PHPackages                             empiretwo/gaze-laravel - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Validation &amp; Sanitization](/categories/validation)
4. /
5. empiretwo/gaze-laravel

ActiveComposer-plugin[Validation &amp; Sanitization](/categories/validation)

empiretwo/gaze-laravel
======================

Laravel adapter for the Gaze PII sanitization binary.

v0.11.1(3w ago)063↓100%Apache-2.0PHPPHP ^8.2CI failing

Since May 8Pushed 1w agoCompare

[ Source](https://github.com/EmpireTwo/gaze-laravel)[ Packagist](https://packagist.org/packages/empiretwo/gaze-laravel)[ Docs](https://github.com/EmpireTwo/gaze-laravel)[ RSS](/packages/empiretwo-gaze-laravel/feed)WikiDiscussions main Synced 1w ago

READMEChangelog (10)Dependencies (15)Versions (13)Used By (0)

gaze-laravel
============

[](#gaze-laravel)

[![Latest Stable Version](https://camo.githubusercontent.com/678121b966d35fc7fb8fc55ecc5bc1477bc03521ee607489ec09bf3827211adb/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f656d7069726574776f2f67617a652d6c61726176656c2e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/empiretwo/gaze-laravel)[![Total Downloads](https://camo.githubusercontent.com/728fb3008bbabb1dc266954bf6ace09a60b65376a37d7e9c9c32a6ae5745ca1b/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f656d7069726574776f2f67617a652d6c61726176656c2e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/empiretwo/gaze-laravel)[![Tests](https://camo.githubusercontent.com/30f9524ee404273b2a2d5a45817b616f5b8d63cb5644763465c14847e7085991/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f616374696f6e732f776f726b666c6f772f7374617475732f456d7069726554776f2f67617a652d6c61726176656c2f746573742e796d6c3f6272616e63683d6d61696e266c6162656c3d7465737473267374796c653d666c61742d737175617265)](https://github.com/EmpireTwo/gaze-laravel/actions/workflows/test.yml)[![License](https://camo.githubusercontent.com/f86b61bd48b464e924e7d129fc00d212f99b72812d699e2c9fa437b097086487/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f6c2f656d7069726574776f2f67617a652d6c61726176656c2e7376673f7374796c653d666c61742d737175617265)](https://github.com/EmpireTwo/gaze-laravel/blob/main/LICENSE)

Laravel adapter for the [`gaze`](https://github.com/EmpireTwo/gaze) CLI contract.

`gaze-laravel` wraps the pipe-mode `gaze clean` / `gaze restore` workflow for Laravel apps. It sends raw UTF-8 text to `clean`, keeps the returned `session_blob` encrypted at rest, and restores model output through `restore` with typed exceptions and queue-aware retry helpers.

Use it when you need to:

- send pseudonymized text to an LLM instead of raw PII;
- restore model output back into owner-side text;
- keep encrypted session blobs out of logs and public component state;
- classify subprocess failures into caller, config, integrity, and infra buckets;
- run an opt-in HTTP proxy daemon that pseudonymizes requests bound for OpenAI / Anthropic / Gemini and restores their replies (see [`docs/proxy.md`](./docs/proxy.md));
- run the opt-in `gaze daemon` JSONL stdio runtime for multi-turn agent loops and worker queues that need repeated low-latency redaction without per-turn binary startup (see [`docs/daemon.md`](./docs/daemon.md)):

    ```
    use Naoray\GazeLaravel\Facades\Gaze;

    // Composition (fluent sugar)
    $session = Gaze::daemon()->session('agent-thread-a');
    $response = $session->clean($prompt);

    // Direct hot path (one PHP call = one JSONL line)
    $response = Gaze::daemon()->clean('agent-thread-a', $prompt);
    ```
- opt into the Kiji DistilBERT safety-net backend (Tier 2.5 NER subprocess) via `gaze.safety_net_backend=kiji-distilbert` for higher-recall Pass-3 leak detection.

> **Detection modes:** Regex + rulepack runs by default. Optional NER (ONNX-backed) is an opt-in second install — run `php artisan gaze:install-ner` to download model artifacts. See [`docs/ner.md`](docs/ner.md) for trade-offs.

**New here?** Start with the [getting started guide](./docs/getting-started.md).

Requirements
------------

[](#requirements)

- PHP `^8.2`
- Laravel `^11.0 || ^12.0`
- The `gaze` binary on `PATH`, in `vendor/bin/gaze`, or configured via `GAZE_BINARY`

Install
-------

[](#install)

```
composer require empiretwo/gaze-laravel
php artisan vendor:publish --tag=gaze-config
php artisan vendor:publish --tag=gaze-policy
```

The package ships as a Composer plugin (`Naoray\GazeLaravel\Install\GazeInstallerPlugin`). On first install your Composer will ask whether to allow it — pick `y` to enable automatic binary download, or pick `n` and provide `GAZE_BINARY` yourself.

> **Non-interactive (CI) installs:** Composer 2.2+ requires plugins be allow-listed before they execute. Add this once before installing in CI:
>
> ```
> composer config allow-plugins.empiretwo/gaze-laravel true
> ```
>
>
>
> Or pre-seed `composer.json`:
>
> ```
> "config": {
>   "allow-plugins": {
>     "empiretwo/gaze-laravel": true
>   }
> }
> ```
>
>
>
> Without this, the binary auto-download step is silently skipped on first install.

Installer env overrides:

- `GAZE_SKIP_BINARY_DOWNLOAD=1` — skip the download entirely when you manage the binary out-of-band.
- `GAZE_VERSION=x.y.z` — install a different gaze version than the one pinned by this release; use cautiously because the pinned version is contract-tested.
- `GAZE_RELEASE_BASE=https://...` — release base override for fixture or staging release hosts.

