Support Policy
For LTS releases, such as Laravel 5.1, bug fixes are provided for 2 years and security fixes are provided for 3 years. These releases provide the longest window of support and maintenance.
For general releases, bug fixes are provided for 6 months and security fixes are provided for 1 year.
Laravel 5.1.11
Laravel 5.1.11 introduces authorization support out of the box! Conveniently organize your application's authorization logic using simple callbacks or policy classes, and authorize actions using simple, expressive methods.
For more information, please refer to the authorization documentation.
Laravel 5.1.4
Laravel 5.1.4 introduces simple login throttling to the framework. Consult the authentication documentation for more information.
Laravel 5.1
Laravel 5.1 continues the improvements made in Laravel 5.0 by adopting PSR-2 and adding event broadcasting, middleware parameters, Artisan improvements, and more.
PHP 5.5.9
Since PHP 5.4 will enter "end of life" in September and will no longer receive security updates from the PHP development team, Laravel 5.1 requires PHP 5.5.9 or greater. PHP 5.5.9 allows compatibility with the latest versions of popular PHP libraries such as Guzzle and the AWS SDK.
LTS
Laravel 5.1 is the first release of Laravel to receive long term support. Laravel 5.1 will receive bug fixes for 2 years and security fixes for 3 years. This support window is the largest ever provided for Laravel and provides stability and peace of mind for larger, enterprise clients and customers.
PSR-2
The PSR-2 coding style guide has been adopted as the default style guide for the Laravel framework. Additionally, all generators have been updated to generate PSR-2 compatible syntax.
Documentation
Every page of the Laravel documentation has been meticulously reviewed and dramatically improved. All code examples have also been reviewed and expanded to provide more relevance and context.
Event Broadcasting
In many modern web applications, web sockets are used to implement real-time, live-updating user interfaces. When some data is updated on the server, a message is typically sent over a websocket connection to be handled by the client.
To assist you in building these types of applications, Laravel makes it easy to "broadcast" your events over a websocket connection. Broadcasting your Laravel events allows you to share the same event names between your server-side code and your client-side JavaScript framework.
To learn more about event broadcasting, check out the event documentation.
Middleware Parameters
Middleware can now receive additional custom parameters.
For example, if your application needs to verify that
the authenticated user has a given "role"
before performing a given action, you could create a
RoleMiddleware
that receives a role name as
an additional argument:
<?php
namespace App\Http\Middleware;
use Closure;
class RoleMiddleware
{
/**
* Run the request filter.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string $role
* @return mixed
*/
public function handle($request, Closure $next, $role)
{
if (! $request->user()->hasRole($role)) {
// Redirect...
}
return $next($request);
}
}
Middleware parameters may be specified when defining the
route by separating the middleware name and parameters
with a :
. Multiple parameters should be
delimited by commas:
Route::put('post/{id}', ['middleware' => 'role:editor', function ($id) {
//
}]);
For more information on middleware, check out the middleware documentation.
Testing Overhaul
The built-in testing capabilities of Laravel have been dramatically improved. A variety of new methods provide a fluent, expressive interface for interacting with your application and examining its responses. For example, check out the following test:
public function testNewUserRegistration()
{
$this->visit('/register')
->type('Taylor', 'name')
->check('terms')
->press('Register')
->seePageIs('/dashboard');
}
For more information on testing, check out the testing documentation.
Model Factories
Laravel now ships with an easy way to create stub Eloquent models using model factories. Model factories allow you to easily define a set of "default" attributes for your Eloquent model, and then generate test model instances for your tests or database seeds. Model factories also take advantage of the powerful Faker PHP library for generating random attribute data:
$factory->define(App\User::class, function ($faker) {
return [
'name' => $faker->name,
'email' => $faker->email,
'password' => str_random(10),
'remember_token' => str_random(10),
];
});
For more information on model factories, check out the documentation.
