependencies and alerts you about potention security vulnerabilities. laraSec uses PHP Security Advisories Database as a source of known vulnerabilities, and Packagist to check for updates.
composer require xqus/larasec
If you want to set up e-mail notifications first publish the configuration-file to your config directory.
php artisan vendor:publish --provider="xqus\laraSec\laraSecServiceProvider" --tag="config"
Then edit the e-mail address in config\larasec.php.
// Scan for vulnerable packages
php artisan larasec:scan
// Scan but don't update the database first
php artisan larasec:scan --update no
// Scan, and update the database without asking first
php artisan larasec:scan --update yes
// Update the database
php artisan larasec:update