Octane Version

v2.3.10

Laravel Version

v11.6.0

PHP Version

v8.3.6

What server type are you using?

FrankenPHP

Server Version

v1.1.4 PHP 8.3.6 Caddy v2.7.6

Database Driver & Version

Postgress

Description

Last week we updated our app previously using php-fpm running on Forge to use Laravel Octane with FrankenPHP. Our site is mostly an API that handles analytics events (Like google analytics). It uses the default Laravel api throttling.

In staging our app worked fine (30 req/sec same IP), but when deploying to production (1400 req/sec, different IPs) it started to fail, giving a lot of 429 Too Many Requests.

I quickly rolled back to php-fpm and after a few hours tried again with the same problem. Rolled back and the next day I switched to Swoole and it worked perfectly without changing a single line of code nor having to redeploy anything. So I can confidently say that is NOT a bug in my code, but rather a bug with FrankenPHP or the Octane integration with FrankenPHP.

My theory is that the RateLimiter is not reseting between requests so it's shared between different users. So multiple different users trigger the rate limiter:

This is my Rate limiter configuration:

// AppServiceProvider

RateLimiter::for('api', function (Request $request) {
    return Limit::perMinute(60)->by($request->user()?->id ?: $request->ip());
});

our production CACHE_STORE is redis. Throttling worked perfectly fine without octane and with octane but using Swoole. It failed with hundred of 429 Too Many Requests after installing FrankenPHP.

This is our bootstrap/app.php:

<?php

use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware;
use Illuminate\Support\Facades\App;

return Application::configure(basePath: dirname(__DIR__))
    ->withRouting(
        commands: __DIR__.'/../routes/console.php',
        health: '/up',
        then: function () {
            Route::middleware('api')
                ->prefix('api')
                ->as('api.')
                ->domain(config('app.domain'))
                ->group(base_path('routes/api.php'));

            Route::middleware('web')
                ->domain(config('app.domain'))
                ->group(base_path('routes/web.php'));

            Route::middleware('web')
                ->domain(config('playsaurus.ads.domain'))
                ->group(base_path('routes/ads.php'));
        }
    )
    ->withMiddleware(function (Middleware $middleware) {
        $middleware->throttleApi();

        $middleware->redirectTo(
            guests: '/login',
            users: '/',
        );

        $middleware->web(append: [
            \App\Http\Middleware\HandleInertiaRequests::class,
            \Illuminate\Http\Middleware\AddLinkHeadersForPreloadedAssets::class,
        ]);

        $middleware->api(append: [
            \App\Http\Middleware\ConfigureLocale::class,
        ]);

        $middleware->alias([
            'localize' => \App\Http\Middleware\ConfigureLocale::class,
            'embed' => \App\Http\Middleware\AllowsEmbeding::class,
        ]);
    })
    ->withExceptions(function (Exceptions $exceptions) {
        $exceptions->dontReport([
            \App\Services\Announcements\InvalidVariantKey::class,
            \App\Exceptions\CouponRedeemException::class,
        ]);
    })->create();

Steps To Reproduce

It's difficult to reproduce. Because I can't test it in production because that would mean a lot of downtime for our users.

My theory is that it would be possible to reproduce from multiple different IPs. But since I don't have the means to test it, I don't know.

When calling mb_convert_encoding() with $fromEncoding === 'HTML-ENTITIES', the polyfill does not return functionally equivalent strings to the native function. This is because mb_convert_encoding() uses html_entity_decode() when $fromEncoding === 'HTML-ENTITIES' and that function does not return characters for many numeric entities 0-31 and 127-159. For example:

<?php

require "vendor/symfony/polyfill-mbstring/Mbstring.php";

use Symfony\Polyfill\Mbstring as p;

for($i = 0; $i < 1024; $i++) {
	$string = "&#" . $i . ";";
	$mbstring = mb_convert_encoding($string, 'UTF-8', 'HTML-ENTITIES');
	$polyfill = p\Mbstring::mb_convert_encoding($string, 'UTF-8', 'HTML-ENTITIES');
	if($mbstring != $polyfill) {
		echo "Mismatch: $string - mbstring: $mbstring; polyfill: $polyfill\n";
	}
}

outputs:

Mismatch: � - mbstring: ; polyfill: �
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring:; polyfill: 
Mismatch:  - mbstring:
                            ; polyfill: 
Mismatch:  - mbstring:
                            ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring:  polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch: ' - mbstring: '; polyfill: '
Mismatch:  - mbstring: ; polyfill: 
Mismatch: € - mbstring: €; polyfill: €
Mismatch:  - mbstring: ; polyfill: 
Mismatch: ‚ - mbstring: ‚; polyfill: ‚
Mismatch: ƒ - mbstring: ƒ; polyfill: ƒ
Mismatch: „ - mbstring: „; polyfill: „
Mismatch: … - mbstring: …; polyfill: …
Mismatch: † - mbstring: †; polyfill: †
Mismatch: ‡ - mbstring: ‡; polyfill: ‡
Mismatch: ˆ - mbstring: ˆ; polyfill: ˆ
Mismatch: ‰ - mbstring: ‰; polyfill: ‰
Mismatch: Š - mbstring: Š; polyfill: Š
Mismatch: ‹ - mbstring: ‹; polyfill: ‹
Mismatch: Œ - mbstring: Œ; polyfill: Œ
Mismatch:  - mbstring: ; polyfill: 
Mismatch: Ž - mbstring: Ž; polyfill: Ž
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch: ‘ - mbstring: ‘; polyfill: ‘
Mismatch: ’ - mbstring: ’; polyfill: ’
Mismatch: “ - mbstring: “; polyfill: “
Mismatch: ” - mbstring: ”; polyfill: ”
Mismatch: • - mbstring: •; polyfill: •
Mismatch: – - mbstring: –; polyfill: –
Mismatch: — - mbstring: —; polyfill: —
Mismatch: ˜ - mbstring: ˜; polyfill: ˜
Mismatch: ™ - mbstring: ™; polyfill: ™
Mismatch: š - mbstring: š; polyfill: š
Mismatch: › - mbstring: ›; polyfill: ›
Mismatch: œ - mbstring: œ; polyfill: œ
Mismatch:  - mbstring: ; polyfill: 
Mismatch: ž - mbstring: ž; polyfill: ž
Mismatch: Ÿ - mbstring: Ÿ; polyfill: Ÿ

