Battle Ready Laravel: A guide to auditing, testing, fixing, and improving your Laravel applications

Contents

Introduction

Section 1: Auditing

What's Covered?

Planning Your Auditing Strategy

Getting Into the Right Mindset

Recording Your Findings

Automated Tooling

PHP Insights

Enlightn

Larastan

Style CI

Code Coverage

Manual Auditing

Investigating "raw" Database Queries

Finding Incorrect Authorisation

Checking Validation

Finding "Fake Facades"

Finding Business Logic in Helpers

Finding N+1 Queries

Finding Controllers That Use Other Controllers

Finding Logic and Queries in Blade Views

Finding Hard-Coded Credentials

Check Open Package Routes

Reviewing Project Documentation

Section 2: Testing

What's Covered?

Planning Your Testing Strategy

The Benefits of Writing Tests

Spotting Bugs Early

Making Future Work and Refactoring Easier

Changing the Way You Approach Writing Code

Tests-As-Documentation

Prove That Bugs Exist

Structuring Your Tests

Directory Structure

Choosing What To Test

Test Structure

Data Providers

Writing the Tests

Prioritising Mission-Critical Tests First

Writing the Rest of the Tests

Benefits of Writing the Easy Tests First

Preventing Test Fatigue

Testing Your UI with Laravel Dusk

Installation

Testing a Simple Form

Dusk Pages and Selectors

Running Failed Tests and Groups

Creating a CI Workflow Using GitHub Actions

Using an .env.ci File

Running the Test Suite

Larastan

Laravel Dusk

Output

Section 3: Fixing

What's Covered?

Planning Your Fixing Strategy

Using an Error Reporting System

Types of Errors

The Benefits of an Automated Error Reporting System

Error Reporting Using Flare

Uptime Checking, Queue Monitoring, and Scheduler Monitoring

Uptime Monitoring with Oh Dear

Scheduler Monitoring with Oh Dear

Queue Monitoring with Oh Dear

Updating PHP, Laravel, and Packages

Upgrading in Small Increments

Automating the Upgrade Using Laravel Shift

Planning Upgrades Early

Using a Suitable Local Development Environment

Using Tests to Fix Bugs

What is Test-Driven Development?

The Advantages of Test-Driven Development

The Disadvantages of Test-Driven Development

Fixing a Real Bug Using Test-Driven Development

Safely Removing Dead Code

Checking the Version Control History

Scream Test

Logging or Reporting the Usage

Removing the Code with an Atomic Commit

Section 4: Improving

What's Covered?

Planning Your Improvement Strategy

Making the Most of PHP's Type System

Using Type Hints and Return Types

Union Types

Type Hints and Return Types in Closures

DRYing Up Your Code

Advantages of DRYing Up Your Code

When to DRY Up Your Code

Refactoring Conditions

Reducing Indented Code

Replacing if and elseif with match

Using the Nullsafe Operator

Using Database Transactions

Adding the Database Transactions

Manually Using Database Transactions

Tips for Interacting with Third-Party Services

Using Automatic or Manual Transactions

Dispatching Queued Jobs inside Database Transactions

Improving the Testability of Your Code

Using Objects Over Arrays

Final Words

Discount Codes

Flare

Oh Dear

StyleCI

Laravel Security In Depth

Battle Ready Laravel is the guide I wished I had when I first became a developer. It offers junior developers and seasoned pros alike with a complete blueprint for improving their Laravel applications.

You’ll learn how to more easily identify and fix bugs that are worrying you and reduce the chance of future code containing bugs or errors. I’ll also show you ways of improving your code to make it more testable, maintainable and readable.

By the end of the book, you’ll become a more competent developer and finally be able to unleash your apps onto the world with more confidence. It’s packed full of actionable strategies you can start using right away to improve your existing Laravel apps - and build better new ones.