{"id":25209514,"url":"https://github.com/backdrop-contrib/site_audit","last_synced_at":"2025-04-05T05:23:07.308Z","repository":{"id":265565732,"uuid":"668445790","full_name":"backdrop-contrib/site_audit","owner":"backdrop-contrib","description":"Site Audit is a Backdrop static site analysis platform that generates reports with actionable best practice recommendations.","archived":false,"fork":false,"pushed_at":"2024-12-04T15:38:16.000Z","size":340,"stargazers_count":0,"open_issues_count":1,"forks_count":1,"subscribers_count":7,"default_branch":"1.x-2.x","last_synced_at":"2025-03-29T11:07:46.641Z","etag":null,"topics":["backdrop","backdropcms","php"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/backdrop-contrib.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-07-19T20:34:36.000Z","updated_at":"2024-12-04T15:40:50.000Z","dependencies_parsed_at":"2024-12-04T13:25:15.653Z","dependency_job_id":null,"html_url":"https://github.com/backdrop-contrib/site_audit","commit_stats":null,"previous_names":["keiserjb/site_audit","backdrop-contrib/site_audit"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/backdrop-contrib%2Fsite_audit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/backdrop-contrib%2Fsite_audit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/backdrop-contrib%2Fsite_audit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/backdrop-contrib%2Fsite_audit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/backdrop-contrib","download_url":"https://codeload.github.com/backdrop-contrib/site_audit/tar.gz/refs/heads/1.x-2.x","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247290218,"owners_count":20914617,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["backdrop","backdropcms","php"],"created_at":"2025-02-10T13:17:44.083Z","updated_at":"2025-04-05T05:23:07.289Z","avatar_url":"https://github.com/backdrop-contrib.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Overview\n\nSite Audit is a Backdrop static site analysis platform that generates reports with\nactionable best practice recommendations.\n\nEvery Backdrop site is unique, with its own individual configuration, content,\naudience, and so forth. With that said, they all have the same core\ninfrastructure and configuration; Backdrop! Therefore, it's possible to perform\nperformance and behavior gathering to inspect any site.\n\nSite Audit uses a technique known as static program analysis. This mechanism\ndoes not actually perform requests on the target site, and in doing so avoids\nthe observer effect. It's non-intrusive, so no installation into the target site\nor configuration is required.\n\nThe end result is a fast, repeatable report that can help detect common problems\nand provide introspection into Backdrop sites. Reports can be generated in\nmultiple formats, including plain text, HTML, and JSON.\n\nSite Audit can also be extended by other projects to add custom reports and\nchecks.\n\n## Reports\n\nSite Audit includes a number of comprehensive reports, each consisting of one\nor more checks. Site Audit reports include:\n\n* Best Practices - structural recommendations\n* Block - custom block report\n* Cache - optimal Backdrop caching settings\n* Codebase - size of the site; size and count of managed files\n* Content - checks for unused content types, vocabularies\n* Cron - Backdrop's built-in cron\n* Database - collation, engine, row counts, and size\n* Extensions - count, development modules, duplicates, missing\n* Status - check for failures in Backdrop's built-in status report\n* Users - blocked user #1, number of normal and blocked users\n* Roles - list of roles, percentage of permissions assigned to roles\n* Views - caching settings\n* Watchdog - 404 error count, age, number of entries, enabled, PHP errors\n\n## Installation\n\n- Install this module using the official [Backdrop CMS instructions](https://backdropcms.org/user-guide/modules).\n\n````\n~/.drush/commands\n````\n\nthen clear Drush's cache:\n\n````\ndrush cc drush\n````\n\nSee https://github.com/drush-ops/drush#commands to learn more about installing\ncommands into Drush.