Search by 
limenet / laravel-baseline
A highly opinionated Laravel baseline.
Maintainers
Fund package maintenance!
1.3.6
2026-05-03 11:04 UTC
Requires
- php: ^8.3
- ext-simplexml: *
- composer/semver: ^3.4
- illuminate/contracts: ^12.0 || ^13.0
- nikic/php-parser: ^5.7
- phpstan/phpstan: ^2.1.40
- rector/rector: ^2.3.8
- spatie/laravel-package-tools: ^1.93
- symfony/finder: ^7.4 || ^8.0
- symfony/yaml: ^7.4 || ^8.0
Requires (Dev)
- larastan/larastan: ^3.9.6
- laravel/framework: ^12.53.0 || ^13.7.0
- laravel/pint: ^1.29.1
- mockery/mockery: ^1.6.12
- nunomaduro/collision: ^8.9.4
- orchestra/testbench: ^10.9.0 || ^11.1
- pestphp/pest: ^4.6.3
- pestphp/pest-plugin-arch: ^4.0.2
- pestphp/pest-plugin-laravel: ^4.1
- phpstan/extension-installer: ^1.4.3
- phpstan/phpstan-deprecation-rules: ^2.0.4
- phpstan/phpstan-phpunit: ^2.0.16
- spatie/laravel-health: ^1.39.2
- spatie/temporary-directory: ^2.3.1
- symplify/rule-doc-generator-contracts: ^11.2
Conflicts
- laravel/boost: ^1.0
- dev-main
- 1.3.6
- 1.3.5
- 1.3.4
- 1.3.3
- 1.3.2
- 1.3.1
- 1.3.0
- 1.2.25
- 1.2.24
- 1.2.23
- 1.2.22
- 1.2.21
- 1.2.20
- 1.2.19
- 1.2.18
- 1.2.17
- 1.2.16
- 1.2.15
- 1.2.14
- 1.2.13
- 1.2.12
- 1.2.11
- 1.2.10
- v1.2.9
- v1.2.8
- v1.2.7
- v1.2.6
- v1.2.5
- v1.2.4
- v1.2.3
- v1.2.2
- v1.2.1
- v1.2.0
- v1.1.12
- v1.1.11
- v1.1.10
- v1.1.9
- v1.1.8
- v1.1.7
- v1.1.6
- v1.1.5
- v1.1.4
- v1.1.3
- v1.1.2
- v1.1.1
- v1.1.0
- v1.0.0
- v0.2.12
- v0.2.11
- v0.2.10
- v0.2.9
- v0.2.8
- v0.2.7
- v0.2.6
- v0.2.5
- v0.2.4
- v0.2.3
- v0.2.2
- v0.2.1
- v0.2.0
- v0.1.19
- v0.1.18
- v0.1.17
- v0.1.16
- v0.1.15
- v0.1.14
- v0.1.13
- v0.1.12
- v0.1.11
- v0.1.10
- v0.1.9
- v0.1.8
- v0.1.7
- v0.1.6
- v0.1.5
- v0.1.4
- v0.1.3
- v0.1.2
- v0.1.1
- v0.1.0
This package is auto-updated.
Last update: 2026-05-03 14:31:23 UTC
README
Checks your Laravel installation against a highly opinionated baseline.
Installation
You can install the package via composer:
composer require limenet/laravel-baseline
You can publish the config file with:
php artisan vendor:publish --tag="laravel-baseline-config"
Usage
"post-update-cmd": [ "@php artisan limenet:laravel-baseline" ],
Checks
This package validates your Laravel installation against the following checks:
Testing & Quality Tools
usesPest()- Validates Pest testing framework is configured (not PHPUnit directly)usesRector()- Validates Rector automated code modernization is installedusesLarastan()- Validates Larastan static analysis tool is configuredusesPhpstanExtensions()- Validates PHPStan extensions are installedphpstanLevelAtLeastEight()- Validates PHPStan is configured to at least level 8usesPhpInsights()- Validates PHP Insights code quality analysis is configuredcheckPhpunit()- Validates PHPUnit configuration with coverage reportshasRectorConfigWithComposerBased()- Validates RectorwithComposerBased(phpunit, symfony, laravel)is configuredhasRectorConfigWithConfiguredRules()- Validates RectorwithConfiguredRule()calls are present forRouteActionCallableRectorandWhereToWhereLikeRectorhasRectorConfigWithPreparedSets()- Validates RectorwithPreparedSets(deadCode, codeQuality, codingStyle, typeDeclarations, privatization, instanceOf, earlyReturn)is configuredhasRectorConfigWithImportNames()- Validates RectorwithImportNames(importShortClasses: false)is configuredhasRectorConfigWithPhpSets()- Validates RectorwithPhpSets()is calledhasRectorConfigWithAttributesSets()- Validates RectorwithAttributesSets()is calledhasRectorConfigWithSetProviders()- Validates RectorwithSetProviders(LaravelSetProvider)is configuredhasRectorConfigWithRules()- Validates RectorwithRules([AddGenericReturnTypeToRelationsRector, MinutesToSecondsInCacheRector, UseForwardsCallsTraitRector])is configuredhasRectorConfigWithSets()- Validates RectorwithSets([LaravelBaselineSetList::REMOVE_DEFAULT_DOCBLOCKS, LaravelSetList::LARAVEL_*])is configured with all required setshasRectorConfigWithPaths()- Validates RectorwithPaths([app, database, routes, tests])is configuredhasRectorConfigWithSkip()- Validates RectorwithSkip()contains required skipped rules (always: 6 Laravel rules; Laravel 13+: TablePropertyToTableAttributeRector; when server.php exists: ServerVariableToRequestFacadeRector)
