dev-reymark/laravel-source-encryptor
Composer 安装命令:
composer require dev-reymark/laravel-source-encryptor
包简介
Encrypt Laravel source code for secure Laravel distribution
README 文档
README
Encrypt Laravel source code and safely distribute applications without exposing PHP source files. Converts your Laravel application's PHP files into encrypted code that is decrypted only at runtime, allowing you to distribute Laravel applications while protecting your intellectual property.
Features
- Encrypt controllers, models, services, and routes
- Bundle encrypted code into a single runtime file
- Runtime decryption via custom autoloader
- Automatic Composer and npm build handling
- Cross-platform (Windows, Linux, macOS)
- Laravel 7.x through 13.x support
- Optimized distribution builds
- No external PHP extensions required
Quick Installation
composer require dev-reymark/laravel-source-encryptor php artisan source:install
The source:install command will automatically publish the configuration file and securely generate and inject a SOURCE_ENCRYPTION_KEY into your .env file.
Usage
Build Production Distribution
php artisan source:build
The command will:
- Installs Composer dependencies (--no-dev)
- Installs npm dependencies if needed
- Builds frontend assets (Vite / React / Vue)
- Encrypts Laravel source files
- Bundles encrypted code into a runtime file
- Removes the original app/ directory
- Generates encrypted route loaders
- Create a clean distribution folder at
dist/
Distribution Structure
dist/
├ artisan
├ bootstrap/
│ └ cache/
│ ├ config.enc
│ └ source.enc
├ composer.json
├ composer.lock
├ database/
├ public/
├ resources/
├ routes/
├ storage/
└ vendor/
The original app/ directory is removed. All encrypted source code is stored inside bootstrap/cache/source.enc.
Build Options
Skip frontend build:
php artisan source:build --no-frontend
By default, the build command will automatically attempt to run npm install and npm run build if it detects frontend assets. Use the --no-frontend flag to skip this process entirely. This is highly recommended for API-only applications or if you compile your frontend assets separately.
Skip composer install:
php artisan source:build --skip-composer
By default, the build command automatically runs composer install --no-dev inside the new dist/ directory. Use the --skip-composer flag to skip this step if you are running the build in a CI/CD pipeline or Docker environment where you prefer to handle Composer installation manually to utilize caching and speed up build times.
Configuration
You can customize the encryption behavior by modifying the config/source-encryptor.php file.
Excluding Directories from Encryption
If you have specific directories (or files) that you want to exclude from the encryption process (for example, if they need to be readable by third-party packages or contain specific assets), you can add them to the exclude array:
'exclude' => [ // Do not remove 'bootstrap' or 'storage' — Laravel requires these to remain as physical, unencrypted files. 'bootstrap', 'storage', // Add your own custom directories or files to exclude here: 'app/Http/Controllers/Public', ],
Any files inside these excluded paths will be copied over to the dist directory exactly as they are, without being encrypted.
Running the Encrypted Application
cd dist
php artisan serve
Laravel automatically loads encrypted classes through the runtime loader.
How It Works
- PHP files are compressed and encrypted using AES-256-CBC
- Encrypted code is bundled into
bootstrap/cache/source.enc - During runtime: Autoload request → EncryptedAutoloader → SourceLoader decrypts → PHP executes
- Decrypted source never persists on disk
Frontend Support
The build system automatically detects frontend environments:
| Environment | Behavior |
|---|---|
| API-only Laravel | Skips frontend build |
| Laravel + Blade | Skips if no build script |
| Vue Starter Kit | Runs npm install + npm run build |
| React Starter Kit | Runs npm install + npm run build |
| Vite Projects | Fully supported |
Requirements
- PHP 7.2.5+
- Laravel 7.x - 13.x
- OpenSSL extension enabled
- Composer
Security Notes
- Keep your
SOURCE_ENCRYPTION_KEYprivate - Never commit
.envto version control - Only distribute the
dist/directory
License
MIT License
Author
Rey Mark Tapar
dev-reymark/laravel-source-encryptor 适用场景与选型建议
dev-reymark/laravel-source-encryptor 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 9 次下载、GitHub Stars 达 1, 最近一次更新时间为 2026 年 03 月 04 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「encryption」 「laravel」 「laravel-package」 「code-protection」 「source-protection」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 dev-reymark/laravel-source-encryptor 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 dev-reymark/laravel-source-encryptor 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 dev-reymark/laravel-source-encryptor 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
A simple PHP class to encrypt a string and decrypt an encrypted string
A Laravel package for converting English numbers into Bangla digits, Bangla words, Bangla month names, and Bangla money format with an easy-to-use API.
A package for automatically encrypting and decrypting Eloquent attributes in Laravel 5.5+, based on configuration settings.
Encryption with AES-256 and HMAC-SHA256
Laravel table comments loader (part of Diplodocker project)
Allows installation of Laravel where the PHP Mcrypt extension is not available. Provides encryption using OpenSSL, or by disabling encryption entierly.
统计信息
- 总下载量: 9
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 1
- 点击次数: 30
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2026-03-04