{"id":50765093,"url":"https://github.com/felipesauer/safeaccess-inline-php","last_synced_at":"2026-06-11T13:01:30.825Z","repository":{"id":349675344,"uuid":"1197604047","full_name":"felipesauer/safeaccess-inline-php","owner":"felipesauer","description":"PHP library for safe nested data access with dot notation — JSON, YAML, XML, INI, ENV, NDJSON, arrays and objects with built-in security validation, immutable writes, and a fluent builder API.","archived":false,"fork":false,"pushed_at":"2026-06-03T14:45:56.000Z","size":374,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-03T16:19:05.836Z","etag":null,"topics":["composer","data-access","dot-notation","fluent-api","immutable","json","pest","php","php8","phpstan","safe-access","security","xml","yaml","zero-dependency"],"latest_commit_sha":null,"homepage":"https://github.com/felipesauer/safeaccess-inline","language":"PHP","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/felipesauer.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-03-31T18:06:45.000Z","updated_at":"2026-06-03T14:57:27.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/felipesauer/safeaccess-inline-php","commit_stats":null,"previous_names":["felipesauer/safe-access-inline-php","felipesauer/safeaccess-inline-php"],"tags_count":11,"template":false,"template_full_name":null,"purl":"pkg:github/felipesauer/safeaccess-inline-php","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/felipesauer%2Fsafeaccess-inline-php","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/felipesauer%2Fsafeaccess-inline-php/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/felipesauer%2Fsafeaccess-inline-php/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/felipesauer%2Fsafeaccess-inline-php/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/felipesauer","download_url":"https://codeload.github.com/felipesauer/safeaccess-inline-php/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/felipesauer%2Fsafeaccess-inline-php/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34083848,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-08T02:00:07.615Z","response_time":111,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["composer","data-access","dot-notation","fluent-api","immutable","json","pest","php","php8","phpstan","safe-access","security","xml","yaml","zero-dependency"],"created_at":"2026-06-11T13:01:30.094Z","updated_at":"2026-06-11T13:01:30.817Z","avatar_url":"https://github.com/felipesauer.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n \u003cimg src=\"https://raw.githubusercontent.com/felipesauer/safeaccess-inline/main/.github/assets/logo.svg\" width=\"80\" alt=\"safeaccess-inline logo\"\u003e\n\u003c/p\u003e\n\n\u003ch1 align=\"center\"\u003eSafe Access Inline — PHP\u003c/h1\u003e\n\nPHP library for safe nested data access with security validation on by default — JSON, YAML, XML, INI, ENV, NDJSON, arrays and objects. Includes a full PathQuery engine with filters, wildcards, slices, and projections. Zero production dependencies.