See [Configuration](./docs/configuration.md) for the full env var + config publishing reference.

Usage
-----

[](#usage)

```
use Naoray\GazeLaravel\Gaze;

$session = $gaze->clean($request->string('body'));
$reply = $llm->complete($session->cleanText);

return $gaze->restore($session, $reply);
```

### Per-rule detection entries

[](#per-rule-detection-entries)

`GazeSession::$entries` exposes each tokenized span as a readonly `Entry` DTO (`class`, `raw`, `token`, `family`) when the upstream `gaze` CLI emits the `entries` field on its JSON response. The array is empty for releases that do not yet surface the field, so consumers can always iterate safely:

```
foreach ($session->entries as $entry) {
    logger()->info('detected', [
        'class' => $entry->class,
        'token' => $entry->token,
        'family' => $entry->family,
    ]);
}

// Single-entry access:
$firstClass = $session->entries[0]->class ?? null;
```

This surface replaces the previous pattern of decrypting `$session->ciphertext`and parsing the binary snapshot header by hand.

See [Exceptions](./docs/exceptions.md) for the exit bucket and typed exception reference.

See [Testing](./docs/testing.md) for fakes, assertions, and integration-test setup.

Documentation
-------------

[](#documentation)

- [Getting started](./docs/getting-started.md)
- [Configuration](./docs/configuration.md)
- [Architecture](./docs/architecture.md)
- [Audit query / export](./docs/audit.md)
- [Blob lifecycle](./docs/blob-lifecycle.md)
- [NER install](./docs/ner.md)
- [Livewire integration](./docs/livewire.md)
- [Conversational-loop patterns](./docs/conversational-loop.md)
- [Operations](./docs/operations.md)
- [Retry discipline](./docs/retry.md)
- [Diagnostics](./docs/diagnostics.md)
- [Exceptions](./docs/exceptions.md)
- [Proxy daemon](./docs/proxy.md)
- [SafetyNet (OPF + Kiji)](./docs/safety-net.md)
- [Queue integration](./docs/queue.md)
- [Security model](./docs/security.md)
- [Testing](./docs/testing.md)

Security
--------

[](#security)

Session blobs are encrypted at rest with Laravel's encrypter, keyed by `GAZE_ENCRYPTION_KEY` or `APP_KEY`. Only pseudonymized `$session->cleanText` should cross the model boundary; restore happens owner-side. See [Security model](./docs/security.md) for guarantees, responsibilities, and compliance boundaries.

Upgrading
---------

[](#upgrading)

Per-minor walkthroughs live in [`docs/upgrading.md`](./docs/upgrading.md); pair them with the upstream binary's [UPGRADE.md](https://github.com/EmpireTwo/gaze/blob/main/UPGRADE.md). The current pin is **v0.9.0** — see the `v0.8.1 → v0.9.0` section for the adoption notes, Kiji ORT/int8 config, and daemon fallback rationale. Older upgrade notes are preserved in the same file.

See [`docs/exceptions.md`](./docs/exceptions.md) and [`docs/upstream-coverage.md`](./docs/upstream-coverage.md) for the full exception table and upstream parity matrix.

Known limitations
-----------------

[](#known-limitations)

- Pre-built binary auto-downloads currently cover Linux x86\_64 and macOS arm64. Intel Mac users must install `gaze` from source and set `GAZE_BINARY`.
- NER model artifacts are not bundled in the Composer package. Install them explicitly with `php artisan gaze:install-ner` when you need NER-backed detection.

License
-------

[](#license)

Apache-2.0 — see [LICENSE](./LICENSE).

###  Health Score

42

—

FairBetter than 88% of packages

Maintenance97

Actively maintained with recent releases

Popularity12

Limited adoption so far

Community8

Small or concentrated contributor base

Maturity43

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 98.7% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~1 days

Total

11

Last Release

22d ago

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/10154100?v=4)[Krishan König](/maintainers/Naoray)[@Naoray](https://github.com/Naoray)

---

Top Contributors

[![Naoray](https://avatars.githubusercontent.com/u/10154100?v=4)](https://github.com/Naoray "Naoray (77 commits)")[![lord-eagle](https://avatars.githubusercontent.com/u/2154876?v=4)](https://github.com/lord-eagle "lord-eagle (1 commits)")

---

Tags

aianonymizationcomposer-plugindata-privacygdprlaravelllmphppiipii-redactionlaravelairedactionllmgdprprivacyanonymizationpiipseudonymization

###  Code Quality

TestsPest

Static AnalysisPHPStan

Code StyleLaravel Pint

Type Coverage Yes

### Embed Badge

![Health badge](/badges/empiretwo-gaze-laravel/health.svg)

```
[![Health](https://phpackages.com/badges/empiretwo-gaze-laravel/health.svg)](https://phpackages.com/packages/empiretwo-gaze-laravel)
```

###  Alternatives

[laravel/ai

The official AI SDK for Laravel.

9782.1M153](/packages/laravel-ai)[spatie/laravel-health

Monitor the health of a Laravel application

88011.3M149](/packages/spatie-laravel-health)[laravel/horizon

Dashboard and code-driven configuration for Laravel queues.

4.1k91.3M277](/packages/laravel-horizon)[laravel/sail

Docker files for running a basic Laravel application.

1.9k199.2M1.2k](/packages/laravel-sail)[laravel/mcp

Rapidly build MCP servers for your Laravel applications.

76318.2M110](/packages/laravel-mcp)[illuminate/queue

The Illuminate Queue package.

20432.2M1.5k](/packages/illuminate-queue)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)