\n\n## Usage\n\n````\ndrush help --filter=site_audit\n````\n\n### Audit cache\n\n````\ndrush ac\n````\n\n### Produce a HTML report\n\nCreate a new file or overwrite:\n\n````\ndrush ac --html --detail \u003e ~/Desktop/report.html\n````\n\nContinue writing to a file:\n\n````\ndrush abp --html --detail \u003e\u003e ~/Desktop/report.html\n````\n\nRun every report with maximum detail, skipping Google insights and adding\nTwitter Bootstrap for styling:\n\n````\ndrush aa --html --bootstrap --detail --skip=insights \u003e ~/Desktop/report.html\n````\n\n### Skipping reports or checks\n\nFor the Audit All command, an individual report can be skipped by name using\nthe option --skip.\n\nFor all commands, individual checks can be skipped by specifying the combination\nof the report name and the check name. For example, if you wanted to skip the\nSystem check in the Status report, use the following convention:\n\n````\n--skip=StatusSystem\n````\n\nMultiple skip values can be used, comma separated.\n\nIf you want to permanently opt-out of a check, use the $conf array in\nsettings.php with the individual check names in the same format as the skip\noption. For example, to permanently opt-out of the PageCompression check in the\nCache report:\n\n````\n$conf['site_audit']['opt_out']['CachePageCompression'] = TRUE;\n````\n\n### Vendor specific options\n\nSome commands such as the cache audit (ac) have the ability to optionally\nproduce results that are specific to a particular platform. Currently only\nsupports Pantheon, but submit a patch if you have another platform that should\nhave explicit support that will be helpful to other developers.\n\n````\ndrush @pantheon.SITENAME.ENV --vendor=pantheon --detail ac\n````\n\n## Adding Reports and Checks\n\nThere are two classes that you should be aware of:\n\n* SiteAuditReport - a collection of Checks, run in sequential order. If a check\n  sets the abort property to TRUE, no further Checks in the report will be\n  executed. The Check names are defined in hook_drush_command with the key name\n  \"checks\". Check names must match the file name of the actual Check, including\n  capitalization.\n\n* SiteAuditCheck - an individual Check; treat them like a unit test, in that\n  each check should be looking for one thing at a time.\n\nThe AuditCheck class has a number of helpful properties:\n\n* abort - if set to TRUE, will tell the report not to execute any further checks\n  after the completion of the current check. For example, if you're checking\n  Views but the Views module isn't enabled, abort.\n* html - if set to TRUE, indicates that the response contains HTML characters.\n* registry - use this to pass content from each check to another and within the\n  check itself. Use sparingly, as the registry itself is not cleared. This is\n  safer than a global.\n\n### Custom Reports and Checks\n\nSite Audit supports specialized Reports or Checks that are specific to a\nparticular use case or project. A couple steps are needed; regardless of the\napproach, a Drush command file is required for the project.\n\nThere are no requirements for file structure; depending on the number of checks,\nit may be easiest to create a ````project.site_audit.inc```` file within your\nproject to consolidate the functionality. You can also define the Reports and\nChecks within the actual Drush command, but I'd recommend instead requiring the\ncode only upon execution, otherwise every other drush command execution will\ninclude all the overhead of loading custom code.\n\n#### Custom Reports\n\nIn ````hook_drush_command()````, define a command with the following format:\n\n````\n$items['audit_REPORT'] = array(\n  // Describe the Report.\n  'description' =\u003e dt('DESCRIPTION.'),\n  // A short alias for the command. Check site_audit.drush.inc to avoid\n  // collisions.\n  'aliases' =\u003e array('aN'),\n  // Specify the maximum bootstrap required for your Checks; if interaction with\n  // the actual Backdrop site is required, use DRUSH_BOOTSTRAP_DRUPAL_FULL.