PHPackages golchha21/htmlforge - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Validation & Sanitization](/categories/validation) 4. / 5. golchha21/htmlforge ActiveLibrary[Validation & Sanitization](/categories/validation) golchha21/htmlforge =================== A standards-first HTML compiler for PHP that generates W3C-compliant, accessibility-validated HTML by construction. v1.2.1(3mo ago)00MITPHPPHP ^8.3 Since Jan 30Pushed 2mo agoCompare [ Source](https://github.com/golchha21/htmlforge)[ Packagist](https://packagist.org/packages/golchha21/htmlforge)[ Docs](https://github.com/golchha21/htmlforge)[ RSS](/packages/golchha21-htmlforge/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (3)Dependencies (1)Versions (11)Used By (0) HTMLForge ========= [](#htmlforge) [![PHP](https://camo.githubusercontent.com/386409cac9efebb09e66124fda8d930ca43cd36fb8f4ff069cd88c1405e04fa6/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f7068702d762f676f6c6368686132312f68746d6c666f7267653f6c6f676f3d706870266c6f676f436f6c6f723d776869746526636f6c6f723d373737626234)](https://camo.githubusercontent.com/386409cac9efebb09e66124fda8d930ca43cd36fb8f4ff069cd88c1405e04fa6/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f7068702d762f676f6c6368686132312f68746d6c666f7267653f6c6f676f3d706870266c6f676f436f6c6f723d776869746526636f6c6f723d373737626234)[![Version](https://camo.githubusercontent.com/449c03c714cf5e201b7b07445346a5e88f4006312cb77b455ad4d9d9dd05c60c/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f676f6c6368686132312f68746d6c666f726765)](https://packagist.org/packages/golchha21/htmlforge)[![Downloads](https://camo.githubusercontent.com/b41b46c79fbf6c5f2a330765b800f917959f2635fc5453a40b660afa5dfb9397/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f676f6c6368686132312f68746d6c666f726765)](https://packagist.org/packages/golchha21/htmlforge)[![License](https://camo.githubusercontent.com/4d36cb6841056f965191b631f57dde28cada3a66ef7dce36cab13e577dda164e/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f6c2f676f6c6368686132312f68746d6c666f726765)](https://packagist.org/packages/golchha21/htmlforge)[![Accessibility](https://camo.githubusercontent.com/cac008c5a437e1aa0370af95d7dcd5c49155161e8497387c7303deed1b71d447/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f4163636573736962696c6974792d57434147253230322e782d73756363657373)](https://camo.githubusercontent.com/cac008c5a437e1aa0370af95d7dcd5c49155161e8497387c7303deed1b71d447/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f4163636573736962696c6974792d57434147253230322e782d73756363657373)[![Standards](https://camo.githubusercontent.com/c5f75d3dae50299c5f161655bab86ef081e816d2a7f257e8e0abdbc712a0d5d9/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f48544d4c2d573343253230436f6d706c69616e742d6f72616e6765)](https://camo.githubusercontent.com/c5f75d3dae50299c5f161655bab86ef081e816d2a7f257e8e0abdbc712a0d5d9/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f48544d4c2d573343253230436f6d706c69616e742d6f72616e6765) **HTMLForge** is a standards-first HTML compiler for PHP. It generates **W3C-compliant, accessibility-validated HTML** by compiling an explicit **Abstract Syntax Tree (AST)** through a deterministic validation pipeline. HTMLForge does not guess, auto-fix, or silently tolerate invalid markup. If HTML renders, it is **structurally correct and policy-compliant**. --- Why HTMLForge ------------- [](#why-htmlforge) Most HTML generation tools: - concatenate strings - rely on browsers to fix mistakes - mix validation, rendering, and presentation - fail late and unclearly HTMLForge takes a different approach: - HTML is treated as a **language with rules** - Validation happens **before rendering** - Errors are **data**, not crashes - Accessibility is enforced by default --- Core Concepts ------------- [](#core-concepts) ### AST-first design [](#ast-first-design) HTMLForge builds an immutable **Abstract Syntax Tree (AST)**. - No raw HTML strings are rendered directly - Every element, attribute, and text node is explicit - Invalid structures cannot be constructed accidentally --- ### Deterministic validation (v1.2) [](#deterministic-validation-v12) All validation happens explicitly through a **multi-phase validator pipeline**: - Document structure - Content model rules - Attribute validity - Attribute value constraints - Accessibility (WCAG-aware) - ARIA semantics - Document metadata - Policy & security rules Validation always runs **before** rendering. In **v1.2**, validators **emit violations instead of throwing**, which guarantees: - All violations are collected - Multiple failures on multiple nodes are all reported - No early exits or hidden errors Each violation maps to: - a **stable rule ID** - a **single semantic failure** - an **exact element path** --- ### Policy-driven profiles [](#policy-driven-profiles) Validation rules are grouped into **profiles**, not flags: - `WCAG_A` - `WCAG_AA` - `WCAG_AAA` - `STRICT_HTML` - `CMS_SAFE` Profiles define *what is enforced*, not *how HTML is written*. No conditionals. No runtime switches. Profiles are declarative and explicit. --- ### No runtime surprises [](#no-runtime-surprises) HTMLForge never: - auto-injects missing elements - fixes invalid markup - rewrites your structure - relies on browser error recovery If something is wrong, you get a **complete validation report** — not broken HTML. --- Accessibility by default ------------------------ [](#accessibility-by-default) HTMLForge enforces real accessibility