While many of these are control characters (and the native function does return them), the single quote (dec 39) is particularly problematic.

Describe the bug logUnguarded() works provided that $guarded is set explicitly in the model. If it is not set explicitly but globally set, say in AppServiceProvider using Model::unguard(); then nothing is logged.

To Reproduce

1. remove $fillable and $guarded from a model that use uses LogsActivity
2. call Model::unguard(); in AppServiceProvider in the boot method
3. set

    public function getActivitylogOptions() : LogOptions
    {
        return LogOptions::defaults()->logUnguarded();
    }

4. Make some changes to a model and save them

Expected behavior Some changed properties should be logged but none are

Versions (please complete the following information)

• PHP: 8.1
• Database: MySql
• Laravel: 9.38
• Package: larvel-activitylog

Octane Version

2.6.1

Laravel Version

11.41.3

PHP Version

8.3

What server type are you using?

Roadrunner

Server Version

2024.3.2

Database Driver & Version

No response

Description

ok this is in the borderline to be a bug but i write it anyway.

i am deploying using deployer , i suppose will happen for any Zero Downtime Deployments.

/releases/99/
/releases/100/
/releases/101/ 

and then a symbolic link from the latest release to /current , all pretty standard.

the problem come when running artisan octane:start vendor/laravel/octane/src/Commands/StartRoadRunnerCommand.php

will set roadrunner server with '-o', 'server.command='.(new PhpExecutableFinder)->find().','.base_path(config('octane.roadrunner.command', 'vendor/bin/roadrunner-worker')),

where base_path(...) will resolve to /releases/101/ not to /current

so in next deployment e.g. (/releases/102/) , when we run artisan octane:reload it will still use old /releases/101/ source code (i checked and yes if i go back to /releases/101/ and make a change it will be present after artisan octane:reload).

the solution is very simple, in config/octane.php you just need to add:

    'roadrunner'=>[
        'command' => env('OCTANE_ROADRUNNER_WORKER_PATH', base_path('vendor/bin/roadrunner-worker')),
    ]

OCTANE_ROADRUNNER_WORKER_PATH=../../current

would be nice is this added to config/octane.php , and maybe don't use base_path

or even better a option to provide the path in octane:start

Steps To Reproduce

deploy a octane laravel app using deployer , octane:reload will not work as expected

Laravel Version

11.44.1 (also in newer branches)

PHP Version

8.4.6 (PHP version is not a factor)

Database Driver & Version

MariaDB 10.11.13 on Ubuntu

Description

Because of MDEV-13132, releases of MariaDB since 10.2.7 quote string literal column defaults in the information_schema. (MySQL does not currently do this.)

Therefore, depending on what version of MariaDB you're using, calls to Schema::getColumns to determine column details might give you a quoted string, or not, depending on the version of the DBMS.

Steps To Reproduce

Test script:

<?php

require_once('vendor/autoload.php');

use Illuminate\Database\Capsule\Manager as Capsule;
use Illuminate\Database\Schema\Blueprint;

$capsule = new Capsule;

$capsule->addConnection([
    'driver' => 'mariadb',
    'host' => '127.0.0.1',
    'database' => 'DATABASE_NAME_HERE',
    'username' => 'USERNAME_HERE',
    'password' => 'PASSWORD_HERE',
    'charset' => 'utf8',
    'collation' => 'utf8_unicode_ci',
    'prefix' => '',
]);

$capsule->setAsGlobal();
$schema = $capsule->schema();

// Clean up from a previous run if necessary, and create a table for testing purposes.
if ($schema->hasTable('test_table')) $schema->drop('test_table');
$schema->create('test_table', function (Blueprint $table) {
    $table->string('test_string')->default('Some default');
});

$columns = $schema->getColumns('test_table');
$column = $columns[0];
echo "The column default is: {$column['default']}\n";

Results with MariaDB 10.2.7 or newer:

The column default is: 'Some default'

Results with MariaDB older than 10.2.7, or any MySQL:

The column default is: Some default

While this is a behavioural change to MariaDB, it would be nice for Laravel to hide this quirk from the caller -- probably by overriding the MySQL schema grammar's implementation of compileColumns to account for it.

AST, or "abstract syntax tree", creates the expectation of a nested tree structure. In the case of a query string, the AST will only ever be one level deep; as multi nodes are combined into one.

If anyone wants to suggest a better, more clear name: you're welcome.

I tried the example config from the docs to a Laravel/Inertia/Vue app, and it don't work.

