Laravel Version

11.41.3

PHP Version

8.2.27

Database Driver & Version

No response

Description

Laravel's Concurrency::run() does not properly handle exceptions that require multiple constructor arguments. When an exception is thrown inside a concurrent task, Laravel only serializes the message property, and when it reinstantiates the exception in the parent process, it calls the constructor with only $message instead of all expected arguments.

This causes an ArgumentCountError when the exception constructor requires multiple parameters.

I used debugger to investigate what happens In my code example below I was able to find that throw new ApiRequestException() happens once, but parent::construct called twice, first time using proper passed args, but the second time it goes only with one argument which is "API request to {$uri} failed with status $statusCode $reason" in my case. I have tried to put args to parent::__construct like ("message", $code, ...) but it wouldn't work for me (I assume that it is because it calls construct of Exception class). ChatGPT explained that issue like that (I'm not saying that it is correct thing and also it was unable to give me any workaround of that): This problem occurs because Laravel’s Concurrency::run() spawns subprocesses for concurrent tasks. When an exception is thrown inside a subprocess, Laravel serializes it to pass it back to the main process. However, Laravel only retains the message property when serializing, and when it attempts to reinstantiate the exception, it calls the constructor with only $message, instead of all required arguments, causing an ArgumentCountError.

Steps To Reproduce

1. Create a Custom Exception with Multiple Arguments

<?php
namespace App\Exceptions;

use Exception;

class ApiRequestException extends Exception
{
    public function __construct(
        public string $uri,
        public int $statusCode,
        public string $reason,
        public string|array $responseBody = '',
    ) {
        parent::__construct("API request to {$uri} failed with status $statusCode $reason");
    }
}

2. Throw the Exception Inside a Concurrent Task

<?php
use Illuminate\Support\Facades\Concurrency;
use App\Exceptions\ApiRequestException;

[$result1, $result2] = Concurrency::run([
    fn () => throw new ApiRequestException('https://api.example.com', 400, 'Bad Request', 'Invalid payload'),
    fn () => 'Task 2 completed',
]);

In the past overviews, the date order is reversed. There it says: “No incidents reported between 2025-01-13 and 2025-01-07”, but the general way of speaking is to take the day further in the past first. It should therefore read “No incidents reported between 2025-01-17 and 2025-01-13”. The date selection fields are also reversed accordingly.

An idea from Twitter by @TimLeland which I think could be quite interesting to explore. Profanify has a lot of profanity now so I'd like to explore more ways on how it can be used. Whilst the package at the moment focuses on code, I'm wondering if we can multi-purpose it to also work with user input.

The way I see it working is you would have a new profanity validation rule, that works with the other existing rules

$this->validate([
    'bio' => 'string|max:255|profanity
])

This would then use the application locale to pick up the correct config file and check the input for any words in the config file. If the locale of the application doesn't exist, then we just mark the check as passed.

Octane Version

v2.3.10

Laravel Version

v11.6.0

PHP Version

v8.3.6

What server type are you using?

FrankenPHP

Server Version

v1.1.4 PHP 8.3.6 Caddy v2.7.6

Database Driver & Version

Postgress

Description

Last week we updated our app previously using php-fpm running on Forge to use Laravel Octane with FrankenPHP. Our site is mostly an API that handles analytics events (Like google analytics). It uses the default Laravel api throttling.

In staging our app worked fine (30 req/sec same IP), but when deploying to production (1400 req/sec, different IPs) it started to fail, giving a lot of 429 Too Many Requests.

I quickly rolled back to php-fpm and after a few hours tried again with the same problem. Rolled back and the next day I switched to Swoole and it worked perfectly without changing a single line of code nor having to redeploy anything. So I can confidently say that is NOT a bug in my code, but rather a bug with FrankenPHP or the Octane integration with FrankenPHP.

My theory is that the RateLimiter is not reseting between requests so it's shared between different users. So multiple different users trigger the rate limiter:

This is my Rate limiter configuration:

// AppServiceProvider

RateLimiter::for('api', function (Request $request) {
    return Limit::perMinute(60)->by($request->user()?->id ?: $request->ip());
});

our production CACHE_STORE is redis. Throttling worked perfectly fine without octane and with octane but using Swoole. It failed with hundred of 429 Too Many Requests after installing FrankenPHP.

