{"id":19324863,"url":"https://github.com/spatie/laravel-http-logger","last_synced_at":"2026-02-21T23:09:20.305Z","repository":{"id":37451073,"uuid":"106675289","full_name":"spatie/laravel-http-logger","owner":"spatie","description":"Log HTTP requests in Laravel applications","archived":false,"fork":false,"pushed_at":"2025-09-08T09:01:12.000Z","size":117,"stargazers_count":668,"open_issues_count":0,"forks_count":60,"subscribers_count":8,"default_branch":"main","last_synced_at":"2025-11-27T16:34:53.564Z","etag":null,"topics":["http","laravel","logging","php"],"latest_commit_sha":null,"homepage":"https://freek.dev/882-a-laravel-package-to-log-http-requests","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/spatie.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"custom":"https://spatie.be/open-source/support-us"}},"created_at":"2017-10-12T09:52:44.000Z","updated_at":"2025-11-12T05:57:33.000Z","dependencies_parsed_at":"2025-03-16T21:00:56.770Z","dependency_job_id":"98012a52-a67c-45e4-8ddd-b9921ab6e2b9","html_url":"https://github.com/spatie/laravel-http-logger","commit_stats":{"total_commits":145,"total_committers":25,"mean_commits":5.8,"dds":0.6344827586206896,"last_synced_commit":"76f0b417ce9b01e821dc517c1659fb05f2679498"},"previous_names":[],"tags_count":23,"template":false,"template_full_name":null,"purl":"pkg:github/spatie/laravel-http-logger","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spatie%2Flaravel-http-logger","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spatie%2Flaravel-http-logger/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spatie%2Flaravel-http-logger/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spatie%2Flaravel-http-logger/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/spatie","download_url":"https://codeload.github.com/spatie/laravel-http-logger/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spatie%2Flaravel-http-logger/sbom","scorecard":{"id":840597,"data":{"date":"2025-08-11","repo":{"name":"github.com/spatie/laravel-http-logger","commit":"dd8816f02e01f0b2843b3d23b023c01618410ec5"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.6,"checks":[{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Code-Review","score":4,"reason":"Found 7/16 approved changesets -- score normalized to 4","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.md:0","Info: FSF or OSI recognized license: MIT License: LICENSE.md:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 21 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-23T20:23:49.638Z","repository_id":37451073,"created_at":"2025-08-23T20:23:49.639Z","updated_at":"2025-08-23T20:23:49.639Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29697273,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-21T18:18:25.093Z","status":"ssl_error","status_checked_at":"2026-02-21T18:18:22.435Z","response_time":107,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["http","laravel","logging","php"],"created_at":"2024-11-10T02:07:12.737Z","updated_at":"2026-02-21T23:09:20.286Z","avatar_url":"https://github.com/spatie.png","language":"PHP","funding_links":["https://spatie.be/open-source/support-us"],"categories":[],"sub_categories":[],"readme":"# Log HTTP requests\n\n[![Latest Version on Packagist](https://img.shields.io/packagist/v/spatie/laravel-http-logger.svg?style=flat-square)](https://packagist.org/packages/spatie/laravel-http-logger)\n[![run-tests](https://github.com/spatie/laravel-http-logger/actions/workflows/run-tests.yml/badge.svg)](https://github.com/spatie/laravel-http-logger/actions/workflows/run-tests.yml)\n[![Total Downloads](https://img.shields.io/packagist/dt/spatie/laravel-http-logger.svg?style=flat-square)](https://packagist.org/packages/spatie/laravel-http-logger)\n\nThis package adds a middleware which can log incoming requests to the default log. \nIf anything goes wrong during a user's request, you'll still be able to access the original request data sent by that user.\n\nThis log acts as an extra safety net for critical user submissions, such as forms that generate leads.\n\n## Support us\n\n[\u003cimg src=\"https://github-ads.s3.eu-central-1.amazonaws.com/laravel-http-logger.jpg?t=1\" width=\"419px\" /\u003e](https://spatie.be/github-ad-click/laravel-http-logger)\n\nWe invest a lot of resources into creating [best in class open source packages](https://spatie.be/open-source). You can support us by [buying one of our paid products](https://spatie.be/open-source/support-us).\n\nWe highly appreciate you sending us a postcard from your hometown, mentioning which of our package(s) you are using. You'll find our address on [our contact page](https://spatie.be/about-us). We publish all received postcards on [our virtual postcard wall](https://spatie.be/open-source/postcards).