\n  'bootstrap' =\u003e DRUSH_BOOTSTRAP_DRUPAL_FULL,\n  // Names of the individual checks, in order of execution.\n  'checks' =\u003e array(\n    // If a Check is defined in its own file, the location can be passed to a\n    // require_once within the Report execution.\n    array(\n     'name' =\u003e 'FirstCheck',\n     'location' =\u003e __DIR__ . '/site_audit/checks/FirstCheck.php',\n    );\n    // If just the name of the check is defined, the assumption is made that the\n    // code has already been loaded.\n    'SecondCheck',\n    'ThirdCheck',\n    'LastCheck',\n  ),\n  // Options available for all site_audit commands. You can add your own options\n  // as well, but make sure to combine the arrays.\n  'options' =\u003e site_audit_common_options(),\n);\n````\n\nDefine a command callback so the custom Report can be executed individually.\n\n````\n/**\n * Command callback for drush audit_NAME.\n */\nfunction drush_PROJECT_audit_REPORT() {\n  require_once __DIR__ . '/PROJECT.site_audit.inc';\n  $report = new SiteAuditReportNAME();\n  $report-\u003erender();\n}\n````\n\nFinally, include the custom Report to audit_all. The Report name is\ncase-sensitive. The location will be used for a ````require_once``` statement\nwhen loading the Report class.\n\n````\n/**\n * Implements hook_drush_command_alter().\n */\nfunction security_review_drush_command_alter(\u0026$command) {\n  if ($command['command'] == 'audit_all') {\n    $command['reports'][] = array(\n      'name' =\u003e 'Security',\n      'location' =\u003e __DIR__ . '/PROJECT.site_audit.inc',\n    );\n  }\n}\n````\n\n#### Custom Checks\n\nCustom Checks should extend ````SiteAuditCheckAbstract````. If including HTML,\nbe sure to check to see if the HTML option is being used. For example:\n\n````\nif (drush_get_option('html')) {\n  $values = $this-\u003eregistry['semantically_significant_name'];\n  if (drush_get_option('html')) {\n    $ret_val .= '\u003cul\u003e';\n    foreach ($values as $value) {\n      $ret_val .= '\u003cli\u003e' . $value . '\u003c/li\u003e';\n    }\n    $ret_val .= '\u003c/ul\u003e';\n  }\n  else {\n    // Text-only rendering...\n  }\n}\n````\n\n#### Adding custom Checks to an existing Report\n\nAs Check names are defined in the Report command, just alter the target\ncommand name.\n\n````\n/**\n * Implements hook_drush_command_alter().\n */\nfunction security_review_drush_command_alter(\u0026$command) {\n  if ($command['command'] == 'audit_NAME') {\n    $command['checks'][] = array(\n      'name' =\u003e 'CheckName',\n      'location' =\u003e __DIR__ . '/PROJECT.site_audit.inc',\n    );\n  }\n}\n````\n\n## Release notes\n\nRelease notes are maintained at https://www.drupal.org/node/2022771/release\n\nThe version of Site Audit is found in ````site_audit.info```` and can be\ndisplayed with the command:\n\n````\ndrush site-audit-version\n````\n\nThe response will be in the form:\n\n````\nSite Audit v#.#\n````\n## Issues\n\nBugs and feature requests should be reported in the [Issue Queue](https://github.com/backdrop-contrib/site_audit/issues).\n\n## Current Maintainer\n\n[Justin Keiser](https://github.com/keiserjb)\n\n## Credits\n\nSite Audit is written and maintained by [Jon Peck](http://about.me/jonpeck)\n\nOther Drupal maintainers are:\n\n[John Pugh](https://www.drupal.org/u/jon-pugh)\n[James Glasgow](https://www.drupal.org/u/jrglasgow)\n[Norman Kämper-Leymann](https://www.drupal.org/u/leymannx)\n\nSite Audit can be found at:\n\n* https://www.drupal.org/project/site_audit\n* https://github.com/fluxsauce/site_audit\n\nThank you to Suzanne Aldrich, Kelly Bell, Aimee Degnan, Joe Miller, Matt Parker,\nBen Sheldon, David Strauss, and everyone else who has given feedback and\nsuggestions to make this a better project.\n\n## License\n\nThis project is GPL v2 software. See the LICENSE.txt file in this directory for complete text.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbackdrop-contrib%2Fsite_audit","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbackdrop-contrib%2Fsite_audit","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbackdrop-contrib%2Fsite_audit/lists"}