diff --git a/.github/workflows/enlightn.yml b/.github/workflows/enlightn.yml new file mode 100644 index 000000000..b47ff2633 --- /dev/null +++ b/.github/workflows/enlightn.yml @@ -0,0 +1,40 @@ +name: Run Enlightn Checks + +on: [pull_request] + +jobs: + tests: + + name: Enlightn + + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Setup PHP + uses: shivammathur/setup-php@v2 + with: + php-version: 7.4 + extensions: bcmath, ctype, dom, fileinfo, intl, gd, json, mbstring, pdo, pdo_sqlite, openssl, sqlite, xml, zip + coverage: none + + - name: Install dependencies + env: + ENLIGHTN_USERNAME: ${{ secrets.ENLIGHTN_USERNAME }} + ENLIGHTN_API_TOKEN: ${{ secrets.ENLIGHTN_API_TOKEN }} + run: | + composer config http-basic.satis.laravel-enlightn.com "$ENLIGHTN_USERNAME" "$ENLIGHTN_API_TOKEN" + composer config repositories.enlightn composer https://satis.laravel-enlightn.com + composer require --prefer-dist --no-interaction enlightn/enlightnpro + + - name: Run Enlightn Checks and Trigger the Enlightn Bot + env: + ENLIGHTN_USERNAME: ${{ secrets.ENLIGHTN_USERNAME }} + ENLIGHTN_API_TOKEN: ${{ secrets.ENLIGHTN_API_TOKEN }} + ENLIGHTN_GITHUB_REPO: ${{ github.repository }} + APP_ENV: local + run: | + cp .env.example .env + php artisan enlightn --ci --report --review --issue=${{ github.event.number }} diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index cba2297bc..a1a1d8acc 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -15,7 +15,7 @@ class Kernel extends HttpKernel */ protected $middleware = [ // \App\Http\Middleware\TrustHosts::class, - \App\Http\Middleware\TrustProxies::class, + // \App\Http\Middleware\TrustProxies::class, \Fruitcake\Cors\HandleCors::class, \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class, \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class, diff --git a/composer.json b/composer.json index 4ddc169e2..db8a3ab0c 100644 --- a/composer.json +++ b/composer.json @@ -31,6 +31,7 @@ "consoletvs/charts": "6.5.*", "dingo/api": "3.0.*", "doctrine/dbal": "2.11.*", + "enlightn/enlightn": "^1.16", "fideloper/proxy": "^4.4", "fruitcake/laravel-cors": "^2.0", "genealabs/laravel-model-caching": "0.11.*", @@ -49,8 +50,8 @@ "livewire/livewire": "2.3.*", "lorisleiva/laravel-search-string": "1.1.*", "maatwebsite/excel": "3.1.*", - "monooso/unobserve": "^3.0", "mnsami/composer-custom-directory-installer": "2.0.*", + "monooso/unobserve": "^3.0", "plank/laravel-mediable": "4.4.*", "riverskies/laravel-mobile-detect": "^1.3", "santigarcor/laratrust": "6.3.*", diff --git a/composer.lock b/composer.lock index fea4cacad..e940cc19c 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "b5883814c885acc5ac7af99a95b55cb7", + "content-hash": "ed2cfd48003ad2099257822754c49cf8", "packages": [ { "name": "akaunting/firewall", @@ -2597,6 +2597,154 @@ ], "time": "2020-12-29T14:50:06+00:00" }, + { + "name": "enlightn/enlightn", + "version": "v1.16.0", + "source": { + "type": "git", + "url": "https://github.com/enlightn/enlightn.git", + "reference": "ab7d02e3dd7fe48f3425ec21ff5d36911d90291c" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/enlightn/enlightn/zipball/ab7d02e3dd7fe48f3425ec21ff5d36911d90291c", + "reference": "ab7d02e3dd7fe48f3425ec21ff5d36911d90291c", + "shasum": "" + }, + "require": { + "enlightn/security-checker": "^1.1", + "ext-json": "*", + "guzzlehttp/guzzle": "^5.0|^6.0|^7.0", + "laravel/framework": "^6.0|^7.0|^8.0", + "nikic/php-parser": "^4.0", + "nunomaduro/larastan": "^0.6.11|^0.7", + "php": "^7.2|^8.0", + "phpstan/phpstan": "^0.12.59", + "symfony/finder": "^4.0|^5.0" + }, + "require-dev": { + "barryvdh/laravel-ide-helper": "^2.8", + "brianium/paratest": "^6.1", + "fideloper/proxy": "^4.4", + "friendsofphp/php-cs-fixer": "^2.18", + "mockery/mockery": "^1.3", + "orchestra/testbench": "^4.0|^5.0|^6.0", + "phpunit/phpunit": "^7.5|^8.0|^9.0", + "predis/predis": "*" + }, + "type": "library", + "extra": { + "laravel": { + "providers": [ + "Enlightn\\Enlightn\\EnlightnServiceProvider" + ] + } + }, + "autoload": { + "psr-4": { + "Enlightn\\Enlightn\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "LGPL-3.0-or-later" + ], + "authors": [ + { + "name": "Paras Malhotra", + "email": "paras@laravel-enlightn.com" + }, + { + "name": "Miguel Piedrafita", + "email": "soy@miguelpiedrafita.com" + } + ], + "description": "Enlightn - Your performance & security consultant, an artisan command away.", + "homepage": "https://www.laravel-enlightn.com/", + "keywords": [ + "Audit", + "analysis tool", + "dynamic analysis", + "dynamic analyzer", + "laravel", + "package", + "performance", + "security", + "static analysis", + "static analyzer" + ], + "support": { + "docs": "https://www.laravel-enlightn.com/docs/", + "issues": "https://github.com/enlightn/enlightn/issues", + "source": "https://github.com/enlightn/enlightn/tree/v1.16.0" + }, + "time": "2021-02-27T19:08:45+00:00" + }, + { + "name": "enlightn/security-checker", + "version": "v1.7.0", + "source": { + "type": "git", + "url": "https://github.com/enlightn/security-checker.git", + "reference": "1ac108ba278ba0c2e71d2ce2ac4fac07ed6e8a29" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/enlightn/security-checker/zipball/1ac108ba278ba0c2e71d2ce2ac4fac07ed6e8a29", + "reference": "1ac108ba278ba0c2e71d2ce2ac4fac07ed6e8a29", + "shasum": "" + }, + "require": { + "ext-json": "*", + "ext-zip": "*", + "guzzlehttp/guzzle": "^6.3|^7.0", + "php": ">=5.6", + "symfony/console": "^3.4|^4|^5", + "symfony/finder": "^3|^4|^5", + "symfony/yaml": "^3.4|^4|^5" + }, + "require-dev": { + "friendsofphp/php-cs-fixer": "^2.18", + "phpunit/phpunit": "^5.5|^6|^7|^8|^9" + }, + "bin": [ + "security-checker" + ], + "type": "library", + "autoload": { + "psr-4": { + "Enlightn\\SecurityChecker\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Paras Malhotra", + "email": "paras@laravel-enlightn.com" + }, + { + "name": "Miguel Piedrafita", + "email": "soy@miguelpiedrafita.com" + } + ], + "description": "A PHP dependency vulnerabilities scanner based on the Security Advisories Database.", + "keywords": [ + "package", + "php", + "scanner", + "security", + "security advisories", + "vulnerability scanner" + ], + "support": { + "issues": "https://github.com/enlightn/security-checker/issues", + "source": "https://github.com/enlightn/security-checker/tree/v1.7.0" + }, + "time": "2021-03-03T11:56:26+00:00" + }, { "name": "ezyang/htmlpurifier", "version": "v4.13.0", @@ -3287,6 +3435,57 @@ }, "time": "2020-09-30T07:37:11+00:00" }, + { + "name": "hamcrest/hamcrest-php", + "version": "v2.0.1", + "source": { + "type": "git", + "url": "https://github.com/hamcrest/hamcrest-php.git", + "reference": "8c3d0a3f6af734494ad8f6fbbee0ba92422859f3" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/hamcrest/hamcrest-php/zipball/8c3d0a3f6af734494ad8f6fbbee0ba92422859f3", + "reference": "8c3d0a3f6af734494ad8f6fbbee0ba92422859f3", + "shasum": "" + }, + "require": { + "php": "^5.3|^7.0|^8.0" + }, + "replace": { + "cordoval/hamcrest-php": "*", + "davedevelopment/hamcrest-php": "*", + "kodova/hamcrest-php": "*" + }, + "require-dev": { + "phpunit/php-file-iterator": "^1.4 || ^2.0", + "phpunit/phpunit": "^4.8.36 || ^5.7 || ^6.5 || ^7.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "2.1-dev" + } + }, + "autoload": { + "classmap": [ + "hamcrest" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "description": "This is the PHP port of Hamcrest Matchers", + "keywords": [ + "test" + ], + "support": { + "issues": "https://github.com/hamcrest/hamcrest-php/issues", + "source": "https://github.com/hamcrest/hamcrest-php/tree/v2.0.1" + }, + "time": "2020-07-09T08:09:16+00:00" + }, { "name": "hoa/compiler", "version": "3.17.08.08", @@ -6069,6 +6268,78 @@ ], "time": "2021-02-19T21:22:57+00:00" }, + { + "name": "mockery/mockery", + "version": "1.4.3", + "source": { + "type": "git", + "url": "https://github.com/mockery/mockery.git", + "reference": "d1339f64479af1bee0e82a0413813fe5345a54ea" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/mockery/mockery/zipball/d1339f64479af1bee0e82a0413813fe5345a54ea", + "reference": "d1339f64479af1bee0e82a0413813fe5345a54ea", + "shasum": "" + }, + "require": { + "hamcrest/hamcrest-php": "^2.0.1", + "lib-pcre": ">=7.0", + "php": "^7.3 || ^8.0" + }, + "conflict": { + "phpunit/phpunit": "<8.0" + }, + "require-dev": { + "phpunit/phpunit": "^8.5 || ^9.3" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.4.x-dev" + } + }, + "autoload": { + "psr-0": { + "Mockery": "library/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Pádraic Brady", + "email": "padraic.brady@gmail.com", + "homepage": "http://blog.astrumfutura.com" + }, + { + "name": "Dave Marshall", + "email": "dave.marshall@atstsolutions.co.uk", + "homepage": "http://davedevelopment.co.uk" + } + ], + "description": "Mockery is a simple yet flexible PHP mock object framework", + "homepage": "https://github.com/mockery/mockery", + "keywords": [ + "BDD", + "TDD", + "library", + "mock", + "mock objects", + "mockery", + "stub", + "test", + "test double", + "testing" + ], + "support": { + "issues": "https://github.com/mockery/mockery/issues", + "source": "https://github.com/mockery/mockery/tree/1.4.3" + }, + "time": "2021-02-24T09:51:49+00:00" + }, { "name": "moneyphp/money", "version": "v3.3.1", @@ -6519,6 +6790,103 @@ }, "time": "2020-12-20T10:01:03+00:00" }, + { + "name": "nunomaduro/larastan", + "version": "v0.7.0", + "source": { + "type": "git", + "url": "https://github.com/nunomaduro/larastan.git", + "reference": "179d7565674d4e264e60296d1b5b75413b7461b6" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/nunomaduro/larastan/zipball/179d7565674d4e264e60296d1b5b75413b7461b6", + "reference": "179d7565674d4e264e60296d1b5b75413b7461b6", + "shasum": "" + }, + "require": { + "composer/composer": "^1.0 || ^2.0", + "ext-json": "*", + "illuminate/console": "^6.0 || ^7.0 || ^8.0 || ^9.0", + "illuminate/container": "^6.0 || ^7.0 || ^8.0 || ^9.0", + "illuminate/contracts": "^6.0 || ^7.0 || ^8.0 || ^9.0", + "illuminate/database": "^6.0 || ^7.0 || ^8.0 || ^9.0", + "illuminate/http": "^6.0 || ^7.0 || ^8.0 || ^9.0", + "illuminate/pipeline": "^6.0 || ^7.0 || ^8.0 || ^9.0", + "illuminate/support": "^6.0 || ^7.0 || ^8.0 || ^9.0", + "mockery/mockery": "^0.9 || ^1.0", + "php": "^7.2 || ^8.0", + "phpstan/phpstan": "^0.12.70", + "symfony/process": "^4.3 || ^5.0" + }, + "require-dev": { + "orchestra/testbench": "^4.0 || ^5.0 || ^6.0 || ^7.0", + "phpunit/phpunit": "^7.3 || ^8.2 || ^9.3" + }, + "suggest": { + "orchestra/testbench": "^4.0 || ^5.0" + }, + "type": "phpstan-extension", + "extra": { + "branch-alias": { + "dev-master": "0.6-dev" + }, + "phpstan": { + "includes": [ + "extension.neon" + ] + } + }, + "autoload": { + "psr-4": { + "NunoMaduro\\Larastan\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Nuno Maduro", + "email": "enunomaduro@gmail.com" + } + ], + "description": "Larastan - Discover bugs in your code without running it. A phpstan/phpstan wrapper for Laravel", + "keywords": [ + "PHPStan", + "code analyse", + "code analysis", + "larastan", + "laravel", + "package", + "php", + "static analysis" + ], + "support": { + "issues": "https://github.com/nunomaduro/larastan/issues", + "source": "https://github.com/nunomaduro/larastan/tree/v0.7.0" + }, + "funding": [ + { + "url": "https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=66BYDWAT92N6L", + "type": "custom" + }, + { + "url": "https://github.com/canvural", + "type": "github" + }, + { + "url": "https://github.com/nunomaduro", + "type": "github" + }, + { + "url": "https://www.patreon.com/nunomaduro", + "type": "patreon" + } + ], + "time": "2021-02-01T22:08:11+00:00" + }, { "name": "omnipay/common", "version": "v3.0.5", @@ -7511,6 +7879,66 @@ ], "time": "2020-07-20T17:29:33+00:00" }, + { + "name": "phpstan/phpstan", + "version": "0.12.80", + "source": { + "type": "git", + "url": "https://github.com/phpstan/phpstan.git", + "reference": "c6a1b17f22ecf708d434d6bee05092647ec7e686" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/phpstan/phpstan/zipball/c6a1b17f22ecf708d434d6bee05092647ec7e686", + "reference": "c6a1b17f22ecf708d434d6bee05092647ec7e686", + "shasum": "" + }, + "require": { + "php": "^7.1|^8.0" + }, + "conflict": { + "phpstan/phpstan-shim": "*" + }, + "bin": [ + "phpstan", + "phpstan.phar" + ], + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "0.12-dev" + } + }, + "autoload": { + "files": [ + "bootstrap.