Artisan Improvements
Artisan commands may now be defined using a simple, route-like "signature", which provides an extremely simple interface for defining command line arguments and options. For example, you may define a simple command and its options like so:
/**
* The name and signature of the console command.
*
* @var string
*/
protected $signature = 'email:send {user} {--force}';
For more information on defining Artisan commands, consult the Artisan documentation.
Folder Structure
To better express intent, the app/Commands
directory has been renamed to app/Jobs
.
Additionally, the app/Handlers
directory
has been consolidated into a single
app/Listeners
directory which simply
contains event listeners. However, this is not a
breaking change and you are not required to update to
the new folder structure to use Laravel 5.1.
Encryption
In previous versions of Laravel, encryption was handled
by the mcrypt
PHP extension. However,
beginning in Laravel 5.1, encryption is handled by the
openssl
extension, which is more actively
maintained.
Laravel 5.0
Laravel 5.0 introduces a fresh application structure to the default Laravel project. This new structure serves as a better foundation for building a robust application in Laravel, as well as embraces new auto-loading standards (PSR-4) throughout the application. First, let's examine some of the major changes:
New Folder Structure
The old app/models
directory has been
entirely removed. Instead, all of your code lives
directly within the app
folder, and, by
default, is organized to the App
namespace.
This default namespace can be quickly changed using the
new app:name
Artisan command.
Controllers, middleware, and requests (a new type of
class in Laravel 5.0) are now grouped under the
app/Http
directory, as they are all classes
related to the HTTP transport layer of your application.
Instead of a single, flat file of route filters, all
middleware are now broken into their own class
files.
A new app/Providers
directory replaces the
app/start
files from previous versions of
Laravel 4.x. These service providers provide various
bootstrapping functions to your application, such as
error handling, logging, route loading, and more. Of
course, you are free to create additional service
providers for your application.
Application language files and views have been moved to
the resources
directory.
Contracts
All major Laravel components implement interfaces which
are located in the illuminate/contracts
repository. This repository has no external
dependencies. Having a convenient, centrally located set
of interfaces you may use for decoupling and dependency
injection will serve as an easy alternative option to
Laravel Facades.
For more information on contracts, consult the full documentation.
Route Cache
If your application is made up entirely of controller
routes, you may utilize the new route:cache
Artisan command to drastically speed up the registration
of your routes. This is primarily useful on applications
with 100 routes and will drastically
speed up this portion of your application.
Route Middleware
In addition to Laravel 4 style route "filters", Laravel 5 now supports HTTP middleware, and the included authentication and CSRF "filters" have been converted to middleware. Middleware provides a single, consistent interface to replace all types of filters, allowing you to easily inspect, and even reject, requests before they enter your application.
For more information on middleware, check out the documentation.
Controller Method Injection
In addition to the existing constructor injection, you may now type-hint dependencies on controller methods. The service container will automatically inject the dependencies, even if the route contains other parameters:
public function createPost(Request $request, PostRepository $posts)
{
//
}
Authentication Scaffolding
User registration, authentication, and password reset
controllers are now included out of the box, as well as
simple corresponding views, which are located at
resources/views/auth
. In addition, a
"users" table migration has been included with
the framework. Including these simple resources allows
rapid development of application ideas without bogging
down on authentication boilerplate. The authentication
views may be accessed on the auth/login
and
auth/register
routes. The
App\Services\Auth\Registrar
service is
responsible for user validation and creation.
Event Objects
You may now define events as objects instead of simply using strings. For example, check out the following event:
<?php
class PodcastWasPurchased
{
public $podcast;
public function __construct(Podcast $podcast)
{
$this->podcast = $podcast;
}
}
The event may be dispatched like normal:
Event::fire(new PodcastWasPurchased($podcast));
Of course, your event handler will receive the event object instead of a list of data:
<?php
class ReportPodcastPurchase
{
public function handle(PodcastWasPurchased $event)
{
//
}
}
For more information on working with events, check out the full documentation.
