We have reverted a pull request that was merged into Laravel Fortify 1.7.3 which introduced a potential security vulnerability. Please update your applications using Fortify 1.7.3, including all Jetstream based applications, to Fortify 1.7.4.
We have reverted a pull request that was merged into Laravel Fortify 1.7.3 which introduced a potential security vulnerability. Please update your applications using Fortify 1.7.3, including all Jetstream based applications, to Fortify 1.7.4.
Last year, we introduced a simple but surprisingly useful feature to Laravel Forge: the ability to add notes to servers. While checking the uptake of this feature, we noticed that customers were often storing sensitive data in the field. We hadn’t designed notes to store sensitive information, so we found ourselves in a situation where we now needed to encrypt existing unencrypted data, while also allowing for new data to be inserted as encrypted data - at the same time, the dashboard needed to be able to show the notes correctly whether they had been encrypted or not. Our migration process looked like this: 1. Run a command that encrypts all existing unencrypted server notes. 2. Update our model to cast the `notes` field, encrypting or decrypting as required. To do this, we leaned on [Laravel’s custom casts](https://laravel.com/docs/11.x/eloquent-mutators#custom-casts) feature to handle this “sometimes encrypted” data. We created a new cast `SometimesEncrypted` that allowed us to gracefully decrypt the encrypted notes, or simply return the plaintext version which may have been available during the migration: ```php
James Brooks
Last week saw the official release of PHP 8.2, bringing with it features such as read-only classes, DNF types, and much more. As you may have noticed, we've been busy preparing the Laravel framework, first-party packages, and the surrounding ecosystem to provide support for this exciting new release of PHP. ## Laravel If you want to use PHP 8.2 with your Laravel project, you should update your dependencies to use the latest versions of the framework as well as the latest versions of all first-party packages such as Cashier, Passport, Scout, etc.  Of course, you should also ensure you update any third-party packages accordingly. ## Forge If you use Forge to provision servers and deploy your applications, you may now select PHP 8.2 when creating a server.  You may also install PHP 8.2 on existing servers from the "PHP" tab of your server's management dashboard.  ## Vapor We have also updated Vapor to provide PHP 8.2 support for our native and Docker runtimes. To update your native runtime to PHP 8.2, set the `runtime` option of your application's `vapor.yml` file to `php-8.2:al2` and redeploy your application.  If you are using the Docker runtime, you may update the base image in your Dockerfile to `laravelphp/vapor:php82` and redeploy your application.  ## Envoyer If you use Envoyer to manage your application's deployments, you may now select PHP 8.2 from your server's settings.  At Laravel, we're committed to providing you with the most robust, modern, and developer-friendly PHP experience. We hope you're as eager as we are to get started with PHP 8.2. With these updates to the ecosystem, it really couldn't be simpler!
Joe Dixon
Following last week's release, which again focused on Artisan, this week Laravel v9.24 introduces three new DB commands and more.
Taylor Otwell
Laravel is the most productive way to
build, deploy, and monitor software.