Log in Register

Code Weaver

Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.

Plugin Laravel Laravel Package

psalm/plugin-laravel

Psalm plugin for Laravel that adds deep framework-aware static analysis plus taint-based security scanning. Detects SQL injection, XSS, SSRF, shell injection, file traversal, and open redirects by tracking user input flows across functions and services.

View on GitHub

Deep Wiki

Context7

title: Home nav_order: 1

About plugin

The plugin helps Psalm to understand Laravel's code (which uses a lot of magic) better. There are 2 main ways how it does it:

easy: by providing stub files (you can find them in /stubs dir)
medium+: using custom Handlers (see /src/Handlers dir)

Documentation

Configuration — plugin XML config options and environment variables
GitHub Actions — running Psalm in CI with GitHub Actions
Upgrading to v4 — migration guide from v3
Contribution:
- Overview — how the plugin works, getting started, adding stubs and handlers
- Architecture Decisions — key design decisions and rationale
- Debugging with Xdebug — stepping through plugin code
- Taint Analysis
- Types — Psalm types and annotations (incl. internal/hidden)

Custom Issues

The plugin emits custom issues that Psalm does not have built-in. Each one links to detailed documentation with examples and fix guidance.

Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.

Add packages to context

No packages found.

davejamesmiller/laravel-breadcrumbs

artisanry/parsedown

christhompsontldr/phpsdk

enqueue/dsn

bunny/bunny

enqueue/test

enqueue/null

enqueue/amqp-tools

milesj/emojibase

bower-asset/punycode

bower-asset/inputmask

bower-asset/jquery

bower-asset/yii2-pjax

laravel/nova

spatie/laravel-mailcoach

spatie/laravel-superseeder

laravel/liferaft

nst/json-test-suite

danielmiessler/sec-lists

jackalope/jackalope-transport