From eb8955b220049c4e0842889083d1c1e83b94c368 Mon Sep 17 00:00:00 2001
From: Jakub Onderka <jakub.onderka@gmail.com>
Date: Fri, 19 Nov 2021 21:57:25 +0100
Subject: [PATCH] new: [securityAudit] Check if xdebug is enabled

---
 app/Lib/Tools/SecurityAudit.php | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/app/Lib/Tools/SecurityAudit.php b/app/Lib/Tools/SecurityAudit.php
index 34a3436dc..e2c1e669b 100644
--- a/app/Lib/Tools/SecurityAudit.php
+++ b/app/Lib/Tools/SecurityAudit.php
@@ -226,6 +226,14 @@ class SecurityAudit
                 'https://www.php.net/supported-versions.php'
             ];
         }
+
+        if (extension_loaded('xdebug')) {
+            $output['PHP'][] = [
+                'error',
+                __('The xdebug extension can reveal code and data to an attacker.'),
+            ];
+        }
+
         if (ini_get('session.use_strict_mode') != 1) {
             $output['PHP'][] = [
                 'warning',