enlightn
Psalm
enlightn | Psalm | |
---|---|---|
7 | 45 | |
870 | 5,453 | |
1.1% | 0.7% | |
6.7 | 9.9 | |
20 days ago | 6 days ago | |
PHP | PHP | |
GNU General Public License v3.0 or later | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
enlightn
-
Laravel code-quality tools
Enlightn scans your code to check whether it follows best practices in performance, security, and reliability. It's a paid tool, but it also has free checks you can use. At the time of writing, it has 64 checks in the free version and 128 checks in the paid version. For the purposes of this article, we'll only be using the free version.
-
Preventing Installing Composer Dependencies with Known Security Vulnerabilities
There are other tools out there, such as Enlightn and Dependabot, that help you to detect dependencies in your project with security vulnerabilities. But I'd like to think of these types of tools more as being "reactive". By that, I mean that they can alert you of vulnerable dependencies after you've installed them in your project. This can result in you introducing potential security holes into your applications without being aware at first. This is by no means a discredit to any of these types of tools though. Vulnerabilities are always being discovered in frameworks, packages, and libraries. So being able to detect them is a great way to stay on top of your project's security.
-
Mass Assignment Vulnerabilities and Validation in Laravel
In this article, we're going to briefly look at different things to look out for when auditing your app's security, or adding new validation. We'll also look at how you can use "Enlightn" to detect potential mass assignment vulnerabilities.
-
Laravel Security Alerts
Checkout laravel enlghtn, scans all dependencies, we have it wired for all prs and nightly on all code bases. https://www.laravel-enlightn.com/
-
A Laravel package to monitor the health of your application
you can also check https://www.laravel-enlightn.com
-
Your automated performance/security consultant for Laravel apps!
Uhh did you check the link? It's another product. The security checker is an independent package. The Enlightn Github repo is here and the security checker is here. Lol you were so busy criticizing about emojis, you don't even know what I was talking about.
Psalm
-
Laravel code-quality tools
Psalm is a static analysis tool for PHP. Much like PHPStan is to Larastan, Psalm has a plugin called Laravel Psalm that allows you to easily use it in Laravel projects.
- PHP 8.3
-
PHP libraries and tools
Psalm: A static analysis tool for finding errors in PHP applications. Plugins: boesing/psalm-plugin-stringf: Psalm plugin to provide more details for sprintf, printf, sscanf and fscanf functions. hectorj/safe-php-psalm-plugin: vimeo/psalm plugin for thecodingmachine/safe. marartner/psalm-no-empty: Psalm plugin to detect usage of empty(). marartner/psalm-strict-equality: Psalm plugin to enforce strict equality. psalm/plugin-phpunit: A PHPUnit plugin for Psalm. psalm/plugin-symfony: Psalm Plugin for Symfony. weirdan/doctrine-psalm-plugin: Stubs to let Psalm understand Doctrine better. ghostwriter/psalm-plugin: Provides an ALL-IN-ONE plugin for Psalm
-
PHP-Tokio – Use any async Rust library from PHP
PHP 8 is the best version of PHP yet, and the main reason why it's so good is precisely because it got rid of a huge amount of ugly, legacy behavior.
Upgrading a codebase to PHP 8 is not an insurmountable task, I've upgraded our 1 million SLOC codebase at work in just a few weeks, with the help of tools like https://psalm.dev and our own strict coding standard.
- Devs interesados en aprender
-
Top 6 PHP code quality tools 2023
Psalm is a static analysis tool specifically designed for PHP. It performs advanced type inference and checks for various types of errors, including type errors, undefined variables, incorrect function calls, and more. It provides comprehensive code analysis and helps improve code quality and maintainability. Documentation: You can find more information about Psalm, including installation instructions and usage details, in the official repository: Psalm Repository
-
Avoiding empty() in PHP
vimeo/psalm
- [Laravel] Maintenant que PHPStorm prend en charge le Psaume et le PHPSTAN, lequel utilisez-vous / recommandez-vous pour les projets Laravel?
- TIL how PHP type hinting works
-
Templates available in Yii3.
Static analysis - Psalm .
What are some alternatives?
larastan - ⚗️ Adds code analysis to Laravel improving developer productivity and code quality.
PHPStan - PHP Static Analysis Tool - discover bugs in your code without running it!
laravel-activitylog - Log activity inside your Laravel app
phan - Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
bouncer - Laravel Eloquent roles and abilities.
Rector - Instant Upgrades and Automated Refactoring of any PHP 5.3+ code
SensioLabs Security Check - A database of PHP security advisories
PHPCompatibility - PHP Compatibility check for PHP_CodeSniffer
LaravelS - LaravelS is an out-of-the-box adapter between Laravel/Lumen and Swoole.
PHP Code Sniffer - PHP_CodeSniffer tokenizes PHP files and detects violations of a defined set of coding standards.
Laravel-Zero - A PHP framework for console artisans
Qodana - 📝 Source repository of Qodana Help