{"id":25878599,"url":"https://github.com/potherca-blog/php-code-scanner","last_synced_at":"2025-03-02T12:35:21.838Z","repository":{"id":19521534,"uuid":"87238272","full_name":"potherca-blog/php-code-scanner","owner":"potherca-blog","description":"Scan PHP Code","archived":false,"fork":false,"pushed_at":"2024-05-05T18:27:59.000Z","size":945,"stargazers_count":5,"open_issues_count":4,"forks_count":4,"subscribers_count":2,"default_branch":"master","last_synced_at":"2024-05-05T19:26:23.880Z","etag":null,"topics":["command-line-tool","php","php-cli","php-scanner","potherca","scanner"],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/potherca-blog.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-04-04T21:47:05.000Z","updated_at":"2024-05-05T19:26:25.814Z","dependencies_parsed_at":"2024-05-05T19:26:25.184Z","dependency_job_id":"1aae6d16-4542-4bb5-a2ab-a51391ee6a71","html_url":"https://github.com/potherca-blog/php-code-scanner","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/potherca-blog%2Fphp-code-scanner","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/potherca-blog%2Fphp-code-scanner/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/potherca-blog%2Fphp-code-scanner/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/potherca-blog%2Fphp-code-scanner/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/potherca-blog","download_url":"https://codeload.github.com/potherca-blog/php-code-scanner/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":241509262,"owners_count":19974065,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["command-line-tool","php","php-cli","php-scanner","potherca","scanner"],"created_at":"2025-03-02T12:35:21.132Z","updated_at":"2025-03-02T12:35:21.813Z","avatar_url":"https://github.com/potherca-blog.png","language":"PHP","readme":"# Code Scanner\n\n## Introduction\n\nIt can be difficult to understand what code does _exactly_ when working\nwith code-bases that are large, legacy, or low quality.\n\nSometimes you just want to know if the code writes to disk or reads from\na DB.\n\nThe purpose of this project is to give insight into which parts of code\nhave certain behaviour. Such behaviour is called an \"identity\".\n\nBy default the scanner can identify code that:\n\n- Accesses a database\n- Accesses a network\n- Accesses the environment (ini/env/apache/etc.)\n- Accesses the filesystem\n- Sends emails\n- Uses [native PHP global variables][reserved-variables]\n- Writes output (STDOUT/print/echo/etc.)\n\nThe scanner is smart enough to distinguish internal/native PHP functions\nand classes from user-land and vendor classes and functions.\n\nThe scanner is not meant to cover 100% of all cases, it is intended to\nbe \"good enough\". If there are cases the scanner does not support,\nplease open an issue to gain support.\n\n## Installation\n\nUse composer to install the tool in a project:\n\n```bash\ncomposer require 'potherca/php-scanner'\n```\n\nor globally:\n\n```bash\ncomposer global require 'potherca/php-scanner'\n```\n\n## Usage\n\nCall `php-scanner --help` to see the most up-to-date overview iof supported options:\n\n```bash\n ./bin/php-scanner --help\n\nUsage: php-scanner --subject \u003cpath-to-scan\u003e [--help] [--identifier=\u003cpath-to-identifier\u003e] [--ignore=\u003cpath-to-ignore\u003e]\n\n    --subject \u003cpath-to-scan\u003e            Path to directory or file to scan. Recurses into directories\n    [--help]                            Display this information\n    [--identifier=\u003cpath-to-identifier\u003e] Path to directory or file declaring custom identifiers. Does not recurse into directories\n    [--ignore=\u003cpath-to-ignore\u003e]         Path to directory or file to exclude from scanning\n\n```\n\n### Simple usage\n\nCall `php-scanner` with a subject that should be scanned.\n\n```bash\nphp-scanner --subject /path/to/file/or/folder\n```\n\nThe subject can be a file or directory.\nIf it is a directory it will be recursively scanned.\n\n### Ignore files and folders\n\nSpecific files and folders can be ignored by adding `ignore` flag(s).\n\n```bash\nphp-scanner --subject /path/to/file/or/folder --ignore=path/to/ignore\n```\n\nMultiple flags can be added:\n\n```bash\nphp-scanner --subject /path/to/file/or/folder --ignore=path/to/ignore --ignore=path/to/ignore.file\n```\n\nNote the use of the \"equals\" sign `=`. Without it the flag does not work.\n\nThe ignore path should be relative from the root of the directory to scan.\n\nIf the ignore flag points to a directory, make sure to add a slash `/` at the\nend to avoid unexpected behaviour. All files and folders in that directory\nwill be ignored.\n\n### Custom scanning\n\nThe scanner supports custom scanners so users can expand the identities the\nscanner can identify.\n\nAll a custom Identifier has to do is implement the `Potherca\\Scanner\\Identifier\\IdentifierInterface`\n\nThe file (or folder) containing custom Identifier(s) can be passed to the scanner\nusing the `--identifier` flag.\n\n- Multiple identifier flags can be added\n- An \"equals\" sign `=` must be used between the falg and the path. Without it the flag does not work.\n- Directories will _not_ be recursed into.\n\n## License\n\nThis project has been licensed under GPL-3.0 License (GNU General Public License\nv3.0).\n\nCreated by [Potherca](https://pother.ca/).\n\n[reserved-variables]: http://php.net/manual/en/reserved.variables.php\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpotherca-blog%2Fphp-code-scanner","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpotherca-blog%2Fphp-code-scanner","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpotherca-blog%2Fphp-code-scanner/lists"}