Your performance & security consultant, an artisan command away.

Overview

Enlightn

tests LGPLv3 Licensed Latest Stable Version Total Downloads Twitter Follow

A Laravel Tool To Boost Your App's Performance & Security

Enlightn

Introduction

Think of Enlightn as your performance and security consultant. Enlightn will "review" your code and server configurations, and give you actionable recommendations on improving performance, security and reliability!

The Enlightn OSS (open source software) version has 64 automated checks that scan your application code, web server configurations and routes to identify performance bottlenecks, possible security vulnerabilities and code reliability issues.

Enlightn Pro (commercial) is available for purchase on the Enlightn website and has an additional 64 automated checks (total of 128 checks).

Performance Checks (37 Automated Checks including 19 Enlightn Pro Checks)

  • πŸš€ Performance Quick Wins (In-Built In Laravel): Route caching, config caching, etc.
  • ⏳ Performance Bottleneck Identification: Middleware bloat, identification of slow, duplicate and N+1 queries, etc.
  • 🍽️ Serving Assets: Minification, cache headers, CDN and compression headers.
  • πŸŽ›οΈ Infrastructure Tuning: Opcache, cache hit ratio, unix sockets for single server setups, etc.
  • πŸ›Έ Choosing The Right Driver: Choosing the right session, queue and cache drivers for your app.
  • πŸ† Good Practices: Separate Redis databases for locks, dont install dev dependencies in production, etc.

Security Checks (48 Automated Checks including 28 Enlightn Pro Checks)

  • πŸ”’ Basic Security: Turn off app debug in production, app key, CSRF protection, login throttling, etc.
  • πŸͺ Cookie Security and Session Management: Cookie encryption, secure cookie attributes, session timeouts, etc.
  • πŸƒ Mass Assignment: Detection of mass assignment vulnerabilities, unguarded models, etc.
  • ☒️ SQL Injection Attacks: Detection of raw SQL injection, column name SQL injection, validation rule injection, etc.
  • πŸ“œ Security Headers: XSS, HSTS, clickjacking and MIME protection headers.
  • πŸ“ Unrestricted File Uploads and DOS Attacks: Detection of directory traversal, storage DOS, unrestricted file uploads, etc.
  • πŸ’‰ Injection and Phishing Attacks: Detection of command injection, host injection, object injection, open redirection, etc.
  • πŸ“¦ Dependency Management: Backend and frontend vulnerability scanning, stable and up-to-date dependency checks, licensing, etc.

Reliability Checks (43 Automated Checks including 17 Enlightn Pro Checks)

  • 🧐 Code Reliability and Bug Detection: Invalid function calls, method calls, offsets, imports, return statements, syntax errors, etc.
  • πŸ’ͺ Health Checks: Health checks for cache, DB, directory permissions, migrations, disk space, symlinks, Redis, etc.
  • βš™οΈ Detecting Misconfigurations: Cache prefix, queue timeouts, failed job timeouts, Horizon provisioning plans, eviction policy, etc.
  • πŸ‘» Dead Routes and Dead Code: Detection of dead routes and dead/unreachable code.
  • πŸ… Good Practices: Cache busting, Composer scripts, env variables, avoiding globals and superglobals, etc.

Documentation

Each of the 128 checks available are well documented. You can find the complete 137 page documentation here.

Installing Enlightn OSS

You may install Enlightn into your project using the Composer package manager:

composer require enlightn/enlightn

After installing Enlightn, you may publish its assets using the vendor:publish Artisan command:

php artisan vendor:publish --tag=enlightn

Note: If you need to install Enlightn Pro, visit the documentation on the Enlightn website here.

Running Enlightn

After installing Enlightn, simply run the enlightn Artisan command to run Enlightn:

php artisan enlightn

You may add the --report flag, if you wish to view your reports in the Enlightn Web UI besides the terminal:

php artisan enlightn --report

If you wish to run specific analyzer classes, you may specify them as optional arguments:

php artisan enlightn Enlightn\\Enlightn\\Analyzers\\Security\\CSRFAnalyzer Enlightn\\EnlightnPro\\Analyzers\\Security\\DirectoryTraversalAnalyzer

Note that the class names should be fully qualified and escaped with double slashes as above.