Commands / Queueing
In addition to the queue job format supported in Laravel
4, Laravel 5 allows you to represent your queued jobs as
simple command objects. These commands live in the
app/Commands
directory. Here's a sample
command:
<?php
class PurchasePodcast extends Command implements SelfHandling, ShouldBeQueued
{
use SerializesModels;
protected $user, $podcast;
/**
* Create a new command instance.
*
* @return void
*/
public function __construct(User $user, Podcast $podcast)
{
$this->user = $user;
$this->podcast = $podcast;
}
/**
* Execute the command.
*
* @return void
*/
public function handle()
{
// Handle the logic to purchase the podcast...
event(new PodcastWasPurchased($this->user, $this->podcast));
}
}
The base Laravel controller utilizes the new
DispatchesCommands
trait, allowing you to
easily dispatch your commands for execution:
$this->dispatch(new PurchasePodcastCommand($user, $podcast));
Of course, you may also use commands for tasks that are executed synchronously (are not queued). In fact, using commands is a great way to encapsulate complex tasks your application needs to perform. For more information, check out the command bus documentation.
Database Queue
A database
queue driver is now included in
Laravel, providing a simple, local queue driver that
requires no extra package installation beyond your
database software.
Laravel Scheduler
In the past, developers have generated a Cron entry for each console command they wished to schedule. However, this is a headache. Your console schedule is no longer in source control, and you must SSH into your server to add the Cron entries. Let's make our lives easier. The Laravel command scheduler allows you to fluently and expressively define your command schedule within Laravel itself, and only a single Cron entry is needed on your server.
It looks like this:
$schedule->command('artisan:command')->dailyAt('15:00');
Of course, check out the full documentation to learn all about the scheduler!
Tinker / Psysh
The php artisan tinker
command now utilizes
Psysh
by Justin Hileman, a more robust REPL for PHP. If you
liked Boris in Laravel 4, you're going to love Psysh.
Even better, it works on Windows! To get started, just
try:
php artisan tinker
DotEnv
Instead of a variety of confusing, nested environment configuration directories, Laravel 5 now utilizes DotEnv by Vance Lucas. This library provides a super simple way to manage your environment configuration, and makes environment detection in Laravel 5 a breeze. For more details, check out the full configuration documentation.
Laravel Elixir
Laravel Elixir, by Jeffrey Way, provides a fluent, expressive interface to compiling and concatenating your assets. If you've ever been intimidated by learning Grunt or Gulp, fear no more. Elixir makes it a cinch to get started using Gulp to compile your Less, Sass, and CoffeeScript. It can even run your tests for you!
For more information on Elixir, check out the full documentation.
Laravel Socialite
Laravel Socialite is an optional, Laravel 5.0 compatible package that provides totally painless authentication with OAuth providers. Currently, Socialite supports Facebook, Twitter, Google, and GitHub. Here's what it looks like:
public function redirectForAuth()
{
return Socialize::with('twitter')->redirect();
}
public function getUserFromProvider()
{
$user = Socialize::with('twitter')->user();
}
No more spending hours writing OAuth authentication flows. Get started in minutes! The full documentation has all the details.
Flysystem Integration
Laravel now includes the powerful Flysystem filesystem abstraction library, providing pain free integration with local, Amazon S3, and Rackspace cloud storage - all with one, unified and elegant API! Storing a file in Amazon S3 is now as simple as:
Storage::put('file.txt', 'contents');
For more information on the Laravel Flysystem integration, consult the full documentation.
Form Requests
Laravel 5.0 introduces form requests,
which extend the
Illuminate\Foundation\Http\FormRequest
class. These request objects can be combined with
controller method injection to provide a boiler-plate
free method of validating user input. Let's dig in and
look at a sample FormRequest
:
<?php
namespace App\Http\Requests;
class RegisterRequest extends FormRequest
{
public function rules()
{
return [
'email' => 'required|email|unique:users',
'password' => 'required|confirmed|min:8',
];
}
public function authorize()
{
return true;
}
}
Once the class has been defined, we can type-hint it on our controller action:
public function register(RegisterRequest $request)
{
var_dump($request->input());
}
When the Laravel service container identifies that the
class it is injecting is a FormRequest
instance, the request will automatically be
validated. This means that if your
controller action is called, you can safely assume the
HTTP request input has been validated according to the
rules you specified in your form request class. Even
more, if the request is invalid, an HTTP redirect, which
you may customize, will automatically be issued, and the
error messages will be either flashed to the session or
converted to JSON. Form validation has never
been more simple. For more information on
FormRequest
validation, check out the documentation.
