Search by 
anthonykusuma / laravel-devtools
Secure internal developer tools dashboard for Laravel applications.
Maintainers
v0.1.1
2026-04-09 13:50 UTC
Requires
- php: ^8.2
- illuminate/auth: ^11.0 || ^12.0 || ^13.0
- illuminate/console: ^11.0 || ^12.0 || ^13.0
- illuminate/contracts: ^11.0 || ^12.0 || ^13.0
- illuminate/database: ^11.0 || ^12.0 || ^13.0
- illuminate/filesystem: ^11.0 || ^12.0 || ^13.0
- illuminate/http: ^11.0 || ^12.0 || ^13.0
- illuminate/routing: ^11.0 || ^12.0 || ^13.0
- illuminate/support: ^11.0 || ^12.0 || ^13.0
- illuminate/view: ^11.0 || ^12.0 || ^13.0
- spatie/laravel-backup: ^10.0
Requires (Dev)
- laravel/pint: ^1.20
- orchestra/testbench: ^9.0 || ^10.0 || ^11.0
- pestphp/pest: ^4.0
README
Laravel Devtools is a reusable Laravel package that exposes a protected, URL-based internal operations dashboard. It provides safe, audited access to approved operational actions without giving arbitrary shell or infrastructure access.
Features (V1)
- Dashboard overview (
/devtoolsby default) - Safe command execution from a strict whitelist
- Backup integration powered by
spatie/laravel-backup(included as a package dependency) - Read-only recent log viewing with simple filtering and secret redaction
- Audit log for privileged actions
- Optional Nightwatch deep-link support
Installation
- Require the package in your host Laravel app:
composer require anthonykusuma/laravel-devtools
- Publish config and migrations:
php artisan vendor:publish --provider="AnthonyKusuma\\LaravelDevtools\\DevtoolsServiceProvider" --tag=devtools-config php artisan vendor:publish --provider="AnthonyKusuma\\LaravelDevtools\\DevtoolsServiceProvider" --tag=devtools-migrations
- Run migrations:
php artisan migrate
- Define gates in your host app (for example in
AuthServiceProvider):
Gate::define('viewDevtools', fn ($user) => $user->is_admin); Gate::define('runDevtoolsCommands', fn ($user) => $user->is_admin); Gate::define('triggerDevtoolsBackups', fn ($user) => $user->is_admin); Gate::define('viewDevtoolsLogs', fn ($user) => $user->is_admin); Gate::define('viewDevtoolsAudit', fn ($user) => $user->is_admin);
Configuration
Published config: config/devtools.php
Important keys:
enabled: global package togglepath: route prefix (devtoolsby default)middleware: route middleware stackgate: base access gatefeatures: per-feature togglescommands: allowed Artisan commandslogs: log reader driver/path/max linesnightwatch: optional Nightwatch link settings
Assets
The package ships with Blade views and package-scoped CSS/JS under resources/.
Asset development uses Vite + Tailwind:
npm install npm run build
You can publish package assets with:
php artisan vendor:publish --provider="AnthonyKusuma\\LaravelDevtools\\DevtoolsServiceProvider" --tag=devtools-assets
Security Notes
- Arbitrary command input is not supported.
- Only commands listed in config are executable.
- Privileged actions are audited.
- Log viewer is read-only and bounded.
- Optional integrations fail closed with explicit unavailable states.
Testing
Run package tests:
composer test
Development Roadmap
- Queue support for long-running command/backup actions
- Richer backup status insights when Spatie backup metadata is available
- More advanced log filtering and pagination
- Additional health widgets on dashboard
Public Publishing
For Packagist release steps, see docs/public-release.md.