If use the code (HandleInertiaRequests.php): 'messages' => flash()->render([], 'array'),

Error: Flasher\Prime\Flasher::render(): Argument #1 ($presenter) must be of type string, array given, called in D:\Laragon6\www\mobi-care\app\Http\Middleware\HandleInertiaRequests.php on line 36

And changing it to: 'messages' => flash()->render('array'), it loads the page, but, I only see the notifications if i press F5, with its not the desired state.

NotOrm Package

The goal is to make abstract code based on the package notorm to build a new orm system

Allow to mark some authors as "verified" so they no longer have to go through the review process of submitting articles but can publish straight away.

Maybe let's also put a limit of 2 articles a day per author.

What about allowing displaying post-install messages again, eg when running this?

composer recipes the/package

If a pack lists things in its "replace" section, unpacking this pack should copy these rules into the "replace" section of the root composer.json.

I think that implementing this requires patching the Unpacker class only.

Anyone up to give it a try?

Dashboard showing Operational

Front end showing no issues, but the status seems to still be linked to the incident even if it's closed as fixed

I would love to see support for oAuth in Catchet. I know there are some other (closed) issues requesting the same functionality, but I think this would be a great addition for Catchet.

Provide updates to new functionalities in the v2 of the package.

There's no Expectation to expect a class to use HasRequestPagination rather than HasPagination.

When encountering nested tokens, they are parsed only during formatting, not when compiling the pattern. And the type of tokens are validated only during the rendering as well. But the native implementation detects such error during the instantiation: https://3v4l.org/Sf69D This means that the error handling required for the polyfill is not the same than for the native implementation.

v2.4 allows users to add Google 2FA to their account for an added layer of security. 3.x should also implement this in some way.

Things to consider

• How to generate the code
• How do verify via 2FA when this is enabled on a users account.
• Can admins reset 2FA for a user if they've lost their 2FA device?
• How should backup codes work?

The docs aren't finished. This issue exists to track the missing pieces:

• App icons
• Context menus
• Dock
• Printing
• ProgressBar
• Queue
• Screens
• Settings
• Shell
• System
• Touch ID
• Testing
• Obfuscating and securing PHP code
• Build signing (#361)
  • macOS
  • Windows
• How to customise Electron / PR to NativePHP
• Security disclosures process
• Highlight current section
• Show ToC persistently on the right-hand side
• Sponsorship page
• Contributors page
• Show sponsors in sidebar
• Add next/previous section buttons to the bottom of pages
• Add Edit on GitHub link to pages

Hello,

if you plan an scheduled maintenance with an START and END date it will never appear on the dashboard. Only if you create them with an START date only it will appear. I think this is a bit confusing, because if i plan an schedule an weekly update, i want to declare an timeslot and dont want to enter again the cachet-scheduled-maintenance to enter an date at the end of my maintenance.

Can this function be controlled or changed?

Thanks

Add in PHP 7.3 as Normalizer::normalize() argument for NFKC_Casefold normalization.

Description: I am using Flasher 2.0.1 in my Laravel 11 project and would like to know how to properly use the Flasher library in JavaScript. Additionally, I want to ensure that the JavaScript configuration is consistent with the settings defined in the flasher.php configuration file.

Details: Flasher Version: 2.0.1 Laravel Version: 11 Problem: Need guidance on using the Flasher library with JavaScript in a way that mirrors the configuration set in flasher.php.

https://www.algolia.com/doc/libraries/javascript/v5/upgrade/

Discussed in https://github.com/spatie/schema-org/discussions/202

Originally posted by indyjonesnl January 10, 2024

$lodgingBusiness = Schema::lodgingBusiness()
  ->openingHours(
    Schema::openingHoursSpecification()
      ->dayOfWeek([Schema::dayOfWeek()::Monday])
      ->opens(new DateTime('09:00:00'))
      ->closes(new DateTime('17:00:00'))
  )
  ->checkinTime(new DateTime('14:00:00'))
  ->checkoutTime(new DateTime('11:00:00'))

This results in the current date + time being included in the output "opens":"2024-01-10T09:00:00+00:00","closes":"2024-01-10T17:00:00+00:00" and ..."checkinTime":"2024-01-10T14:00:00+00:00","checkoutTime":"2024-01-10T11:00:00+00:00"...

While the Schema should contain only the time, formatted as 14:30:00+08:00.

Can someone point me in the right direction?

When you install a UX package, if you have AssetMapper installed, we importmap:require the packages you need. We should also importmap:remove those when the package is uninstalled.

https://github.com/symfony/recipes/issues/1089#issuecomment-1885459144

These messages aren't displayed: https://github.com/symfony/flex/blob/1.x/src/Configurator/DockerComposeConfigurator.php#L51

Bug description

Chrome, Firefox, and Safari now support setting the width and height attributes on <source> elements within <picture> elements. You can read more about this in the web.dev article on optimizing CLS. This enhancement allows browsers to better handle layout shifts and varying aspect ratios for responsive images.

How to reproduce

Current Behavior:

Currently, Statamic Responsive Images does not take advantage of this browser capability. As a result, when multiple sources are provided, the appropriate width and height attributes are not applied to <source> elements, which may lead to layout shifts due to varying aspect ratios.

Proposed Enhancement:

Set appropriate width and height attributes on <source> elements based on their aspect ratios.

Benefits:

• Improved Visual Stability: Reduce Cumulative Layout Shift (CLS) by providing browsers with the correct dimensions upfront.
• Better Performance: Modern browsers can allocate the correct space for images during page load.
• Enhanced Responsiveness: Accurately reflect different image aspect ratios for a more consistent user experience.