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "description": "PHPStan - PHP Static Analysis Tool", + "support": { + "issues": "https://github.com/phpstan/phpstan/issues", + "source": "https://github.com/phpstan/phpstan/tree/0.12.80" + }, + "funding": [ + { + "url": "https://github.com/ondrejmirtes", + "type": "github" + }, + { + "url": "https://www.patreon.com/phpstan", + "type": "patreon" + }, + { + "url": "https://tidelift.com/funding/github/packagist/phpstan/phpstan", + "type": "tidelift" + } + ], + "time": "2021-02-28T20:22:43+00:00" + }, { "name": "plank/laravel-mediable", "version": "4.4.2", @@ -11194,6 +11622,81 @@ ], "time": "2021-01-27T10:15:41+00:00" }, + { + "name": "symfony/yaml", + "version": "v5.2.3", + "source": { + "type": "git", + "url": "https://github.com/symfony/yaml.git", + "reference": "338cddc6d74929f6adf19ca5682ac4b8e109cdb0" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/yaml/zipball/338cddc6d74929f6adf19ca5682ac4b8e109cdb0", + "reference": "338cddc6d74929f6adf19ca5682ac4b8e109cdb0", + "shasum": "" + }, + "require": { + "php": ">=7.2.5", + "symfony/deprecation-contracts": "^2.1", + "symfony/polyfill-ctype": "~1.8" + }, + "conflict": { + "symfony/console": "<4.4" + }, + "require-dev": { + "symfony/console": "^4.4|^5.0" + }, + "suggest": { + "symfony/console": "For validating YAML files using the lint command" + }, + "bin": [ + "Resources/bin/yaml-lint" + ], + "type": "library", + "autoload": { + "psr-4": { + "Symfony\\Component\\Yaml\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Loads and dumps YAML files", + "homepage": "https://symfony.com", + "support": { + "source": "https://github.com/symfony/yaml/tree/v5.2.3" + }, + "funding": [ + { + "url": "https://symfony.com/sponsor", + "type": "custom" + }, + { + "url": "https://github.com/fabpot", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/symfony/symfony", + "type": "tidelift" + } + ], + "time": "2021-02-03T04:42:09+00:00" + }, { "name": "tijsverkoyen/css-to-inline-styles", "version": "2.2.3", @@ -11988,129 +12491,6 @@ ], "time": "2021-01-24T12:00:00+00:00" }, - { - "name": "hamcrest/hamcrest-php", - "version": "v2.0.1", - "source": { - "type": "git", - "url": "https://github.com/hamcrest/hamcrest-php.git", - "reference": "8c3d0a3f6af734494ad8f6fbbee0ba92422859f3" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/hamcrest/hamcrest-php/zipball/8c3d0a3f6af734494ad8f6fbbee0ba92422859f3", - "reference": "8c3d0a3f6af734494ad8f6fbbee0ba92422859f3", - "shasum": "" - }, - "require": { - "php": "^5.3|^7.0|^8.0" - }, - "replace": { - "cordoval/hamcrest-php": "*", - "davedevelopment/hamcrest-php": "*", - "kodova/hamcrest-php": "*" - }, - "require-dev": { - "phpunit/php-file-iterator": "^1.4 || ^2.0", - "phpunit/phpunit": "^4.8.36 || ^5.7 || ^6.5 || ^7.0" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "2.1-dev" - } - }, - "autoload": { - "classmap": [ - "hamcrest" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "BSD-3-Clause" - ], - "description": "This is the PHP port of Hamcrest Matchers", - "keywords": [ - "test" - ], - "support": { - "issues": "https://github.com/hamcrest/hamcrest-php/issues", - "source": "https://github.com/hamcrest/hamcrest-php/tree/v2.0.1" - }, - "time": "2020-07-09T08:09:16+00:00" - }, - { - "name": "mockery/mockery", - "version": "1.4.3", - "source": { - "type": "git", - "url": "https://github.com/mockery/mockery.git", - "reference": "d1339f64479af1bee0e82a0413813fe5345a54ea" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/mockery/mockery/zipball/d1339f64479af1bee0e82a0413813fe5345a54ea", - "reference": "d1339f64479af1bee0e82a0413813fe5345a54ea", - "shasum": "" - }, - "require": { - "hamcrest/hamcrest-php": "^2.0.1", - "lib-pcre": ">=7.0", - "php": "^7.3 || ^8.0" - }, - "conflict": { - "phpunit/phpunit": "<8.0" - }, - "require-dev": { - "phpunit/phpunit": "^8.5 || ^9.3" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "1.4.x-dev" - } - }, - "autoload": { - "psr-0": { - "Mockery": "library/" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "BSD-3-Clause" - ], - "authors": [ - { - "name": "Pádraic Brady", - "email": "padraic.brady@gmail.com", - "homepage": "http://blog.astrumfutura.com" - }, - { - "name": "Dave Marshall", - "email": "dave.marshall@atstsolutions.co.uk", - "homepage": "http://davedevelopment.co.uk" - } - ], - "description": "Mockery is a simple yet flexible PHP mock object framework", - "homepage": "https://github.com/mockery/mockery", - "keywords": [ - "BDD", - "TDD", - "library", - "mock", - "mock objects", - "mockery", - "stub", - "test", - "test double", - "testing" - ], - "support": { - "issues": "https://github.com/mockery/mockery/issues", - "source": "https://github.com/mockery/mockery/tree/1.4.3" - }, - "time": "2021-02-24T09:51:49+00:00" - }, { "name": "myclabs/deep-copy", "version": "1.10.2", diff --git a/config/enlightn.php b/config/enlightn.php new file mode 100644 index 000000000..f08cf1bc5 --- /dev/null +++ b/config/enlightn.php @@ -0,0 +1,184 @@ + ['*'], + + // If you wish to skip running some analyzers, list the classes in the array below. + 'exclude_analyzers' => [], + + // If you wish to skip running some analyzers in CI mode, list the classes below. + 'ci_mode_exclude_analyzers' => [], + + /* + |-------------------------------------------------------------------------- + | Enlightn Analyzer Paths + |-------------------------------------------------------------------------- + | + | The following array lists the "analyzer" paths that will be searched + | recursively to find analyzer classes. This option will only be used + | if the analyzers option above is set to the asterisk wildcard. The + | key is the base namespace to resolve the class name. + | + */ + 'analyzer_paths' => [ + 'Enlightn\\Enlightn\\Analyzers' => base_path('vendor/enlightn/enlightn/src/Analyzers'), + 'Enlightn\\EnlightnPro\\Analyzers' => base_path('vendor/enlightn/enlightnpro/src/Analyzers'), + ], + + /* + |-------------------------------------------------------------------------- + | Enlightn Base Path + |-------------------------------------------------------------------------- + | + | The following array lists the directories that will be scanned for + | application specific code. By default, we are scanning your app + | folder, migrations folder and the seeders folder. + | + */ + 'base_path' => [ + app_path(), + database_path('migrations'), + database_path('seeders'), + ], + + /* + |-------------------------------------------------------------------------- + | Environment Specific Analyzers + |-------------------------------------------------------------------------- + | + | There are some analyzers that are meant to be run for specific environments. + | The options below specify whether we should skip environment specific + | analyzers if the environment does not match. + | + */ + 'skip_env_specific' => env('ENLIGHTN_SKIP_ENVIRONMENT_SPECIFIC', false), + + /* + |-------------------------------------------------------------------------- + | Guest URL + |-------------------------------------------------------------------------- + | + | Specify any guest url or path (preferably your app's login url) here. This + | would be used by Enlightn to inspect your application HTTP headers. + | Example: '/login'. + | + */ + 'guest_url' => null, + + /* + |-------------------------------------------------------------------------- + | Exclusions