PHPackages larasofthu/laravel-guardian - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Utility & Helpers](/categories/utility) 4. / 5. larasofthu/laravel-guardian ActiveLibrary[Utility & Helpers](/categories/utility) larasofthu/laravel-guardian =========================== Laravel package for file integrity checking against Git state 1.0.64(2mo ago)025↓100%MITPHPPHP ^8.2 Since Mar 4Pushed 2mo agoCompare [ Source](https://github.com/LarasoftHU/laravel-guardian)[ Packagist](https://packagist.org/packages/larasofthu/laravel-guardian)[ RSS](/packages/larasofthu-laravel-guardian/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependencies (6)Versions (9)Used By (0) Laravel Guardian ================ [](#laravel-guardian) Laravel Guardian is a security-focused integrity scanner for Laravel projects. It combines **Git-based integrity checks** (what changed compared to a reference) with **runtime disk/public path security scanning** (what suspicious files currently exist in storage/public). This makes it useful for CI/CD, deployment validation, and continuous monitoring on production servers. What It Detects --------------- [](#what-it-detects) ### 1) Git integrity changes [](#1-git-integrity-changes) - Modified files - Added files - Deleted files - Renamed files - Untracked files (respects `.gitignore`) ### 2) Storage/public security findings [](#2-storagepublic-security-findings) - Suspicious PHP function usage in file content - Known malware-like regex signatures - Dangerous file extensions in storage disks - Suspicious WordPress/CMS-like path patterns in storage and `public/` Requirements ------------ [](#requirements) - PHP 8.2+ - Laravel 10, 11, 12, or 13 - Git (local repository available where scan runs) Installation ------------ [](#installation) ``` composer require larasofthu/laravel-guardian ``` The package is auto-discovered by Laravel. Publish Assets -------------- [](#publish-assets) Publish config: ``` php artisan vendor:publish --tag="file-integrity-config" ``` Publish mail view (optional): ``` php artisan vendor:publish --tag="file-integrity-views" ``` Published mail view path: `resources/views/vendor/file-integrity/file-integrity-report.blade.php` Quick Start ----------- [](#quick-start) Run the default scan: ``` php artisan file-integrity:scan ``` CI-friendly JSON output: ``` php artisan file-integrity:scan --json ``` Scan specific disks on demand: ``` php artisan file-integrity:scan --disks=local --disks=uploads ``` Command Options --------------- [](#command-options) `file-integrity:scan` supports: - `--base-ref=` Override Git reference (e.g. `origin/main`, `HEAD`, commit hash) - `--json` Print JSON report output - `--paths=*` Limit Git diff scope to specific paths - `--exclude-paths=*` Exclude paths (glob-style patterns) - `--disks=*` Override configured storage disks to scan - `--no-disk-scan` Disable disk/public scan for this run - `--no-fail` Force success exit code even if findings exist Configuration Reference ----------------------- [](#configuration-reference) All options are in `config/file-integrity.php`. ### Git integrity scope [](#git-integrity-scope) - `base_ref` Git reference used for comparison. Default: `HEAD`. - `paths` Include only these paths in Git change evaluation. Empty array means no include restriction. - `exclude_paths` Additional exclusion patterns (separate from `.gitignore` handling for untracked files). - `include_untracked` Include untracked files in results (default: `true`). ### Disk/public scanning [](#diskpublic-scanning) - `disk_scan` Array of disk names to scan. Example: `['local', 'uploads']`. Empty array skips storage-disk scanning (public path scanning can still run when enabled). - `content_scan_max_bytes` Max file size read for content-based scans. Default: `200 * 1024`. - `suspicious_php_functions` Function list used for suspicious PHP function matching. - `malware_patterns` Named regex signatures used for malware-like content detection. - `dangerous_extensions` Extensions that should not normally appear in upload/storage locations. - `suspicious_path_patterns` Case-insensitive path fragments indicating unexpected CMS footprint (WordPress/Joomla/Drupal-like artifacts). - `scan_public_path` Also inspect `base_path('public')` for suspicious path patterns. ### Reporting behavior [](#reporting-behavior) - `report.output` `console`, `json`, or `both`. - `report.fail_on_changes` Exit with non-zero code when Git changes or disk findings are present. - `report.log` Log the report payload with Laravel logger. - `report.mail` and `report.mail_to` Enable and configure email notifications when findings are detected. Output Overview --------------- [](#output-overview) The report includes: - `base_ref` - `changed_files` and