Recommended to Run In Production

If you want to get the full Enlightn experience, it is recommended that you at least run Enlightn once in production. This is because several of Enlightn's checks are environment specific. So they may only be triggered when your app environment is production.

In case you don't want to run on production, you can simulate a production environment by setting your APP_ENV to production, setting up services and config as close to production as possible and running your production deployment script locally. Then run the Enlightn Artisan command.

View Detailed Error Messages

By default, the enlightn Artisan command highlights the file paths, associated line numbers and a message for each failed check. If you wish to display detailed error messages for each line, you may use the --details option:

php artisan enlightn --details

Usage in CI Environments

If you wish to integrate Enlightn with your CI, you can simply trigger the --ci option when running Enlightn in your CI/CD tool:

php artisan enlightn --ci

You may add the --report flag if you wish to view your CI reports in the Enlightn Web UI. Remember to add your project credentials to your config/enlightn.php file as explained here.

php artisan enlightn --ci --report

Enlightn pre-configures which analyzers can be run in CI mode for you. So, the above command excludes analyzers that need a full setup to run (e.g. analyzers using dynamic analysis).

For more information on CI integration, refer the Enlightn documentation.

Establishing a Baseline

Sometimes, especially in CI environments, you may want to declare the currently reported list of errors as the "baseline". This means that the current errors will not be reported in subsequent runs and only new errors will be flagged.

To generate the baseline automatically, you may run the enlightn:baseline Artisan command:

php artisan enlightn:baseline

If you wish to run this command in CI mode, you can use the --ci option:

php artisan enlightn:baseline --ci

For more information on establishing a baseline, refer the docs.

Web UI

Enlightn offers a beautiful Web UI dashboard where you can view your Enlightn reports triggered from your CI or scheduled command runs.

Enlightn Web UI Dashboard

The web UI is free for all users and includes the following:

  1. Statistics on pass percentages (overall and by category).
  2. All failed checks along with code snippets related to the checks (if any).
  3. Metrics on number of new and resolved issues (compared with the most recent report running on the same app URL, environment and project).

To get access to the Web UI, all you need to do is signup for free on the Enlightn website and follow the instructions mentioned here.

Scheduling Enlightn Runs

Besides integrating Enlightn with your CI/CD tool, it's a good practice to schedule an Enlightn run on a regular frequency (such as daily or weekly) like so:

// In your app/Console/Kernel.php file:

/**
 * Define the application's command schedule.
 *
 * @param  \Illuminate\Console\Scheduling\Schedule  $schedule
 * @return void
 */
protected function schedule(Schedule $schedule)
{
    $schedule->command('enlightn --report')->runInBackground()->daily()->at('01:00');
}

This will allow you to monitor Enlightn's dynamic analysis checks, which are typically excluded from CI. The reports can be viewed on the Enlightn Web UI.

GitHub Bot Integration

Enlightn offers a GitHub bot that can prepare a report highlighting failed checks and also add review comments for pull requests on the lines of code that introduce new issues.

Enlightn GitHub Bot Review Comments

To integrate with the Enlightn GitHub bot, refer the docs.

Failed Checks

All checks that fail will include a description of why they failed along with the associated lines of code (if applicable) and a link to the documentation for the specific check.

Enlightn Failed Check

Report Card

Finally, after all the checks have run, the enlightn Artisan command will output a report card, which contains information on how many and what percentage of checks passed, failed or were skipped.

Enlightn Report Card

The checks indicated as "Not Applicable" were not applicable to your specific application and were skipped. For instance, the CSRF analyzer is not applicable for stateless applications.

The checks reported under the "Error" row indicate the analyzers that failed with exceptions during the analysis. Normally, this should not happen but if it does, the associated error message will be displayed and may have something to do with your application.

How Frequently Should I Run Enlightn?

A good practice would be to run Enlightn every time you are deploying code or pushing a new release. It is recommended to integrate Enlightn with your CI/CD tool so that it is triggered for every push or new release.

Besides the automated CI checks, you should also run Enlightn on a regular frequency using a scheduled console command as described above. This will allow you to monitor the dynamic analysis checks, which are typically excluded from CI.

Featured On

Laravel News     OWASP     NIST

Flagship OSS Projects Using Enlightn

Laravel.io     Akaunting

OS Compatibility

Only MacOS and Linux systems are supported for Enlightn. Windows is currently not supported.

