Watch your Laravel app for unwanted changes when working with third-party packages.

Related tags

Laravel project-secure
Overview

Logo

Project Secure

This package installs a Composer plugin that reports unwanted changes to your Laravel project code after installing or updating a third-party library.

CI

Rationale

A secure Laravel app implements multiple methods of protection and overlapping defensive strategies. This Composer plugin makes a fingerprint of your Laravel application code before a package is installed or updated. At the end of the process, it compares the code to the first fingerprint. If anything is changed, added or removed, it will alert you with an error in the context of the Composer action.

Why would I need this - I already have git? You should be using version control, and I'm happy to hear it. This package is meant to be defense in depth. Everyone always reviews their code line by line before they commit it - right? Right?? If you're like me, and you find sometimes you don't and just commit a whole swath of code, then this is for you. It's also for you if you're not using version control and running a Composer install/update.

Oh and one more thing - this project is just starting with watching your app directory for changes. Future features may include watching for changes to folders outside of the vendor-specific directories that are listed as dependencies of the package - or even scanning of auto-registered service providers. Stay tuned!

Prerequisites / Requirements

Installation

Install this with Composer:

composer require laravelhacker/project-secure

Usage

If your app code is found in the app folder as a sibling of the Composer vendor folder, it will be scanned and watched during composer install and composer update calls automatically. If nothing was found, it will be silent. If it finds a file change, a file addition or a file deletion, it will alert you with an error output using the Composer process.

Currently there are no implementation steps or configuration options.

Features / Bugs

You can create a feature request or a bug report using the project issues functionality. There are templates available.

Contributing

Contributions are welcome via pull request. See CONTRIBUTING.md for more.

Security

For security issues, please email aaron at the laravelhacker.com domain instead of using the issues tracker.

License

MIT. See LICENSE for more information.

You might also like...
📦 Adds Laravel Packages Support to Lumen and Vendor Publish Artisan Command.
📦 Adds Laravel Packages Support to Lumen and Vendor Publish Artisan Command.

Laravel Package Support for Lumen: Makes Lumen compatible with Laravel Packages. You can use any Laravel Packages in Lumen by installing Larasupport Package.

Irfaq Syed 127 Dec 17, 2022
A package for Laravel to perform basic git commands on locally integrated packages.

A package for Laravel to perform basic git commands on locally integrated development packages. If working within multiple local development packages or repositories at once this package is meant to ease the burden of navigating to each individual repository to perform basic git commands.

null 3 Jul 26, 2022
Tools for creating Laravel packages
Tools for creating Laravel packages

Tools for creating Laravel packages This package contains a PackageServiceProvider that you can use in your packages to easily register config files,

Spatie 526 Dec 29, 2022
Service manager for Slim compatible with Laravel packages

SlimServices SlimServices is a service manager for the Slim PHP microframework based on Laravel 4 service providers and DI container, allowing you to

its 76 Jul 23, 2022
Collection of agnostic PHP Functions and helpers with zero dependencies to use as foundation in packages and other project

Collection of agnostic PHP Functions and helpers This package provides a lot of very usefull agnostic helpers to use as foundation in packages and oth

padosoft 54 Sep 21, 2022
Composer plugin for cleaning up unused files from packages.

Composer Cleanup Plugin Remove tests & documentation from the vendor dir. Based on laravel-vendor-cleanup but implemented as a Composer Plugin instead

Barry vd. Heuvel 136 Dec 15, 2022
A simple blog app where a user can signup , login, like a post , delete a post , edit a post. The app is built using laravel , tailwind css and postgres

About Laravel Laravel is a web application framework with expressive, elegant syntax. We believe development must be an enjoyable and creative experie

Nahom_zd 1 Mar 6, 2022
Laravel-OvalFi helps you Set up, test, and manage your OvalFi integration directly in your Laravel App.
Laravel-OvalFi helps you Set up, test, and manage your OvalFi integration directly in your Laravel App.

OvalFi Laravel Package Laravel-OvalFi helps you Set up, test, and manage your OvalFi integration directly in your Laravel App. Installation You can in

Paul Adams 2 Sep 8, 2022
A web app for detecting backend technologies used in a web app, Based on wappalyzer node module

About Techdetector This a web fingerprinting application, it detects back end technologies of a given domain by using the node module wappalyzer. And

Shobi 17 Dec 30, 2022
Owner
The Laravel Hacker
Secure PHP Programming and Laravel Hardening
The Laravel Hacker
GitHub
🔥 Fire events on attribute changes of your Eloquent model

class Order extends Model { protected $dispatchesEvents = [ 'status:shipped' => OrderShipped::class, 'note:*' => OrderNoteChanged:

Jan-Paul Kleemans 252 Dec 7, 2022
A simple website to inform you where to watch anime legally in Indonesia.

WibuSaka A simple app to inform you where to watch anime legally in Indonesia. WibuSaka uses Jikan.moe API to fetch anime datas. Requirements PHP 7.4+

Azhar At Zauhar Dripana 49 Oct 24, 2022
Automatic multi-tenancy for Laravel. No code changes needed.

Tenancy for Laravel — stancl/tenancy Automatic multi-tenancy for your Laravel app. You won't have to change a thing in your application's code. ✔️ No

Samuel Štancl 2.7k Jan 3, 2023
Observe (and react to) attribute changes made on Eloquent models.

Laravel Attribute Observer Requirements PHP: 7.4+ Laravel: 7+ Installation You can install the package via composer: composer require alexstewartja/la

Alex Stewart 55 Jan 4, 2023
Laravel-FCM is an easy to use package working with both Laravel and Lumen for sending push notification with Firebase Cloud Messaging (FCM).

Laravel-FCM Introduction Laravel-FCM is an easy to use package working with both Laravel and Lumen for sending push notification with Firebase Cloud M

Rahul Thapa 2 Oct 16, 2022
Allow your model to record the creation, update and deletion of user fingerprints in laravel packages

This laravel package will allow your models to record the the created, updated and deleted by User FingerPrints

Managemize 4 Mar 11, 2022
Extend Laravel PHP framework to make working with Aiven databases simpler

Aiven Commands for Laravel ✨ Add some Aiven magic to your Laravel project ✨ This Laravel package provides some aiven commands for artisan to help with

Aiven 8 Aug 19, 2022
Helper class for working with Laravel Mix in WordPress themes and plugins.

Hybrid\Mix Hybrid Mix is a class for working with Lavarel Mix. It adds helper methods for quickly grabbing asset files cached in the mix-manifest.json

Theme Hybrid 9 Jun 2, 2022
Makes working with DateTime fields in Laravel's Nova easier

This package adds a DateTime field with support for a global DateTime format, syntactic sugar for formatting individual DateTime fields and powerful d

wdelfuego 6 Aug 4, 2022
A collection of useful traits for working with PHP 8.1 Enums

A library of helper traits for working with PHP 8.1 enums This package provides a series of traits that allows you to: RestorableFromName Trait Create

Mark Baker 24 Nov 24, 2022