README

Laravel Autopsy is an audit tool that scans your Laravel project and shows security risks, code quality issues, architecture gaps, and performance bottlenecks in one clear report.

It is designed for founders, CTOs, project managers, and developers who want to quickly understand technical risk and fix high-impact issues first.

Why This Is Useful for Business

• Reduce security risk before it becomes a costly incident.
• Catch performance and architecture problems early, before scale-related outages.
• Prioritize technical debt with severity and estimated fix time.
• Get developer-friendly output and client-friendly reports (JSON/PDF).
• Use in CI to prevent critical issues from reaching production.

What You Get

• A single command: autopsy:run
• Four analysis modules:
  • Security
  • Code Quality
  • Architecture
  • Performance
• Report formats:
  • Terminal output
  • JSON export
  • PDF report for stakeholders

Installation

Install from Packagist

composer require webopstechnologies/laravel-autopsy

Install from local path (for localhost development)

Add this to your app's composer.json:

"repositories": [
  {
    "type": "path",
    "url": "../laravel-autopsy",
    "options": {
      "symlink": true
    }
  }
]

Then run:

composer require webopstechnologies/laravel-autopsy:*

Quick Start

Run a full audit:

php artisan autopsy:run

Generate PDF report:

php artisan autopsy:run --report

Default PDF location:

storage/app/reports/autopsy-report.pdf

Usage Examples

Run only one module:

php artisan autopsy:run --module=security
php artisan autopsy:run --module=quality
php artisan autopsy:run --module=architecture
php artisan autopsy:run --module=performance

Export machine-readable JSON:

php artisan autopsy:run --format=json --output=storage/app/reports/autopsy-report.json

Generate branded PDF:

php artisan autopsy:run --report --brand="Your Agency Name" --output=storage/app/reports/autopsy-report.pdf

Use in CI (fail build if critical issues exist):

php artisan autopsy:run --ci

Sample Result Screenshot

Add your screenshot file at docs/autopsy-result-sample.png, then this image will render:

What Each Module Checks

Security

• .env exposure and backup files
• Debug mode in production
• Rate limiting on sensitive routes
• Mass assignment risks
• CORS misconfiguration
• Telescope exposure
• Vulnerable dependencies via Composer audit

Code Quality

• Fat controllers
• Missing service layer
• N+1 query patterns
• DB queries inside Blade views
• Inline validation in controllers
• Synchronous operations that should be queued

Architecture

• Directory structure standards
• Route file organization
• Hardcoded secrets/values
• Presence of automated tests
• God model detection

Performance

• Missing DB indexes in migrations
• Risky Model::all() usage
• Session driver recommendations
• Queue driver checks

Real-World Improvement Example

One project scored 38/100 before fixes.
After acting on priority findings, it improved to 91/100.

This creates direct business value:

• Better uptime
• Faster pages
• Lower incident risk
• More predictable delivery

Contact

Built by WebOps Technologies - we rescue and modernize Laravel applications.
Book a free audit ->

License

MIT