Contribution Guide

Thank you for considering contributing to Enlightn! The contribution guide can be found here.

Support Policy

Our support policy can be found in the Enlightn documentation.

License

The Enlightn OSS (on this GitHub repo) is licensed under the LGPL v3 (or later) license.

Enlightn Pro is licensed under a commercial license.

Comments
  • [Feature Request] Support Larastan v2

    [Feature Request] Support Larastan v2

    Is your feature request related to a problem? Please describe. A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]

    Receiving errors when trying to install Enlightn on a project that has Larastan v2 installed.

    As I was trying to figure this out I opened 2 issues that can be referenced here: https://github.com/enlightn/enlightn/issues/103 https://github.com/nunomaduro/larastan/issues/1165

    Describe the solution you'd like A clear and concise description of what you want to happen.

    Would be nice to have updated support/a new verision of Enlightn for Larastan v2.

    Describe alternatives you've considered A clear and concise description of any alternative solutions or features you've considered.

    Not sure if there are any other solutions.

    Additional context Add any other context or screenshots about the feature request here.

    enhancement 
    opened by fylzero 17
  • [Question] Trusted hosts without trusted proxies is useless?

    [Question] Trusted hosts without trusted proxies is useless?

    Versions

    • PHP version: 8
    • Laravel version: 8
    • Enlightn version: latest

    Description

    Getting error "Your application contains global middleware that is not currently being used. [...] Your unused middleware include: [TrustHosts]".

    Test assumes that you should not use TrustHosts without also using TrustedProxy. TrustHosts middleware calls the Request::setTrustedHosts. By looking into Symfony's Request class documentation I understand that it is related with Host header and not with X-Forwarded-Host header mentioned in the enlightn docs.

    Expected behavior:

    Test to pass

    Actual behavior:

    Test fails

    bug documentation 
    opened by dionysiosarvanitis 9
  • Update version constraints to allow larastan and phpstan 1.0 - Fixes #87

    Update version constraints to allow larastan and phpstan 1.0 - Fixes #87

    It does seem that this causes Enlightn\Enlightn\Tests\Analyzers\Security\LicenseAnalyzerTest::confirms_enlightn_uses_dependencies_with_safe_licenses to fail as nette/schema and nette/utils have GLP-2.0-only and GPL-3.0-only in their respective license chains.

    This looks to have been fixed in #69, though.

    ο»Ώο»Ώnette/schema                          v1.2.2     BSD-3-Clause, GPL-2.0-only, GPL-3.0-only
    nette/utils                           v3.2.5     BSD-3-Clause, GPL-2.0-only, GPL-3.0-only
    
    enhancement 
    opened by michaeldyrynda 8
  • Laravel 9.x Compatibility

    Laravel 9.x Compatibility

    This is an automated pull request from Shift to update your package code and dependencies to be compatible with Laravel 9.x.

    Before merging, you need to:

    • Checkout the l9-compatibility branch
    • Review all comments for additional changes
    • Thoroughly test your package

    If you do find an issue, please report it by commenting on this PR to help improve future automation.

    opened by laravel-shift 7
  • [Bug Report] Cannot install Pro Version 2.0

    [Bug Report] Cannot install Pro Version 2.0

    Versions

    • PHP version: 8.1.3
    • Laravel version: 9.15
    • Enlightn version: ^2.1
    • Enlightn Pro version (if applicable): ^2.0

    Description

    image

    When I try to install the pro version on my project. I faced the issue like in the above image.

    Steps to Reproduce

    Just try to install the pro version from here

    opened by waelsjaber 6
  • [Feature Request] Failing mode for CI

    [Feature Request] Failing mode for CI

    Is your feature request related to a problem? Please describe. I'd like to run enlightn in the CI to check every time if there are problems occurring. Currently the CI passes even if there are problems.

