# hryvinskyi/magento2-invisible-captcha
> Magento 2 Google Invisible Captcha (Recaptcha) module
`composer require hryvinskyi/magento2-invisible-captcha`
Canonical URL: https://packagento.com/hryvinskyi/magento2-invisible-captcha
## At a glance
- **Vendor**: hryvinskyi (https://packagento.com/hryvinskyi.md)
- **Latest version**: 2.5.5 — released 2026-06-01
- **Pricing**: Free
- **Package type**: Magento 2 module
- **Status**: active, accepting new buyers
## Installation
Packagento is licence-gated, so even free packages need a licence on a project before Composer can resolve them.
1. **Sign in or create an account** at https://packagento.com/customer/account/.
2. **Add the package to your account.** Open https://packagento.com/hryvinskyi/magento2-invisible-captcha and complete the free checkout. A licence is minted automatically.
3. **Create or pick a project, then activate the licence on it.**
- Projects represent the Magento installs you deploy to. Manage them at https://packagento.com/projects/.
- Activate the new licence on the project you'll deploy this package to. Activation is what generates the Composer credentials scoped to that project.
4. **Add the project credentials to your Magento codebase.**
Grab the project's public + private key from https://packagento.com/projects/ (open the project, then its Credentials tab), and add them to `auth.json`:
```json
{
"http-basic": {
"packagento.com": {
"username": "ppk_live_...",
"password": "psk_live_..."
}
}
}
```
Add the Packagento Composer repository to `composer.json`:
```json
{
"repositories": [
{ "type": "composer", "url": "https://packagento.com" }
]
}
```
5. **Install and apply.**
```bash
composer require hryvinskyi/magento2-invisible-captcha:*
bin/magento setup:upgrade
bin/magento setup:di:compile
bin/magento cache:flush
```
## What it does
Magento 2 Google Invisible Captcha (Recaptcha) module
## README
[](https://packagist.org/packages/hryvinskyi/magento2-invisible-captcha)
[](https://packagist.org/packages/hryvinskyi/magento2-invisible-captcha)
[](https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=volodymyr%40hryvinskyi%2ecom&lc=UA&item_name=Magento%202%20Invisible%20Captcha¤cy_code=USD&bn=PP%2dDonationsBF%3abtn_donateCC_LG%2egif%3aNonHosted "Donate once-off to this project using Paypal")
[](https://packagist.org/packages/hryvinskyi/magento2-invisible-captcha)
[](https://packagist.org/packages/hryvinskyi/magento2-invisible-captcha)
[](https://scrutinizer-ci.com/g/hryvinskyi/magento2-invisible-captcha/?branch=master)
[](https://scrutinizer-ci.com/g/hryvinskyi/magento2-invisible-captcha/build-status/master)
[](https://app.fossa.com/projects/git%2Bgithub.com%2Fhryvinskyi%2Fmagento2-invisible-captcha?ref=badge_shield)
Module version 2.0.\*||2.1.\*||2.2.\* support Magento 2.3.*
Module version 1.0.* support Magento 2.1.\*||2.2.\*
### Features
1. Lazy Load, google page speed improvements
2. Easy to add captcha to your custom form
3. AJAX forms supported
4. Knockout forms supported
5. Refreshing invalid token after a long period of inactivity on the site and after ajax form submitted
### Frontend Forms
* Login
* Register
* Forgot password
* Contact
* Newsletter
* Send to Friend
### Backend Forms
* Login
* Forgot password
### Installation Guide
#### Install by composer
```
composer require hryvinskyi/magento2-invisible-captcha
bin/magento module:enable Hryvinskyi_Base
bin/magento module:enable Hryvinskyi_InvisibleCaptcha
bin/magento setup:upgrade
```
#### Install download package
1. Download module https://github.com/hryvinskyi/magento2-base [Link](https://github.com/hryvinskyi/magento2-base/archive/v1.1.2.zip)
2. Download this module [Link](https://github.com/hryvinskyi/magento2-invisible-captcha/archive/2.0.4.zip)
3. Unzip two modules in the folder app\code\Hryvinskyi\Base and app\code\Hryvinskyi\InvisibleCaptcha
4. Run commands:
```
bin/magento module:enable Hryvinskyi_Base
bin/magento module:enable Hryvinskyi_InvisibleCaptcha
bin/magento setup:upgrade
```
5. Configure module in admin panel
#### Command-line:
```
php bin/magento hryvinskyi:invisible-captcha:disable --website_id=
```
This command will disable invisible captcha for the area and/or website_id.