\n\n\u003cp align=\"center\"\u003e\n \u003ca href=\"https://packagist.org/packages/safeaccess/inline\"\u003e\u003cimg src=\"https://img.shields.io/packagist/v/safeaccess/inline?label=packagist\" alt=\"Packagist\"\u003e\u003c/a\u003e\n \u003ca href=\"../../LICENSE\"\u003e\u003cimg src=\"https://img.shields.io/badge/License-MIT-blue.svg\" alt=\"License: MIT\"\u003e\u003c/a\u003e\n \u003cimg src=\"https://img.shields.io/badge/PHP-8.2%2B-777BB4?logo=php\u0026logoColor=white\" alt=\"PHP 8.2+\"\u003e\n \u003cimg src=\"https://img.shields.io/badge/PHPStan-max-0A6DAD\" alt=\"PHPStan max\"\u003e\n \u003cimg src=\"https://img.shields.io/badge/Tested%20with-Pest-FF5733\" alt=\"Tested with Pest\"\u003e\n \u003cimg src=\"https://img.shields.io/endpoint?url=https://gist.githubusercontent.com/felipesauer/80c602b17107f88fb17794d4d44c94fa/raw/infection-msi.json\" alt=\"Infection MSI\"\u003e\n\u003c/p\u003e\n\n---\n\n## The problem\n\nReading nested data from external sources requires more than null-safe access. You also need to defend against XXE in XML, anchor bombs in YAML, PHP magic method injection, stream wrapper abuse, superglobal access, and payload size attacks. Without a tool for this, that validation is boilerplate you write manually for every format and every endpoint.\n\n**Without this library (XML from an external API):**\n\n```php\nlibxml_disable_entity_loader(true);\n$xml = simplexml_load_string($input, 'SimpleXMLElement', LIBXML_NOENT);\nif ($xml === false) {\n throw new RuntimeException('Invalid XML');\n}\n// validate keys against magic methods, superglobals, stream wrappers...\n// enforce depth and key count limits...\n$host = isset($xml-\u003edatabase-\u003ehost) ? (string) $xml-\u003edatabase-\u003ehost : null;\n```\n\n**With this library:**\n\n```php\n$host = Inline::fromXml($input)-\u003eget('database.host');\n// XXE blocked, forbidden keys validated, depth enforced — by default\n```\n\n## Installation\n\n```bash\ncomposer require safeaccess/inline\n```\n\n**Requirements:** PHP 8.2+, extensions: `json`, `simplexml`, `libxml`\n\n**Optional:** `ext-yaml` for improved YAML parsing performance (a built-in minimal parser is used by default).\n\n## Quick start\n\n```php\nuse SafeAccess\\Inline\\Inline;\n\n$accessor = Inline::fromJson('{\"user\": {\"name\": \"Alice\", \"age\": 30}}');\n\n$accessor-\u003eget('user.name'); // 'Alice'\n$accessor-\u003eget('user.email', 'N/A'); // 'N/A' (default when missing)\n$accessor-\u003ehas('user.age'); // true\n$accessor-\u003egetOrFail('user.name'); // 'Alice' (throws if missing)\n\n// Immutable writes - original is never modified\n$updated = $accessor-\u003eset('user.email', 'alice@example.com');\n$updated-\u003eget('user.email'); // 'alice@example.com'\n$accessor-\u003ehas('user.email'); // false (original unchanged)\n```\n\n## Security\n\nAll public entry points validate input **by default**. Every key passes through `SecurityGuard` and `SecurityParser` before being accessible.\n\n### What gets blocked\n\n| Category | Examples | Reason |\n| ------------------- | --------------------------------------------------------------------- | ---------------------------------------- |\n| PHP magic methods | `__construct`, `__destruct`, `__wakeup`, `__sleep`, `__toString`, ... | Prevent PHP magic behavior via data keys |\n| Prototype pollution | `__proto__`, `constructor`, `prototype` | Prevent prototype pollution attacks |\n| PHP superglobals | `GLOBALS`, `_GET`, `_POST`, `_COOKIE`, `_SERVER`, `_ENV`, ... | Prevent superglobal variable access |\n| Stream wrapper URIs | `php://input`, `phar://...`, `data://...`, `file://...