This is our bootstrap/app.php:

<?php

use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware;
use Illuminate\Support\Facades\App;

return Application::configure(basePath: dirname(__DIR__))
    ->withRouting(
        commands: __DIR__.'/../routes/console.php',
        health: '/up',
        then: function () {
            Route::middleware('api')
                ->prefix('api')
                ->as('api.')
                ->domain(config('app.domain'))
                ->group(base_path('routes/api.php'));

            Route::middleware('web')
                ->domain(config('app.domain'))
                ->group(base_path('routes/web.php'));

            Route::middleware('web')
                ->domain(config('playsaurus.ads.domain'))
                ->group(base_path('routes/ads.php'));
        }
    )
    ->withMiddleware(function (Middleware $middleware) {
        $middleware->throttleApi();

        $middleware->redirectTo(
            guests: '/login',
            users: '/',
        );

        $middleware->web(append: [
            \App\Http\Middleware\HandleInertiaRequests::class,
            \Illuminate\Http\Middleware\AddLinkHeadersForPreloadedAssets::class,
        ]);

        $middleware->api(append: [
            \App\Http\Middleware\ConfigureLocale::class,
        ]);

        $middleware->alias([
            'localize' => \App\Http\Middleware\ConfigureLocale::class,
            'embed' => \App\Http\Middleware\AllowsEmbeding::class,
        ]);
    })
    ->withExceptions(function (Exceptions $exceptions) {
        $exceptions->dontReport([
            \App\Services\Announcements\InvalidVariantKey::class,
            \App\Exceptions\CouponRedeemException::class,
        ]);
    })->create();

Steps To Reproduce

It's difficult to reproduce. Because I can't test it in production because that would mean a lot of downtime for our users.

My theory is that it would be possible to reproduce from multiple different IPs. But since I don't have the means to test it, I don't know.

On the record update for an active incident, there needs to be a tie to the component to be update the current component status.

At the moment, if you have a job and you specified the number of times it should be retried, you could test it like this:

test('job')
    ->expect('App\Jobs\TestJob')
    ->toBeTriedAgainOnFailure()

However, that merely checks that a $tries property exists on the class and that the value is above 1. I think it would be better if you could specify that number yourself:

test('job')
    ->expect('App\Jobs\TestJob')
    ->toBeTriedAgainOnFailure(maxTries: 5)

If you have a set number that each job should be retried across the application, then this test will help catch where someone has tried to increase it.

There's definitely some other expectations that this can be applied to and I think it will greatly enhance Lawman

Bug description

Chrome, Firefox, and Safari now support setting the width and height attributes on <source> elements within <picture> elements. You can read more about this in the web.dev article on optimizing CLS. This enhancement allows browsers to better handle layout shifts and varying aspect ratios for responsive images.

How to reproduce

Current Behavior:

Currently, Statamic Responsive Images does not take advantage of this browser capability. As a result, when multiple sources are provided, the appropriate width and height attributes are not applied to <source> elements, which may lead to layout shifts due to varying aspect ratios.

Proposed Enhancement:

Set appropriate width and height attributes on <source> elements based on their aspect ratios.

Benefits:

• Improved Visual Stability: Reduce Cumulative Layout Shift (CLS) by providing browsers with the correct dimensions upfront.
• Better Performance: Modern browsers can allocate the correct space for images during page load.
• Enhanced Responsiveness: Accurately reflect different image aspect ratios for a more consistent user experience.

