Initial commit: PHP/Laravel Security Linter v1.0.0
A static security analysis tool for PHP and Laravel applications
with recursive taint analysis capabilities.
Features:
- Comprehensive vulnerability detection (XSS, SQL Injection,
Command Injection, Path Traversal, CSRF, Authentication issues)
- Recursive taint analysis across function calls
- Blade template analysis with context-aware XSS detection
- Smart escape detection and escape bypass detection
- Syntax highlighting in terminal output
- Multi-language support (Japanese/English)
- Docker support for easy deployment
- Multiple output formats (text, JSON, HTML, SARIF, Markdown)
- CI/CD integration ready (GitHub Actions, GitLab CI)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-31 15:18:53 +09:00
|
|
|
services:
|
|
|
|
|
security-lint:
|
|
|
|
|
build:
|
|
|
|
|
context: .
|
|
|
|
|
dockerfile: Dockerfile
|
|
|
|
|
image: php-security-linter:latest
|
|
|
|
|
volumes:
|
|
|
|
|
# Mount the target directory as read-only
|
|
|
|
|
- ${TARGET_PATH:-.}:/target:ro
|
|
|
|
|
# Default command can be overridden
|
2026-02-02 19:33:38 +09:00
|
|
|
# Example: docker compose run --rm security-lint /target/app -s high
|
