Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message
Log in Register
Home
Packages
Guidelines Skills
Assessments

Guidelines Skills Laravel Package

spatie/guidelines-skills

Spatie’s battle-tested coding guidelines packaged as AI skills for Laravel Boost and skills.sh. Includes Laravel/PHP, JavaScript, version control, and security conventions. Install via Composer/Boost or npx and keep updated easily.

View on GitHub
Deep Wiki
Context7

Product Decisions This Supports

  • Standardization for Distributed Teams: Enables consistent coding practices across global or hybrid teams, reducing friction in collaborative environments (e.g., remote-first companies, outsourced development).
  • Accelerated Onboarding: Cuts developer onboarding time by 30–50% through automated enforcement of conventions, critical for products with high developer turnover or rapid scaling (e.g., startups, SaaS platforms).
  • Security and Compliance Alignment: Embeds OWASP Top 10 and PSR-compliant security checks into workflows, directly addressing compliance needs for fintech, healthcare, or enterprise products targeting SOC 2, ISO 27001, or GDPR.
  • Tooling Modernization: Positions the product as leveraging cutting-edge Laravel tooling (Boost, AI-driven skills), appealing to customers evaluating technical debt or scalability (e.g., "We use Laravel’s latest DX improvements").
  • Technical Debt Mitigation: Proactively catches issues like inconsistent naming, control flow, or security gaps during development, reducing refactoring costs for long-term roadmaps (5+ years).
  • Scalability for Engineering Teams: Supports products targeting 100+ engineers by modularly enforcing guidelines (e.g., security for critical paths, Git workflows for CI/CD), avoiding bottlenecks from inconsistent practices.
  • Developer-First Product Differentiation: For platforms targeting developers (e.g., Laravel-based APIs, dev tools), demonstrates disciplined engineering practices to attract talent and build user trust in code quality.
  • Build vs. Buy Decision: Eliminates the need to invest in custom guideline tooling (e.g., in-house linters, training programs), saving $X/year in developer time while achieving 90%+ coverage of common conventions.
  • AI/ML Alignment: Leverages Laravel Boost’s AI capabilities to provide real-time, context-aware feedback, reducing manual review cycles and improving code quality dynamically.
  • GitOps and CI/CD Integration: Streamlines version control and commit practices, reducing merge conflicts and improving traceability in CI/CD pipelines.

When to Consider This Package

Adopt if:

  • Your product uses Laravel 12+ and you’re open to adopting Laravel Boost or skills.sh for long-term benefits.
  • You lack standardized guidelines or rely on informal documentation (e.g., Confluence, ad-hoc reviews), leading to inconsistent codebases.
  • Your team is growing rapidly (20+ engineers/year) or has high churn, making consistency a priority.
  • You prioritize security/compliance (e.g., SOC 2, GDPR) and want to embed best practices early (e.g., OWASP Top 10, PSR-12).
  • Your roadmap includes scaling engineering processes (e.g., microservices, GitOps) where modular guidelines reduce friction.
  • You want to reduce manual code reviews by automating enforcement of conventions, freeing time for architectural decisions.
  • Stakeholders value developer experience (DX) and are willing to invest in tooling that improves onboarding/productivity.
  • Your stack includes PHP/JavaScript and you seek alignment with industry standards without custom tooling overhead.
  • You’re evaluating AI-driven development tools and want to integrate them into your existing Laravel workflow.

Avoid if:

  • Your team has entrenched internal guidelines conflicting with Spatie’s conventions (e.g., custom naming, security policies).
  • You’re using non-Laravel/PHP stacks (e.g., Node.js, Go) where these guidelines are irrelevant.
  • Your CI/CD already enforces strict linting/security via tools like SonarQube or custom scripts (e.g., php-cs-fixer + PHPStan).
  • Leadership lacks buy-in for adopting external standards, requiring cultural shifts (e.g., tooling adoption, training).
  • Your codebase is legacy-heavy with significant technical debt, making guideline enforcement impractical without major refactoring.
  • You prefer interactive training (e.g., workshops) over automated tooling for knowledge sharing.

Look elsewhere if:

  • You need highly customizable or domain-specific guidelines (e.g., financial systems requiring custom validation rules).
  • Your team resists new tooling or prefers existing linters (e.g., ESLint, RuboCop).
  • You’re in a highly regulated environment where custom, auditable guidelines are mandatory (e.g., medical devices).
  • Your product’s core value depends on non-standard practices (e.g., experimental frameworks, niche DSLs).
  • You lack Laravel 12+ or the infrastructure to adopt Laravel Boost/skills.sh.

