PHPackages existenznl/permcheck - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. existenznl/permcheck ActiveLibrary[Security](/categories/security) existenznl/permcheck ==================== PermCheck is a tool to validate the executable bit of files in a PHP project 3.0.0(3y ago)1154.4k↓20.6%4[5 PRs](https://github.com/eXistenZNL/PermCheck/pulls)1MITPHPCI passing Since Jan 7Pushed 2mo agoCompare [ Source](https://github.com/eXistenZNL/PermCheck)[ Packagist](https://packagist.org/packages/existenznl/permcheck)[ RSS](/packages/existenznl-permcheck/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependencies (5)Versions (21)Used By (1) PermCheck ========= [](#permcheck) [![Build Status](https://camo.githubusercontent.com/cc5072d092c70dbf45d8cb1184ff91717c0487aeb2bb2bf7029d395aa4264021/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f616374696f6e732f776f726b666c6f772f7374617475732f6558697374656e5a4e4c2f5065726d436865636b2f74657374732e79616d6c3f6272616e63683d6d6173746572267374796c653d666c61742d737175617265)](https://github.com/eXistenZNL/PermCheck/actions) [![Packagist](https://camo.githubusercontent.com/97f03b3c5dad1340cfe631cb92a03b0cf0c08749acb3722d19834d8ebbc6ac4d/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f6578697374656e7a6e6c2f7065726d636865636b2e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/existenznl/permcheck) [![Packagist](https://camo.githubusercontent.com/1d962d63fad11206246dcc5d41713384f883534a095d313ea40e05f3558e982b/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f646d2f6578697374656e7a6e6c2f7065726d636865636b2e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/existenznl/permcheck/stats) [![Packagist](https://camo.githubusercontent.com/2305938835716b33bcc97e0739cb392a02771635e4020785841c39471c8b09a3/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f6c2f6578697374656e7a6e6c2f7065726d636865636b2e7376673f7374796c653d666c61742d737175617265)](https://github.com/eXistenZNL/PermCheck/blob/master/LICENSE) [![Sponsors](https://camo.githubusercontent.com/8208c190a161c7513cd8bae92c169cb00a04f5106dbbbd054cff3cb432f120fb/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73706f6e736f72732f6558697374656e5a4e4c3f636f6c6f723d686f7470696e6b267374796c653d666c61742d737175617265)](https://github.com/sponsors/eXistenZNL) About ----- [](#about) PermCheck is a little tool that checks if the files in a project have the executable bit set properly. It's available for PHP versions 5.6 and up (Version 1.0 goes back to PHP 5.3), and is very light on dependencies, so you should be able to add it to nearly any project. PermCheck aims to prevent inconsistent executable bits and thus random executable files in a project, which makes a project more consistent and more secure. Installation ------------ [](#installation) PermCheck can be added as a composer package by running: ``` composer require --dev existenznl/permcheck ``` Configuration ------------- [](#configuration) PermCheck uses a XML configuration file which contains the sections directories and executables. The directories section should contain all project directories that are to be checked, and the executables section should contain all files that are supposed to be executable. All files that are found but are not in the executables section, are considered to be expected non executable. An example: ``` .git vendor/ dontcare.sh cli/console ``` In the example configuration above, everything but the dirs .git and vendor and the file dontcare.sh is validated, and only the file cli/console must be executable. If it's not, PermCheck will issue an error. If any other files are executable, PermCheck will issue an error. Usage ----- [](#usage) With a configuration XML stored somewhere in your codebase, we can now start using PermCheck. Executing permcheck is straightforward by running the command with the required / needed flags and options. `vendor/bin/permcheck [--directory|-d=...]` PermCheck makes use of the Symfony 2 [Console Component](http://symfony.com/doc/current/components/console/introduction.html) so the flags and options can be specified in the various formats outlined in the SF2 Console Component documentation. The following options and flags are available: Option/flagShorthandMandatoryDescription--config-cYesThe location of the configuration XML.--directory-dNoDe location of the base directory, defaults to the current working directory.Bugs, questions, and improvements --------------------------------- [](#bugs-questions-and-improvements) If you found a bug or have a question, please open an issue on the GitHub Issue tracker. Improvements can be sent by a Pull Request against the develop branch and are greatly appreciated! ### Health Score 49 — FairBetter than 95% of packages Maintenance57 Moderate activity, may be stable Popularity36 Limited adoption so far Community15 Small or concentrated contributor base Maturity72 Established project with proven stability Bus Factor1 Top contributor holds 75.2% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~221 days Recently: every ~606 days Total 12 Last Release 1349d ago Major Versions 1.0.8 → 2.0.02018-06-15 2.1.0 → 3.0.02022-09-07 ### Community Maintainers ![](https://www.gravatar.com/avatar/a3313d4ab77386760e11902679fc338c7f0985fb67793b606597841056524671?d=identicon)[eXistenZNL](/maintainers/eXistenZNL) --- Top Contributors [![renovate[bot]](https://avatars.githubusercontent.com/in/2740?v=4)](https://github.com/renovate[bot] "renovate[bot] (164 commits)")[![eXistenZNL](https://avatars.githubusercontent.com/u/1150201?v=4)](https://github.com/eXistenZNL "eXistenZNL (50 commits)")[![renatomefi](https://avatars.githubusercontent.com/u/823634?v=4)](https://github.com/renatomefi "renatomefi (3 commits)")[![noahlvb](https://avatars.githubusercontent.com/u/6873972?v=4)](https://github.com/noahlvb "noahlvb (1 commits)") --- Tags executableexecutable-filephpsecuritysecurity-toolssecurity-vulnerability ### Code Quality TestsPHPUnit Code StylePHP\_CodeSniffer ### Embed Badge ![Health badge](/badges/existenznl-permcheck/health.svg) ``` [![Health](https://phpackages.com/badges/existenznl-permcheck/health.svg)](https://phpackages.com/packages/existenznl-permcheck) ``` ### Alternatives [matomo/matomo Matomo is the leading Free/Libre open analytics platform 21.4k37.3k](/packages/matomo-matomo)[tilleuls/url-signer-bundle Create and validate signed URLs with a limited lifetime in Symfony 81340.1k](/packages/tilleuls-url-signer-bundle)[spatie/ssl-certificate-chain-resolver SSL certificate chain resolver 3069.6k](/packages/spatie-ssl-certificate-chain-resolver) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)