    Describe the solution you'd like It would be nice if there is a flag (something like --fail) that the status code returned is not "okay" and the CI will fail this step. Some Analyzers could probably be ignored (depends on the use case) so I would also suggest an config entry where you can add Analyzers which will show errors but will not mark the analytics as failed. (something like "ignoreFailing")

    If wished for, I would make a PR in some days (probably on the weekend).

    enhancement 
    opened by Jubeki 6
  • [Feature Request] add option to show all hidden lines

    [Feature Request] add option to show all hidden lines

    Is your feature request related to a problem? Please describe. its a bit frustrating when i cant see the hidden lines

    Describe the solution you'd like the max visible lines are 5 & so having away to get around that would be very helpful

    Describe alternatives you've considered php artisan enlightn | more, did nothing

    Additional context Screen Shot 2021-01-25 at 9 57 41 AM

    enhancement 
    opened by ctf0 5
  • Replace SensioLabs Security Checker - Service Ending Jan 2021

    Replace SensioLabs Security Checker - Service Ending Jan 2021

    The SensioLabs security checker is deprecated and the web service will stop running at the end of this month (Jan 2021) 😱.

    We have a couple of options:

    1. Use the Local PHP Security Checker which is ironically not in PHP. Usage of this can be an issue. It can't be pulled in by Composer. Perhaps we can host this on our own, not sure yet.

    2. Build our own checker that reads the Security Advisories Database and possibly open source it.

    We have until the end of the month to figure this out. If anyone has any ideas, please comment here. PRs much appreciated.

    /cc @m1guelpf

    help wanted 
    opened by paras-malhotra 5
  • Checks are stop after the 6th check

    Checks are stop after the 6th check

    Versions

    • PHP version: 7.4.8
    • Laravel version: 7.30.0
    • Enlightn version: 1.0
    • Enlightn Pro version (if applicable): n/a

    Description

    During the run of the command php artisan enlightn we got the next result:

    Screenshot 2021-01-15 at 09 48 48

    We checked logs, but there no issues.

    Steps to Reproduce

    Install the library via composer require --dev enlightn/enlightn. Run the command php artisan enlightn.

    Expected behavior:

    All 60 checks are passed.

    Actual behavior:

    Command exited after 6th check.

    good first issue 
    opened by rustik666 5
  • Shows composer.json file is invalid though it is valid

    Shows composer.json file is invalid though it is valid

    Hi,

    • PHP version:7.4.26
    • Laravel version:8.83.19
    • Enlightn version: 2.1.0
    • Enlightn Pro version (if applicable): -

    Description

    When I run enlightn, for composer.json check it shows failed.

      Your application's composer.json file is valid. Failed
    Your application's composer.json file is not valid. Run the composer validate command to view more details.
    

    If I check it with "composer validate" command it shows composer.json is valid.

    Is it false positive or am I missing something?

    opened by prashantbw 4
  • [Bug Report] artisan enlightn:baseline doesnt populate the ignore_errors array with expected values

    [Bug Report] artisan enlightn:baseline doesnt populate the ignore_errors array with expected values

    Versions

    • PHP version: 8.1
    • Laravel version: 9.2
    • Enlightn version: 2.1
    • Enlightn Pro version (if applicable): 2.1

    Description

    When I run

    php -d memory_limit=10G artisan enlightn --ci

    Several analyzers report issues: +----------------+-------------+-------------+-----------+-----------+ | Status | Performance | Reliability | Security | Total | +----------------+-------------+-------------+-----------+-----------+ | Passed | 7 (58%) | 22 (71%) | 31 (86%) | 60 (76%) | | Failed | 1 (8%) | 4 (13%) | 4 (11%) | 9 (11%) | | Not Applicable | 4 (33%) | 5 (16%) | 1 (3%) | 10 (13%) | | Error | 0 (0%) | 0 (0%) | 0 (0%) | 0 (0%) | +----------------+-------------+-------------+-----------+-----------+

    However, when I run

    php -d memory_limit=10G artisan enlightn:baseline --ci

    The progress bar starts moving very slowly, and then after 3/79, it jumps to complete immediately. Upon checking the 'ignore_errors' array in enlightn.php however, only one analyzer is listed

    'ignore_errors' => [
            Enlightn\EnlightnPro\Analyzers\Security\DebugStatementAnalyzer::class => [
                [
                    'path' => 'app/OURAPP/TestHelpers/CurrentApiTestTrait.php', 'details' => 'Function print_r called.'
                ]
            ]
        ],
    

    Steps to Reproduce

    1. run php -d memory_limit=10G artisan enlightn --ci
    2. Observe and take a note of the problems reported
    3. run php -d memory_limit=10G artisan enlightn:baseline --ci
    4. Notice that the ignore_errors array is not populated with reported analyzers listed in step 1