Environment

Environment
Application Name: local
Laravel Version: 11.41.3
PHP Version: 8.3.16
Composer Version: 2.8.5
Environment: development
Debug Mode: ENABLED
URL: local.test
Maintenance Mode: OFF
Timezone: Europe/Paris
Locale: en

Cache
Config: NOT CACHED
Events: NOT CACHED
Routes: NOT CACHED
Views: NOT CACHED

Drivers
Broadcasting: null
Cache: file
Database: sqlite
Logs: stack / single
Mail: smtp
Queue: redis
Session: file

Statamic
Addons: 3
Sites: 1
Stache Watcher: Disabled (auto)
Static Caching: Disabled
Version: 5.46.1 PRO

Statamic Addons
rias/statamic-redirect: 3.9.3
spatie/statamic-responsive-images: 5.2.1
statamic/seo-pro: 6.5.0

Installation

Fresh statamic/statamic site via CLI

Antlers Parser

regex (default)

Additional details

Leveraging native width and height support on <source> elements can lead to significant improvements in layout stability and overall performance on modern browsers. This enhancement would allow the package to better handle responsive images by using up-to-date browser capabilities.

Thanks for considering this enhancement!

Hi,

With the polyfill, var_dump(mb_strlen(chr(254))) return 0. With the php8.0-mbstring extension, var_dump(mb_strlen(chr(254))) return 1;

versions : * v1.26.0

Thanks, Alex

AST, or "abstract syntax tree", creates the expectation of a nested tree structure. In the case of a query string, the AST will only ever be one level deep; as multi nodes are combined into one.

If anyone wants to suggest a better, more clear name: you're welcome.

Cachet would benefit from upgrading to Tailwind v4. This could lead to a really powerful theming system beyond the accents feature we currently have.

https://tailwindcss.com/docs/upgrade-guide

The docs aren't finished. This issue exists to track the missing pieces:

• App icons
• Context menus
• Dock
• Printing
• ProgressBar
• Queue
• Screens
• Settings
• Shell
• System
• Touch ID
• Testing
• Build signing (#361)
  • macOS
  • Windows
• How to customise Electron / PR to NativePHP
• Security disclosures process
• Highlight current section
• Show ToC persistently on the right-hand side
• Sponsorship page
• Contributors page
• Show sponsors in sidebar
• Add next/previous section buttons to the bottom of pages
• Add Edit on GitHub link to pages

Octane Version

2.5.9

Laravel Version

11

PHP Version

8.3

What server type are you using?

Swoole

Server Version

8.3

Database Driver & Version

No response

Description

Wildcard paths like config/**/*.php in the watch array of config/octane.php aren't working properly.

Steps To Reproduce

1. Install chokidar
2. Run octane:start --watch (I'm using Swoole)
3. Modify a file in the config directory. Octane won't restart
4. Change config/**/*.php to config in the watch array of config/octane.php
5. Restart Octane server
6. Modify a file in the config directory. Octane will now correctly restart

Same problem with anything else using wildcards eg. database (try modifying a seeder to test).

We are logging activity of several models, some using SoftDeletes trait and others not.

When we set config option 'subject_returns_soft_deleted_models' => true then calling subject() on any model not using SoftDeletes trait throws an exception: Call to undefined method Illuminate\Database\Eloquent\Builder::withTrashed().

Can the subject() method below be made to check first whether the Model uses the SoftDeletes trait? Or perhaps check whether withTrashed() is a defined method on the Model? I tried a few things but couldn't figure out how to get the class of the Model..

https://github.com/spatie/laravel-activitylog/blob/68eb6e65382f94fe86ce5ff6572159f80d024ba9/src/Models/Activity.php#L28-L35

NotOrm Package

The goal is to make abstract code based on the package notorm to build a new orm system

I would be good to support normalizer_get_raw_decomposition function that appeared in PHP 7.3. I've tried to implement it but seems that existing decomposition data is already optimized to get the final decomposition. Example test case is available here. Pinging @nicolas-grekas as he is the author of Normalizer polyfill.

Provide updates to new functionalities in the v2 of the package.

In raising this issue, I confirm the following (please check boxes):

• I have read and understood the contributors guide.
• I have checked the pull requests tab for existing solutions/implementations to my issue/suggestion.
• I have checked that the bug-fix I am reporting can be replicated.

Description of the problem

One of the important reasons for using hyperscript is that it handles escaping of characters which are reserved in html. Which prevents XSS.

spatie/html-element does not do this. Mainly because it uses strings as intermediate format instead of an object representation of the DOM.