\n\n## Installation\n\nYou can install the package via composer:\n\n```bash\ncomposer require spatie/laravel-http-logger\n```\n\nOptionally you can publish the config file with:\n\n```bash\nphp artisan vendor:publish --provider=\"Spatie\\HttpLogger\\HttpLoggerServiceProvider\" --tag=\"config\" \n```\n\nThis is the contents of the published config file:\n\n```php\nreturn [\n\n    /*\n     * Determine if the http-logger middleware should be enabled.\n     */\n    'enabled' =\u003e env('HTTP_LOGGER_ENABLED', true),\n\n    /*\n     * The log profile which determines whether a request should be logged.\n     * It should implement `LogProfile`.\n     */\n    'log_profile' =\u003e \\Spatie\\HttpLogger\\LogNonGetRequests::class,\n\n    /*\n     * The log writer used to write the request to a log.\n     * It should implement `LogWriter`.\n     */\n    'log_writer' =\u003e \\Spatie\\HttpLogger\\DefaultLogWriter::class,\n    \n    /*\n     * The log channel used to write the request.\n     */\n    'log_channel' =\u003e env('LOG_CHANNEL', 'stack'),\n    \n    /*\n     * The log level used to log the request.\n     */\n    'log_level' =\u003e 'info',\n    \n    /*\n     * Filter out body fields which will never be logged.\n     */\n    'except' =\u003e [\n        'password',\n        'password_confirmation',\n    ],\n    \n    /*\n     * List of headers that will be sanitized. For example Authorization, Cookie, Set-Cookie...\n     */\n    'sanitize_headers' =\u003e [],\n];\n```\n\n## Usage\n\nThis packages provides a middleware which can be added as a global middleware or as a single route.\n\n\n**Laravel \u003e= 11:**\n\n```php\n-\u003ewithMiddleware(function (Middleware $middleware) {\n    $middleware-\u003eappend(\\Spatie\\HttpLogger\\Middlewares\\HttpLogger::class);\n})\n```\n\n**Laravel \u003c= 10:**\n\n```php\n// in `app/Http/Kernel.php`\n\nprotected $middleware = [\n    // ...\n    \n    \\Spatie\\HttpLogger\\Middlewares\\HttpLogger::class\n];\n```\n\n```php\n// in a routes file\n\nRoute::post('/submit-form', function () {\n    //\n})-\u003emiddleware(\\Spatie\\HttpLogger\\Middlewares\\HttpLogger::class);\n```\n\n### Logging\n\nTwo classes are used to handle the logging of incoming requests: \na `LogProfile` class will determine whether the request should be logged,\nand `LogWriter` class will write the request to a log. \n\nA default log implementation is added within this package. \nIt will only log `POST`, `PUT`, `PATCH`, and `DELETE` requests \nand it will write to the default Laravel logger.\nLogging is enabled by default but can be toggled on or off via the `HTTP_LOGGER_ENABLED` variable in the `.env` file.\n\nYou're free to implement your own log profile and/or log writer classes, \nand configure it in `config/http-logger.php`.\n\nA custom log profile must implement `\\Spatie\\HttpLogger\\LogProfile`. \nThis interface requires you to implement `shouldLogRequest`.\n\n```php\n// Example implementation from `\\Spatie\\HttpLogger\\LogNonGetRequests`\n\npublic function shouldLogRequest(Request $request): bool\n{\n   return in_array(strtolower($request-\u003emethod()), ['post', 'put', 'patch', 'delete']);\n}\n```\n\nA custom log writer must implement `\\Spatie\\HttpLogger\\LogWriter`. \nThis interface requires you to implement `logRequest`.\n\n```php\n// Example implementation from `\\Spatie\\HttpLogger\\DefaultLogWriter`\n\npublic function logRequest(Request $request): void\n{\n    $method = strtoupper($request-\u003egetMethod());\n    \n    $uri = $request-\u003egetPathInfo();\n    \n    $bodyAsJson = json_encode($request-\u003eexcept(config('http-logger.except')));\n\n    $message = \"{$method} {$uri} - {$bodyAsJson}\";\n\n    Log::channel(config('http-logger.log_channel'))-\u003einfo($message);\n}\n```\n\n#### Hide sensitive headers\n\nYou can define headers that you want to sanitize before sending them to the log. \nThe most common example would be Authorization header. If you don't want to log jwt token, you can add that header to `http-logger.php` config file:\n\n```php\n// in config/http-logger.php\n\nreturn [\n    // ...\n    \n    'sanitize_headers' =\u003e [\n        'Authorization'\n    ],\n];\n```\n\nOutput would be `Authorization: \"****\"` instead of `Authorization: \"Bearer {token}\"`\n\n### Testing\n\n``` bash\ncomposer test\n```\n\n### Changelog\n\nPlease see [CHANGELOG](CHANGELOG.md) for more information what has changed recently.\n\n## Contributing\n\nPlease see [CONTRIBUTING](https://github.com/spatie/.github/blob/main/CONTRIBUTING.md) for details.\n\n### Security\n\nIf you've found a bug regarding security please mail [security@spatie.be](mailto:security@spatie.be) instead of using the issue tracker.\n\n## Credits\n\n- [Brent Roose](https://github.com/brendt)\n- [All Contributors](../../contributors)\n\n## License\n\nThe MIT License (MIT). Please see [License File](LICENSE.md) for more information.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fspatie%2Flaravel-http-logger","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fspatie%2Flaravel-http-logger","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fspatie%2Flaravel-http-logger/lists"}