PHPackages vds/laravel-enterprise-governance - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [DevOps & Deployment](/categories/devops) 4. / 5. vds/laravel-enterprise-governance ActiveLibrary[DevOps & Deployment](/categories/devops) vds/laravel-enterprise-governance ================================= Enterprise deployment governance, audit logging, AI review pipelines, and operational controls for Laravel. v1.0.0(2w ago)10MITPHPPHP ^8.2CI passing Since May 20Pushed 2w agoCompare [ Source](https://github.com/VDS-International/laravel-enterprise-governance)[ Packagist](https://packagist.org/packages/vds/laravel-enterprise-governance)[ Docs](https://github.com/vds-international/laravel-enterprise-governance)[ RSS](/packages/vds-laravel-enterprise-governance/feed)WikiDiscussions main Synced 1w ago READMEChangelogDependencies (9)Versions (2)Used By (0) Laravel Enterprise Governance ============================= [](#laravel-enterprise-governance) Enterprise deployment governance, audit logging, AI review pipelines, and operational controls for Laravel. This is one Laravel package for teams that need lightweight governance around production operations without adopting a heavy platform. It gives you deterministic policy checks, explainable denials, audit events, and Artisan tooling that can run in CI, release workflows, admin panels, or internal automations. Laravel Enterprise Governance is developed and maintained by **[VDS International](https://vdsintl.com)**, a premier **[software agency](https://vdsintl.com)** specializing in AI-augmented software development, codebase stabilization, and enterprise software architecture. Modules ------- [](#modules) - **Deployment governance**: review deployment manifests before production changes ship. - **Audit logging**: write structured governance events to logs or a database table. - **AI review pipelines**: review AI requests before prompts leave your application. - **Operational tooling**: install, doctor, and deployment-check Artisan commands. Requirements ------------ [](#requirements) - PHP 8.2 or higher. - Laravel 11, 12, or 13. Installation ------------ [](#installation) ``` composer require vds/laravel-enterprise-governance ``` Publish the config and optional audit migration: ``` php artisan enterprise-governance:install php artisan migrate ``` By default, audit entries are written to your Laravel log. To use the database audit table, set: ``` ENTERPRISE_GOVERNANCE_AUDIT_DRIVER=database ``` Deployment Governance --------------------- [](#deployment-governance) Review a deployment manifest before a release proceeds: ``` use Vds\LaravelEnterpriseGovernance\Facades\EnterpriseGovernance; $decision = EnterpriseGovernance::reviewDeployment([ 'environment' => 'production', 'version' => 'v1.8.0', 'actor_id' => $user->id, 'changes' => [ 'app/Services/BillingService.php', 'database/migrations/2026_05_20_000000_add_invoice_status.php', ], 'approvals' => ['cto'], 'scheduled_at' => now()->toIso8601String(), 'metadata' => [ 'migration_reviewed' => true, 'change_ticket' => 'OPS-1842', ], ]); if ($decision->denied()) { return response()->json([ 'message' => 'Deployment blocked by enterprise governance policy.', 'reasons' => $decision->reasons, ], 422); } ``` Run the same policy from CI or a release script: ``` php artisan enterprise-governance:deployment-check \ --environment=production \ --version="$GITHUB_SHA" \ --actor="$GITHUB_ACTOR" \ --changed=database/migrations/2026_05_20_000000_add_invoice_status.php \ --approval=cto \ --migration-reviewed ``` Built-in deployment policies include: - blocked paths - required approvals for protected environments - change windows - migration review metadata Audit Logging ------------- [](#audit-logging) Write a generic operational audit event: ``` EnterpriseGovernance::audit('ops.runbook.generated', [ 'runbook' => 'production-deploy', 'change_ticket' => 'OPS-1842', ]); ``` AI and deployment reviews are audited automatically when audit logging is enabled. The database migration creates an `enterprise_governance_audits` table with: - event type - subject - actor - environment - allow/deny outcome - reasons - redactions - metadata - content hash and optional redacted excerpt Set this if you only want hashes and metadata: ``` ENTERPRISE_GOVERNANCE_AUDIT_STORE_CONTENT=none ``` AI Review Pipelines ------------------- [](#ai-review-pipelines) Review AI requests before prompts leave your Laravel app: ``` $decision = EnterpriseGovernance::reviewAi([ 'use_case' => 'support.reply', 'provider' => 'openai', 'model' => 'gpt-5.2', 'prompt' => 'Write a concise customer support reply.', 'metadata' => [ 'tenant_id' => $tenant->id, ], 'user_id' => $user->id, ]); ``` Use `assertAiAllowed()` when a denied request should throw: ``` EnterpriseGovernance::assertAiAllowed([ 'provider' => 'openai', 'model' => 'gpt-5.2', 'prompt' => $prompt, ]); ``` Built-in AI policies