php-framework

core/php-framework

Fork 0

Commit graph

Author	SHA1	Message	Date
Snider	1c5cbac9f7	feat: add security-checks.yaml spec for core php security command Defines 45+ security checks implementable in Go without PHP runtime: Check categories: - Environment (13): APP_DEBUG, APP_KEY, cookies, HTTPS, passwords - Filesystem (6): .env exposure, permissions, sensitive files - Config (4): CSRF, throttling, hashing, sessions - Patterns (9): XSS, SQLi, command injection, hardcoded creds - Tools (3): composer audit, npm audit, phpstan - Headers (4): HSTS, CSP, X-Frame-Options (optional) Implementation approach: - Parse .env directly (no PHP needed) - Regex patterns on PHP/Blade files - Shell out to existing tools - CWE references for each check For `core php security` command in Go CLI. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-01-29 23:25:50 +00:00

Author

SHA1

Message

Date

Snider

1c5cbac9f7

feat: add security-checks.yaml spec for core php security command

Defines 45+ security checks implementable in Go without PHP runtime:

**Check categories:**
- Environment (13): APP_DEBUG, APP_KEY, cookies, HTTPS, passwords
- Filesystem (6): .env exposure, permissions, sensitive files
- Config (4): CSRF, throttling, hashing, sessions
- Patterns (9): XSS, SQLi, command injection, hardcoded creds
- Tools (3): composer audit, npm audit, phpstan
- Headers (4): HSTS, CSP, X-Frame-Options (optional)

**Implementation approach:**
- Parse .env directly (no PHP needed)
- Regex patterns on PHP/Blade files
- Shell out to existing tools
- CWE references for each check

For `core php security` command in Go CLI.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-01-29 23:25:50 +00:00

1 commit