Git `summary` - `has_changes` - `disk_scan` (`disks`, `findings`, `summary`, `has_findings`) - `exit_code` Example JSON: ``` { "base_ref": "origin/main", "changed_files": { "added": ["config/new.php"], "modified": ["app/Models/User.php"], "deleted": ["old/file.php"], "renamed": [{"from": "old.php", "to": "new.php"}], "untracked": ["app/NewFile.php"] }, "summary": { "total": 5, "added": 1, "modified": 1, "deleted": 1, "renamed": 1, "untracked": 1 }, "has_changes": true, "disk_scan": { "disks": ["local", "uploads", "public"], "findings": { "suspicious_php": [{"disk": "uploads", "file": "shell.php", "functions": ["eval"]}], "malware_patterns": [], "dangerous_files": [{"disk": "uploads", "file": "payload.exe", "extension": "exe"}], "suspicious_paths": [{"disk": "public", "file": "wp-admin/index.php", "pattern": "wp-admin"}] }, "summary": { "suspicious_php_count": 1, "malware_patterns_count": 0, "dangerous_files_count": 1, "suspicious_paths_count": 1 }, "has_findings": true }, "exit_code": 1 } ``` Exit Code Rules --------------- [](#exit-code-rules) - `0` when no failing condition is active - `1` when: - The project is not a Git repository, or - Git command execution fails, or - `report.fail_on_changes=true` and findings exist (unless `--no-fail` is used) Environment Variables --------------------- [](#environment-variables) VariableDescription`FILE_INTEGRITY_BASE_REF`Default value for `base_ref``FILE_INTEGRITY_INCLUDE_UNTRACKED`Set `false` to disable untracked detection`FILE_INTEGRITY_DISK_SCAN`Comma-separated disks (e.g. `local,uploads`)`FILE_INTEGRITY_CONTENT_SCAN_MAX_BYTES`Max bytes read per file for content scans`FILE_INTEGRITY_SCAN_PUBLIC_PATH`Set `false` to skip `public/` path-pattern scan`FILE_INTEGRITY_OUTPUT``console`, `json`, or `both``FILE_INTEGRITY_FAIL_ON_CHANGES`Set `true` for non-zero exit on findings`FILE_INTEGRITY_LOG`Set `true` to log report output`FILE_INTEGRITY_MAIL`Set `true` to send mail report`FILE_INTEGRITY_MAIL_TO`Mail recipients (single or comma-separated)Scheduler Integration --------------------- [](#scheduler-integration) Recommended for periodic monitoring (for example every hour). Laravel 11+ (`routes/console.php`): ``` use Illuminate\Support\Facades\Schedule; Schedule::command('file-integrity:scan')->hourly(); ``` Laravel 10 (`app/Console/Kernel.php`): ``` protected function schedule(Schedule $schedule): void { $schedule->command('file-integrity:scan')->hourly(); } ``` CI Example (GitHub Actions) --------------------------- [](#ci-example-github-actions) ``` name: File Integrity Check on: [push, pull_request] jobs: file-integrity: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 with: fetch-depth: 0 - name: Setup PHP uses: shivammathur/setup-php@v2 with: php-version: '8.2' - name: Install dependencies run: composer install --no-interaction --prefer-dist - name: Run scan run: php artisan file-integrity:scan --base-ref=origin/main --json env: FILE_INTEGRITY_FAIL_ON_CHANGES: true ``` Testing ------- [](#testing) ``` composer test ``` License ------- [](#license) MIT ### Health Score 41 — FairBetter than 89% of packages Maintenance86 Actively maintained with recent releases Popularity10 Limited adoption so far Community6 Small or concentrated contributor base Maturity51 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 8 Last Release 69d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/ea86a63ce08735a915639d2c9d44a9276146ddd8ee617fbe59cc3d40b92f0988?d=identicon)[kapasifulop](/maintainers/kapasifulop) --- Top Contributors [![kapasifulop](https://avatars.githubusercontent.com/u/69323434?v=4)](https://github.com/kapasifulop "kapasifulop (17 commits)") --- Tags laravelgitguardianfile-integrity ### Code Quality TestsPest ### Embed Badge ![Health badge](/badges/larasofthu-laravel-guardian/health.svg) ``` [![Health](https://phpackages.com/badges/larasofthu-laravel-guardian/health.svg)](https://phpackages.com/packages/larasofthu-laravel-guardian) ``` ### Alternatives [spatie/laravel-data Create unified resources and data transfer objects 1.7k28.9M627](/packages/spatie-laravel-data)[hirethunk/verbs An event sourcing package that feels nice. 513162.9k6](/packages/hirethunk-verbs)[keepsuit/laravel-temporal Laravel temporal.io 4875.0k](/packages/keepsuit-laravel-temporal)[worksome/exchange Check Exchange Rates for any currency in Laravel. 123544.7k](/packages/worksome-exchange)[ralphjsmit/livewire-urls Get the previous and current url in Livewire. 82270.3k4](/packages/ralphjsmit-livewire-urls)[hydrat/filament-table-layout-toggle Filament plugin adding a toggle button to tables, allowing user to switch between Grid and Table layouts. 6292.3k1](/packages/hydrat-filament-table-layout-toggle) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)