Skip to content

Installation

Jump to bottom
Muhammet Şafak edited this page May 25, 2026 · 1 revision

Installation

Requirements

Component Minimum Notes
PHP 7.4 Tested on 7.4, 8.0, 8.1, 8.2, 8.3, 8.4 in CI.
ext-ctype always Used for the digit-only fast path in every context escaper.
ext-mbstring always Required for the encoding-conversion fallback when ext-iconv is not available. Composer enforces it.
ext-iconv optional but preferred If present, used in place of mbstring for iconv()-based conversion. Composer lists it under suggest.

Install via Composer

composer require initphp/escaper

The package is autoloaded under the InitPHP\Escaper\ namespace; nothing else needs to be wired.

Verifying the install

<?php
require __DIR__ . '/vendor/autoload.php';

use InitPHP\Escaper\Esc;

echo Esc::esc('<script>alert(1)</script>');
// &lt;script&gt;alert(1)&lt;/script&gt;

If the script prints &lt;script&gt;alert(1)&lt;/script&gt;, the autoload is wired correctly.

Optional development dependencies

For local testing, static analysis and coding-standard checks, the project's own composer.json declares:

"require-dev": {
    "phpunit/phpunit": "^9.6 || ^10.5 || ^11.5",
    "phpstan/phpstan": "^1.12 || ^2.1",
    "friendsofphp/php-cs-fixer": "^3.65"
}

You only need these if you're contributing to the package itself. The composer.json exposes them via four scripts:

Script What it does
composer test Run the PHPUnit test suite.
composer stan Run PHPStan at the configured (max) level.
composer cs-check Report PHP-CS-Fixer violations without modifying any file.
composer cs-fix Apply PHP-CS-Fixer fixes in place.
composer ci Run cs-check + stan + test back-to-back.

CI matrix

The package's GitHub Actions workflow runs on every push and pull request and executes:

  • composer validate --strict (one job).
  • PHP-CS-Fixer (one job).
  • PHPStan at level: max (one job).
  • PHPUnit across PHP 7.4 → 8.4, with an extra --prefer-lowest variant on the lowest and highest PHP in the matrix.
  • A coverage job that uploads to Codecov.

The workflow file lives at .github/workflows/ci.yml.

Next step

Read Quick Start for a 5-minute tour, or jump straight to the context page that matches your task — HTML body, HTML attribute, JavaScript, CSS, URL.

Home

Getting Started

Entry Points

Output Contexts

Reference

Production

Migration & Help

Clone this wiki locally