rules, not heuristics: - Accessible names for interactive elements - Proper form labeling (implicit and explicit) - Landmark and heading structure - ARIA role correctness - Native HTML semantics preferred over ARIA Accessibility failures are **validation errors**, not warnings. --- Rendering model --------------- [](#rendering-model) - Exactly one ``, ``, and `` per document - `` is the root content container - No implicit wrapper elements - Raw-text and inert elements are isolated correctly - Rendering only happens if validation passes --- Validation reports (v1.2) ------------------------- [](#validation-reports-v12) HTMLForge produces **structured diagnostics**, not strings: - Stable rule IDs (e.g. `accessibility:img-alt-required`) - Exact element paths (`html > body > form > input`) - Multiple violations are **never deduplicated** - Machine-readable JSON output - Browser-friendly grouped HTML reports One violation always corresponds to **one semantic rule failure**. --- ### Security and policy enforcement [](#security-and-policy-enforcement) HTMLForge enforces strict security-related HTML policies: - Inline JavaScript event handlers (`onclick`, `onload`, etc.) - Profile-aware severity: - error in `STRICT_HTML` - warning in CMS-oriented profiles These rules are enforced at validation time, not runtime. --- Documentation ------------- [](#documentation) The documentation is intentionally small, focused, and correctness-oriented. If something is not documented, it is either unstable or out of scope. ### Getting started [](#getting-started) - **[Overview](docs/overview.md)** What HTMLForge is, what it is not, and when to use it. - **[Core Concepts](docs/core-concepts.md)** ASTs, validation vs rendering, determinism, and design decisions. ### Validation [](#validation) - **[Validation Profiles](docs/validation-profiles.md)** Available profiles and how to choose the right one. - **[ValidationReport](docs/validation-report.md)** Canonical schema, rule IDs, element paths, and report rendering. ### Examples [](#examples) - **[Basic Document](docs/examples/basic-document.md)** Rendering and validating a complete HTML document. - **[Fragment Rendering](docs/examples/fragment-rendering.md)** Rendering partial HTML without document-level assumptions. - **[Accessibility Validation](docs/examples/accessibility-validation.md)** WCAG-aware validation with rule IDs and element paths. - **[CMS-Safe Pipeline](docs/examples/cms-safe-pipeline.md)** Validating and rendering untrusted, user-generated content. --- ### Document encoding enforcement [](#document-encoding-enforcement) HTMLForge requires an explicit character encoding declaration: - `` is mandatory - Missing charset is a validation error - HTMLForge does not auto-insert encoding metadata This ensures deterministic parsing behavior and avoids browser-dependent encoding assumptions. --- Appendix: Element Coverage Matrix --------------------------------- [](#appendix-element-coverage-matrix) This usage example exercises the following HTML element categories: CategoryElements DemonstratedDocument roothtml, head, bodyMetadatatitle, meta, style, linkSectioningheader, nav, main, section, article, aside, footerHeadingsh1, h2Groupingp, ul, li, figure, figcaptionPhrasinga, span (implicit), text nodesEmbeddedimgFormsform, label, input, buttonInteractivea, button, inputGlobal attributesclass, id, lang, data-\*Accessibilityimplicit labels, alt text, landmarksThis matrix reflects **real validation coverage**, not theoretical support. Elements not shown here are still supported if present in the registry. --- Error handling -------------- [](#error-handling) HTMLForge never throws during rendering. Instead: - All validation errors are collected - Rendering returns a `RenderResult` - You decide how to display, log, or block output This makes HTMLForge safe for: - browsers - CMS pipelines - static builds - CI environments --- Installation ------------ [](#installation) ``` composer require golchha21/htmlforge ``` Requires **PHP 8.3+**. --- Changelog --------- [](#changelog) Please see [CHANGELOG](CHANGELOG.md) for more information what has changed recently. Security -------- [](#security) If you discover any security related issues, please email instead of using the issue tracker. Author ------ [](#author) - [Ulhas Vardhan Golchha](https://github.com/golchha21) - *Initial work* See also the list of [contributors](https://github.com/golchha21/htmlforge/graphs/contributors) who participated in this project. --- License ------- [](#license) [MIT license](LICENSE.md). ### Health Score 38 — LowBetter than 85% of packages Maintenance81 Actively maintained with recent releases Popularity0 Limited adoption so far Community6 Small or concentrated contributor base Maturity55 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 9 Last Release 105d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/10a2b0e3d55aa79297b82f029d5340e34ee8aa3c29db57bb31780bcc4af947d0?d=identicon)[golchha21](/maintainers/golchha21) --- Top Contributors [![golchha21](https://avatars.githubusercontent.com/u/772400?v=4)](https://github.com/golchha21 "golchha21 (11 commits)") --- Tags phpstandardsvalidationhtmlHTML5compileraccessibilityW3Cwcaga11y ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/golchha21-htmlforge/health.svg) ``` [![Health](https://phpackages.com/badges/golchha21-htmlforge/health.svg)](https://phpackages.com/packages/golchha21-htmlforge) ``` PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)