The PHP security support in Snyk Code is now Generally Available, bringing the ability to identify potential vulnerabilities at the code level. This feature adds to existing PHP scanning functionality that scans composer manifests for open source library and dependency vulnerabilities. The Snyk Visual Studio Code extension also supports code and composer scanning for PHP, highlighting insecure code as it's written and identifying vulnerabilities in open source libraries or dependencies. With this GA release, developers can delve into the issue and track down potential security threats through the codebase. A demo app, called a "goof app", has been added to test Snyk Code's capabilities, and users can try it out with a free Snyk account. The scan identifies issues such as SQL injection and use of hard-coded credentials, and provides fix analysis and remediation advice.