` | Prevent stream wrapper injection |\n\n### Format-specific protections\n\n| Format | Protection |\n| ------ | ----------------------------------------------------------------------- |\n| XML | Rejects `\u003c!DOCTYPE` — prevents XXE (XML External Entity) attacks |\n| YAML | Blocks unsafe tags, anchors (`\u0026`), aliases (`*`), and merge keys (`\u003c\u003c`) |\n| All | Forbidden key validation on every parsed key |\n\n### Structural limits\n\n| Limit | Default | Description |\n| ------------------------ | ------- | ------------------------------------- |\n| `maxPayloadBytes` | 10 MB | Maximum raw string input size |\n| `maxKeys` | 10,000 | Maximum total key count |\n| `maxDepth` | 512 | Maximum structural nesting depth |\n| `maxResolveDepth` | 100 | Maximum recursion for path resolution |\n| `maxCountRecursiveDepth` | 100 | Maximum recursion when counting keys |\n\n### Custom forbidden keys\n\n```php\n$guard = new SecurityGuard(extraForbiddenKeys: ['secret', 'internal_token']);\n$accessor = Inline::withSecurityGuard($guard)-\u003efromJson($data);\n```\n\n### Disabling validation for trusted input\n\n```php\n$accessor = Inline::withStrictMode(false)-\u003efromJson($trustedPayload);\n```\n\n\u003e **Warning:** Disabling strict mode skips **all** validation. Only use with application-controlled input.\n\nFor vulnerability reports, see [SECURITY.md](../../SECURITY.md).\n\n## Dot notation syntax\n\n### Basic syntax\n\n| Syntax | Example | Description |\n| ----------------- | ------------------ | ------------------------------- |\n| `key.key` | `user.name` | Nested key access |\n| `key.0.key` | `users.0.name` | Numeric key (array index) |\n| `key\\.with\\.dots` | `config\\.db\\.host` | Escaped dots in key names |\n| `$` or `$.path` | `$.user.name` | Optional root prefix (stripped) |\n\n```php\n$data = Inline::fromJson('{\"users\": [{\"name\": \"Alice\"}, {\"name\": \"Bob\"}]}');\n$data-\u003eget('users.0.name'); // 'Alice'\n$data-\u003eget('users.1.name'); // 'Bob'\n```\n\n### Advanced PathQuery\n\n| Syntax | Example | Description |\n| --------------- | ------------------- | ----------------------------------------- |\n| `[0]` | `users[0]` | Bracket index access |\n| `*` or `[*]` | `users.*` | Wildcard — expand all children |\n| `..key` | `..name` | Recursive descent — find key at any depth |\n| `..['a','b']` | `..['name','age']` | Multi-key recursive descent |\n| `[0,1,2]` | `users[0,1,2]` | Multi-index selection |\n| `['a','b']` | `['name','age']` | Multi-key selection |\n| `[0:5]` | `items[0:5]` | Slice — indices 0 through 4 |\n| `[::2]` | `items[::2]` | Slice with step |\n| `[::-1]` | `items[::-1]` | Reverse slice |\n| `[?expr]` | `users[?age\u003e18]` | Filter predicate expression |\n| `.{fields}` | `.{name, age}` | Projection — select fields |\n| `.{alias: src}` | `.{fullName: name}` | Aliased projection |\n\n### Filter expressions\n\n```php\n$data = Inline::fromJson('[\n {\"name\": \"Alice\", \"age\": 25, \"role\": \"admin\"},\n {\"name\": \"Bob\", \"age\": 17, \"role\": \"user\"},\n {\"name\": \"Carol\", \"age\": 30, \"role\": \"admin\"}\n]');\n\n// Comparison: ==, !=, \u003e, \u003c, \u003e=, \u003c=\n$data-\u003eget('[?age\u003e18]'); // Alice and Carol\n\n// Logical: \u0026\u0026 and ||\n$data-\u003eget('[?age\u003e18 \u0026\u0026 role==\\'admin\\']'); // Alice and Carol\n\n// Built-in functions: starts_with, contains, values\n$data-\u003eget('[?starts_with(@.name, \\'A\\')]'); // Alice\n$data-\u003eget('[?contains(@.name, \\'ob\\')]'); // Bob\n\n// Arithmetic: +, -, *, /\n$orders = Inline::fromJson('[{\"price\": 10, \"qty\": 5}, {\"price\": 3, \"qty\": 2}]');\n$orders-\u003eget('[?