PHPackages                             erickjmenezes/policyman - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. erickjmenezes/policyman

ActiveLibrary[Security](/categories/security)

erickjmenezes/policyman
=======================

CSP manager

v0.5.0(1y ago)02MITPHPPHP ^8.3

Since Sep 6Pushed 1y ago1 watchersCompare

[ Source](https://github.com/ErickJMenezes/policyman)[ Packagist](https://packagist.org/packages/erickjmenezes/policyman)[ RSS](/packages/erickjmenezes-policyman/feed)WikiDiscussions main Synced yesterday

READMEChangelog (5)Dependencies (3)Versions (6)Used By (0)

Policyman 👮
===========

[](#policyman-)

A Content-Security-Policy (CSP) header parser and builder.

Instalation
-----------

[](#instalation)

```
composer install erickjmenezes/policyman
```

Building a CSP header:
----------------------

[](#building-a-csp-header)

```
use ErickJMenezes\Policyman\Policyman;
use ErickJMenezes\Policyman\Keyword;

$header = Policyman::builder()
    ->defaultSrc([Keyword::Self])
    ->scriptSrc([Keyword::Self, Keyword::UnsafeEval, Keyword::UnsafeInline, 'trusted-cdn.com'])
    ->styleSrc([Keyword::Self, 'trusted-cdn.com'])
    ->toString();

// Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' trusted-cdn.com; style-src 'self' trusted-cdn.com
```

Parsing and editing an existing CSP header string:
--------------------------------------------------

[](#parsing-and-editing-an-existing-csp-header-string)

```
use ErickJMenezes\Policyman\Policyman;
use ErickJMenezes\Policyman\ContentSecurityPolicy;
use ErickJMenezes\Policyman\Policy;
use ErickJMenezes\Policyman\Keyword;
use ErickJMenezes\Policyman\Directive;

// Example header.
$header = "Content-Security-Policy: img-src 'self' data:; object-src 'none'";

// Parsing to an object.
/** @var ContentSecurityPolicy $csp */
$csp = Policyman::parse($header);

// Adding script-src directive.
$csp->add(new Policy(Directive::ScriptSrc, [Keyword::Self, 'example.com']));
$csp->find(Directive::ImgSrc)->add('example.com');

// Convert it back to a string.
$newHeader = Policyman::serialize($csp);

// Content-Security-Policy: img-src 'self' data: example.com; object-src 'none'; script-src 'self' example.com
```

Validation:
-----------

[](#validation)

```
use ErickJMenezes\Policyman\Policyman;

Policyman::validate("Content-Security-Policy: default_src 'self'"); // false
Policyman::validate("Content-Security-Policy: default-src 'self'"); // true
```

###  Health Score

25

—

LowBetter than 35% of packages

Maintenance33

Infrequent updates — may be unmaintained

Popularity2

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity49

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~0 days

Total

5

Last Release

664d ago

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/49132967?v=4)[Erick Menezes](/maintainers/ErickJMenezes)[@ErickJMenezes](https://github.com/ErickJMenezes)

---

Top Contributors

[![ErickJMenezes](https://avatars.githubusercontent.com/u/49132967?v=4)](https://github.com/ErickJMenezes "ErickJMenezes (16 commits)")

###  Code Quality

TestsPest

Static AnalysisPHPStan

Type Coverage Yes

### Embed Badge

![Health badge](/badges/erickjmenezes-policyman/health.svg)

```
[![Health](https://phpackages.com/badges/erickjmenezes-policyman/health.svg)](https://phpackages.com/packages/erickjmenezes-policyman)
```

###  Alternatives

[mews/purifier

Laravel 5/6/7/8/9/10 HtmlPurifier Package

2.0k18.7M143](/packages/mews-purifier)[paragonie/ecc

PHP Elliptic Curve Cryptography library

24820.0k37](/packages/paragonie-ecc)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
