Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message
Log in Register
Home
Packages
Minus X
Assessments

Minus X Laravel Package

mediawiki/minus-x

MinusX scans your repo for files incorrectly marked executable on Unix. Executables must have the right MIME type or a shebang. Run minus-x check . to report issues and minus-x fix . to remove bad +x flags; supports ignore rules via .minus-x.json.

View on GitHub
Deep Wiki
Context7

Getting Started

Install MinusX as a dev dependency with composer require mediawiki/minus-x --dev. Run vendor/bin/minus-x check . from your project root to scan for unintended executable files. If issues are found, run vendor/bin/minus-x fix . to strip executable permissions from non-executable files (e.g., .php, .json, .md). The tool automatically skips .git, vendor, and node_modules—ideal for CI pipelines to enforce clean file permissions.

Implementation Patterns

  • CI/CD Enforcement: Integrate minus-x check into pre-commit hooks (e.g., via husky + lint-staged) or GitHub Actions/GitLab CI workflows to fail builds when non-shebang executable files are detected.
  • Repository-wide consistency: Add .minus-x.json at project root to ignore legacy or intentionally executable files (e.g., ./scripts/deploy.sh—though better to use proper shebangs).
  • Hybrid workflows: Use minus-x fix pre-commit to auto-correct permissions before staging changes, reducing noise in diffs (e.g., avoid chmod +x on .php files that are scripts but lack shebangs).
  • Extension repositories: For MediaWiki extension devs (MinusX’s primary users), include it in composer.json dev requirements and reference it in CONTRIBUTING.md to standardize file permissions across Wikimedia-style projects.

Gotchas and Tips

  • Shebang is required: MinusX only allows executable permissions if a file starts with #! or is a binary. A .sh file without #!/bin/bash at the top will be flagged—even if intentionally executable. Always add shebangs to shell scripts.
  • JSON validation matters: .minus-x.json is strict; trailing commas or invalid syntax silently breaks configuration. Validate with jq or online JSON validators.
  • Permissions ≠ content: MinusX only handles filesystem permissions—not file contents. It won’t fix logic errors in scripts or validate shebang correctness (e.g., #!/usr/bin/env php vs #!/usr/bin/php).
  • Git integration quirk: If a file’s executable bit is toggled after staging (git add), MinusX may not catch it unless you run check against the working tree after the change. Run minus-x check . after git diff --cached --name-only for full coverage.
  • Extension point: While not extensible via plugins, minus-x respects .gitignore-style logic via ignore/ignoreDirectories. For complex mono-repos, combine with grep/find to pre-filter paths.
Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
davejamesmiller/laravel-breadcrumbs
artisanry/parsedown
christhompsontldr/phpsdk
enqueue/dsn
bunny/bunny
enqueue/test
enqueue/null
enqueue/amqp-tools
milesj/emojibase
bower-asset/punycode
bower-asset/inputmask
bower-asset/jquery
bower-asset/yii2-pjax
laravel/nova
spatie/laravel-mailcoach
spatie/laravel-superseeder
laravel/liferaft
nst/json-test-suite
danielmiessler/sec-lists
jackalope/jackalope-transport