Package: wnpp
Severity: wishlist
Owner: Ahmed Gamal <
ahmed.gamal9541@gmail.com>
* Package name : php-laminas-escaper
Version : 2.12.0
Upstream Author : Laminas Project a Series of LF Projects, LLC
* URL :
https://github.com/laminas/laminas-escaper* License : BSD-3-Clause
Programming Lang: PHP
Section : php
Description:
Securely and safely escape HTML, HTML attributes, _javascript_, CSS, and URLs
Laminas\\Escaper provides a secure way to escape output for HTML, HTML attributes,
_javascript_, CSS, and URLs. It is designed to help developers defend against
XSS and related vulnerabilities by introducing contextual escaping based on
peer-reviewed rules.
The package is widely used in PHP applications and frameworks to ensure
that user-supplied data is safely output in various contexts.
Rationale:
This package is required as a dependency for FOSSology, an open source license
compliance system. FOSSology uses PHP-based tools for source code analysis and
license detection, which rely on secure output escaping to prevent XSS and
related vulnerabilities.
The php-laminas-escaper package is essential for:
- Providing a standardized and secure escaping mechanism for FOSSology components
- Ensuring interoperability with other Laminas and PHP libraries
- Supporting best practices for output escaping in PHP applications
- Enabling integration with a wide range of PHP projects
- Promoting maintainable and secure code
Technical Details:
- Requires PHP >= 7.3
- Implements contextual escaping for HTML, attributes, JS, CSS, and URLs
- Uses PSR-4 autoloading
- BSD-3-Clause licensed for maximum compatibility
- Part of the Laminas Project (successor to Zend Framework)
Dependencies:
- php (>= 7.3)
- Build dependencies: phpunit, php-codesniffer
The package will be maintained by Ahmed Gamal <
ahmed.gamal9541@gmail.com> as part
of the FOSSology packaging effort.
--
Ahmed Gamal
FOSSology Debian Packaging Team