Environment

Environment
Application Name: local
Laravel Version: 11.41.3
PHP Version: 8.3.16
Composer Version: 2.8.5
Environment: development
Debug Mode: ENABLED
URL: local.test
Maintenance Mode: OFF
Timezone: Europe/Paris
Locale: en

Cache
Config: NOT CACHED
Events: NOT CACHED
Routes: NOT CACHED
Views: NOT CACHED

Drivers
Broadcasting: null
Cache: file
Database: sqlite
Logs: stack / single
Mail: smtp
Queue: redis
Session: file

Statamic
Addons: 3
Sites: 1
Stache Watcher: Disabled (auto)
Static Caching: Disabled
Version: 5.46.1 PRO

Statamic Addons
rias/statamic-redirect: 3.9.3
spatie/statamic-responsive-images: 5.2.1
statamic/seo-pro: 6.5.0

Installation

Fresh statamic/statamic site via CLI

Antlers Parser

regex (default)

Additional details

Leveraging native width and height support on <source> elements can lead to significant improvements in layout stability and overall performance on modern browsers. This enhancement would allow the package to better handle responsive images by using up-to-date browser capabilities.

Thanks for considering this enhancement!

Let's try out Filament and move our own admin panels to it. This should provide us with a much more powerful admin backend.

https://filamentphp.com

Hi,

With the polyfill, var_dump(mb_strlen(chr(254))) return 0. With the php8.0-mbstring extension, var_dump(mb_strlen(chr(254))) return 1;

versions : * v1.26.0

Thanks, Alex

What happened?

After installation, I noticed that in the browser console it outputs an error of wireEl is undefined.

How to reproduce the bug

Just install this package in a livewire project, preferable with Filament's admin package. And see the browser console.

composer create-project laravel/laravel test;
composer require filamentphp/filament;
composer require spatie/laravel-blade-comments;

Then go through the browser console and see the error

Package Version

1.0.1

PHP Version

8.2.0

Laravel Version

10.13.0

Which operating systems does with happen with?

macOS

Notes

Filament ......................................................
Packages ...... filament, forms, notifications, support, tables
Version .............................................. v2.17.44
Views ..................................... PUBLISHED: filament

On the record update for an active incident, there needs to be a tie to the component to be update the current component status.

We created this issue to not forget to document this new feature. We would really appreciate if you can help us with this task. If you are not sure how to do it, please ask us and we will help you.

To fix this issue, please create a PR against the 7.4 branch in the symfony-docs repository.

Thank you! :smiley:

Hi! If I use this package with my project I has a problem. My package.json has a "git dependency" like this:

{
  "peerDependencies": {
    "package": "git+ssh://[email protected]/team/project.git"
  }
}

And npm-install-peers breaks.

Many of them are out of date, some by a few major versions!

It would be great to get these into good order and start keeping them up to date

What happened?

I just installed package and complement for AI powered solution. When I create an issue to test it I get :

I had to change the links function like this to make it work for me:

public function links(): array
{
    $rawText = Str::finish($this->rawText, 'ENDLINKS');

    $textLinks = $this->between('LINKS', 'ENDLINKS', $rawText);

    $textLinks = explode(PHP_EOL, $textLinks);

    $links = [];

    foreach ($textLinks as $textLink) {
        $textLink = str_replace('\\', '\\\\', $textLink);
        $textLink = str_replace('\\\\\\', '\\\\', $textLink);

        $decodedLink = json_decode($textLink, true);

        if ($decodedLink !== null) {
            $links[$decodedLink['title']] = $decodedLink['url'];
        }
    }

    return $links;
}

How to reproduce the bug

When I install the package in my project and use it with AI powered

Package Version

1.0

PHP Version

8.2.14

Laravel Version

11.14

Which operating systems does with happen with?

Windows

Notes

No response

Found the \Illuminate\Database\Eloquent\Concerns\HasAttributes::originalIsEquivalent() method during code diving and it should be usable for our trait! 🎉 This PR would be mainly reasearch when that method was added, if it's compatible with our version support rules and switching our own change detection logic with the core one.

Calling for help from Docker experts. We need to create the best possible docker-compose.yml file for this project. The application requirements are well defined (we use env vars, Webpack Encore, PHP 7.1, Symfony 4.1, SQLite database, etc.) so it should be possible to create that file.

Not PHPUnit 11 because we still need to support for PHP 8.1

e.g. at the moment we have stuff like:

1. Symfony\Flex\Tests\Configurator\CopyFromPackageConfiguratorTest::testConfigureAndOverwriteFiles The at() matcher has been deprecated. It will be removed in PHPUnit 10. Please refactor your test to not rely on the order in which methods are invoked.

Help wanted 🙏

Add this field so it's easy to add an Unsplash ID to an article. If the ID was entered and the form is saved, immediately try to retrieve the image through the Unsplash API using the code from the SyncArticleImages command.

This will be superseded eventually by #701

Laravel Version

11.44.1 (also in newer branches)

PHP Version

8.4.6 (PHP version is not a factor)

Database Driver & Version

MariaDB 10.11.13 on Ubuntu

Description

The Illuminate Database toolset does not properly escape string-based column defaults when creating or modifying table columns. Literal values are enclosed in ', but any ' characters appearing in the default value will cause a SQL syntax error, unless they are manually escaped by the caller.

