Download the PHP package ginkelsoft/laravel-compliance-core without Composer

On this page you can find all versions of the php package ginkelsoft/laravel-compliance-core. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package laravel-compliance-core

Ginkelsoft Laravel Compliance Core

Tests Laravel PHP

Overview

Shared foundation for the GinkelSoft GDPR / AVG compliance family. This package contains zero AVG controls of its own — it only provides the primitives that every member of the family relies on:

The family

Package GDPR Article(s) Role
laravel-compliance-core art. 5(2) (accountability) Shared primitives — this package
laravel-data-retention art. 5(1)(e) Storage limitation / time-based sweeps
laravel-data-right-to-be-forgotten art. 17 Subject-driven erasure
laravel-data-subject-access art. 15 + 20 Read-only subject export (inzageverzoek)
laravel-data-consent art. 6(1)(a) + 7 Consent registry
laravel-data-breach-registry art. 33 + 34 Personal-data breach register, 72-hour deadlines
laravel-compliance-hub art. 5(2) Umbrella: installs the whole family, verifies every chain

Install just the hub to get everything.

Installation

You do not normally install this package directly — install one of the family members, or the hub, and Composer pulls it in.

For development / direct use:

Then add a secret to .env:

Existing installations of ginkelsoft/laravel-data-retention v1.x can keep their DATA_RETENTION_LOG_SECRET — the LogSecret helper reads it as a fallback so existing hash chains keep verifying after the upgrade.

Hash algorithm contract

The hash algorithms in this package are frozen. Changing them would break every already-written audit log on every production database that uses the family. They are version-locked, not implementation details.

Chained log entry hash:

Subject hash:

Hash-strategy output (per field, anonymize-time):

A regression test (tests/Unit/HashChainRegressionTest.php) pins three end-to-end fixture hashes plus two subject hashes from the v1.x monolithic laravel-data-retention package. If any of those fail, an upgrade would break existing production chains and the change must be treated as a major version bump with a documented chain rotation procedure.

Security model

Threat Mitigation
Retroactive edit of a log row Every row's hash depends on the previous row's hash + the shared secret. Editing a row invalidates every later row, in every chain.
Forged row inserted by an attacker without log_secret The forged row cannot produce a hash that chains with both its neighbors.
Leaking subject identifier from a log SubjectHash is one-way and secret-mixed; the original identifier never appears in the forget / access logs (consent_log is the documented exception).
Secret stored next to the data it protects log_secret lives in .env, not the database — read access to the DB does not let the attacker forge a chain.

Compliance notes

This package is not legal advice. Retention periods, consent texts, severity assessments and DPIA judgements are the responsibility of your DPO.

Testing

See also

Reporting bugs

Found a bug or unexpected behaviour? We want to hear about it.

Preferred — open a GitHub issue: https://github.com/ginkelsoft-development/laravel-compliance-core/issues/new

When opening an issue, please include:

  1. Versions — PHP, Laravel, and the package version (composer show ginkelsoft/laravel-compliance-core).
  2. What you did — the artisan command, code snippet, or steps that triggered the bug.
  3. What you expected vs what actually happened — include full error output or a stack trace if there is one.
  4. A minimal reproduction if you can — a failing test or a small code sample beats a long description.

Security-sensitive findings (anything that could expose personal data, break a hash-chain, or bypass an audit log) — please do not open a public issue. E-mail [email protected] directly with "SECURITY" in the subject line and we will respond privately.

Not on GitHub? You can also e-mail [email protected] with the same information.

Contact

For commercial support, integration questions, or anything that doesn't fit a GitHub issue: [email protected]https://ginkelsoft.com.

License

MIT License — see LICENSE. (c) 2026 Ginkelsoft


All versions of laravel-compliance-core with dependencies

PHP Build Version
Package Version
Requires php Version ^8.2
illuminate/support Version ^10.0 || ^11.0 || ^12.0 || ^13.0
illuminate/database Version ^10.0 || ^11.0 || ^12.0 || ^13.0
illuminate/console Version ^10.0 || ^11.0 || ^12.0 || ^13.0
nesbot/carbon Version ^2.62 || ^3.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package ginkelsoft/laravel-compliance-core contains the following files

Loading the files please wait ...