🚀 Query Optimizations

How often do we come across a piece of code with a hidden performance bottleneck? We're not perfect, we're humans after all. Enlightn can scan your code and detect these bottlenecks (much like the one shown here), without ever having to execute the code!

💪 Performance Tuning

Performance optimizations in code are easier to focus on rather than fine-tuning server configurations. Picture this: minification optimizes about 20% file size, whereas compression headers can save 80%! Enlightn doesn't only look at your code. It also suggests performance tuning configurations!

🔭 N+1 Query Detection

Static analysis has some limitations. While it is possible to detect optimization opportunities such as aggregation calls on collections instead of the query builder, things like N+1 query detection and detecting memory leaks is either very difficult or impossible using static analysis. Fear not, Enlightn isn't just a static analysis tool. It scans your Telescope records to detect N+1 queries, duplicate queries, slow or memory intensive routes and more!

🤷 Bloat Detection

Laravel has almost everything built-in. But sometimes, it makes us lazy. Have you ever fallen into the trap of just using the Laravel skeleton code rather than cleaning it up for your specific application? Take the example shown here. We might not be using CORS or behind proxies. Enlightn detects this and tells you which middleware are unused and safe to remove.

🕵️ Vulnerability Scanning

Enlightn has an in-built dependency vulnerability scanner. It scans your package dependencies for known vulnerabilities (both on the frontend and backend) and flags any packages that may need critical security updates or fixes. For instance, Laravel recently released a security fix. Here, Enlightn detects that I need to update my Laravel Framework dependency to receive the security update and stay secure.

☢️ SQL Injection

Enlightn can detect a wide variety of SQL injection vulnerabilities including raw SQL injection, native injection, column name SQL injection and validation rule SQL injection. Consider this code. Even though it looks like a normal validation, it is vulnerable to SQL injection attacks. Don't worry, your friendly neighbourhood consultant is here to help your app stay secure!

🃏 Mass Assignment

Laravel's ORM Eloquent has in-built protection against mass assignment but it also has the flexibility to circumvent the protection for specific use cases. Sometimes, these features can leave security holes in your application when misused. Enlightn can of course detect these holes for you!

📁 Directory Traversal

If your application allows users to download files, you need to be very careful about directory traversal attacks. It's actually very difficult for a framework to provide protection out-of-the-box for these kinds of attacks. Don't worry, Enlightn can alert you instantly if any vulnerabilities like the one in the displayed code block exist in your application!

🧐 Code Reliability

Many edge cases don't really popup in testing and are only discovered when reported by customers. Check out the code shown here. When a customer uploads two files at once in your form, this code would error out. Enlightn detects such edge cases and reports them to you before they happen.

⚙ Detecting Misconfigurations

Sometimes, misconfigurations can lead to errors that go un-noticed. For instance, say your app sets a queue retry-after value that is below your queue timeout value. This can cause your jobs to be processed twice or the worker to crash, and these issues are very hard to detect. But Enlightn has some Yoda abilities!

👻 Dead Routes & Dead Code

Maintaining code over time can cause issues such as dead routes or dead code. Dead routes are routes directed to controllers or methods that don't exist (may have been deleted). Dead code is unreachable code. All of these "ghosts" make your application difficult to read. Enlightn helps you clean up all that mess!

🛑 Detection of Bad Practices

Sometimes we end up copy pasting some code from a blog or a website that of course works for our application but is a bad practice that can hurt us later on. Consider the code here. When you're using a robust framework like Laravel, you shouldn't really be using native functions to create cookies. Why? Because then your cookies won't be encrypted and your cookie security attributes won't be applied. Enlightn has superhuman powers to flag these for you!