Steps To Reproduce

Test script:

<?php

require_once('vendor/autoload.php');

use Illuminate\Database\Capsule\Manager as Capsule;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Query\Expression;

$capsule = new Capsule;

$capsule->addConnection([
    'driver' => 'mariadb', // For testing's sake -- this is not MariaDB-specific.
    'host' => '127.0.0.1',
    'database' => 'DATABASE_NAME_HERE',
    'username' => 'USERNAME_HERE',
    'password' => 'PASSWORD_HERE',
    'charset' => 'utf8',
    'collation' => 'utf8_unicode_ci',
    'prefix' => '',
]);

$capsule->setAsGlobal();
$schema = $capsule->schema();

// Clean up from a previous run if necessary, and create a table for testing purposes.
if ($schema->hasTable('test_table')) $schema->drop('test_table');
$schema->create('test_table', function (Blueprint $table) {
    $table->string('test_string');
});

// Change the column default value to a string. This works as expected.
$schema->table('test_table', function (Blueprint $table) {
    $table->string('test_string')->default('this will work')->change();
});

// Change the column default value to a string containing an apostrophe using an Expression,
// taking care of escaping ourselves. This works as expected.
$schema->table('test_table', function (Blueprint $table) {
    $table->string('test_string')->default(new Expression('\'this\'\'ll work too\''))->change();
});

// Now, try providing the apostrophe containing string literal directly to Table::default(). This will break.
$schema->table('test_table', function (Blueprint $table) {
    $table->string('test_string')->default('this\'ll break it')->change();
});

Expected behaviour: No output; table created in DB with expected default.

Actual behaviour: Throws an exception...

PHP Fatal error:  Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'break it'' at line 1 in .../laravel/framework/src/Illuminate/Database/Connection.php:565
Stack trace:
#0 .../laravel/framework/src/Illuminate/Database/Connection.php(565): PDO->prepare()
#1 .../laravel/framework/src/Illuminate/Database/Connection.php(812): Illuminate\Database\Connection->{closure:Illuminate\Database\Connection::statement():560}()
#2 .../laravel/framework/src/Illuminate/Database/Connection.php(779): Illuminate\Database\Connection->runQueryCallback()
#3 .../laravel/framework/src/Illuminate/Database/Connection.php(560): Illuminate\Database\Connection->run()
#4 .../laravel/framework/src/Illuminate/Database/Schema/Blueprint.php(118): Illuminate\Database\Connection->statement()
#5 .../laravel/framework/src/Illuminate/Database/Schema/Builder.php(564): Illuminate\Database\Schema\Blueprint->build()
#6 .../laravel/framework/src/Illuminate/Database/Schema/Builder.php(406): Illuminate\Database\Schema\Builder->build()
#7 .../test.php(44): Illuminate\Database\Schema\Builder->table()
#8 {main}

Next Illuminate\Database\QueryException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'break it'' at line 1 (Connection: default, SQL: alter table `test_table` modify `test_string` varchar(255) not null default 'this'll break it') in .../laravel/framework/src/Illuminate/Database/Connection.php:825
Stack trace:
#0 .../laravel/framework/src/Illuminate/Database/Connection.php(779): Illuminate\Database\Connection->runQueryCallback()
#1 .../laravel/framework/src/Illuminate/Database/Connection.php(560): Illuminate\Database\Connection->run()
#2 .../laravel/framework/src/Illuminate/Database/Schema/Blueprint.php(118): Illuminate\Database\Connection->statement()
#3 .../laravel/framework/src/Illuminate/Database/Schema/Builder.php(564): Illuminate\Database\Schema\Blueprint->build()
#4 .../laravel/framework/src/Illuminate/Database/Schema/Builder.php(406): Illuminate\Database\Schema\Builder->build()
#5 .../test.php(44): Illuminate\Database\Schema\Builder->table()
#6 {main}
  thrown in .../laravel/framework/src/Illuminate/Database/Connection.php on line 825

The issue is in src/Illuminate/Database/Schema/Grammars/Grammar.php in the getDefaultValue function, which simply drops a string literal between single quotes:

    /**
     * Format a value so that it can be used in "default" clauses.
     *
     * @param  mixed  $value
     * @return string
     */
    protected function getDefaultValue($value)
    {
        if ($value instanceof Expression) {
            return $this->getValue($value);
        }

        if ($value instanceof BackedEnum) {
            return "'{$value->value}'";
        }

        return is_bool($value)
            ? "'".(int) $value."'"
            : "'".(string) $value."'";
    }

Proposed solution: when supplying a string literal, escaping should be taken care of by Laravel.

In raising this issue, I confirm the following (please check boxes):

• I have read and understood the contributors guide.
• I have checked the pull requests tab for existing solutions/implementations to my issue/suggestion.
• I have checked that the bug-fix I am reporting can be replicated.

Description of the problem

One of the important reasons for using hyperscript is that it handles escaping of characters which are reserved in html. Which prevents XSS.

spatie/html-element does not do this. Mainly because it uses strings as intermediate format instead of an object representation of the DOM.

Currently, for plural rules, the MessageFormatter polyfills uses the English rules for all locales (it ignores the locale). To be consistent with what we do in symfony/intl (used by symfony/polyfill-intl-icu to implement NumberFormatter and DateFormatter), we should rather fail explicitly here (using the English rules for a different locale would not give the right result anyway)

Immediately after installing php-flasher/flasher-laravel, the application breaks with the following error:

foreach() argument must be of type array|object, bool given Simply installing the package causes this fatal error.

Steps to Reproduce:

Create a fresh Laravel app.

Run:

composer require php-flasher/flasher-laravel

Load any page in the app — no usage of flasher() or flasher_render() yet.

Laravel crashes with a foreach() error.

I would be good to support normalizer_get_raw_decomposition function that appeared in PHP 7.3. I've tried to implement it but seems that existing decomposition data is already optimized to get the final decomposition. Example test case is available here. Pinging @nicolas-grekas as he is the author of Normalizer polyfill.