IDE & Developer Tools
hasClaudeSettingsWithLaravelSimplifier()- Validates Claude Code settings include Laravel Simplifier pluginusesIdeHelpers()- Validates Laravel IDE Helper is configuredusesLaravelAdminer()- Warns if Laravel Adminer database UI is missing (optional), validates TFA confirmation and configuration when installedusesLaravelBoost()- Validates Laravel Boost AI development toolusesLimenetPintConfig()- Validates custom Laravel Pint formatting standards
Laravel Features & Monitoring
usesLaravelHorizon()- Validates Laravel Horizon Redis queue managerusesLaravelPennant()- Warns if Laravel Pennant feature flags are missing (optional)usesLaravelPulse()- Validates Laravel Pulse application monitoringusesLaravelTelescope()- Validates Laravel Telescope request debuggingusesSpatieHealthSetup()- Validates Spatie Health packages, schedules, s3_health disk, and result store configurationusesSpatieHealthHasCoreChecks()- Validates core health checks (CacheCheck, CpuLoadCheck, DatabaseCheck, DebugModeCheck, EnvironmentCheck, HorizonCheck, RedisCheck, ScheduleCheck, UsedDiskSpaceCheck) are registeredusesSpatieHealthHasLaravelVersionCheck()- Validates LaravelVersionCheck is registered in Health::checks()usesSpatieHealthHasPhpVersionCheck()- Validates PhpVersionCheck is registered in Health::checks()usesSpatieHealthHasReleaseAgeCheck()- Validates ReleaseAgeCheck is registered in Health::checks()usesSpatieBackup()- Validates Spatie Backup database backups with comprehensive config validation
Infrastructure & Dependencies
usesPredis()- Validates Predis Redis client is installedisLaravelVersionMaintained()- Validates Laravel 11+ is useddoesNotUseSail()- Validates Sail is NOT useddoesNotUseHorizonWatcher()- Validates Spatie Horizon Watcher is NOT installeddoesNotUseGreaterThanOrEqualConstraints()- Validates no>=version constraints in composer.json (use^or~instead)
CI/CD & Deployment
hasCiJobs()- Validates GitLab CI pipeline jobs are properly configuredhasTrivyConfig()- Validates Trivy security scanning CI job andtrivy.yamlconfiguration (scanners + severity)callsSentryHook()- Warns if Sentry error tracking is missing (optional)phpVersionMatchesCi()- Validates PHP version consistency with CI configurationisCiLintComplete()- Validates complete linting pipelinedoesNotUseIgnition()- Validates Ignition debugger is NOT installed
Local Development
phpVersionMatchesDdev()- Validates PHP version consistency with DDEVddevHasPcovPackage()- Validates DDEV coverage configurationddevHasRedisAddon()- Validates DDEV Redis addon is installed and at minimum version 2.2.0ddevMutagenIgnoresNodeModules()- Validates DDEV Mutagen sync configuration
Build & Release
bumpsComposer()- Validates automatic composer dependency bumpingusesReleaseIt()- Validates automated release managementhasNpmScripts()- Validates required npm build scripts
Security & Configuration
hasDailyLogging()- Validates logging usesdailychannel (directly or viastack)hasEncryptedEnvFile()- Validates encrypted environment file existshasGuidelinesUpdateScript()- Validates baseline guidelines update scriptcallsBaseline()- Validates self-validation runs after updatesisInstalledAsRegularDependency()- Validateslimenet/laravel-baselineis inrequire(notrequire-dev)usesLaravelLang()- Validateslaravel-lang/langdev dependency is installed withlang:updateand pint in post-update scripts
Testing
composer test
Changelog
Please see CHANGELOG for more information on what has changed recently.
Contributing
Please see CONTRIBUTING for details.
Security Vulnerabilities
Please review our security policy on how to report security vulnerabilities.
Credits
License
The MIT License (MIT). Please see License File for more information.