    Expected behavior:

    'ignore_errors' array should have the same analyzers which reported problems in first run listed

    Actual behavior:

    'ignore_errors' array only has one analyzer listed
    'ignore_errors' => [
            Enlightn\EnlightnPro\Analyzers\Security\DebugStatementAnalyzer::class => [
                [
                    'path' => 'app/OURAPP/TestHelpers/CurrentApiTestTrait.php', 'details' => 'Function print_r called.'
                ]
            ]
        ],
    

    Additional Information

    Any additional information, configuration or data that might be necessary to reproduce the issue.

    opened by paulpreibisch 4
  • [Feature Request] Encourage using native Laravel safety mechanisms

    [Feature Request] Encourage using native Laravel safety mechanisms

    The feature request is not necessarily related to a problem but it will definitely prevent problems.

    The solution I am proposing is to add one or more analysers that can check if certain methods are used in the 'AppServiceProvider' like:

    • Model::preventLazyLoading(); to prevent N+1 problems.
    • Model::preventAccessingMissingAttributes(); to protect against partially hydrated models
    • Model::preventSilentlyDiscardingAttributes(); to encourage model strictness

    More in depth information about those methods: https://planetscale.com/blog/laravels-safety-mechanisms. It requires at least Laravel 9.35.0 though.

    If interested I can look at making a PR for this.

    opened by Baspa 0
  • Inertia: check if the app renders custom error pages

    Inertia: check if the app renders custom error pages

    TODO

    • [x] Check if the app uses the Inertia middleware and if its overriding the default Exception render method
    • [x] Write tests

    Summary

    I want to check if the app uses the "Inertia way" of overriding the Laravel default error pages. I noticed that when overriding the default render method the result of checking the actual render method is different. This code:

    $handler = new ReflectionClass(app()->make(\App\Exceptions\Handler::class));
    $className = $handler->getMethod('render')->getDeclaringClass()->getName();
    dd($className);
    

    Result when overriding the default render method: App\Exceptions\Handler

    Result when not overriding the default render method: Illuminate\Foundation\Exceptions\Handler

    So I decided to check if the actual render method is overridden. I’m not sure if this will be enough or that we also want/can check the content of the render method.

    opened by Baspa 6
  • [Feature Request] Check on custom error pages in apps using Inertia

    [Feature Request] Check on custom error pages in apps using Inertia

    Is your feature request related to a problem? Please describe. Currently the reliability check 22: "Your application defines custom error page views" fails. I guess it fails because I use "the Inertia way" of showing custom error pages. When I go to a random page in my application the custom error page is shown.

    Describe the solution you'd like Determine if the app is using Inertia and check if custom error pages are rendered in the Handler.php as described in the Inertia documentation.

    Describe alternatives you've considered Disabling the error message.

    Additional context If possible I want to create a PR myself but I don't know (yet) if that's possible. As stated in the Inertia documentation mentioned earlier the custom error pages are rendered in the Handler.php file:

        public function render($request, Throwable $e)
        {
            /** @var \Illuminate\Http\Response $response */
            $response = parent::render($request, $e);
    
            if (!app()->environment(['local', 'testing']) && in_array($response->status(), [500, 503, 404, 403])) {
                return Inertia::render('Error', ['status' => $response->status()])
                    ->toResponse($request)
                    ->setStatusCode($response->status());
            } else if ($response->status() === 419) {
                return back()->with([
                    'message' => 'The page expired, please try again.',
                ]);
            }
    
            return $response;
        }
    

    I guess the check is looking for custom error pages like described here in the Laravel documentation. But that's not the most optimal way when using Inertia.

    Please let me know if I can help with any solution, if the feature request will be accepted πŸ‘πŸΌ

    opened by Baspa 3
  • [Bug Report] Windows compatibility

    [Bug Report] Windows compatibility

    Versions

    • PHP version: v8.1
    • Laravel version: v9.20
    • Enlightn version: v2.1
    • Enlightn Pro version (if applicable): v2.2

    Description

    When trigger enlightn checks from Windows I am receiving an 'Unable to launch a new process' warning triggered at line 349 of symfony's Process.php

    Steps to Reproduce

    Run most checks, including all that use phpstan

    e.g. : php artisan enlightn Enlightn\Enlightn\Analyzers\Reliability\InvalidMethodCallAnalyzer -v

    Expected behavior:

    Enlightn runs

    Actual behavior:

    image

    Additional Information

    This code base allows running on Linux environments without issue. Via windows I am able to execute the project fully.