Is LDAP support planned? I saw there was a lot of interest in this with version 2. Would be nice to have this onboard for v3. There is a package available https://github.com/DirectoryTree/LdapRecord-Laravel https://chrispian.com/laravel-filament-tutorial-customize-login-to-use-ldap

Describe the bug

When you attempt to dump a binary string or anything containing one (like an array or an object), Ray does not dump anything. It just fails silently.

Versions

Ray version (you can see this in "About Ray"): 2.8.1

You can use composer show to get the version numbers of:

• spatie/ray package version: 1.41.2
• spatie/laravel-ray package version (if applicable): 1.37.1

PHP version: 8.2.17 Laravel version (if applicable): 11.18.1

To Reproduce

Add this in your code:

ray(hex2bin('ae0f3d'));

Expected behavior

Ray should display this (like the console when dump is used):

b"®\x0F="

Desktop (please complete the following information):

• OS: MacOs
• Version: 14.6.1

Figure our a way to show a grayed out Laravel logo as a default avatar instead of the current default GitHub one.

Hi 👋🏼!

I am coming here to gather some feedback on my idea before starting working on it.

Background

I wanted to create a POC of https://github.com/symfony/skeleton made for Sylius. I created a simple recipe for sylius/core-bundle, then an example skeleton repo and I have found out my recipes does not work as another recipe already write files with the same name. Then, I noticed symfony/framework-bundle is always put as the first recipe to be executed, and this is a thing I wish to be able to configure.

Goal

Somehow allow myself to make (in this POC case) sylius/core-bundle as a first recipe to be executed. Of course, I can fork symfony/flex, but it would be perfect to avoid this way.

Idea

The idea is simple, we allow configuring such list for example in this way:

{
    ...
    "extra": {
        "flex": {
            "prioritized-recipes": [
                "sylius/core-bundle",
                "another/sylius-package",
                ...
            ]
        }
    }
    ...
}

In Flex we could implement this +/- this way:

        // symfony/framework-bundle recipe should always be applied first after the metapackages
        // however, we allow to override it with a list of prioritized recipes
        $recipes = $this->getPrioritizedRecipes();
        $recipes = array_merge($recipes, [
            'symfony/framework-bundle' => null,
        ]);
        $packRecipes = [];
        $metaRecipes = [];

instead current

        // symfony/framework-bundle recipe should always be applied first after the metapackages
        $recipes = [
            'symfony/framework-bundle' => null,
        ];
        $packRecipes = [];
        $metaRecipes = [];

Why?

• In some projects, we may want to load our recipes before the Symfony's ones
• In frameworks based on Symfony (like Sylius) we need to set up the whole project in our own way, so framework-bundle as a first recipe to be executed makes it unable for us

Other options

I have not checked it yet, but I believe we can achieve the similar feature using Composer's Event Dispatcher. But first, I would like to hear if such a feature is welcomed. Or maybe you have a better idea how to solve this. I am open to provide such feature right after we agree on some solution.

Hello,

I noticed that there is an incompatibility with the mbstring polyfill and PHP 8.1 / Alpine Linux, which breaks a lot of my projects as soon as the php81-mbstring is not installed, but php81-iconv is installed:

Example:

Warning: iconv(): Wrong encoding, conversion from "ASCII" to "UTF-8//IGNORE" is not allowed in phar:///var/www/localhost/htdocs/phpstan.phar/vendor/symfony/polyfill-mbstring/Mbstring.php on line 736

It looks like //IGNORE is not accepted since echo iconv('UTF-8', 'UTF-8', 'test'); works, while echo iconv('UTF-8', 'UTF-8//IGNORE', 'test'); doesn't

Bug description

Currently, the plugin calculates width/height incorrectly when swapping aspect ratios, leading to incorrect HTML output. When changing the aspect ratio of an image, the longest side should remain fixed, and the other side should be calculated accordingly.

How to reproduce

For an image of 3000x1688px as a source:

{{ responsive:image ratio="16/9" md:ratio="9/16" }}

it returns:

<picture>
    <source [...] >
    <source [...] >
    <source [...] >
    <img src="/img/asset/hash/image.jpg?w=3000&amp;h=1688&amp;s=9358bb54be5d388a9a2529a4196dcfc6" alt="" width="3000" height="1688">
</picture>

Now for the same image as source but with:

{{ responsive:image ratio="9/16" md:ratio="16/9" }}

it returns:

<picture>
    <source [...] >
    <source [...] >
    <source [...] >
    <img src="/img/asset/hash/image.jpg?w=3000&amp;h=5333&amp;s=6c5c0bb8447dbd7ff61a692f98b5f46d" alt="" width="3000" height="5333">
</picture>

The calculated aspect ratio is correct, but the dimensions are not. The generated values exceed the original image size.

In this last example, the correct height should be 3000px, and the width should be 1688px to ensure the image stays within its original dimensions.

Environment

Environment
Application Name: local
Laravel Version: 11.41.3
PHP Version: 8.3.14
Composer Version: 2.8.5
Environment: development
Debug Mode: ENABLED
URL: local.test
Maintenance Mode: OFF
Timezone: Europe/Paris
Locale: en

Cache
Config: NOT CACHED
Events: NOT CACHED
Routes: NOT CACHED
Views: CACHED

Drivers
Broadcasting: null
Cache: file
Database: sqlite
Logs: stack / single
Mail: smtp
Queue: redis
Session: file

Statamic
Addons: 3
Sites: 1
Stache Watcher: Disabled (auto)
Static Caching: Disabled
Version: 5.46.0 PRO

Statamic Addons
rias/statamic-redirect: 3.9.3
spatie/statamic-responsive-images: 5.2.1
statamic/seo-pro: 6.5.0

Installation

Fresh statamic/statamic site via CLI

Antlers Parser

regex (default)

using prompt engineering techniques provide enhancement to the Gemini service class in the Gemini prompt class, creating functions commonly used in Laravel applications.

