How a Five Line Architecture Test Caught a Data Leak a Code Review Missed

TL;DR: Pest PHP can test the structure of your code, not just its behavior. Write your team rules as architecture tests and CI enforces them on every commit. One such test caught a multi-tenant data leak that a human review had missed.

We had a rule. Every model holding tenant-specific data must use our BelongsToTenant trait. That trait adds the global scope that keeps one clinic from seeing another clinic's data.

The rule was in onboarding. It was in the code review checklist. Everyone knew it.

A developer joined the team. Three weeks in they added a new model and forgot the trait. The reviewer was focused on the business logic, which was genuinely well written, and did not notice the missing trait. The model shipped.

For two days one clinic could see fragments of another clinic's data in one specific report. A support ticket caught it. Our tests did not.