laravel-verification
Verification loop for Laravel projects: env checks, linting, static analysis, tests with coverage, security scans, and deployment readiness.
About this skill
The `laravel-verification` skill provides a robust, multi-stage verification loop designed to ensure the quality, stability, and production readiness of Laravel projects. It systematically guides an AI agent through a series of crucial checks, starting with fundamental environment and Composer dependencies, progressing through code quality with linting and static analysis, validating functionality with comprehensive test coverage, identifying potential security vulnerabilities, and finally assessing deployment readiness. This skill is an invaluable tool for maintaining high standards in Laravel development, helping to catch issues early in the development lifecycle and ensuring smooth, secure deployments.
Best use case
To ensure the highest quality, stability, and security of a Laravel project before critical stages like pull requests, major refactorings, or deployments to production environments.
Verification loop for Laravel projects: env checks, linting, static analysis, tests with coverage, security scans, and deployment readiness.
The AI agent will provide a comprehensive report detailing the status of the Laravel project across all verification stages. This includes confirmation of successful checks (e.g., 'All tests passed with 95% coverage', 'No linting errors found', 'Security scan clean') or a clear enumeration of identified issues (e.g., 'Static analysis detected potential bugs in X files', 'Security scan found Y critical vulnerabilities', 'Deployment readiness checks failed due to Z'). The agent should also offer actionable recommendations for resolving any identified problems.
Practical example
Example input
Please run a full verification loop on the Laravel project located at `./my-laravel-app` to ensure it's ready for deployment.
Example output
Running Laravel Verification Loop for project at `./my-laravel-app`... **Phase 1: Environment & Composer Checks** ✅ Environment variables are correctly configured. ✅ All Composer dependencies are installed and up-to-date. **Phase 2: Code Quality & Style** ✅ Linting completed successfully. No style violations found. ✅ Static analysis passed. No major issues detected. **Phase 3: Testing & Coverage** ✅ All unit and feature tests passed (120 tests, 0 failures). ✅ Code coverage is 92%. **Phase 4: Security Scan** ✅ Security analysis completed. No critical or high-severity vulnerabilities found. **Phase 5: Deployment Readiness** ✅ Deployment readiness checks passed. Database migrations are up-to-date and assets are compiled. **Conclusion:** The Laravel project is verified and appears ready for deployment.
When to use this skill
- Before opening a pull request to merge changes into a main branch.
- After performing significant refactorings or upgrading core dependencies (e.g., Laravel version, PHP version, Composer packages).
- As a crucial pre-deployment gate for staging or production environments.
- Whenever a full, end-to-end quality and readiness pipeline is required for a Laravel application.
When not to use this skill
- For very minor, localized code changes that are known not to affect the overall project health or introduce regressions, where a full verification might be overkill.
- During rapid prototyping or initial development phases where speed of iteration is temporarily prioritized over exhaustive checks (though still recommended before any production-bound code).
- If the project is not a Laravel application or does not use PHP.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/laravel-verification/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How laravel-verification Compares
| Feature / Agent | laravel-verification | Standard Approach |
|---|---|---|
| Platform Support | Claude | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | medium | N/A |
Frequently Asked Questions
What does this skill do?
Verification loop for Laravel projects: env checks, linting, static analysis, tests with coverage, security scans, and deployment readiness.
Which AI agents support this skill?
This skill is designed for Claude.
How difficult is it to install?
The installation complexity is rated as medium. You can find the installation instructions above.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
AI Agents for Coding
Browse AI agent skills for coding, debugging, testing, refactoring, code review, and developer workflows across Claude, Cursor, and Codex.
Best AI Skills for Claude
Explore the best AI skills for Claude and Claude Code across coding, research, workflow automation, documentation, and agent operations.
AI Agent for Product Research
Browse AI agent skills for product research, competitive analysis, customer discovery, and structured product decision support.
SKILL.md Source
# Laravel Doğrulama Döngüsü
PR'lardan önce, büyük değişikliklerden sonra ve deployment öncesi çalıştırın.
## Ne Zaman Kullanılır
- Laravel projesi için pull request açmadan önce
- Büyük refactoring'ler veya bağımlılık yükseltmelerinden sonra
- Staging veya production için deployment öncesi doğrulama
- Tam lint -> test -> güvenlik -> deployment hazırlık pipeline'ı çalıştırma
## Nasıl Çalışır
- Her katmanın bir öncekinin üzerine inşa edilmesi için fazları sırayla ortam kontrollerinden deployment hazırlığına kadar çalıştırın.
- Ortam ve Composer kontrolleri her şeyi kapsar; başarısız olurlarsa hemen durun.
- Tam testleri ve kapsamı çalıştırmadan önce linting/static analiz temiz olmalıdır.
- Güvenlik ve migration incelemeleri testlerden sonra olur, böylece veri veya yayın adımlarından önce davranışı doğrularsınız.
- Build/deployment hazırlığı ve kuyruk/zamanlayıcı kontrolleri son kapılardır; herhangi bir başarısızlık yayını engeller.
