Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message
Log in Register
Home
Packages
X Ray
Assessments

X Ray Laravel Package

spatie/x-ray

Scan your codebase for Ray debugging calls (ray(), rd(), Ray::*, ->ray()) and list where they occur so you can remove them before deploy. Supports multiple paths, ignores, snippets/summary, GitHub Actions annotations, and CI-friendly exit codes.

View on GitHub
Deep Wiki
Context7

Technical Evaluation

Architecture Fit

  • Purpose Alignment: Spatie/X-Ray is a lightweight PHP package designed to scan source code for calls to Laravel’s Ray debugging tool, enabling developers to identify and analyze Ray usage across a codebase. This aligns well with debugging-heavy Laravel applications where Ray is used for request inspection, logging, or performance monitoring.
  • Non-Intrusive: The package operates as a static analyzer (via PHPStan or custom AST parsing), avoiding runtime overhead. Ideal for legacy systems or large codebases where modifying production code is risky.
  • Complementary to Existing Tools: Works alongside Ray itself, providing metadata visibility (e.g., tracking Ray usage in CI/CD pipelines or pre-deployment checks).

Integration Feasibility

  • Low Coupling: No direct dependency on Laravel’s core; works with any PHP project using Ray (v1.0+). Can be integrated via Composer or custom scripts.
  • Static Analysis: Leverages PHPStan (recommended) or custom AST parsing, requiring minimal runtime dependencies. May need PHP 8.1+ for full compatibility.
  • Output Flexibility: Results can be formatted as CLI output, JSON, or integrated into CI tools (e.g., GitHub Actions, GitLab CI).

Technical Risk

  • False Positives/Negatives: Static analysis may misidentify Ray calls (e.g., in dynamic code or reflection). Requires tuning rules or whitelisting.
  • Performance: Large codebases may slow down analysis. Mitigate by parallelizing scans or limiting scope (e.g., app/ directory only).
  • Ray Version Dependency: Assumes Ray is installed. May need version checks if supporting multiple Ray versions.
  • Customization Limits: Default rules are rigid; extending requires custom AST logic (PHP’s PhpParser or PHPStan extensions).

Key Questions

  1. Use Case Clarity:
    • Is this for auditing existing Ray usage (e.g., cleanup) or enforcing Ray adoption (e.g., in new PRs)?
    • Should it block builds if Ray is misused (e.g., in production code)?
  2. Tooling Integration:
    • How will results be visualized (CLI, dashboard, IDE plugin)?
    • Will it integrate with existing CI/CD pipelines (e.g., fail builds on Ray violations)?
  3. Maintenance:
    • Who will update rules if Ray’s API changes?
    • How will false positives be handled (e.g., allowlist for known safe usages)?
  4. Scalability:
    • What’s the expected codebase size? Will need optimization for >1M LOC.
    • Should support distributed scanning (e.g., for monorepos)?

Integration Approach

Stack Fit

  • PHP/Laravel Ecosystem: Native support for PHP 8.1+ projects using Ray. Works with:
    • Static Analysis Tools: PHPStan (recommended), Psalm, or custom PhpParser scripts.
    • CI/CD: GitHub Actions, GitLab CI, or Jenkins (via CLI output).
    • IDE: VSCode/PHPStorm plugins (if results are JSON-formatted).
  • Non-Laravel PHP: Can scan any PHP project using Ray, but Laravel-specific features (e.g., service container calls) may need custom rules.

Migration Path

  1. Pilot Phase:
    • Install via Composer: composer require spatie/x-ray.
    • Run in development first: ./vendor/bin/x-ray scan.
    • Validate output against a sample of known Ray usages.
  2. CI Integration:
    • Add to CI pipeline (e.g., GitHub Actions): 
      - name: Scan for Ray calls
  run: ./vendor/bin/x-ray scan --format=json > ray-usage.json
    • Optionally fail builds on critical violations (e.g., Ray in production routes).
  3. Customization:
    • Extend rules via PHPStan extensions or custom AST logic for project-specific needs.
    • Example: Ignore Ray calls in tests/ or config/ directories.

