PHPNews

Laravel Security Release 5.6.15 and 5.5.40

Yesterday, Felix Wiedemann ( https://github.com/Nilix007 ) alerted me to a potential exploit of the Laravel Encrypter component that may cause the Encrypter to fail on decryption and unexpectedly return false. To exploit this, the attacker must be able to modify the encrypted payload before it is decrypted. …

Continue reading »

Written by Taylor Otwell - - Aggregated on Friday March 30, 2018


Wildcard LetsEncrypt Certificates on Forge

Today we’re happy to announce support for wildcard LetsEncrypt certificates on Laravel Forge. Of course, like other certificates, these certificates will automatically be renewed by Forge. When creating a wildcard certificate, you should list the wildcard sub-domain as well as the root domain in your domain list: …

Continue reading »

Written by Taylor Otwell - - Aggregated on Friday March 16, 2018


Laravel is Hiring Again

Laravel is hiring again. I hired Mohamed, Laravel’s first employee, over a year ago. Mohamed has done a fantastic job improving many aspects of the Laravel ecosystem. However, I think Laravel could benefit from a third employee. While I focus on general ecosystem direction and core framework features, Mohamed will …

Continue reading »

Written by Taylor Otwell - - Aggregated on Friday March 9, 2018


JS Frameworks, Server Side Rendering, and XSS

Recently on HackerNews an article was published detailing how combining server-side rendering and JavaScript frameworks can sometimes lead to unexpected cases of XSS . Today, we patched a potential XSS vector in the default application layout shipped with Laravel. If you are using the default Bootstrap authenticati…

Continue reading »

Written by Taylor Otwell - - Aggregated on Wednesday March 7, 2018


Forge: DigitalOcean API Tokens / Teams

Today we are tweaking how Forge integrates with DigitalOcean. Of course, all existing DigitalOcean accounts on Forge will continue to work normally. Previously, when connecting your DigitalOcean account to Forge, you would be redirected to DigitalOcean via OAuth. Beginning today, we are simply accepting API / …

Continue reading »

Written by Taylor Otwell - - Aggregated on Wednesday February 21, 2018


Forge Post Deployment Webhooks

Today we’re launching post-deployment webhooks for Forge! To get started, add a webhook on the “Apps” tab of your site’s management pane: After each deployment, Forge will send an HTTP POST request to each of the listed URLs. The POST request contains relevant deployment information such as the server and site IDs, …

Continue reading »

Written by Taylor Otwell - - Aggregated on Monday February 19, 2018


Spark 6.0 Is Now Available

I’m thrilled to announce the release of Spark 6.0. Spark is a project that is very special to me, as it represents one of the core visions of Laravel: making it enjoyable for someone to build their dreams. When you have your next big idea, Spark saves you weeks of work building billing / subscription scaffolding. …

Continue reading »

Written by Taylor Otwell - - Aggregated on Monday February 12, 2018


Forge: Update Site Domains

Starting today, you can rename existing sites on Forge! This feature has been requested often over the years so I’m thrilled that we’re finally getting it in your hands. When updating your site’s name, all SSL certificates will be removed since new certificates will need to be installed for the new domain name. …

Continue reading »

Written by Taylor Otwell - - Aggregated on Wednesday January 10, 2018


Second Thoughts On Episode 8 (Spoilers)

I just got done watching Star Wars: The Last Jedi for the second time and my opinion of the movie has totally changed. The first time I saw the movie I walked away disappointed. Luke wasn’t as glorious as I wanted. Rey is a nobody (maybe?). Snoke received no backstory. All of the things I had spent two years waiting …

Continue reading »

Written by Taylor Otwell - - Aggregated on Saturday December 16, 2017


Make Correct Comparisons

This morning Fabien Potencier released a blog post claiming Symfony Flex is three times faster than Laravel 5.5. Of course, as usual, I had my typical doubts that they are comparing their best case scenario against the default Laravel installation which includes cookie encryption, extra service providers, sessions, …

Continue reading »

Written by Taylor Otwell - - Aggregated on Tuesday December 12, 2017


Bi-Weekly Laravel Tips From Taylor

I’ve wanted to start sharing small Laravel tips and tricks I use in my daily work for a while now. It’s time to put that plan into action. I’m going to start sending bi-weekly tips via a newsletter. These tips will be things I’m encountering in my daily work with Laravel that I think will improve your Laravel …

Continue reading »

Written by Taylor Otwell - - Aggregated on Thursday December 7, 2017


Some say it helps them.

Some say it helps them. To be honest, I’ve mainly been focused on weight training but just went for a run today. I think I’ll incorporate it into my routine. At the very least, it will be good for my heart. :) … I do feel like running gives a certain mental high and boost that pure weight lifting doesn’t seem to give.

Continue reading »

Written by Taylor Otwell - - Aggregated on Sunday December 3, 2017


My Mental Health Toolbelt

Many programmers and other people in technology have shared their mental health struggles online. In this post, I wanted to share some of my own experiences with this and what I have found to be helpful. Preface I believe programmers, especially those that work from home, are more prone to mental health issues …

Continue reading »

Written by Taylor Otwell - - Aggregated on Thursday November 30, 2017


Laravel Thanksgiving Sales

If you are looking to purchase some Laravel goodies, today through this weekend is a great time to do so! I am happy to provide discounts on Forge and Spark. In addition, Laracasts and others are running fantastic Thanksgiving sales. Forge The Forge sale provides a 40% discount on the entire first year for all …

Continue reading »

Written by Taylor Otwell - - Aggregated on Thursday November 23, 2017


Dusk Improvements: Vue + “Components”

Laravel Dusk has received some improvements recently thanks to contributions from Tighten’s Keith Damiani and Caleb Porzio . Vue Assertions (By Keith Damiani) Beginning with Dusk 2.0.6, you may now make assertions on the state of Vue component data. For example, imagine your application contains the following …

Continue reading »

Written by Taylor Otwell - - Aggregated on Wednesday October 4, 2017


Forge: Vultr Now Supported

Today, we’re excited to announce first-party support for Vultr in Laravel Forge. Vultr provides competitively priced, high performance SSD powered servers. Vultr joins DigitalOcean, Linode, and AWS as our fourth first-party provider: To add Vultr to your Forge account, visit the Server Providers tab of your …

Continue reading »

Written by Taylor Otwell - - Aggregated on Thursday September 28, 2017


Envoyer: Upgrading Your Bitbucket Integration

Beginning today, Envoyer supports Bitbucket’s ugpraded webhooks, which provide more information about commits and solve some annoying problems such as duplicate deploys when pushing merge commits. To upgrade your Bitbucket integration, refresh your Bitbucket OAuth tokens by visiting your account profile’s …

Continue reading »

Written by Taylor Otwell - - Aggregated on Friday September 22, 2017


Laravel Forge Database Selection

Today we are excited to launch a new feature for Laravel Forge: database selection. Previously, all Forge servers were provisioned with both MySQL (or MariaDB) and PostgreSQL. No customization of this behavior has been offered in the past. However, beginning today, you may select MySQL 5.7, MariaDB 10.2, PostgreSQ…

Continue reading »

Written by Taylor Otwell - - Aggregated on Tuesday September 5, 2017


Forge + Bash Aliases

Recently I received a Forge feature request to allow custom Bash alias installation on fresh servers. However, it’s already possible to accomplish this using recipes and a relatively new feature that allows you to run a given recipe immediately after provisioning a server. Here’s a quick walkthrough. Creating …

Continue reading »

Written by Taylor Otwell - - Aggregated on Monday August 14, 2017