From Reporting + |-------------------------------------------------------------------------- + | + | Specify the analyzer classes that you wish to exclude from reporting. This + | means that if any of these analyzers fail, they will not be counted + | towards the exit status of the Enlightn command. This is useful + | if you wish to run the command in your CI/CD pipeline. + | Example: [\Enlightn\Enlightn\Analyzers\Security\XSSAnalyzer::class]. + | + */ + 'dont_report' => [ + Enlightn\Enlightn\Analyzers\Performance\QueueDriverAnalyzer::class, + Enlightn\Enlightn\Analyzers\Security\CSRFAnalyzer::class, + Enlightn\Enlightn\Analyzers\Security\StableDependencyAnalyzer::class, + Enlightn\EnlightnPro\Analyzers\Reliability\DeadRouteAnalyzer::class, + ], + + /* + |-------------------------------------------------------------------------- + | Ignoring Errors + |-------------------------------------------------------------------------- + | + | Use this config option to ignore specific errors. The key of this array + | would be the analyzer class and the value would be an associative + | array with path and details. Run php artisan enlightn:baseline + | to auto-generate this. Patterns are supported in details. + | + */ + 'ignore_errors' => [ + Enlightn\Enlightn\Analyzers\Performance\EnvCallAnalyzer::class => [ + ['path' => 'app/Listeners/Update/V20/Version207.php', 'details' => '*'], + ['path' => 'app/Console/Commands/InstallRefresh.php', 'details' => '*'], + ['path' => 'app/Console/Commands/InstallRefresh.php', 'details' => '*'], + ['path' => 'app/Http/Middleware/CanInstall.php', 'details' => '*'], + ] + ], + + /* + |-------------------------------------------------------------------------- + | Analyzer Configurations + |-------------------------------------------------------------------------- + | + | The following configuration options pertain to individual analyzers. + | These are recommended options but feel free to customize them based + | on your application needs. + | + */ + 'license_whitelist' => [ + 'Apache-2.0', 'Apache2', 'BSD-2-Clause', 'BSD-3-Clause', 'LGPL-2.1-only', 'LGPL-2.1', + 'LGPL-2.1-or-later', 'LGPL-3.0', 'LGPL-3.0-only', 'LGPL-3.0-or-later', 'MIT', 'ISC', + 'CC0-1.0', 'Unlicense', 'WTFPL', 'GPL-3.0-only', 'GPL-3.0-or-later', + ], + + /* + |-------------------------------------------------------------------------- + | Credentials + |-------------------------------------------------------------------------- + | + | The following credentials are used to share your Enlightn report with + | the Enlightn Github Bot. This allows the bot to compile the report + | and add review comments on your pull requests. + | + */ + 'credentials' => [ + 'username' => env('ENLIGHTN_USERNAME'), + 'api_token' => env('ENLIGHTN_API_TOKEN'), + ], + + // Set this value to your Github repo for integrating with the Enlightn Github Bot + // Format: "myorg/myrepo" like "laravel/framework". + 'github_repo' => env('ENLIGHTN_GITHUB_REPO'), + + // Set to true to restrict the max number of files displayed in the enlightn + // command for each check. Set to false to display all files. + 'compact_lines' => true, + + // List your commercial packages (licensed by you) below, so that they are not + // flagged by the License Analyzer. + 'commercial_packages' => [ + 'enlightn/enlightnpro', + ], + + 'allowed_permissions' => [ + base_path() => '775', + app_path() => '775', + resource_path() => '775', + storage_path() => '775', + public_path() => '775', + config_path() => '775', + database_path() => '775', + base_path('routes') => '775', + app()->bootstrapPath() => '775', + app()->bootstrapPath('cache') => '775', + app()->bootstrapPath('app.php') => '664', + base_path('artisan') => '775', + public_path('index.php') => '664', + public_path('server.php') => '664', + ], + + 'writable_directories' => [ + storage_path(), + app()->bootstrapPath('cache'), + ], +];