Compatibility

  • Ray Version: Tested with Ray v1.0+. Verify compatibility if using older/new versions.
  • PHP Version: Requires PHP 8.1+ (for PhpParser features). Downgrade path unclear for PHP 7.x.
  • Dependencies:
    • Core: spatie/x-ray, phpstan/phpstan (if using PHPStan).
    • Optional: spatie/phpstan-rules for deeper analysis.
  • Conflicts: None expected, but custom PHPStan rules may conflict with existing configurations.

Sequencing

  1. Pre-Analysis:
    • Audit current Ray usage (manually or via grep/ripgrep) to set baseline expectations.
  2. Tool Setup:
    • Configure phpstan.neon or custom rules for project-specific needs.
  3. Incremental Rollout:
    • Start with non-critical paths (e.g., feature branches).
    • Gradually enforce in CI for all PRs.
  4. Post-Deployment:
    • Monitor false positives/negatives and refine rules.
    • Consider automated remediation (e.g., PR comments with fix suggestions).

Operational Impact

Maintenance

  • Rule Updates:
    • Monitor Ray API changes (e.g., new methods) and update rules accordingly.
    • Leverage community contributions (GitHub issues/PRs) for shared updates.
  • Dependency Management:
    • Pin spatie/x-ray and phpstan/phpstan versions in composer.json to avoid breaking changes.
  • Custom Logic:
    • Document project-specific rules (e.g., allowlists) in a README or wiki.

Support

  • Developer Onboarding:
    • Train teams on interpreting scan results (e.g., false positives, safe usages).
    • Provide templates for common use cases (e.g., "How to exclude Ray in tests").
  • Troubleshooting:
    • Common issues:
      • Performance: Optimize scan scope (e.g., exclude vendor/).
      • False Positives: Adjust rules or use allowlists.
      • CI Failures: Debug JSON output or adjust severity thresholds.
  • Escalation Path:
    • For critical bugs, open issues on Spatie’s GitHub or fork the package.

Scaling

  • Large Codebases:
    • Parallelize scans: Use parallel-lint or split directories.
    • Incremental analysis: Scan only changed files in CI (via git diff).
  • Distributed Systems:
    • For monorepos, run scans per-service and aggregate results.
  • Performance Benchmarks:
    • Test with 10K+ files to identify bottlenecks (e.g., PhpParser vs. regex).

Failure Modes

Failure Scenario Impact Mitigation
False positives block builds CI pipeline failures Tune rules or use allowlists
Ray API breaks compatibility Scan fails or misidentifies calls Update package or fork custom version
High memory usage CI timeouts or crashes Limit scan scope or use lighter tools
No maintainer updates Package stagnates Fork or contribute upstream
Misconfigured rules Missed Ray usages or over-blocking Review rules with a small sample set

Ramp-Up

  • Time to Value:
    • Day 1: Basic scan in local dev (5–10 mins setup).
    • Week 1: CI integration and first rule adjustments.
    • Month 1: Full enforcement with custom rules.
  • Key Metrics:
    • Coverage: % of codebase scanned (aim for 100%).
    • False Positive Rate: <5% (target for production use).
    • CI Pass Rate: >95% after stabilization.
  • Training Materials:
    • Cheat Sheet: Common commands (scan, --format=json, --exclude).
    • Example Workflow: "How to add a custom rule for our internal Ray wrapper."
    • FAQ: "Why is this file flagged when we use Ray intentionally?"
Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
davejamesmiller/laravel-breadcrumbs
artisanry/parsedown
christhompsontldr/phpsdk
enqueue/dsn
bunny/bunny
enqueue/test
enqueue/null
enqueue/amqp-tools
milesj/emojibase
bower-asset/punycode
bower-asset/inputmask
bower-asset/jquery
bower-asset/yii2-pjax
laravel/nova
spatie/laravel-mailcoach
spatie/laravel-superseeder
laravel/liferaft
nst/json-test-suite
danielmiessler/sec-lists
jackalope/jackalope-transport