@.price * @.qty \u003e 20]'); // first order only\n```\n\n## Supported formats\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eJSON\u003c/strong\u003e\u003c/summary\u003e\n\n```php\n$accessor = Inline::fromJson('{\"users\": [{\"name\": \"Alice\"}, {\"name\": \"Bob\"}]}');\n$accessor-\u003eget('users.0.name'); // 'Alice'\n```\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eYAML\u003c/strong\u003e\u003c/summary\u003e\n\n```php\n$yaml = \u003c\u003c\u003cYAML\ndatabase:\n host: localhost\n port: 5432\n credentials:\n user: admin\nYAML;\n\n$accessor = Inline::fromYaml($yaml);\n$accessor-\u003eget('database.credentials.user'); // 'admin'\n```\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eXML\u003c/strong\u003e\u003c/summary\u003e\n\n```php\n$xml = '\u003cconfig\u003e\u003cdatabase\u003e\u003chost\u003elocalhost\u003c/host\u003e\u003c/database\u003e\u003c/config\u003e';\n$accessor = Inline::fromXml($xml);\n$accessor-\u003eget('database.host'); // 'localhost'\n\n// Also accepts SimpleXMLElement\n$accessor = Inline::fromXml(simplexml_load_string($xml));\n```\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eINI\u003c/strong\u003e\u003c/summary\u003e\n\n```php\n$accessor = Inline::fromIni(\"[database]\\nhost=localhost\\nport=5432\");\n$accessor-\u003eget('database.host'); // 'localhost'\n```\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eENV (dotenv)\u003c/strong\u003e\u003c/summary\u003e\n\n```php\n$accessor = Inline::fromEnv(\"APP_NAME=MyApp\\nAPP_DEBUG=true\\nDB_HOST=localhost\");\n$accessor-\u003eget('DB_HOST'); // 'localhost'\n```\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eNDJSON\u003c/strong\u003e\u003c/summary\u003e\n\nEach line is parsed as an independent JSON object and indexed from `0` by its position in the input. Blank lines and trailing newlines are skipped. Security validation is applied to each line individually.\n\n```php\n$ndjson = '{\"id\":1,\"name\":\"Alice\"}' . \"\\n\" . '{\"id\":2,\"name\":\"Bob\"}';\n$accessor = Inline::fromNdjson($ndjson);\n$accessor-\u003eget('0.name'); // 'Alice'\n$accessor-\u003eget('1.name'); // 'Bob'\n```\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eArray / Object\u003c/strong\u003e\u003c/summary\u003e\n\n```php\n$accessor = Inline::fromArray(['users' =\u003e [['name' =\u003e 'Alice'], ['name' =\u003e 'Bob']]]);\n$accessor-\u003eget('users.0.name'); // 'Alice'\n\n$accessor = Inline::fromObject((object) ['name' =\u003e 'Alice']);\n$accessor-\u003eget('name'); // 'Alice'\n```\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eAny (custom format via integration)\u003c/strong\u003e\u003c/summary\u003e\n\n```php\nuse SafeAccess\\Inline\\Contracts\\ParseIntegrationInterface;\n\n// Requires implementing ParseIntegrationInterface\n$accessor = Inline::withParserIntegration(new MyCsvIntegration())-\u003efromAny($csvString);\n$accessor-\u003eget('0.column_name');\n```\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eDynamic (by TypeFormat enum)\u003c/strong\u003e\u003c/summary\u003e\n\n```php\nuse SafeAccess\\Inline\\Enums\\TypeFormat;\n$accessor = Inline::from(TypeFormat::Json, '{\"key\": \"value\"}');\n$accessor-\u003eget('key'); // 'value'\n```\n\n\u003c/details\u003e\n\n## Reading \u0026 writing\n\n```php\n$accessor = Inline::fromJson('{\"a\": {\"b\": 1, \"c\": 2}}');\n\n// Read\n$accessor-\u003eget('a.b'); // 1\n$accessor-\u003eget('a.missing', 'default'); // 'default'\n$accessor-\u003egetOrFail('a.b'); // 1 (throws PathNotFoundException if missing)\n$accessor-\u003ehas('a.b'); // true\n$accessor-\u003eall(); // ['a' =\u003e ['b' =\u003e 1, 'c' =\u003e 2]]\n$accessor-\u003ecount(); // 1 (root keys)\n$accessor-\u003ecount('a'); // 2 (keys under 'a')\n$accessor-\u003ekeys(); // ['a']\n$accessor-\u003ekeys('a'); // ['b', 'c']\n$accessor-\u003egetMany([\n 'a.b' =\u003e null,\n 'a.x' =\u003e 