/vendor/psy/psysh/src/Psy/Shell.php
Not malware (unless your connection was compromised). You can verify this yourself by reading the source code.
/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
That other file has absolutely nothing to do with Psy/Shell.php. In fact, you probably shouldn't even have that file on your production server. Install your dependencies using --no-dev
.
I also received a similar email from GoDaddy flagging the following files as malware.
public_html/app/vendor/psy/psysh/src/Psy/ExecutionLoop/ForkingLoop.php
public_html/app/vendor/psy/psysh/src/Psy/ExecutionLoop/Loop.php
It is the same package of Psy. Does anyone know how to resolve this?
I believe its sucuri (the protection go daddy uses) I just got this email:
Warning: File possibly compromised: ./application/vendor/psy/psysh/src/Psy/ExecutionLoop/ForkingLoop.php (php.backdoor.psyshell.001). Manual review recommended. Warning: File possibly compromised: ./application/vendor/psy/psysh/src/Psy/ExecutionLoop/Loop.php (php.backdoor.psyshell.001). Manual review recommended.
Sign in to participate in this thread!
The Laravel portal for problem solving, knowledge sharing and community building.
The community