Simple Controller Request Validation
The Laravel 5 base controller now includes a
ValidatesRequests
trait. This trait
provides a simple validate
method to
validate incoming requests. If FormRequests
are a little too much for your application, check this
out:
public function createPost(Request $request)
{
$this->validate($request, [
'title' => 'required|max:255',
'body' => 'required',
]);
}
If the validation fails, an exception will be thrown and the proper HTTP response will automatically be sent back to the browser. The validation errors will even be flashed to the session! If the request was an AJAX request, Laravel even takes care of sending a JSON representation of the validation errors back to you.
For more information on this new method, check out the documentation.
New Generators
To complement the new default application structure, new
Artisan generator commands have been added to the
framework. See php artisan list
for more
details.
Configuration Cache
You may now cache all of your configuration in a single
file using the config:cache
command.
Symfony VarDumper
The popular dd
helper function, which dumps
variable debug information, has been upgraded to use the
amazing Symfony VarDumper. This provides color-coded
output and even collapsing of arrays. Just try the
following in your project:
dd([1, 2, 3]);
Laravel 4.2
The full change list for this release by running the
php artisan changes
command from a 4.2
installation, or by viewing
the change file on Github. These notes only
cover the major enhancements and changes for the
release.
Note: During the 4.2 release cycle, many small bug fixes and enhancements were incorporated into the various Laravel 4.1 point releases. So, be sure to check the change list for Laravel 4.1 as well!
PHP 5.4 Requirement
Laravel 4.2 requires PHP 5.4 or greater. This upgraded PHP requirement allows us to use new PHP features such as traits to provide more expressive interfaces for tools like Laravel Cashier. PHP 5.4 also brings significant speed and performance improvements over PHP 5.3.
Laravel Forge
Laravel Forge, a new web based application, provides a simple way to create and manage PHP servers on the cloud of your choice, including Linode, DigitalOcean, Rackspace, and Amazon EC2. Supporting automated Nginx configuration, SSH key access, Cron job automation, server monitoring via NewRelic & Papertrail, "Push To Deploy", Laravel queue worker configuration, and more, Forge provides the simplest and most affordable way to launch all of your Laravel applications.
The default Laravel 4.2 installation's
app/config/database.php
configuration file
is now configured for Forge usage by default, allowing
for more convenient deployment of fresh applications
onto the platform.
More information about Laravel Forge can be found on the official Forge website.
Laravel Homestead
Laravel Homestead is an official Vagrant environment for
developing robust Laravel and PHP applications. The vast
majority of the boxes' provisioning needs are handled
before the box is packaged for distribution, allowing
the box to boot extremely quickly. Homestead includes
Nginx 1.6, PHP 5.6, MySQL, Postgres, Redis, Memcached,
Beanstalk, Node, Gulp, Grunt, & Bower. Homestead
includes a simple Homestead.yaml
configuration file for managing multiple Laravel
applications on a single box.
The default Laravel 4.2 installation now includes an
app/config/local/database.php
configuration
file that is configured to use the Homestead database
out of the box, making Laravel initial installation and
configuration more convenient.
The official documentation has also been updated to include Homestead documentation.
Laravel Cashier
Laravel Cashier is a simple, expressive library for managing subscription billing with Stripe. With the introduction of Laravel 4.2, we are including Cashier documentation along with the main Laravel documentation, though installation of the component itself is still optional. This release of Cashier brings numerous bug fixes, multi-currency support, and compatibility with the latest Stripe API.