* area = [global, frontend, adminhtml]
* website_id = ID Website
## General Settings
[](https://raw.githubusercontent.com/hryvinskyi/magento2-invisible-captcha/master/screenshots/admin_configuration.png)
### LazyLoad Speed Test
[](https://raw.githubusercontent.com/hryvinskyi/magento2-invisible-captcha/master/screenshots/lazy_load.jpg)
### License
[](https://app.fossa.com/projects/git%2Bgithub.com%2Fhryvinskyi%2Fmagento2-invisible-captcha?ref=badge_large)
## Changelog
All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
### [2.5.5] - 2026-06-01
#### Fixed
- PHP 8.5: added the `: int` return type and an explicit `return Command::SUCCESS;`
to `Command\Captcha::execute()`, matching Symfony Console `Command::execute(): int`
(fixes the "must be compatible" fatal error).
- Monolog 3: `Model\Debug::write()` now accepts `Monolog\LogRecord` instead of `array`
to match `Magento\Framework\Logger\Handler\Base::write()`.
### [2.5.4] - 2026-06-01
#### Added
- PHP 8.5 support (`~8.5` added to the `php` requirement).
#### Fixed
- PHP 8.4/8.5 compatibility: replaced implicit-nullable parameter declarations
(`Type $param = null`) with explicit nullable types (`?Type $param = null`)
across the failure providers, area config, and abstract config classes, removing
the "Implicitly marking parameter as nullable is deprecated" notices.
#### Security
- Widened the `symfony/dom-crawler` requirement from `>=2.7 <5.0` to
`^5.4.52 || ^6.4.40 || ^7.4.12 || ^8.0.12`. The previous constraint could only
resolve to versions affected by **CVE-2026-45071** (XXE / local file disclosure
in `DomCrawler::addXmlContent()` via `validateOnParse = true`), because no fix
exists for the 2.x–4.x branches. The new constraint pins to the patched releases
and aligns with the Symfony components shipped by Magento 2.4.x.
### [2.5.3] - 2025-10-06
#### Changed
- Updated dependencies and removed leftover `console.log` debug output.
### [2.5.2] - 2025-08-12
#### Changed
- `composer.json` maintenance.
### [2.5.1] - 2025-06-24
#### Changed
- `composer.json` maintenance.
### [2.5.0] - 2025-06-17
#### Changed
- `composer.json` maintenance.
[2.5.4]: https://github.com/hryvinskyi/magento2-invisible-captcha/compare/2.5.3...2.5.4
[2.5.3]: https://github.com/hryvinskyi/magento2-invisible-captcha/compare/2.5.2...2.5.3
[2.5.2]: https://github.com/hryvinskyi/magento2-invisible-captcha/compare/2.5.1...2.5.2
[2.5.1]: https://github.com/hryvinskyi/magento2-invisible-captcha/compare/2.5.0...2.5.1
[2.5.0]: https://github.com/hryvinskyi/magento2-invisible-captcha/compare/2.4.10...2.5.0
## Recent Versions
| Version | Released |
|---|---|
| 2.5.5 | 2026-06-01 |
| 2.5.4 | 2026-06-01 |
| 2.5.3 | 2025-11-05 |
| 2.5.2 | 2025-08-12 |
| 2.5.1 | 2025-06-24 |
| 2.5.0 | 2025-06-16 |
| 2.4.10 | 2025-06-16 |
| 2.4.9 | 2025-05-05 |
| 2.4.8.1 | 2025-05-05 |
| 2.4.8 | 2024-03-28 |
Showing 10 of 55 versions. Full release history on https://packagento.com/hryvinskyi/magento2-invisible-captcha.
