SkillRepo
Sign InSign Up
Catalog
affaan-m/laravel-verification

affaan-m

laravel-verification

Verification loop for Laravel projects: env checks, linting, static analysis, tests with coverage, security scans, and deployment readiness.

global
New~1.0k
v1.1Saved May 11, 2026

Laravel Verification Loop

Run before PRs, after major changes, and pre-deploy.

When to Use

  • Before opening a pull request for a Laravel project
  • After major refactors or dependency upgrades
  • Pre-deployment verification for staging or production
  • Running full lint -> test -> security -> deploy readiness pipeline

How It Works

  • Run phases sequentially from environment checks through deployment readiness so each layer builds on the last.
  • Environment and Composer checks gate everything else; stop immediately if they fail.
  • Linting/static analysis should be clean before running full tests and coverage.
  • Security and migration reviews happen after tests so you verify behavior before data or release steps.
  • Build/deploy readiness and queue/scheduler checks are final gates; any failure blocks release.

Phase 1: Environment Checks

php -v
composer --version
php artisan --version
  • Verify .env is present and required keys exist
  • Confirm APP_DEBUG=false for production environments
  • Confirm APP_ENV matches the target deployment (production, staging)

If using Laravel Sail locally:

./vendor/bin/sail php -v
./vendor/bin/sail artisan --version

Phase 1.5: Composer and Autoload

composer validate
composer dump-autoload -o

Phase 2: Linting and Static Analysis

vendor/bin/pint --test
vendor/bin/phpstan analyse

If your project uses Psalm instead of PHPStan:

vendor/bin/psalm

Phase 3: Tests and Coverage

php artisan test

Coverage (CI):

XDEBUG_MODE=coverage php artisan test --coverage

CI example (format -> static analysis -> tests):

vendor/bin/pint --test
vendor/bin/phpstan analyse
XDEBUG_MODE=coverage php artisan test --coverage

Phase 4: Security and Dependency Checks

composer audit

Phase 5: Database and Migrations

php artisan migrate --pretend
php artisan migrate:status
  • Review destructive migrations carefully
  • Ensure migration filenames follow Y_m_d_His_* (e.g., 2025_03_14_154210_create_orders_table.php) and describe the change clearly
  • Ensure rollbacks are possible
  • Verify down() methods and avoid irreversible data loss without explicit backups

Phase 6: Build and Deployment Readiness

php artisan optimize:clear
php artisan config:cache
php artisan route:cache
php artisan view:cache
  • Ensure cache warmups succeed in production configuration
  • Verify queue workers and scheduler are configured
  • Confirm storage/ and bootstrap/cache/ are writable in the target environment

Phase 7: Queue and Scheduler Checks

php artisan schedule:list
php artisan queue:failed

If Horizon is used:

php artisan horizon:status

If queue:monitor is available, use it to check backlog without processing jobs:

php artisan queue:monitor default --max=100

Active verification (staging only): dispatch a no-op job to a dedicated queue and run a single worker to process it (ensure a non-sync queue connection is configured).

php artisan tinker --execute="dispatch((new App\\Jobs\\QueueHealthcheck())->onQueue('healthcheck'))"
php artisan queue:work --once --queue=healthcheck

Verify the job produced the expected side effect (log entry, healthcheck table row, or metric).

Only run this on non-production environments where processing a test job is safe.

Examples

Minimal flow:

php -v
composer --version
php artisan --version
composer validate
vendor/bin/pint --test
vendor/bin/phpstan analyse
php artisan test
composer audit
php artisan migrate --pretend
php artisan config:cache
php artisan queue:failed

CI-style pipeline:

composer validate
composer dump-autoload -o
vendor/bin/pint --test
vendor/bin/phpstan analyse
XDEBUG_MODE=coverage php artisan test --coverage
composer audit
php artisan migrate --pretend
php artisan optimize:clear
php artisan config:cache
php artisan route:cache
php artisan view:cache
php artisan schedule:list
Files1
1 files · 1.0 KB

Select a file to preview

Overall Score

82/100

Grade

B

Good

Safety

82

Quality

85

Clarity

88

Completeness

78

Summary

This skill provides a structured Laravel verification pipeline that runs environment checks, linting, static analysis, tests, security audits, and deployment readiness validation sequentially. It guides agents through running PHP, Composer, and Laravel-specific commands to ensure code quality, security, and deployment safety before pull requests or production deployments.

Static Analysis Findings

1 finding

Patterns detected by deterministic static analysis before AI scoring. Hover over any finding code for detailed information and remediation guidance.

Credential Exposure
SEC-020Direct .env File Access

Direct .env file access

SKILL.md.env
85% confidenceCWE-538: Sensitive Info in Externally-Accessible File

Detected Capabilities

shell executionphp environment inspectioncomposer validationcode linting and static analysistest execution with coveragesecurity auditsdatabase migration reviewconfiguration cachinglog file access

Trigger Keywords

Phrases that MCP clients use to match this skill to user intent.

verify laravel projectlaravel pre-commit checkpre-deployment verificationlaravel pipelinecode quality gatedeployment readinesslaravel security audit

Risk Signals

INFO

SEC-020: Direct .env file access mentioned in environment check phase

SKILL.md | Phase 1: Environment Checks

Use Cases

  • Verify Laravel projects before opening pull requests
  • Validate code quality and security post-refactor or dependency upgrade
  • Pre-deployment verification for staging or production environments
  • Run complete CI/CD pipeline with format → analysis → test → security checks
  • Ensure database migrations are safe and reversible
  • Validate queue workers and scheduler configuration

Quality Notes

  • Skill provides clear phase-based structure with logical ordering and dependencies
  • Includes concrete command examples for each phase, minimizing ambiguity
  • Documents both minimal and full CI-style pipeline workflows
  • Appropriate guardrails for destructive operations (migrations reviewed pre-execution with --pretend flag)
  • Restricts active queue testing to non-production environments only
  • Strong separation of concerns: environment → lint → test → security → deploy
  • Comprehensive coverage of Laravel-specific verification steps (migrations, scheduler, queue, cache)
Model: claude-haiku-4-5-20251001Analyzed: May 11, 2026

Reviews

Add this skill to your library to leave a review.

No reviews yet

Be the first to share your experience.

Version History

v1.1

Content updated

2026-04-20

Latest
v1.0

No changelog

2026-04-12

Add affaan-m/laravel-verification to your library

Get Started Free

Command Palette

Search for a command to run...