Drupal is a registered trademark of Dries Buytaert
drupal 11.3.7 Update released for Drupal core (11.3.7)! drupal 11.2.11 Update released for Drupal core (11.2.11)! drupal 10.6.7 Update released for Drupal core (10.6.7)! drupal 10.5.9 Update released for Drupal core (10.5.9)! cms 2.1.1 Update released for Drupal core (2.1.1)! drupal 11.3.6 Update released for Drupal core (11.3.6)! drupal 10.6.6 Update released for Drupal core (10.6.6)! cms 2.1.0 Update released for Drupal core (2.1.0)! bootstrap 8.x-3.40 Minor update available for theme bootstrap (8.x-3.40). menu_link_attributes 8.x-1.7 Minor update available for module menu_link_attributes (8.x-1.7). eca 3.1.1 Minor update available for module eca (3.1.1). layout_paragraphs 2.1.3 Minor update available for module layout_paragraphs (2.1.3). ai 1.3.3 Minor update available for module ai (1.3.3). ai 1.2.14 Minor update available for module ai (1.2.14). node_revision_delete 2.0.3 Minor update available for module node_revision_delete (2.0.3). moderated_content_bulk_publish 2.0.52 Minor update available for module moderated_content_bulk_publish (2.0.52). klaro 3.0.10 Minor update available for module klaro (3.0.10). klaro 3.0.9 Minor update available for module klaro (3.0.9). layout_paragraphs 2.1.2 Minor update available for module layout_paragraphs (2.1.2). geofield_map 11.1.8 Minor update available for module geofield_map (11.1.8).
← All modules

drupitor_client

5 sites No security coverage
View on drupal.org

The Drupitor Client module provides a secure API endpoint to check for available Composer package updates in your Drupal installation. This module is designed for integration with external monitoring services while maintaining strict security controls.

Requirements

  • Drupal 10+
  • Composer-based Drupal installation
  • PHP proc_open() function available
  • Composer executable accessible on the system

Installation

  1. Install the module via Composer or manually:
    • Via Composer: composer require drupal/drupitor_client
    • Manually: Download from the project page and place in your sites modules directory.
  2. Enable the module using Drush or via the UI:
    • Via Drush: drush en drupitor_client
    • Via UI: Navigate to Administration > Extend and enable "Drupitor Client"
  3. Configure the module at Administration > Configuration > Development > Drupitor Client

Configuration

Configure via UI
After installation, navigate to Administration > Configuration > Development > Drupitor Client to configure:

  • Enable/Disable: Control whether the API endpoint is accessible
  • Composer Path: Specify the absolute path to your Composer executable
  • Command Timeout: Set timeout for Composer commands (10-300 seconds)

The module starts in a disabled state for security and must be explicitly enabled.

Configure via settings.php
You can also manage the configuration via settings.php:

$config['drupitor_client.settings']['enabled'] = TRUE;
$config['drupitor_client.settings']['api_token'] = '[YOUR_API_TOKEN]';
$config['drupitor_client.settings']['encryption_key'] = '[YOUR_ENCRYPT_KEY]';
$config['drupitor_client.settings']['encryption_method'] = 'AES-256-GCM';
$config['drupitor_client.settings']['composer_path'] = 'composer';
$config['drupitor_client.settings']['command_timeout'] = '60';

API usage

When enabled, the module provides a JSON endpoint at: /drupitor/api/v1/updates

The endpoint is only accessible when:

  • The module itself is enabled, and it's functionality is enabled on the configuration page
  • The correct API token (configured on the configuration page) is provided in the request header (recommended) or as a query parameter (not recommended for security reasons)

Logging

All operations are logged to the 'drupitor_client' channel for security auditing and troubleshooting.

Activity

Total releases
2
First release
Aug 2025
Latest release
2 months ago
Release cadence
164 days
Stability
50% stable

Releases

Version Type Release date
1.0.0 Stable Feb 3, 2026
1.0.x-dev Dev Aug 23, 2025