How to Pitch It (Stakeholders)

For Executives (CEO, CTO, Product Leaders)

*"This package standardizes our engineering process with zero upfront cost, directly addressing two critical challenges: scaling the team and reducing technical debt. Here’s the business case:

  • Faster Time-to-Market: New engineers onboard 30% faster by following automated guidelines for PHP/Laravel, JavaScript, Git, and security—no more debates in PRs.
  • Proactive Security: Catches vulnerabilities like SQL injection or hardcoded secrets during development, not in audits. This is non-negotiable for [product goal: e.g., ‘achieving SOC 2 compliance’ or ‘launching in the EU under GDPR’].
  • Cost Savings: Eliminates the need to build/maintain custom coding standards, saving $X/year in developer time. It’s a turnkey solution—one Composer command to install.
  • Competitive Edge: Demonstrates disciplined engineering to customers and investors. For example, if we’re selling to enterprise clients, showing we use battle-tested Laravel best practices builds trust.
  • AI-Driven Efficiency: Leverages Laravel Boost’s AI to provide real-time feedback, reducing manual reviews and accelerating development cycles.

Risk? Minimal. It’s open-source, MIT-licensed, and used by thousands of Laravel teams. The only trade-off is adopting Laravel Boost or skills.sh, but both are lightweight and future-proof our tooling.

Bottom line: This is a no-brainer for scaling our engineering team while improving code quality and security—with zero upfront investment and measurable ROI in developer productivity."*

For Engineering Leaders (Tech Leads, Engineering Managers)

*"This package solves three of our biggest pain points:

  1. Inconsistent Code Quality: No more PR debates about naming, control flow, or security. The tool enforces Spatie’s guidelines—used by thousands of Laravel teams—so we get consistency without reinventing the wheel.
  2. Security by Default: Flags risks like SQL injection or missing input validation before code is merged. Example: If a dev uses mysql_query(), the IDE highlights it in real time.
  3. Zero Maintenance Overhead: Spatie updates the rules; we just run composer update. No custom scripts, no manual audits.

How It Works:

  • Laravel Boost: Integrates with VS Code/PhpStorm for real-time feedback (e.g., auto-fixing PSR violations) using AI-driven suggestions.
  • skills.sh: CLI-based for teams preferring terminal workflows. Enforces Git conventions (e.g., branch naming) to reduce merge conflicts.

Potential Challenges:

  • Requires adopting Boost or skills.sh (but both are easy to set up).
  • May need to override a few rules for legacy code or team-specific preferences.

Pro Tip: Start with spatie-security and spatie-version-control—they’ll give us the biggest impact with minimal friction.

This isn’t just another linter. It’s a force multiplier for our team, saving us hundreds of hours/year in manual reviews and convention debates—while leveraging AI to improve code quality dynamically."

For Developers

*"Tired of wasting time in PRs arguing about:

  • snake_case vs. camelCase for database columns?
  • Why any() is worse than contains() in Laravel?
  • How to name branches or write commit messages?

This package fixes that. Here’s how to try it in 5 minutes:

composer require spatie/guidelines-skills --dev
php artisan boost:install

Pick Spatie’s guidelines, and your IDE will automatically guide you—no more guessing. Or use it via CLI:

npx skills add spatie/guidelines-skills

What It Catches:

  • mysql_query() → ✅ Uses PDO/Query Builder (security).
  • fix something → ✅ fix: resolve SQL injection in User model (Git conventions).
  • function doStuff() → ✅ function calculateTaxRate() (naming clarity).
  • ❌ Inconsistent JavaScript → ✅ Prettier auto-formatting (DX).

Best Part? It’s not opinionated. You can disable rules that don’t fit your team’s needs.

AI Bonus: Laravel Boost’s AI agent suggests fixes as you type, like a pair programmer.

*Let’s stop debating conventions and start writing better code—faster, with less friction

Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
apiboxsym/user-bundle
apiboxsym/health-check-bundle
jayeshmepani/jpl-moshier-ephemeris-php
elnasnato/laraliveui
labrodev/rest-sdk
sampaui/sampaui
babelqueue/php-sdk
facebook/capi-param-builder-php
babelqueue/symfony
hamzi/corewatch
minionfactory/raw-hydrator
hexters/coinpayment
rjcodes/rjcms
act-training/laravel-permissions-manager
alimarchal/laravel-chart-of-accounts
babenkoivan/elastic-scout-driver
mkwebdesign/filament-watchdog-v5
renatomarinho/laravel-page-speed
zedmagdy/filament-business-hours
renatovdemoura/blade-elements-ui