{
"event": "PostToolUse",
"raw_data": {
"session_id": "18ef5bf3-e872-4052-897e-53d6dc45b0b9",
"transcript_path": "\/root\/.claude\/projects\/-var-www\/18ef5bf3-e872-4052-897e-53d6dc45b0b9.jsonl",
"cwd": "\/var\/www\/dev.campus.systemische-tools.de",
"permission_mode": "plan",
"hook_event_name": "PostToolUse",
"tool_name": "Read",
"tool_input": {
"file_path": "\/opt\/scripts\/php-check.sh"
},
"tool_response": {
"type": "text",
"file": {
"filePath": "\/opt\/scripts\/php-check.sh",
"content": "#!\/bin\/bash\n# PHP Quality & Security Check Script\n# Usage: php-check.sh [project-path] [--fix]\n\nset -e\n\nTOOLS_DIR=\"\/opt\/php-tools\"\nPROJECT_DIR=\"${1:-\/var\/www\/dev.campus.systemische-tools.de}\"\nFIX_MODE=\"${2:-}\"\nSEMGREP=\"\/root\/.local\/bin\/semgrep\"\n\nRED='\\033[0;31m'\nGREEN='\\033[0;32m'\nYELLOW='\\033[1;33m'\nNC='\\033[0m'\n\necho \"=== PHP Quality & Security Check: $(date) ===\"\necho \"Project: $PROJECT_DIR\"\necho \"\"\n\ncd \"$PROJECT_DIR\"\n\nPHPSTAN_OK=1\nFIXER_OK=1\nSECURITY_OK=1\nSEMGREP_OK=1\nDI_OK=1\n\n# [1\/5] PHPStan (mit Strict Rules)\necho -e \"${YELLOW}[1\/5] PHPStan - Static Analysis + Strict Rules${NC}\"\nPATHS_TO_CHECK=\"\"\n[ -d \"$PROJECT_DIR\/src\" ] && PATHS_TO_CHECK=\"$PATHS_TO_CHECK src\"\n[ -d \"$PROJECT_DIR\/app\" ] && PATHS_TO_CHECK=\"$PATHS_TO_CHECK app\"\n\nif [ -z \"$PATHS_TO_CHECK\" ]; then\n echo -e \"${YELLOW}⚠ No src\/ or app\/ directory found${NC}\"\nelif \"$TOOLS_DIR\/vendor\/bin\/phpstan\" analyse \\\n --configuration=\"$TOOLS_DIR\/phpstan.neon\" \\\n --memory-limit=512M \\\n --no-progress \\\n $PATHS_TO_CHECK; then\n echo -e \"${GREEN}✓ PHPStan: OK${NC}\"\nelse\n echo -e \"${RED}✗ PHPStan: Errors found${NC}\"\n PHPSTAN_OK=0\nfi\n\necho \"\"\n\n# [2\/5] PHP-CS-Fixer\necho -e \"${YELLOW}[2\/5] PHP-CS-Fixer - Code Style (PSR-12)${NC}\"\nif [ \"$FIX_MODE\" = \"--fix\" ]; then\n \"$TOOLS_DIR\/vendor\/bin\/php-cs-fixer\" fix \\\n --config=\"$TOOLS_DIR\/.php-cs-fixer.php\" \\\n --verbose\n echo -e \"${GREEN}✓ PHP-CS-Fixer: Fixed${NC}\"\nelse\n if \"$TOOLS_DIR\/vendor\/bin\/php-cs-fixer\" check \\\n --config=\"$TOOLS_DIR\/.php-cs-fixer.php\" \\\n --diff; then\n echo -e \"${GREEN}✓ PHP-CS-Fixer: OK${NC}\"\n else\n echo -e \"${RED}✗ PHP-CS-Fixer: Style issues found (run with --fix)${NC}\"\n FIXER_OK=0\n fi\nfi\n\necho \"\"\n\n# [3\/5] Composer Security Audit\necho -e \"${YELLOW}[3\/5] Composer Audit - Dependency Vulnerabilities${NC}\"\nif [ -f \"$PROJECT_DIR\/composer.lock\" ]; then\n if composer audit --working-dir=\"$PROJECT_DIR\" --no-interaction 2>\/dev\/null; then\n echo -e \"${GREEN}✓ Composer Audit: No vulnerabilities${NC}\"\n else\n echo -e \"${RED}✗ Composer Audit: Vulnerabilities found${NC}\"\n SECURITY_OK=0\n fi\nelse\n echo -e \"${YELLOW}⚠ No composer.lock found, skipping${NC}\"\nfi\n\necho \"\"\n\n# [4\/5] Semgrep Security Scan (OWASP)\necho -e \"${YELLOW}[4\/5] Semgrep - OWASP Security Scan${NC}\"\nif [ -n \"$PATHS_TO_CHECK\" ] && [ -x \"$SEMGREP\" ]; then\n SEMGREP_OUTPUT=$(\"$SEMGREP\" scan \\\n --config \"$TOOLS_DIR\/semgrep-security.yml\" \\\n --exclude=\"vendor\" \\\n --exclude=\"storage\" \\\n --exclude=\"cache\" \\\n --quiet \\\n $PATHS_TO_CHECK 2>&1) || true\n\n if echo \"$SEMGREP_OUTPUT\" | grep -q \"severity:\"; then\n echo -e \"${RED}✗ Semgrep: Security vulnerabilities found${NC}\"\n echo \"$SEMGREP_OUTPUT\"\n SEMGREP_OK=0\n else\n echo -e \"${GREEN}✓ Semgrep: No vulnerabilities${NC}\"\n fi\nelse\n if [ ! -x \"$SEMGREP\" ]; then\n echo -e \"${YELLOW}⚠ Semgrep not found, skipping${NC}\"\n else\n echo -e \"${YELLOW}⚠ No src\/ or app\/ directory found${NC}\"\n fi\nfi\n\necho \"\"\n\n# [5\/5] DI Dependency Resolution Check\necho -e \"${YELLOW}[5\/5] DI Check - UseCase Dependencies${NC}\"\nif [ -d \"$PROJECT_DIR\/src\/UseCases\" ]; then\n if \/opt\/scripts\/di-check.sh \"$PROJECT_DIR\" 2>\/dev\/null | tail -5; then\n echo -e \"${GREEN}✓ DI Check: All dependencies resolvable${NC}\"\n else\n echo -e \"${RED}✗ DI Check: Unresolvable dependencies found${NC}\"\n DI_OK=0\n fi\nelse\n echo -e \"${YELLOW}⚠ No UseCases directory found, skipping${NC}\"\nfi\n\necho \"\"\necho \"=== Summary ===\"\n\nALL_OK=1\n[ \"$PHPSTAN_OK\" = \"0\" ] && ALL_OK=0\n[ \"$FIXER_OK\" = \"0\" ] && ALL_OK=0\n[ \"$SECURITY_OK\" = \"0\" ] && ALL_OK=0\n[ \"$SEMGREP_OK\" = \"0\" ] && ALL_OK=0\n[ \"$DI_OK\" = \"0\" ] && ALL_OK=0\n\nif [ \"$ALL_OK\" = \"1\" ]; then\n echo -e \"${GREEN}All checks passed!${NC}\"\n exit 0\nelse\n echo -e \"${RED}Some checks failed${NC}\"\n exit 1\nfi\n",
"numLines": 143,
"startLine": 1,
"totalLines": 143
}
},
"tool_use_id": "toolu_01MP6r5tfnZ6y9EXArU23nQ2"
}
}