{"id":37385074,"url":"https://github.com/crealoz/easyaudit-cli","last_synced_at":"2026-03-04T16:01:00.419Z","repository":{"id":316573021,"uuid":"1063117795","full_name":"crealoz/easyaudit-cli","owner":"crealoz","description":"Static analysis CLI tool for Magento 2 codebases - detects anti-patterns, code quality issues, and architectural problems. SARIF output for CI/CD integration.","archived":false,"fork":false,"pushed_at":"2026-02-10T15:25:49.000Z","size":1132,"stargazers_count":11,"open_issues_count":0,"forks_count":1,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-02-10T20:04:01.954Z","etag":null,"topics":["code-analyzer","code-quality","magento","magento2","php"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/crealoz.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-09-24T07:32:20.000Z","updated_at":"2026-02-10T15:24:33.000Z","dependencies_parsed_at":"2025-10-02T16:13:37.103Z","dependency_job_id":null,"html_url":"https://github.com/crealoz/easyaudit-cli","commit_stats":null,"previous_names":["crealoz/easyaudit-cli"],"tags_count":19,"template":false,"template_full_name":null,"purl":"pkg:github/crealoz/easyaudit-cli","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/crealoz%2Feasyaudit-cli","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/crealoz%2Feasyaudit-cli/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/crealoz%2Feasyaudit-cli/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/crealoz%2Feasyaudit-cli/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/crealoz","download_url":"https://codeload.github.com/crealoz/easyaudit-cli/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/crealoz%2Feasyaudit-cli/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30085792,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-04T15:40:14.053Z","status":"ssl_error","status_checked_at":"2026-03-04T15:40:13.655Z","response_time":59,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["code-analyzer","code-quality","magento","magento2","php"],"created_at":"2026-01-16T05:18:42.734Z","updated_at":"2026-03-04T16:01:00.404Z","avatar_url":"https://github.com/crealoz.png","language":"PHP","readme":"# EasyAudit\n\n[![Latest Release](https://img.shields.io/github/v/release/crealoz/easyaudit-cli?style=flat-square)](https://github.com/crealoz/easyaudit-cli/releases)\n[![License: MIT](https://img.shields.io/github/license/crealoz/easyaudit-cli?style=flat-square)](./LICENSE)\n[![PHP Version](https://img.shields.io/badge/php-%3E%3D8.1-8892BF?style=flat-square)](https://php.net)\n[![Tests](https://img.shields.io/github/actions/workflow/status/crealoz/easyaudit-cli/tests.yml?style=flat-square\u0026label=tests)](https://github.com/crealoz/easyaudit-cli/actions)\n[![codecov](https://codecov.io/gh/crealoz/easyaudit-cli/graph/badge.svg?token=JA0WEVL9XM)](https://codecov.io/gh/crealoz/easyaudit-cli)\n\nStatic analysis tool for Magento 2 codebases. Detects anti-patterns, security risks, and architectural issues.\n\n## Features\n\n- **20 processors** for DI, code quality, templates, performance, and architecture\n- **Zero dependencies** - standalone PHAR (~455KB)\n- **CI/CD ready** - SARIF output for GitHub Code Scanning\n- **Docker image** available\n- **Auto-fix** - Automatic patch generation via API\n- **Privacy first** \n  - No data sent to external servers during scans ([security details](docs/security.md))\n  - No source is stored on crealoz's server after patch is generated.\n\n![workflow-schema.png](../../../Shop-Crealoz/assets/images/workflow-schema.png)\n## Quick Start\n\n### Using PHAR\n```bash\n# Download latest PHAR\ncurl -LO https://github.com/crealoz/easyaudit-cli/releases/latest/download/easyaudit.phar\nchmod +x easyaudit.phar\n\n# Run\nphp easyaudit.phar scan /path/to/magento --format=sarif\n```\n\n### Using Docker\n```bash\ndocker run --rm -v $PWD:/workspace ghcr.io/crealoz/easyaudit:latest \\\n  scan /workspace --format=sarif --output=/workspace/report/easyaudit.sarif\n```\n\n### From Source\n```bash\ngit clone git@github.com:crealoz/easyaudit-cli.git\nphp bin/easyaudit scan /path/to/magento\n```\n\n## Output Formats\n\n| Format  | Use Case                          |\n|---------|-----------------------------------|\n| `json`  | Tooling and scripting (default)   |\n| `sarif` | GitHub Code Scanning              |\n| `html`  | Visual report, shareable via browser or PDF |\n\nConsole output is always displayed during scan.\n\n## GitHub Actions\n\n### Scan \u0026 upload to Code Scanning\n\n```yaml\nname: EasyAudit Scan\n\non: [push, pull_request]\n\npermissions:\n  contents: read\n  security-events: write\n\njobs:\n  scan:\n    runs-on: ubuntu-latest\n    container:\n      image: ghcr.io/crealoz/easyaudit:latest\n    steps:\n      - uses: actions/checkout@v6\n      - run: |\n          mkdir -p report\n          easyaudit scan --format=sarif --output=report/easyaudit.sarif \"$GITHUB_WORKSPACE\"\n      - uses: github/codeql-action/upload-sarif@v4\n        with:\n          sarif_file: report/easyaudit.sarif\n```\n\n\u003e **Private repos**: SARIF upload requires [GitHub Advanced Security](https://docs.github.com/en/get-started/learning-about-github/about-github-advanced-security), which is a paid feature for private repositories. Use `--format=json` or `--format=html` with `upload-artifact` instead. See [GitHub Actions docs](docs/ci-cd/github-actions.md#private-repositories) for alternative workflows.\n\n![GitHub Code Scanning](images/scanning-alert-terrible-module.png)\n\n### Scan, fix \u0026 create PR (paid)\n\nOne-click workflow: scan, call the paid API for fixes, and open a PR with the patches. Requires `EASYAUDIT_AUTH` secret.\n\nSee [Automated PR docs](docs/request-pr.md) for the full workflow file and setup instructions.\n\n## Documentation\n\n- [Security \u0026 Privacy](docs/security.md) - What data stays local, when servers are contacted\n- [CLI Usage](docs/cli-usage.md) - Commands, options, examples\n- [Available Processors](docs/processors.md) - All 19 analysis rules\n- [CI/CD Integration](docs/ci-cd.md) - GitHub, GitLab, Bitbucket, Azure, CircleCI, Jenkins, Travis\n- [Automated PR (paid)](docs/request-pr.md) - Auto-fix via API\n- Developer Guide: [Writing Processors](docs/developer-guide/processors.md) | [Utilities Reference](docs/developer-guide/utilities.md)\n\n## Requirements\n\n- PHP 8.1+\n- Docker (optional)\n\n## License\n\nMIT\n\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcrealoz%2Feasyaudit-cli","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcrealoz%2Feasyaudit-cli","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcrealoz%2Feasyaudit-cli/lists"}