'fallback',\n]); // ['a.b' =\u003e 1, 'a.x' =\u003e 'fallback']\n$accessor-\u003egetRaw(); // original JSON string\n\n// Write (immutable - every write returns a new instance)\n$updated = $accessor-\u003eset('a.d', 3);\n$updated = $updated-\u003eremove('a.c');\n$updated = $updated-\u003emerge('a', ['e' =\u003e 4]);\n$updated = $updated-\u003emergeAll(['f' =\u003e 5]);\n$updated-\u003eall(); // ['a' =\u003e ['b' =\u003e 1, 'd' =\u003e 3, 'e' =\u003e 4], 'f' =\u003e 5]\n\n// Readonly mode - block all writes\n$readonly = $accessor-\u003ereadonly();\n$readonly-\u003eget('a.b'); // 1 (reads work)\n$readonly-\u003eset('a.b', 99); // throws ReadonlyViolationException\n```\n\n## Configure\n\n### Builder pattern\n\n```php\nuse SafeAccess\\Inline\\Inline;\nuse SafeAccess\\Inline\\Security\\SecurityGuard;\nuse SafeAccess\\Inline\\Security\\SecurityParser;\n\n$accessor = Inline::withSecurityGuard(new SecurityGuard(extraForbiddenKeys: ['secret']))\n -\u003ewithSecurityParser(new SecurityParser(maxDepth: 5))\n -\u003ewithStrictMode(true)\n -\u003efromJson($untrustedInput);\n```\n\n### Builder methods\n\n| Method | Description |\n| ------------------------------------- | ------------------------------------------------ |\n| `withSecurityGuard($guard)` | Custom forbidden-key rules and depth limits |\n| `withSecurityParser($parser)` | Custom payload size and structural limits |\n| `withPathCache($cache)` | Path segment cache for repeated lookups |\n| `withParserIntegration($integration)` | Custom format parser for `fromAny()` |\n| `withStrictMode(false)` | Disable security validation (trusted input only) |\n\n## Error handling\n\nAll exceptions extend `AccessorException`:\n\n```php\nuse SafeAccess\\Inline\\Exceptions\\AccessorException;\nuse SafeAccess\\Inline\\Exceptions\\InvalidFormatException;\nuse SafeAccess\\Inline\\Exceptions\\SecurityException;\nuse SafeAccess\\Inline\\Exceptions\\PathNotFoundException;\nuse SafeAccess\\Inline\\Exceptions\\ReadonlyViolationException;\n\ntry {\n $accessor = Inline::fromJson($untrustedInput);\n $value = $accessor-\u003egetOrFail('config.key');\n} catch (InvalidFormatException $e) {\n // Malformed JSON, XML, INI, or NDJSON\n} catch (SecurityException $e) {\n // Forbidden key, payload too large, depth/key-count exceeded\n} catch (PathNotFoundException $e) {\n // Path does not exist\n} catch (ReadonlyViolationException $e) {\n // Write on readonly accessor\n} catch (AccessorException $e) {\n // Catch-all for any library error\n}\n```\n\n### Exception hierarchy\n\n| Exception | Extends | When |\n| ---------------------------- | ------------------------ | ----------------------------------------- |\n| `AccessorException` | `RuntimeException` | Root — catch-all |\n| `SecurityException` | `AccessorException` | Forbidden key, payload, structural limits |\n| `InvalidFormatException` | `AccessorException` | Malformed JSON, XML, INI, NDJSON |\n| `YamlParseException` | `InvalidFormatException` | Unsafe or malformed YAML |\n| `PathNotFoundException` | `AccessorException` | `getOrFail()` on missing path |\n| `ReadonlyViolationException` | `AccessorException` | Write on readonly accessor |\n| `UnsupportedTypeException` | `AccessorException` | Unknown accessor class in `make()` |\n| `ParserException` | `AccessorException` | Internal parser errors |\n\n## Advanced usage\n\n### Strict mode\n\n```php\n// Disable all security validation for trusted input\n$accessor = Inline::withStrictMode(false)-\u003efromJson($trustedPayload);\n```\n\n\u003e **Warning:** Disabling strict mode skips **all** validation. Only use with application-controlled input.