Yutaka Kurosaki
6280290898
A static security analysis tool for PHP and Laravel applications with recursive taint analysis capabilities. Features: - Comprehensive vulnerability detection (XSS, SQL Injection, Command Injection, Path Traversal, CSRF, Authentication issues) - Recursive taint analysis across function calls - Blade template analysis with context-aware XSS detection - Smart escape detection and escape bypass detection - Syntax highlighting in terminal output - Multi-language support (Japanese/English) - Docker support for easy deployment - Multiple output formats (text, JSON, HTML, SARIF, Markdown) - CI/CD integration ready (GitHub Actions, GitLab CI) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
40 lines
1.0 KiB
Docker
40 lines
1.0 KiB
Docker
FROM php:8.3-cli-alpine
|
|
|
|
LABEL maintainer="Security Linter Team"
|
|
LABEL description="PHP/Laravel Security Linter - Static security analysis tool"
|
|
LABEL version="1.0.0"
|
|
|
|
# Build arguments
|
|
ARG PHP_MEMORY_LIMIT=1024M
|
|
|
|
# Install composer
|
|
COPY --from=composer:latest /usr/bin/composer /usr/bin/composer
|
|
|
|
# Set working directory
|
|
WORKDIR /app/security-linter
|
|
|
|
# Copy composer files first for better caching
|
|
COPY composer.json composer.lock* ./
|
|
|
|
# Install dependencies
|
|
RUN composer install --no-dev --optimize-autoloader --no-interaction --no-progress
|
|
|
|
# Copy source code
|
|
COPY src/ ./src/
|
|
COPY bin/ ./bin/
|
|
COPY docs/ ./docs/
|
|
|
|
# Make binary executable, set memory limit, and create symlink
|
|
RUN chmod +x bin/security-lint \
|
|
&& echo "memory_limit=${PHP_MEMORY_LIMIT}" > /usr/local/etc/php/conf.d/memory.ini \
|
|
&& ln -s /app/security-linter/bin/security-lint /usr/local/bin/security-lint
|
|
|
|
# Default working directory for target code
|
|
WORKDIR /target
|
|
|
|
# Set entrypoint
|
|
ENTRYPOINT ["security-lint"]
|
|
|
|
# Default command (show help)
|
|
CMD ["--help"]
|