    I am also able to run (via windows) phpstan directly.

    opened by robertmarney 2
  • [Bug Report] QueueTimeoutAnalyzer does not understand which queue is used on horizon

    [Bug Report] QueueTimeoutAnalyzer does not understand which queue is used on horizon

    Versions

    • PHP version: 8.0.*
    • Laravel version: 5.8.0.0
    • Enlightn version:
    • Enlightn Pro version (if applicable): 1.16.0

    Description

    I have just installed MailCoach from Spatie and I have this error when running enlightn:

    Check 66/110: An appropriate timeout and retry after is set for queues. Failed
    The queue timeout value must be at least several seconds shorter than the retry after configuration value. Your mailcoach-redis queue connection's retry after value is set at 660 seconds while your timeout value is set at 3600 seconds. This can cause problems such as your jobs may be processed twice or the queue worker may crash.
    At config/queue.php: line(s): 64.
    Documentation URL: https://www.laravel-enl
    

    So is a very good point, I have alerted Spatie about their default configuration https://github.com/spatie/laravel-mailcoach/discussions/853

    But if I set the timeout to 11 * 60 -3, I have now a new error :

    The queue timeout value must be at least several seconds shorter than the retry after configuration value. Your redis queue connection's retry after value is set at 90 seconds while your timeout value is set at 657 seconds. This can cause problems such as your jobs may be processed twice or the queue worker may crash.
    At config/queue.php, line 64.
    

    I think the 90 comes from the default redis connection retry after parameter which is not used at all in horizon defaults array in mailcoach supervisors.

    Steps to Reproduce

    Use this horizon configuration:

        'defaults' => [
            'supervisor-default' => [
                'connection' => 'redis',
                'queue' => ['default'],
                'balance' => 'simple',
                'memory' => 100,
                'tries' => 3,
                'nice' => 0,
            ],
            'supervisor-browser' => [
                'connection' => 'redis',
                'queue' => ['browser'],
                'balance' => 'simple',
                'memory' => 192,
                'tries' => 3,
                'nice' => 0,
            ],
            'mailcoach-general' => [
                'connection' => 'mailcoach-redis',
                'queue' => ['mailcoach', 'mailcoach-feedback', 'send-mail', 'send-automation-mail'],
                'balance' => 'auto',
                'memory' => 100,
                'processes' => 10,
                'tries' => 2,
                'timeout' => 11 * 60 - 3,
            ],
            'mailcoach-heavy' => [
                'connection' => 'mailcoach-redis',
                'queue' => ['send-campaign'],
                'balance' => 'auto',
                'memory' => 100,
                'processes' => 3,
                'tries' => 1,
                'timeout' => 11 * 60 - 3,
            ],
        ],
    
        'environments' => [
            'production' => [
            ],
    
            'staging' => [
            ],
    
            'local' => [
            ],
    
            'CI' => [
            ],
        ],
    

    and use this queue configuration:

        'connections' => [
            'sync' => [
                'driver' => 'sync',
            ],
    ...
            'mailcoach-redis' => [
                'driver' => 'redis',
                'connection' => 'mailcoach',
                'queue' => 'mailcoach',
                'retry_after' => 11 * 60,
                'block_for' => null,
            ],
    
            'redis' => [
                'driver' => 'redis',
                'connection' => 'default',
                'queue' => env('REDIS_QUEUE', 'default'),
                'retry_after' => 90,
                'block_for' => null,
            ],
        ],
    

    Expected behavior:

    Test pass

    Actual behavior:

    Test does not pass because I cannot see in src/Analyzers/Reliability/QueueTimeoutAnalyzer.php in method getTimeoutAndRetryAfter(array $config) a mapping between superivisor and connections.

    It only get all supervisors and all connections:

                data_get(config('horizon.defaults', []), '*.timeout'),
    

    Additional Information

    I have disable this check for the moment but it is a very good check I would like to keep running ;-)

    enhancement 
    opened by potsky 2
Releases(v2.1.0)
Owner
Enlightn
Your performance/security consultant, an artisan command away
Enlightn
A Laravel 9 package that allows you enforce security of your artisan commands by authenticating users before running.