Laravel Version

11.45+

PHP Version

8.3.22+

Database Driver & Version

No response

Description

Using an enum as an "ID" when using find() and its derivatives is supported because the where logic converts the instance via enum_value().

In Builder::findOrFail() the $id variable is passed to ModelNotFoundException::setModel() where it becomes part of the exception message. But nothing makes sure the value of the ID can be used in a string.

In 11.x up to 12.18 the line looks like:

if (is_null($result)) {
    throw (new ModelNotFoundException)->setModel(
        get_class($this->model), $id
    );
}

In setModel() method:

if (count($this->ids) > 0) {
    $this->message .= ' '.implode(', ', $this->ids);
}

I notice the same behavior would occur if the count of fetched Models doesn't match the ID count.

Steps To Reproduce

1. create table foo(id int) (no data)
2. artisan make:model Foo
3. Make new class enum FooNum: int { case One = 1; }
4. Query Foo::findOrFail(FooNum::One)

Expected error (approximately): No query results for model [Foo] 1

Got instead (approximately): PHP Fatal error: Uncaught Error: Object of class FooNum could not be converted to string

We are logging activity of several models, some using SoftDeletes trait and others not.

When we set config option 'subject_returns_soft_deleted_models' => true then calling subject() on any model not using SoftDeletes trait throws an exception: Call to undefined method Illuminate\Database\Eloquent\Builder::withTrashed().

Can the subject() method below be made to check first whether the Model uses the SoftDeletes trait? Or perhaps check whether withTrashed() is a defined method on the Model? I tried a few things but couldn't figure out how to get the class of the Model..

https://github.com/spatie/laravel-activitylog/blob/68eb6e65382f94fe86ce5ff6572159f80d024ba9/src/Models/Activity.php#L28-L35

Describe the bug I have a table which has an order column. When I reorder the elements I update each model with the new order. Because the table has some large JSON columns I select only id and order columns for efficiency. I set the new order and save the model.

foreach (Faq::query()->get(['id', 'order']) as $faq) {
    $faq->order = $newOrder[$faq->id];
    $faq->save();
}

The diffs created in the activity_log table look like this:

{
   "old": {
      "order": 1,
      "answer": null,
      "question": null
   },
   "attributes": {
      "order": 2,
      "answer": "long JSON content",
      "question": "long JSON content"
   }
}

From what I see laravel-activitylog fetches the model with all columns from the database before creating a log entry which kind of defeats the purpose of my "select list optimization" and produces an incorrect diff.

Generally I want these large JSON columns to be logged in case a user changes them but in this case I only change the order column so I would like to see only the order column in the diff.

I have tried running these updates straight off the Eloquent builder:

Faq::query()->where('id', $id)->update(['order' => $newOrder[$id]]);

but in this case nothing is logged.

I have the following activitylog configuration for my models:

public function getActivitylogOptions(): LogOptions
{
    return LogOptions::defaults()
                     ->logAll()
                     ->logOnlyDirty()
                     ->logExcept([
                         'id',
                         'created_at',
                         'updated_at',
                     ]);
}

To Reproduce Select a subset of columns from the database, change these columns, save the model and see that other (not initially selected) columns are present in the diff.

Expected behavior Only columns that've actually been changed should be present in the diff.

Versions

• PHP: 8.1
• Database: MySQL 8
• Laravel: 9.31.0
• Package: 4.6.0

When using the addToMediaFromURL method, I'm receiving a Could Not Load Image error on the server, but not locally (I'm using Laravel Vapor) and not with other image formats.

The code below is where the error is occuring and that code is receiving an absolute file path to the image in s3, which is available.

public function addToMediaLibrary($file_path) { $media = $this->addMediaFromUrl($file_path) ->toMediaCollection("", 's3'); return $media; }

As an example the file path when logged out is https://s3.sitesforsaas.com/tenants/d221c93a-3757-466c-bf83-b74a9ee64c04/sites/9cfc24c7-cb2a-4c5a-8c0f-73ecdc79c166/2024/09/4e9854b0-4f2d-4931-a726-01f557bd7fc6.webp, but the error is looking for the image in local 'tmp' storage for some reason.

Could not load image at path /tmp/storage/tenantd221c93a-3757-466c-bf83-b74a9ee64c04/media-library/temp/j7pNMerUdReNx9MfAG5rKjcmGHWu4i99/LM2UYMTcYU0BO8sLsTfeOBpS9eXximejlarge.webp`",

• standard tags
• input fields
• components
• patterns

Add code snippets for each block

For some reason, our test suite is super slow. We should look into this and try to decrease memory usage and speed it up.

Parallel run:

  Tests:    316 passed (785 assertions)
  Duration: 13.64s
  Parallel: 10 processes

Regular run:

  Tests:    316 passed (785 assertions)
  Duration: 96.30s

When attempting to filter tests by test or file name pressing the "Enter" key has no effect.

Pressing "Enter" at the default screen correctly triggers a "test run" where all tests are run.

Octane Version

2.8.1

Laravel Version

10.48.28

PHP Version

8.3.16

What server type are you using?