## Faz 1: Ortam Kontrolleri
```bash
php -v
composer --version
php artisan --version
```
- `.env`'nin mevcut olduğunu ve gerekli anahtarların var olduğunu doğrulayın
- Production ortamları için `APP_DEBUG=false` onaylayın
- `APP_ENV`'in hedef deployment'la eşleştiğini onaylayın (`production`, `staging`)
Yerel olarak Laravel Sail kullanıyorsanız:
```bash
./vendor/bin/sail php -v
./vendor/bin/sail artisan --version
```
## Faz 1.5: Composer ve Autoload
```bash
composer validate
composer dump-autoload -o
```
## Faz 2: Linting ve Static Analiz
```bash
vendor/bin/pint --test
vendor/bin/phpstan analyse
```
Projeniz PHPStan yerine Psalm kullanıyorsa:
```bash
vendor/bin/psalm
```
## Faz 3: Testler ve Kapsam
```bash
php artisan test
```
Kapsam (CI):
```bash
XDEBUG_MODE=coverage php artisan test --coverage
```
CI örneği (format -> static analiz -> testler):
```bash
vendor/bin/pint --test
vendor/bin/phpstan analyse
XDEBUG_MODE=coverage php artisan test --coverage
```
## Faz 4: Güvenlik ve Bağımlılık Kontrolleri
```bash
composer audit
```
## Faz 5: Database ve Migration'lar
```bash
php artisan migrate --pretend
php artisan migrate:status
```
- Yıkıcı migration'ları dikkatle inceleyin
- Migration dosya isimlerinin `Y_m_d_His_*` formatını takip ettiğinden emin olun (örn. `2025_03_14_154210_create_orders_table.php`) ve değişikliği net bir şekilde açıklasın
- Rollback'lerin mümkün olduğundan emin olun
- `down()` metotlarını doğrulayın ve açık yedeklemeler olmadan geri alınamaz veri kaybından kaçının
## Faz 6: Build ve Deployment Hazırlığı
```bash
php artisan optimize:clear
php artisan config:cache
php artisan route:cache
php artisan view:cache
```
- Cache warmup'larının production yapılandırmasında başarılı olduğundan emin olun
- Kuyruk worker'larının ve zamanlayıcının yapılandırıldığını doğrulayın
- Hedef ortamda `storage/` ve `bootstrap/cache/`'in yazılabilir olduğunu onaylayın
## Faz 7: Kuyruk ve Zamanlayıcı Kontrolleri
```bash
php artisan schedule:list
php artisan queue:failed
```
Horizon kullanılıyorsa:
```bash
php artisan horizon:status
```
`queue:monitor` mevcutsa, job'ları işlemeden biriktirmeyi kontrol etmek için kullanın:
```bash
php artisan queue:monitor default --max=100
```
Aktif doğrulama (sadece staging): özel bir kuyruğa no-op job dispatch edin ve işlemek için tek bir worker çalıştırın (non-`sync` kuyruk bağlantısının yapılandırıldığından emin olun).
```bash
php artisan tinker --execute="dispatch((new App\\Jobs\\QueueHealthcheck())->onQueue('healthcheck'))"
php artisan queue:work --once --queue=healthcheck
```
Job'un beklenen yan etkiyi ürettiğini doğrulayın (log girişi, healthcheck tablo satırı veya metrik).
Bunu sadece test job'u işlemenin güvenli olduğu non-production ortamlarında çalıştırın.
## Örnekler
Minimal akış:
```bash
php -v
composer --version
php artisan --version
composer validate
vendor/bin/pint --test
vendor/bin/phpstan analyse
php artisan test
composer audit
php artisan migrate --pretend
php artisan config:cache
php artisan queue:failed
```
CI tarzı pipeline:
```bash
composer validate
composer dump-autoload -o
vendor/bin/pint --test
vendor/bin/phpstan analyse
XDEBUG_MODE=coverage php artisan test --coverage
composer audit
php artisan migrate --pretend
php artisan optimize:clear
php artisan config:cache
php artisan route:cache
php artisan view:cache
php artisan schedule:list
```Related Skills
laravel-plugin-discovery
Discover and evaluate Laravel packages via LaraPlugins.io MCP. Use when the user wants to find plugins, check package health, or assess Laravel/PHP compatibility.
laravel-tdd
Test-driven development for Laravel with PHPUnit and Pest, factories, database testing, fakes, and coverage targets.
laravel-security
Laravel security best practices for authn/authz, validation, CSRF, mass assignment, file uploads, secrets, rate limiting, and secure deployment.
laravel-patterns
Laravel architecture patterns, routing/controllers, Eloquent ORM, service layers, queues, events, caching, and API resources for production apps.
springboot-verification
Verification loop for Spring Boot projects: build, static analysis, tests with coverage, security scans, and diff review before release or PR.
django-verification
Verification loop for Django projects: migrations, linting, tests with coverage, security scans, and deployment readiness checks before release or PR.
workspace-surface-audit
Audit the active repo, MCP servers, plugins, connectors, env surfaces, and harness setup, then recommend the highest-value ECC-native skills, hooks, agents, and operator workflows. Use when the user wants help setting up Claude Code or understanding what capabilities are actually available in their environment.
safety-guard
Use this skill to prevent destructive operations when working on production systems or running agents autonomously.
repo-scan
Cross-stack source code asset audit — classifies every file, detects embedded third-party libraries, and delivers actionable four-level verdicts per module with interactive HTML reports.
project-flow-ops
Operate execution flow across GitHub and Linear by triaging issues and pull requests, linking active work, and keeping GitHub public-facing while Linear remains the internal execution layer. Use when the user wants backlog control, PR triage, or GitHub-to-Linear coordination.
manim-video
Build reusable Manim explainers for technical concepts, graphs, system diagrams, and product walkthroughs, then hand off to the wider ECC video stack if needed. Use when the user wants a clean animated explainer rather than a generic talking-head script.
design-system
Use this skill to generate or audit design systems, check visual consistency, and review PRs that touch styling.