Introduction This package allows you as a developer to restrict who can and cannot run artisan commands, especially in a production environment. For e

YOo Slim 2 Sep 15, 2022
Exploiting and fixing security vulnerabilities of an old version of E-Class. Project implemented as part of the class YS13 Cyber-Security.

Open eClass 2.3 Development of XSS, CSRF, SQLi, RFI attacks/defences of an older,vulnerable version of eclass. Project implemented as part of the clas

Aristi_Papastavrou 11 Apr 23, 2022
Artisan Command for FriendsOfPHP/PHP-CS_Fixer

Laravel PHP CS Fixer The PHP CS Fixer is maintained on GitHub at https://github.com/FriendsOfPHP/PHP-CS-Fixer bug reports and ideas about new features

Signature Tech Studio 139 Dec 15, 2022
A Laravel package which helps you to flush sessions with an artisan command.

A simple laravel Package to flush sessions via artisan command. Sometimes we store data on sessions such as cart data or maybe any information regardi

Erfan Ahmed Siam 5 Jun 1, 2023
A collection of command line scripts for Magento 2 code generation, and a PHP module system for organizing command line scripts.

What is Pestle? Pestle is A PHP Framework for creating and organizing command line programs An experiment in implementing python style module imports

Alan Storm 526 Dec 5, 2022
Track your farming and pool performance on the Binance Smart Chain

farm.army - Frontend Track your farming and pool performance on the Binance Smart Chain. Tech Stack PHP 8 + Symfony node.js + npm (Webpack, Symfony en

farm.army 28 Sep 3, 2022
Monitor your Laravel application performance with New Relic

Laravel New Relic This package makes it simple to set up and monitor your Laravel application with New Relic APM. New Relic provides some excellent lo

Jack 74 Dec 20, 2022
salah eddine bendyab 18 Aug 17, 2021
Preload your sweet sweet code to opcache with a composer command, making your code faster to run.

Composer Preload Preload your sweet sweet code to opcache with a composer command, making your code run faster. Composer Preload is a composer plugin

Ayesh Karunaratne 197 Dec 6, 2022
Execute Artisan commands on remote servers

Execute Artisan commands on remote servers This package provides a command to execute Artisan command on a remote server. Here's an example that will

Spatie 238 Dec 29, 2022
A Laravel artisan based package to create the AWS (SES + SNS) infrastructure to receive email event notifications with Http/Https endpoint.

Laravel SES Tracking Setup the AWS infrastructure to handle email events using SES/SNS and http/s endpoints with a single Laravel artisan command. Thi

null 11 Apr 26, 2022
πŸ–€Run Laravel artisan tinker from a Vim buffer with output in Ray

Tinkeray Heavily inspired by the absolutely awesome Tinkerwell, run Laravel artisan tinker from a Vim buffer with output in Ray ?? Installation Usage

Jesse Leite 22 Jan 2, 2023
Refresh artisan commands,table,migrations,models,controllers...

About Laravel Laravel is a web application framework with expressive, elegant syntax. We believe development must be an enjoyable and creative experie

Javier FernΓ‘ndez 11 Oct 18, 2022
Optimizes class loading performance by generating a single PHP file containing all of the autoloaded files.

Class Preloader for PHP This tool is used to generate a single PHP script containing all of the classes required for a specific use case. Using a sing

Class Preloader 356 Nov 26, 2022
[READ-ONLY] CakePHP Utility classes such as Inflector, Text, Hash, Security and Xml. This repo is a split of the main code that can be found in https://github.com/cakephp/cakephp

CakePHP Utility Classes This library provides a range of utility classes that are used throughout the CakePHP framework What's in the toolbox? Hash A

CakePHP 112 Feb 15, 2022
Performance fixes for magento 2 core.

magento2-performance-fixes Performance fixes for magento 2 core. Problem and solution's concept - briefly PHP / Magento doesn't support concurency req

Mariusz Łopuch 48 Dec 30, 2022
Here are few exercises to practice how to implement API Security with NGINX App-Protect WAF.

api-security-lab This repo contains files for customers and partners to practice an API Security with NGINX App-Protect WAF. To demonstrate the capabi

null 4 Mar 30, 2022