Download the PHP package kabachello/codiware without Composer
On this page you can find all versions of the php package kabachello/codiware. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download kabachello/codiware
More information about kabachello/codiware
Files in kabachello/codiware
Package codiware
Short Description Codiware Editor - PHP cloud IDE delivered as a single PSR-15 middleware.
License MIT
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package codiware
Codiware
A self-contained, embeddable web IDE delivered as a single PSR-15 middleware plus a dependency-free SPA. Codiware is designed to be mounted under an arbitrary base path inside any PHP host application (e.g. the ExFace workbench) and operate on a configurable set of workspace folders.
Features
- File tree, multi-tab editor, save / rename / delete / upload / download
- Pluggable editor registry (textarea fallback included; Monaco, CodeMirror, Toast UI, etc. can be plugged in via npm-asset packages or custom JS)
- Git source-control panel (status, stage / unstage / discard, commit, amend,
push, branches, history) over the local
gitCLI - Workspace-wide search and search-and-replace with regex / case options
- In-IDE console with a deny-by-default allowlist + operator-curated presets
- Light/dark themes via CSS custom properties; per-locale translations
- All paths protected by a single
PathGuardthat rejects traversal, symlink escape, and matches configurable deny patterns (.env,*.key, …)
Requirements
- PHP 8.2+
- Composer
- Optional: a local
gitbinary for the source-control panel
Install
The package depends on npm-asset/* packages for optional front-end editors.
The composer.json already enables Asset Packagist
so npm-asset/monaco-editor and friends can be installed alongside PHP
packages.
Mount in a host
CodiwareMiddleware implements Psr\Http\Server\MiddlewareInterface. Any
request whose URI path is not under the configured base path is delegated
unchanged to the next handler.
Workspace URL
GET {basePath}/repo/{workspacePath...} returns the SPA shell with a boot
payload describing the requested workspace, user, theme, locale, and enabled
extensions. All subsequent API calls go to other {basePath}/... routes.
Configuration
Defaults are shipped in config/defaults.config.json.
At runtime, CodiwareConfig behaves like ExFace config maps:
- keys are normalized to uppercase
- nested objects are flattened to dot keys (
CONSOLE.ENABLED) - arrays and arrays of objects stay as values (
CONSOLE.PRESETS)
See dev-server.config.json.example for a documented sample.
Typical host override patterns:
Key options:
| Key | Purpose |
|---|---|
URL_TO_API |
URL prefix the middleware listens on (default /codiware). |
BASE_FOLDER |
Folder whose direct children are valid workspace aliases. |
ALLOWED_ROOTS |
Explicit [{alias, path, label}] list overriding BASE_FOLDER. |
DENY_PATTERNS |
fnmatch patterns rejected by PathGuard. |
MAX_UPLOAD_BYTES |
Per-file upload limit. |
GIT.BINARY |
Path to the git executable. |
CONSOLE.ALLOW_PATTERNS |
Regex allowlist for raw console commands. |
CONSOLE.PRESETS |
[{label, command}] shortcuts always allowed. |
THEME.DEFAULT |
light or dark. |
TRANSLATIONS.DEFAULT_LOCALE |
Initial UI locale. |
EXTENSIONS.ENABLED |
Identifiers of front-end extensions to load. |
Development server
Open http://localhost:8080/codiware/repo/{workspace-alias}.
Extending the editor
The SPA exposes a small global API on window.Codiware:
Each editor implements load(content, meta), getContent(), isDirty(),
markClean(), destroy(), and an optional on('change'|'save-request', fn).
Adding a richer editor library (Monaco, CodeMirror 6, Toast UI):
composer require npm-asset/monaco-editor(or similar)- Drop a small JS module under
public/js/extensions/that imports the library from/{basePath}/assets/monaco-editor/...and callswindow.Codiware.registerEditor(...). - Add the extension id to
EXTENSIONS.ENABLEDin the config — the SPA boot payload exposes the list so your extension knows it is enabled.
Security model
- All filesystem paths flow through
kabachello\Codiware\Workspace\PathGuard, which resolves them viarealpath, rejects..traversal and any path that ends up outside the workspace root, and matches the configured deny patterns against both the relative path and the basename. - Uploaded ZIP archives are fully validated entry-by-entry (rejects absolute
paths,
../, and runs every resolved destination throughPathGuard) to prevent zip-slip. - Console commands are deny-by-default. A command runs only if it matches a
preset label or a configured regex in
CONSOLE.ALLOW_PATTERNS. - The middleware never trusts the host with raw paths: workspace selection
always goes through
WorkspaceResolverwhich validates againstALLOWED_ROOTS/BASE_FOLDERfirst.
License
MIT. See LICENSE.
All versions of codiware with dependencies
psr/http-message Version ^1.1 || ^2.0
psr/http-server-middleware Version ^1.0
psr/http-server-handler Version ^1.0
psr/http-factory Version ^1.0
psr/log Version ^1.1 || ^2.0 || ^3.0
symfony/process Version ^5.4 || ^6.4 || ^7.0
npm-asset/font-awesome Version 4.7
npm-asset/toast-ui--editor Version ^3.1
npm-asset/xterm--xterm Version ^6
guzzlehttp/psr7 Version ^2.0