Swoole

Server Version

6.0.1

Database Driver & Version

No response

Description

I'm using Envoyer to deploy a Laravel Octane application, taking advantage of its zero-downtime deployment features.

However, Octane currently does not support zero-downtime deployment because it does not follow symlink directories. It always remains in the actual directory (instead of the symlinked one) where the Octane server was initially started. When the outdated release directory is deleted, Octane continues running in that location, causing errors on every request and resulting in 500 response codes on the live application.

Error thrown:

Warning: require(/var/www/domain.com/releases/202502010200023/vendor/laravel/octane/bin/bootstrap.php): Failed to open stream: No such file or directory in /var/www/domain.com/releases/202502010200023/vendor/laravel/octane/bin/swoole-server on line 18
Fatal error: Uncaught Error: Failed opening required '/var/www/domain.com/releases/202502010200023/vendor/laravel/octane/bin/bootstrap.php' (include_path='.:/usr/bin/[email protected]/8.3.16/share/[email protected]/pear') in /var/www/domain.com/releases/202502010200023/vendor/laravel/octane/bin/swoole-server:18
Stack trace:
#0 /var/www/domain.com/releases/202502010200023/vendor/laravel/octane/bin/swoole-server(95): {closure}(Array)
#1 [internal function]: {closure}(Object(Swoole\Http\Server), 0)
#2 /var/www/domain.com/releases/202502010200023/vendor/laravel/octane/bin/swoole-server(170): Swoole\Server->start()
#3 {main}
  thrown in /var/www/domain.com/releases/202502010200023/vendor/laravel/octane/bin/swoole-server on line 18
#1 [internal function]: {closure}(Object(Swoole\Http\Server), 1)
#1 [internal function]: {closure}(Object(Swoole\Http\Server), 3)
#1 [internal function]: {closure}(Object(Swoole\Http\Server), 2)
#1 [internal function]: {closure}(Object(Swoole\Http\Server), 4)
#1 [internal function]: {closure}(Object(Swoole\Http\Server), 5)

Steps To Reproduce

Use any 0-downtime deployment or test it manually using the following instructions:

1. Use the Swoole driver as an example.
2. cd one directory up from the project's base path.
3. Create a current symlink directory for your project using the command: ln -nsf ./octane-project-test ./current
4. Start the Octane server: php ./current/artisan octane:start
5. Copy your project to another directory: cp -R ./octane-project-test ./octane-project-test-new
6. Activate the new release: ln -nsf ./octane-project-test-new ./current
7. Reload the Octane server: php ./current/artisan octane:reload
8. Remove the original project directory: rm -rf ./octane-project-test

I think it would be a good idea to add a publishable configuration file to this package, which allows a user to specify:

• Words specific to their application they want to treat as "unclean"
• Words specific to their application they want to allow

The configuration files that are currently used are very general and will work for most cases, but I can imagine some applications would want to block/allow certain words, where it makes sense to do it in userland rather than at the package level.

Cachet would benefit from upgrading to Tailwind v4. This could lead to a really powerful theming system beyond the accents feature we currently have.

https://tailwindcss.com/docs/upgrade-guide

using prompt engineering techniques provide enhancement to the Claude service class in the Claude prompt class, creating functions commonly used in Laravel applications. For example, brand builder, seo product optimizer, video and or image captioner, automated chatbots #goodfirstissue

Sulu CMS separates its assets into assets/admin and assets/website, this means when installing Encore within a Sulu CMS install you will have to change a bunch of paths: https://docs.sulu.io/en/latest/cookbook/webpack-encore.html

This isn't my main issue, I think this is acceptable for an initial setup. But I do think we can improve what happens when you composer require a symfony bundle that provides stimulus controllers.

In the Sulu + Encore setup, the controllers.json file lives in assets/website/controllers.json. But since this path is hardcoded here:

https://github.com/symfony/flex/blob/441f671b86a1b651e969dbc380bfee05e004780f/src/PackageJsonSynchronizer.php#L166-L170

The controllers.json is not updated automatically and there's no output telling you to manually do this either. So you're left a little lost in what is still missing. Also, figuring out what to manually add in controllers.json is quite tricky since most existing UX bundles don't document this manual setup.

Before I start hacking away at a PR, any suggestions how we can solve this properly? Or do we accept that this is not configurable and those who use custom paths just have to deal with it?

Thank you in advance.

Hi, I noticed this issue after trying to use the attachments while making use of this webhook package.

This issue has already surfaced once in issue 170 and continued in discussion 171, however it was not solved.

I have added log proof of this issue as previously asked on the older thread to indicate the differences between the Laravel request and the webhook call request. Full logs can be found in the attached files.

request()->all().log $this->webhookCall.log

Data from "request()->all()" 'attachment_details' => array ( 0 => array ( 'disposition' => 'inline', ), 1 => array ( 'content_id' => NULL, ), ), 'attachments' => array ( 0 => \Illuminate\Http\UploadedFile::__set_state(array( 'originalName' => 'image0.jpeg', 'mimeType' => 'image/jpeg', 'error' => 0, 'originalPath' => 'image0.jpeg', 'test' => false, 'hashName' => NULL, )), ),

Data from "$this->webhookCall" 'attachment_details' => array ( 0 => array ( 'disposition' => 'inline', ), 1 => array ( 'content_id' => NULL, ), ),

Code used to log this data

\Log::info('Request Data');
\Log::info(request()->all());

\Log::info('Webhook Call Data');
\Log::info(json_decode($this->webhookCall, true));