README

Laravel Ward UI provides a seamless, stunning interface for reviewing the security vulnerabilities detected by the standalone ward CLI scanner. It integrates directly into your Laravel application, allowing you to browse, search, and filter findings with an interactive dashboard similar to Horizon or Telescope.

Installation

Note: This package requires Laravel 10.x, 11.x, or 12.x and PHP 8.2+.

1. Install the package via Composer:

composer require filipefernandes/laravel-ward-ui

1. Publish the configuration file and assets:

php artisan vendor:publish --tag=ward-config

Configuration

After publishing its assets, the primary configuration file will be located at config/ward.php. This file allows you to define the route path, domain, dashboard middleware, and the absolute path to where your ward-report.json file is normally generated.

By default, the dashboard is accessible at the /ward route.

Usage

1. Run the official Go-based ward scanner in your project root to generate the JSON report:

ward scan --format json --output ward-report.json

1. Open your browser and navigate to /ward on your local Laravel development server:

http://localhost:8000/ward

You will see a beautiful dashboard visualizing your total findings, severity metrics, and detailed remediation steps for each vulnerability found!

Dashboard Authorization

The Ward UI exposes a dashboard at /ward. By default, you will only be able to access this dashboard if your application environment is set to local. However, you can configure custom access rules via Laravel Gates.

Within your App\Providers\AppServiceProvider or App\Providers\AuthServiceProvider, you may define a viewWard Gate. This authorization gate controls access to the Ward UI in non-local environments. You are free to modify this gate as needed to restrict access to your dashboard:

use Illuminate\Support\Facades\Gate;

/**
 * Bootstrap any application services.
 *
 * @return void
 */
public function boot()
{
    Gate::define('viewWard', function ($user = null) {
        return in_array($user?->email, [
            'admin@example.com',
        ]);
    });
}

Security Vulnerabilities

If you discover a security vulnerability within Laravel Ward UI, please open an issue on the repository or submit a pull request.

License

Laravel Ward UI is open-sourced software licensed under the MIT license.