Drupal is a registered trademark of Dries Buytaert
Protected Pages 3.0.0 Major update available for module protected_pages (3.0.0). Commerce Core 3.3.8 Minor update available for module commerce (3.3.8). Search API HTML Element Filter 1.0.7 Minor update available for module search_api_html_element_filter (1.0.7). Layout Builder Reorder 2.0.1 Minor update available for module layout_builder_reorder (2.0.1). Ban 1.1.0 Minor update available for module ban (1.1.0). Field Formatter Range 2.0.0 Major update available for module field_formatter_range (2.0.0). Field Formatter Range 8.x-1.8 Minor update available for module field_formatter_range (8.x-1.8). UI Patterns (SDC in Drupal UI) 2.0.18 Minor update available for module ui_patterns (2.0.18). Search API Solr 4.3.11 Module search_api_solr updated after 14 months of inactivity (4.3.11). Provus Mega Menu Module provus_mega_menu crossed 1,000 active installs.

Drupitor Client

5 sites No security coverage
View on drupal.org

This module provides a secure API endpoint that allows external services to check for available Composer package updates for your Drupal installation. It is designed for integration with monitoring tools and includes security features to control access.

The Drupitor Client module provides a secure API endpoint to check for available Composer package updates in your Drupal installation. This module is designed for integration with external monitoring services while maintaining strict security controls.

Requirements

  • Drupal 10+
  • Composer-based Drupal installation
  • PHP proc_open() function available
  • Composer executable accessible on the system

Installation

  1. Install the module via Composer or manually:
    • Via Composer: composer require drupal/drupitor_client
    • Manually: Download from the project page and place in your sites modules directory.
  2. Enable the module using Drush or via the UI:
    • Via Drush: drush en drupitor_client
    • Via UI: Navigate to Administration > Extend and enable "Drupitor Client"
  3. Configure the module at Administration > Configuration > Development > Drupitor Client

Configuration

Configure via UI
After installation, navigate to Administration > Configuration > Development > Drupitor Client to configure:

  • Enable/Disable: Control whether the API endpoint is accessible
  • Composer Path: Specify the absolute path to your Composer executable
  • Command Timeout: Set timeout for Composer commands (10-300 seconds)

The module starts in a disabled state for security and must be explicitly enabled.

Configure via settings.php
You can also manage the configuration via settings.php:

$config['drupitor_client.settings']['enabled'] = TRUE;
$config['drupitor_client.settings']['api_token'] = '[YOUR_API_TOKEN]';
$config['drupitor_client.settings']['encryption_key'] = '[YOUR_ENCRYPT_KEY]';
$config['drupitor_client.settings']['encryption_method'] = 'AES-256-GCM';
$config['drupitor_client.settings']['composer_path'] = 'composer';
$config['drupitor_client.settings']['command_timeout'] = '60';

API usage

When enabled, the module provides a JSON endpoint at: /drupitor/api/v1/updates

The endpoint is only accessible when:

  • The module itself is enabled, and it's functionality is enabled on the configuration page
  • The correct API token (configured on the configuration page) is provided in the request header (recommended) or as a query parameter (not recommended for security reasons)

Logging

All operations are logged to the 'drupitor_client' channel for security auditing and troubleshooting.

Activity

Total releases
2
First release
Aug 2025
Latest release
5 months ago
Releases (12 mo)
2 ▲ from 0
Maintenance
Active

Releases

Version Type Release date
1.0.0 Stable Feb 3, 2026
1.0.x-dev Dev Aug 23, 2025