Daemon Queue Workers
The Artisan queue:work
command now supports
a --daemon
option to start a worker in
"daemon mode", meaning the worker will
continue to process jobs without ever re-booting the
framework. This results in a significant reduction in
CPU usage at the cost of a slightly more complex
application deployment process.
More information about daemon queue workers can be found in the queue documentation.
Mail API Drivers
Laravel 4.2 introduces new Mailgun and Mandrill API
drivers for the Mail
functions. For many
applications, this provides a faster and more reliable
method of sending e-mails than the SMTP options. The new
drivers utilize the Guzzle 4 HTTP library.
Soft Deleting Traits
A much cleaner architecture for "soft deletes" and other "global scopes" has been introduced via PHP 5.4 traits. This new architecture allows for the easier construction of similar global traits, and a cleaner separation of concerns within the framework itself.
More information on the new
SoftDeletingTrait
may be found in the Eloquent
documentation.
Convenient Auth & Remindable Traits
The default Laravel 4.2 installation now uses simple
traits for including the needed properties for the
authentication and password reminder user interfaces.
This provides a much cleaner default User
model file out of the box.
"Simple Paginate"
A new simplePaginate
method was added to the
query and Eloquent builder which allows for more
efficient queries when using simple "Next" and
"Previous" links in your pagination view.
Migration Confirmation
In production, destructive migration operations will now
ask for confirmation. Commands may be forced to run
without any prompts using the --force
command.
Laravel 4.1
Full Change List
The full change list for this release by running the
php artisan changes
command from a 4.1
installation, or by viewing
the change file on Github. These notes only
cover the major enhancements and changes for the
release.
New SSH Component
An entirely new SSH
component has been
introduced with this release. This feature allows you to
easily SSH into remote servers and run commands. To
learn more, consult the SSH
component documentation.
The new php artisan tail
command utilizes
the new SSH component. For more information, consult the
tail
command
documentation.
Boris In Tinker
The php artisan tinker
command now utilizes
the Boris
REPL if your system supports it. The
readline
and pcntl
PHP
extensions must be installed to use this feature. If you
do not have these extensions, the shell from 4.0 will be
used.
Eloquent Improvements
A new hasManyThrough
relationship has been
added to Eloquent. To learn how to use it, consult the
Eloquent
documentation.
A new whereHas
method has also been
introduced to allow retrieving
models based on relationship constraints.
Database Read / Write Connections
Automatic handling of separate read / write connections is now available throughout the database layer, including the query builder and Eloquent. For more information, consult the documentation.
Queue Priority
Queue priorities are now supported by passing a
comma-delimited list to the queue:listen
command.
Failed Queue Job Handling
The queue facilities now include automatic handling of
failed jobs when using the new --tries
switch on queue:listen
. More information on
handling failed jobs can be found in the queue
documentation.
Cache Tags
Cache "sections" have been superseded by "tags". Cache tags allow you to assign multiple "tags" to a cache item, and flush all items assigned to a single tag. More information on using cache tags may be found in the cache documentation.
Flexible Password Reminders
The password reminder engine has been changed to provide greater developer flexibility when validating passwords, flashing status messages to the session, etc. For more information on using the enhanced password reminder engine, consult the documentation.
Improved Routing Engine
Laravel 4.1 features a totally re-written routing layer. The API is the same; however, registering routes is a full 100% faster compared to 4.0. The entire engine has been greatly simplified, and the dependency on Symfony Routing has been minimized to the compiling of route expressions.
Improved Session Engine
With this release, we're also introducing an entirely new session engine. Similar to the routing improvements, the new session layer is leaner and faster. We are no longer using Symfony's (and therefore PHP's) session handling facilities, and are using a custom solution that is simpler and easier to maintain.
Doctrine DBAL
If you are using the renameColumn
function
in your migrations, you will need to add the
doctrine/dbal
dependency to your
composer.json
file. This package is no
longer included in Laravel by default.