## Dependencies
### Require
| Package | Constraint |
|---|---|
| ext-dom | * |
| hryvinskyi/magento2-base | ^2.1 |
| magento/framework | * |
| magento/module-checkout | * |
| magento/module-customer | * |
| magento/module-store | * |
| php | ~8.0\|\|~8.1\|\|~8.2\|\|~8.3\|\|~8.4\|\|~8.5 |
| symfony/dom-crawler | ^5.4.52 \|\| ^6.4.40 \|\| ^7.4.12 \|\| ^8.0.12 |
| voku/simple_html_dom | ^4.8 |
### Require (dev)
| Package | Constraint |
|---|---|
| roave/security-advisories | dev-latest |
## Quality
Latest release (2.5.5) fails the Packagento QA pipeline. Verdicts below are per-cell (Magento line × PHP version) for the matrixed tools, and run-once for the static / security tiers.
### Compatibility
Each Magento line is installed on its supported PHP versions, then the module is built (DI compile + static-content deploy). Cells show passed / failed / untested; staircase gaps render as `–`.
| Magento | PHP 8.2 | PHP 8.3 | PHP 8.4 | PHP 8.5 |
|---|---|---|---|---|
| 2.4.7 | 1 | 1 | – | – |
| 2.4.8 | – | Pass | Pass | – |
| 2.4.9 | – | – | not tested | not tested |
### Code Quality
Advisory checks against the module's source. Never affect the Compatibility verdict — a phpcs finding can't make a module incompatible.
#### Static Analysis
Coding standards (phpcs), mess detection (phpmd), copy-pasted code (cpd), PHP cross-version compatibility, composer.json validity. Each runs once for the whole module.
| Tool | Status | Findings | Summary |
|---|---|---|---|
| PHPCS | Fail | 123 | 7 errors, 116 warnings (ruleset: Magento2) — 61 auto-fixable with phpcbf |
| PHPMD | Warning | 3 | 3 rule violations (IfStatementAssignment:1, CyclomaticComplexity:1, UnusedFormalParameter:1) |
| Cpd | Pass | 0 | |
| Composer validate | Info | 5 | valid; 5 advisory notes (composer validate --strict) |
#### PHPStan
Type-checks the module against a real Magento install. Re-runs per Magento + PHP version because resolvable symbols differ between releases.
| Magento | PHP 8.2 | PHP 8.3 | PHP 8.4 | PHP 8.5 |
|---|---|---|---|---|
| 2.4.7 | 16 | 16 | – | – |
| 2.4.8 | – | 16 | 15 | – |
| 2.4.9 | – | – | 15 | 15 |
### Tests
Unit and integration suites run per Magento + PHP cell. Test failures speak to the module's behaviour, not its compatibility with a line, so they're reported here separately.
#### Unit Tests
| Magento | PHP 8.2 | PHP 8.3 | PHP 8.4 | PHP 8.5 |
|---|---|---|---|---|
| 2.4.7 | N/A | N/A | – | – |
| 2.4.8 | – | N/A | N/A | – |
| 2.4.9 | – | – | N/A | N/A |
#### Integration Tests
| Magento | PHP 8.2 | PHP 8.3 | PHP 8.4 | PHP 8.5 |
|---|---|---|---|---|
| 2.4.7 | N/A | N/A | – | – |
| 2.4.8 | – | N/A | N/A | – |
| 2.4.9 | – | – | N/A | N/A |
### Security
Dependency-advisory audit (composer audit) plus a source malware scan. A malware detection fails the version outright.
| Tool | Status | Findings | Summary |
|---|---|---|---|
| Composer audit | N/A | 0 | no resolvable dependency tree to audit |
| Malware scan | Pass | 0 | |
## Licence and pricing
Free. A licence is still minted on checkout and bound to your project for Composer access — no payment step.
Refundable within 14 days of first purchase via https://packagento.com/account/refunds/.
## Install via Claude Code or any MCP client
The Packagento MCP server can run the licence + project + Composer steps above in one tool call:
```
purchase_and_install_packages(
composer_names=["hryvinskyi/magento2-invisible-captcha"],
project_id="proj_xxx"
)
```
This handles cart, checkout, licence minting, project activation, and writes auth.json credentials. Connect a client with `claude mcp add packagento https://mcp.packagento.com`. Full setup at https://packagento.com/docs/mcp-setup.
## Vendor
hryvinskyi is a Magento 2 vendor on Packagento. See https://packagento.com/hryvinskyi.md for their full catalogue.