enlightn
coding-standard
enlightn | coding-standard | |
---|---|---|
7 | 9 | |
863 | 1,358 | |
1.3% | 1.3% | |
6.7 | 8.2 | |
26 days ago | about 2 months ago | |
PHP | PHP | |
GNU General Public License v3.0 or later | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
enlightn
-
Laravel code-quality tools
Enlightn scans your code to check whether it follows best practices in performance, security, and reliability. It's a paid tool, but it also has free checks you can use. At the time of writing, it has 64 checks in the free version and 128 checks in the paid version. For the purposes of this article, we'll only be using the free version.
-
Preventing Installing Composer Dependencies with Known Security Vulnerabilities
There are other tools out there, such as Enlightn and Dependabot, that help you to detect dependencies in your project with security vulnerabilities. But I'd like to think of these types of tools more as being "reactive". By that, I mean that they can alert you of vulnerable dependencies after you've installed them in your project. This can result in you introducing potential security holes into your applications without being aware at first. This is by no means a discredit to any of these types of tools though. Vulnerabilities are always being discovered in frameworks, packages, and libraries. So being able to detect them is a great way to stay on top of your project's security.
-
Mass Assignment Vulnerabilities and Validation in Laravel
In this article, we're going to briefly look at different things to look out for when auditing your app's security, or adding new validation. We'll also look at how you can use "Enlightn" to detect potential mass assignment vulnerabilities.
-
Laravel Security Alerts
Checkout laravel enlghtn, scans all dependencies, we have it wired for all prs and nightly on all code bases. https://www.laravel-enlightn.com/
-
A Laravel package to monitor the health of your application
you can also check https://www.laravel-enlightn.com
-
Your automated performance/security consultant for Laravel apps!
Uhh did you check the link? It's another product. The security checker is an independent package. The Enlightn Github repo is here and the security checker is here. Lol you were so busy criticizing about emojis, you don't even know what I was talking about.
coding-standard
-
Laravel code-quality tools
If you go through the imports in the config/insights.php file, you'll see that it mostly uses rules from NunoMaduro\PhpInsights and SlevomatCodingStandard\Sniffs. The former is PHP Insight's in-house insights and the latter is the sniffs from the Slevomat coding standard. In most cases, you'll only ever reach for those two.
-
Does CodeSniffer/ECS have the possibility to detect large methods/functions?
However, you can get cognitive complexity in phpcs with the slevomat ruleset. This ruleset is used as a base for the Doctrine coding standard.
-
Searching expecific rules for php-cs-fixer
I think you can use the Slevomat Coding Standards to solve both issues.
-
Tools you’ve used to increase code quality and/or productivity?
I also make heavy use of Codesniffer with PSR12 as a base and a load of the rules from https://github.com/slevomat/coding-standard - learning how to use Codesniffer and setting up a comprehensive coding standard can be incredibly helpful when working as part of a team.
-
Recommendations for productivity tools/libraries?
You should check out https://github.com/slevomat/coding-standard for some very useful additional rules.
-
Strict operators on known return values
no need for muscle memory, there's a phpcs rule for that 🙂
-
How do you enforce a consistent code style in your projects?
Codesniffer. Though the requirements may differ between projects I typically use PSR12 as a starting point, plus disallowing long array syntax, enforcing a need for DocBlocks, and a few others. I find https://github.com/slevomat/coding-standard is also a good source of useful sniffs.
-
Why "on" == 0 evaluates to true?
Well, as we have this phpcs rule in our coding standard, it is forbidden (for us) 😉 Maybe, forbidden is not a good word, though.
What are some alternatives?
larastan - ⚗️ Adds code analysis to Laravel improving developer productivity and code quality.
laravel-code-style - Automatic code formatting for Laravel projects
laravel-activitylog - Log activity inside your Laravel app
phpcs-laravel - The PHP_Codesniffer configuration I use across Laravel projects
bouncer - Laravel Eloquent roles and abilities.
VIP-Coding-Standards - PHP_CodeSniffer ruleset to enforce WordPress VIP coding standards.
SensioLabs Security Check - A database of PHP security advisories
GrumPHP - A PHP code-quality tool
LaravelS - LaravelS is an out-of-the-box adapter between Laravel/Lumen and Swoole.
easy-coding-standard - The Easiest way to add coding standard to your PHP project
Laravel-Zero - A PHP framework for console artisans
PHP-CS-Fixer - A tool to automatically fix PHP Coding Standards issues [Moved to: https://github.com/PHP-CS-Fixer/PHP-CS-Fixer]