Features Code Compliance Performance CLI GitHub
PHP 8.3+ · MIT License · Production Ready

The PHP Framework
for Production APIs

High-performance. Compliance-ready. Zero bloat.
Built for developers who ship real APIs.

Get Started View on GitHub
terminal
$
Creating new Fennectra application...
$
✓ Fennectra running on http://localhost:8080
✓ OpenAPI docs at /docs
✓ Profiler at /debug/profiler
Scroll to explore
Why Fennectra

Built different.
On purpose.

83x

83x Faster

FrankenPHP worker mode. 732 req/s with 100 concurrent users. 44,011 requests in 1 minute. Zero errors.

732 req/s — K6 benchmark

Compliance Built-in

NF525 fiscal, GDPR, SOC 2, ISO 27001 — all baked into the framework. Not bolted on. Not an afterthought.

NF525 GDPR SOC 2 ISO 27001

API-First

No sessions. No cookies. No Blade templates. JWT authentication, OpenAPI docs, webhooks. Just what your API needs.

0 bloat. Pure API.
Features

Everything you need.
Nothing you don't.

ActiveRecord ORM

Eloquent-like models with eager loading, soft deletes, type casting, and N+1 prevention built in.

JWT Auth + RBAC

Access & refresh tokens, role-based access control, password policies, account lockout.

Event System

Sync, Redis Pub/Sub, or database broker. Auto-discovered listeners via PHP 8 attributes.

Queue & Jobs

Async job processing with retry logic, failure handling, and configurable workers.

OpenAPI Auto-Docs

API documentation generated from your code. Scalar UI at /docs. Always up to date.

33+ CLI Commands

Generate CRUD, models, controllers, DTOs, migrations. One command: ./forge make:all

Multi-Tenant

Isolated databases per tenant. Automatic domain/port-based resolution. SaaS-ready.

SSE Broadcasting

Real-time Server-Sent Events via Redis Streams. Push updates to clients instantly.

Code

Clean. Expressive.
Modern PHP.

app/Routes/api.php 
$router->group([
    'prefix'     => '/api',
    'middleware' => [[Auth::class, ['admin']]],
], function ($router) {

    $router->get('/users', [UserController::class, 'list']);
    $router->post('/users', [UserController::class, 'create']);
    $router->put('/users/{id}', [UserController::class, 'update']);
    $router->delete('/users/{id}', [UserController::class, 'delete']);

});
app/Models/Post.php 
#[Table('posts')]
class Post extends Model
{
    protected static bool $softDeletes = true;

    protected static array $casts = [
        'is_published' => 'bool',
        'metadata'     => 'json',
        'published_at' => 'datetime',
    ];

    public function author(): BelongsTo
    {
        return $this->belongsTo(User::class, 'author_id');
    }
}

// Eager loading — 2 queries, not N+1
$posts = Post::with('author')
    ->where('is_published', true)
    ->paginate(10);
app/Listeners/NotifyWarehouse.php 
// Auto-discovered via attribute — zero config
#[Listener(OrderPlaced::class, priority: 10)]
class NotifyWarehouse
{
    public function handle(OrderPlaced $event): void
    {
        Job::dispatch(SendNotification::class, [
            'order_id' => $event->orderId,
        ]);
    }
}

// Dispatching is one line
Event::dispatch(new OrderPlaced(
    orderId: 42,
    total: 199.99
));
app/Models/Invoice.php 
#[Table('invoices'), Nf525(prefix: 'FA')]
class Invoice extends Model
{
    use HasNf525;
}

// Create — auto sequential number + SHA-256 chain
$invoice = new Invoice([
    'client_name' => 'ACME Corp',
    'total_ht'    => 1000.00,
    'tva'         => 200.00,
    'total_ttc'   => 1200.00,
]);
$invoice->save();
// → FA-2026-000001, SHA-256 hash chain established

// Verify integrity of the entire chain
HashChainVerifier::verify(table: 'invoices');
// → ['valid' => true, 'total' => 1500, 'errors' => []]
Compliance

Enterprise-grade.
Out of the box.

No third-party packages. No configuration nightmare. Compliance is part of the framework.

NF525

French Fiscal Compliance

  • Invoice immutability — no modification, no deletion
  • Sequential numbering: FA-2026-000001
  • SHA-256 cryptographic hash chaining
  • Periodic closings with HMAC signature
  • FEC export for tax authorities
./forge nf525:verify ./forge nf525:export --year=2026
GDPR

Data Protection

  • Consent management & tracking
  • DPO dashboard for oversight
  • Data subject rights: access, export, delete
  • Automatic data retention policies
  • Right to erasure with cascade
./forge make:gdpr
SOC 2 / ISO

Security Standards

  • Audit trails with HMAC integrity chain
  • AES-256-GCM encryption at rest
  • Security event logging with masking
  • Password policy (ISO 27001 A.8.5)
  • Account lockout & rate limiting
./forge audit:purge
Performance

Speed is a feature.
Not an afterthought.

Real K6 load tests. 100 concurrent users. Zero errors.

Throughput · 100 concurrent users

Higher is better · JSON health endpoint · K6 benchmark

Fennectra (FrankenPHP)
732 req/s
Laravel (Octane/Swoole)
~300-600 req/s
Symfony (FrankenPHP)
~200-400 req/s
17
ms
Latency (50 concurrent users)
0%
Errors up to 200 concurrent users
83x
Faster than PHP built-in
732
req/s
Under heavy load (100 users)
Developer Experience

Your new favorite
command line.

forge CLI
Scaffold a full CRUD in seconds
$ ./forge make:all Product
Model created: app/Models/Product.php
Controller created: app/Controllers/ProductController.php
DTO created: app/Dto/ProductRequest.php
Routes created: app/Routes/product.php
Migration created: migrations/create_products_table.php
Add auth, compliance, webhooks...
$ ./forge make:auth
$ ./forge make:nf525
$ ./forge make:webhook
$ ./forge make:gdpr
Quality gate — tests, lint, static analysis
$ ./forge quality
PHP-CS-Fixer: 0 issues
PHPStan Level 5: 0 errors
PHPUnit: 320 tests, 320 assertions, 0 failures

Ready to build?

Start your next API project in under a minute.

fennectra new my-api
Documentation GitHub Packagist