include: - provider allow lists - model allow lists - blocked prompt patterns - prompt length limits - audit redaction for common personal data Middleware ---------- [](#middleware) Attach the middleware to routes that accept prompts: ``` use Vds\LaravelEnterpriseGovernance\Http\Middleware\EnsureAiRequestAllowed; Route::post('/ai/reply', ReplyController::class) ->middleware(EnsureAiRequestAllowed::class); ``` When the request is allowed, the decision is available as: ``` $decision = request()->attributes->get('enterprise_governance_decision'); ``` Configuration ------------- [](#configuration) Publish `config/enterprise-governance.php` and tune policy: ``` 'deployment' => [ 'protected_environments' => ['production'], 'required_approvals' => 2, 'blocked_paths' => ['.env', 'storage/*.key'], 'change_windows' => [ 'production' => [ [ 'days' => ['Mon', 'Tue', 'Wed', 'Thu'], 'start' => '09:00', 'end' => '17:00', 'timezone' => 'UTC', ], ], ], ], 'ai' => [ 'allowed_providers' => ['openai'], 'allowed_models' => [ 'openai' => ['gpt-5.2'], ], 'limits' => [ 'max_prompt_characters' => 12000, ], ], ``` Custom AI policies implement: ``` use Vds\LaravelEnterpriseGovernance\AIRequest; use Vds\LaravelEnterpriseGovernance\Contracts\AIReviewPolicy; use Vds\LaravelEnterpriseGovernance\PolicyResult; final class TenantAIPolicy implements AIReviewPolicy { public function evaluate(AIRequest $request): PolicyResult { return $request->metadata['tenant_ai_enabled'] ?? false ? PolicyResult::allow('tenant.enabled') : PolicyResult::deny('tenant.disabled', 'AI is disabled for this tenant.'); } } ``` Custom deployment policies implement: ``` use Vds\LaravelEnterpriseGovernance\Contracts\DeploymentPolicy; use Vds\LaravelEnterpriseGovernance\Deployment\DeploymentManifest; use Vds\LaravelEnterpriseGovernance\PolicyResult; final class IncidentFreezePolicy implements DeploymentPolicy { public function evaluate(DeploymentManifest $manifest): PolicyResult { return app(IncidentState::class)->active() ? PolicyResult::deny('deployment.incident_freeze', 'Production is under incident freeze.') : PolicyResult::allow('deployment.incident_freeze.clear'); } } ``` Register custom policies in the relevant config array. Operations ---------- [](#operations) Inspect package configuration: ``` php artisan enterprise-governance:doctor ``` Run local quality checks: ``` composer install composer lint composer test ``` Security -------- [](#security) Please see [SECURITY.md](SECURITY.md). Contributing ------------ [](#contributing) Please see [CONTRIBUTING.md](CONTRIBUTING.md). License ------- [](#license) The MIT License. Please see [LICENSE.md](LICENSE.md). About VDS International ----------------------- [](#about-vds-international) This package is sponsored and maintained by **[VDS International](https://vdsintl.com)**. As a specialized **[software agency](https://vdsintl.com)**, we help organizations take over, stabilize, and scale complex codebase architectures while introducing robust AI and operational governance. If your enterprise needs custom AI review pipelines, deployment security, or dedicated development support, check out our services at **[vdsintl.com](https://vdsintl.com)**. ### Health Score 39 — LowBetter than 84% of packages Maintenance96 Actively maintained with recent releases Popularity2 Limited adoption so far Community2 Small or concentrated contributor base Maturity46 Maturing project, gaining track record How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 20d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/8a1a1147d50f47a3f875804981b68807edd5dcab5b74a9e0c1cdcf305e60aae3?d=identicon)[vdsintl](/maintainers/vdsintl) --- Tags laravelaiAuditdeploymentcomplianceprivacyoperationsPolicygovernance ### Code Quality TestsPHPUnit Code StyleLaravel Pint ### Embed Badge ![Health badge](/badges/vds-laravel-enterprise-governance/health.svg) ``` [![Health](https://phpackages.com/badges/vds-laravel-enterprise-governance/health.svg)](https://phpackages.com/packages/vds-laravel-enterprise-governance) ``` ### Alternatives [larastan/larastan Larastan - Discover bugs in your code without running it. A phpstan/phpstan extension for Laravel 6.4k51.0M7.4k](/packages/larastan-larastan)[psalm/plugin-laravel Psalm plugin for Laravel 3325.1M337](/packages/psalm-plugin-laravel)[laravel/cashier Laravel Cashier provides an expressive, fluent interface to Stripe's subscription billing services. 2.5k28.4M134](/packages/laravel-cashier)[laravel/ai The official AI SDK for Laravel. 9782.1M153](/packages/laravel-ai)[laravel/pulse Laravel Pulse is a real-time application performance monitoring tool and dashboard for your Laravel application. 1.7k14.1M120](/packages/laravel-pulse)[spatie/laravel-responsecache Speed up a Laravel application by caching the entire response 2.8k8.7M64](/packages/spatie-laravel-responsecache) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)