local-php-security-checker
Psalm
local-php-security-checker | Psalm | |
---|---|---|
5 | 45 | |
1,148 | 5,434 | |
- | 0.7% | |
2.9 | 9.9 | |
9 days ago | 13 days ago | |
Go | PHP | |
GNU Affero General Public License v3.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
local-php-security-checker
-
What are some helpful tools every Laravel CI pipeline should have?
test -d local-php-security-checker || curl -L https://github.com/fabpot/local-php-security-checker/releases/download/v1.2.0/local-php-security-checker_1.2.0_linux_amd64 --output local-php-security-checker chmod +x local-php-security-checker ./local-php-security-checker
-
Unknown error running php bin/console security:check
The best alternative to use now is to download a local-security-checker binary (https://github.com/fabpot/local-php-security-checker/releases), saving it in the bin folder, and running that binary (via bin/local-php-security-checker).
-
PHP libraries and tools
Local PHP Security Checker: PHP security vulnerabilities checker
-
Laravel QR Code Generator Infected with Malware
It looks like they utilize this repo for advisories: https://github.com/FriendsOfPHP/security-advisories/ -- via https://symfony.com/blog/the-php-security-checker-as-a-docker-image
-
Why does validating a user require 14000 files?
https://github.com/fabpot/local-php-security-checker
I agree, composer is not perfect, but before it was worse.
Psalm
-
Laravel code-quality tools
Psalm is a static analysis tool for PHP. Much like PHPStan is to Larastan, Psalm has a plugin called Laravel Psalm that allows you to easily use it in Laravel projects.
- PHP 8.3
-
PHP libraries and tools
Psalm: A static analysis tool for finding errors in PHP applications. Plugins: boesing/psalm-plugin-stringf: Psalm plugin to provide more details for sprintf, printf, sscanf and fscanf functions. hectorj/safe-php-psalm-plugin: vimeo/psalm plugin for thecodingmachine/safe. marartner/psalm-no-empty: Psalm plugin to detect usage of empty(). marartner/psalm-strict-equality: Psalm plugin to enforce strict equality. psalm/plugin-phpunit: A PHPUnit plugin for Psalm. psalm/plugin-symfony: Psalm Plugin for Symfony. weirdan/doctrine-psalm-plugin: Stubs to let Psalm understand Doctrine better. ghostwriter/psalm-plugin: Provides an ALL-IN-ONE plugin for Psalm
-
PHP-Tokio – Use any async Rust library from PHP
PHP 8 is the best version of PHP yet, and the main reason why it's so good is precisely because it got rid of a huge amount of ugly, legacy behavior.
Upgrading a codebase to PHP 8 is not an insurmountable task, I've upgraded our 1 million SLOC codebase at work in just a few weeks, with the help of tools like https://psalm.dev and our own strict coding standard.
- Devs interesados en aprender
-
Top 6 PHP code quality tools 2023
Psalm is a static analysis tool specifically designed for PHP. It performs advanced type inference and checks for various types of errors, including type errors, undefined variables, incorrect function calls, and more. It provides comprehensive code analysis and helps improve code quality and maintainability. Documentation: You can find more information about Psalm, including installation instructions and usage details, in the official repository: Psalm Repository
-
Avoiding empty() in PHP
vimeo/psalm
- [Laravel] Maintenant que PHPStorm prend en charge le Psaume et le PHPSTAN, lequel utilisez-vous / recommandez-vous pour les projets Laravel?
- TIL how PHP type hinting works
-
Templates available in Yii3.
Static analysis - Psalm .
What are some alternatives?
SecurityAdvisories - :closed_lock_with_key: Security advisories as a simple composer exclusion list, updated daily
PHPStan - PHP Static Analysis Tool - discover bugs in your code without running it!
Spout - Read and write spreadsheet files (CSV, XLSX and ODS), in a fast and scalable way
phan - Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
ComposerRequireChecker - A CLI tool to check whether a specific composer package uses imported symbols that aren't part of its direct composer dependencies
Rector - Instant Upgrades and Automated Refactoring of any PHP 5.3+ code
GrumPHP - A PHP code-quality tool
PHPCompatibility - PHP Compatibility check for PHP_CodeSniffer
google-api-php-client-services
PHP Code Sniffer - PHP_CodeSniffer tokenizes PHP files and detects violations of a defined set of coding standards.
google-api-php-client - A PHP client library for accessing Google APIs
Qodana - 📝 Source repository of Qodana Help