GrumPHP
local-php-security-checker
Our great sponsors
GrumPHP | local-php-security-checker | |
---|---|---|
25 | 5 | |
4,088 | 1,148 | |
0.6% | - | |
8.0 | 2.9 | |
27 days ago | 8 days ago | |
PHP | Go | |
MIT License | GNU Affero General Public License v3.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
GrumPHP
-
PHP libraries and tools
GrumPHP: A PHP code-quality tool.
-
Recommended Code Review Plugin for Github?
Depends on what you mean by plugin, but a GrumPHP is a great tool. It registers a pre-commit git hook that runs whatever quality tools you've configured every time someone commits. If one of the checks fail, the commit is aborted. It's very easy to install and configure.
- Looking to build a code quality tool for Laravel - opinions wanted
-
PHPUnit, do i need to learn it?
sounds like you heard of Grumphp
- Ideas for minimum PHP pipeline for a small team
-
Ensure a beaut code with Laravel Pint
Of course, in this simple way, you will need run the command before commits to ensure a correct code style. We can improve this we can to use some pre-commit hook, like a grumphp https://github.com/phpro/grumphp.
-
A quality inspection hook installer
How does this compare to existing tools like GrumPHP or Captain Hook? Why should I use it instead?
Are you aware of GrumPHP?
-
Is there a way to run commands before PHPStorm commits?
I use grumphp to run phplint, phpstan, Easy coding standard (includes php-cs fixer) and phpunit. All four will automatically run before every commit, stopping any 'below standard' code from being committed. Example config file
-
What are some helpful tools every Laravel CI pipeline should have?
like valplet said: https://github.com/phpro/grumphp But also: https://styleci.io/ integrates nicely with git For client side code formatting check: https://prettier.io/
local-php-security-checker
-
What are some helpful tools every Laravel CI pipeline should have?
test -d local-php-security-checker || curl -L https://github.com/fabpot/local-php-security-checker/releases/download/v1.2.0/local-php-security-checker_1.2.0_linux_amd64 --output local-php-security-checker chmod +x local-php-security-checker ./local-php-security-checker
-
Unknown error running php bin/console security:check
The best alternative to use now is to download a local-security-checker binary (https://github.com/fabpot/local-php-security-checker/releases), saving it in the bin folder, and running that binary (via bin/local-php-security-checker).
-
PHP libraries and tools
Local PHP Security Checker: PHP security vulnerabilities checker
-
Laravel QR Code Generator Infected with Malware
It looks like they utilize this repo for advisories: https://github.com/FriendsOfPHP/security-advisories/ -- via https://symfony.com/blog/the-php-security-checker-as-a-docker-image
-
Why does validating a user require 14000 files?
https://github.com/fabpot/local-php-security-checker
I agree, composer is not perfect, but before it was worse.
What are some alternatives?
PHPStan - PHP Static Analysis Tool - discover bugs in your code without running it!
SecurityAdvisories - :closed_lock_with_key: Security advisories as a simple composer exclusion list, updated daily
PHP CS Fixer - A tool to automatically fix PHP Coding Standards issues
Spout - Read and write spreadsheet files (CSV, XLSX and ODS), in a fast and scalable way
PHP Code Sniffer - PHP_CodeSniffer tokenizes PHP files and detects violations of a defined set of coding standards.
ComposerRequireChecker - A CLI tool to check whether a specific composer package uses imported symbols that aren't part of its direct composer dependencies
PHPCPD - Copy/Paste Detector (CPD) for PHP code.
google-api-php-client-services
drupal-project - :rocket: Composer template for Drupal projects. Quick installation via "composer create-project drupal-composer/drupal-project"
google-api-php-client - A PHP client library for accessing Google APIs
PHP Mess Detector - PHPMD is a spin-off project of PHP Depend and aims to be a PHP equivalent of the well known Java tool PMD. PHPMD can be seen as an user friendly frontend application for the raw metrics stream measured by PHP Depend.
churn-php - Discover files in need of refactoring.