\n\n### Path cache\n\n```php\n// Implement PathCacheInterface for repeated lookups\n$cache = new MyPathCache();\n$accessor = Inline::withPathCache($cache)-\u003efromJson($data);\n$accessor-\u003eget('deeply.nested.path'); // parses path\n$accessor-\u003eget('deeply.nested.path'); // cache hit\n```\n\n### Custom format integration\n\n```php\n// Implement ParseIntegrationInterface for custom formats\nclass CsvIntegration implements ParseIntegrationInterface\n{\n public function assertFormat(mixed $raw): bool\n {\n return is_string($raw) \u0026\u0026 str_contains($raw, ',');\n }\n\n public function parse(mixed $raw): array\n {\n // Parse CSV to associative array\n return $parsed;\n }\n}\n\n$accessor = Inline::withParserIntegration(new CsvIntegration())-\u003efromAny($csvString);\n```\n\n## API reference\n\n### `Inline` facade\n\n#### Static factory methods\n\n| Method | Input | Returns |\n| ------------------------------- | ---------------------------------- | -------------------- |\n| `fromArray($data)` | `array\u003carray-key, mixed\u003e` | `ArrayAccessor` |\n| `fromObject($data)` | `object` | `ObjectAccessor` |\n| `fromJson($data)` | JSON `string` | `JsonAccessor` |\n| `fromXml($data)` | XML `string` or `SimpleXMLElement` | `XmlAccessor` |\n| `fromYaml($data)` | YAML `string` | `YamlAccessor` |\n| `fromIni($data)` | INI `string` | `IniAccessor` |\n| `fromEnv($data)` | dotenv `string` | `EnvAccessor` |\n| `fromNdjson($data)` | NDJSON `string` | `NdjsonAccessor` |\n| `fromAny($data, $integration?)` | `mixed` | `AnyAccessor` |\n| `from($typeFormat, $data)` | `TypeFormat` enum | `AccessorsInterface` |\n| `make($class, $data)` | `class-string` | `AbstractAccessor` |\n\n#### Accessor read methods\n\n| Method | Returns |\n| ----------------------------- | --------------------------------------- |\n| `get($path, $default?)` | Value at path, or default |\n| `getOrFail($path)` | Value or throws `PathNotFoundException` |\n| `getAt($segments, $default?)` | Value at key segments |\n| `has($path)` | `bool` |\n| `hasAt($segments)` | `bool` |\n| `getMany($paths)` | `array\u003cstring, mixed\u003e` |\n| `all()` | `array\u003cstring, mixed\u003e` |\n| `count($path?)` | `int` |\n| `keys($path?)` | `list\u003cstring\u003e` |\n| `getRaw()` | `mixed` |\n\n#### Accessor write methods (immutable)\n\n| Method | Description |\n| -------------------------- | ---------------------- |\n| `set($path, $value)` | Set at path |\n| `setAt($segments, $value)` | Set at key segments |\n| `remove($path)` | Remove at path |\n| `removeAt($segments)` | Remove at key segments |\n| `merge($path, $value)` | Deep-merge at path |\n| `mergeAll($value)` | Deep-merge at root |\n\n#### Modifier methods\n\n| Method | Description |\n| ------------------ | -------------------------- |\n| `readonly($flag?)` | Block all writes |\n| `strict($flag?)` | Toggle security validation |\n\n#### TypeFormat enum\n\n`Array` · `Object` · `Json` · `Xml` · `Yaml` · `Ini` · `Env` · `Ndjson` · `Any`\n\n## Contributing\n\nSee [CONTRIBUTING.md](../../CONTRIBUTING.md) for development setup, commit conventions, and pull request guidelines.\n\n## License\n\n[MIT](../../LICENSE) © Felipe Sauer\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffelipesauer%2Fsafeaccess-inline-php","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffelipesauer%2Fsafeaccess-inline-php","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffelipesauer%2Fsafeaccess-inline-php/lists"}