Dashboard showing Operational

Front end showing no issues, but the status seems to still be linked to the incident even if it's closed as fixed

Discussed in https://github.com/spatie/schema-org/discussions/202

Originally posted by indyjonesnl January 10, 2024

$lodgingBusiness = Schema::lodgingBusiness()
  ->openingHours(
    Schema::openingHoursSpecification()
      ->dayOfWeek([Schema::dayOfWeek()::Monday])
      ->opens(new DateTime('09:00:00'))
      ->closes(new DateTime('17:00:00'))
  )
  ->checkinTime(new DateTime('14:00:00'))
  ->checkoutTime(new DateTime('11:00:00'))

This results in the current date + time being included in the output "opens":"2024-01-10T09:00:00+00:00","closes":"2024-01-10T17:00:00+00:00" and ..."checkinTime":"2024-01-10T14:00:00+00:00","checkoutTime":"2024-01-10T11:00:00+00:00"...

While the Schema should contain only the time, formatted as 14:30:00+08:00.

Can someone point me in the right direction?

Laravel Version

11.x

PHP Version

any

Database Driver & Version

irrelevant

Description

This is similar to #53692 but a separate issue.

It seems creating a DB connection too early (in a service provider, in a specific way) and using it later causes some weird "desynchronization" when using parallel tests.

I haven't had the time to do a deep dive yet, but the issue is likely related to some reconnecting logic similar to the linked issue.

The reproduction steps may seem very specific, i.e. why am I instantiating a cache store in a service provider. In practice this happens if you just use RateLimiter::for('foo', static fn () => null), but that under the hood creates the cache store which seems to be the underlying cause. So the reproduction steps are as low level as I managed to trace this issue.

In a real app, e.g. one based on Fortify which rate limits logins, any call to cache() while using the database cache driver, will cause weird behavior. There is a test in Jetstream that directly reproduces this (it makes a request to the login route) but the side effects don't have a perceptible effect. If there were some more DB-related assertions after the request, especially comparing DB state before the request and after, you'd see it.

Steps To Reproduce

1. laravel new, no starter kit, select Pest for instance
2. Make the following changes in phpunit.xml:

   <env name="CACHE_STORE" value="database"/>
   <env name="DB_CONNECTION" value="sqlite"/>
   <env name="DB_DATABASE" value="database/tests.sqlite"/>
   

3. touch database/tests.sqlite
4. Force cache store creation in a service provider:

   // AppServiceProvider::boot()
   cache()->getStore();
   

5. Add a test:

   test('foobar', function () {
       expect(DB::select('select * from users'))->toHaveCount(0);
       User::create(['name' => 'John Doe', 'email' => 'foo@bar.com', 'password' => 'foobar']);
       expect(DB::select('select * from users'))->toHaveCount(1);
   
       cache()->put('foo', 'bar');
       expect(cache('foo'))->toBe('bar');
   
       // users table is empty!
       expect(DB::select('select * from users'))->toHaveCount(1);
   });
   

6. artisan test -p should fail on the last assertion
7. If you remove the service provider call, the test passes

We can't seem to upgrade to v3 because they removed the ability to output images as responses: https://image.intervention.io/v3/introduction/upgrade

We'll need to figure out a new way to generate social images.

When using the addToMediaFromURL method, I'm receiving a Could Not Load Image error on the server, but not locally (I'm using Laravel Vapor) and not with other image formats.

The code below is where the error is occuring and that code is receiving an absolute file path to the image in s3, which is available.

public function addToMediaLibrary($file_path) { $media = $this->addMediaFromUrl($file_path) ->toMediaCollection("", 's3'); return $media; }

As an example the file path when logged out is https://s3.sitesforsaas.com/tenants/d221c93a-3757-466c-bf83-b74a9ee64c04/sites/9cfc24c7-cb2a-4c5a-8c0f-73ecdc79c166/2024/09/4e9854b0-4f2d-4931-a726-01f557bd7fc6.webp, but the error is looking for the image in local 'tmp' storage for some reason.

Could not load image at path /tmp/storage/tenantd221c93a-3757-466c-bf83-b74a9ee64c04/media-library/temp/j7pNMerUdReNx9MfAG5rKjcmGHWu4i99/LM2UYMTcYU0BO8sLsTfeOBpS9eXximejlarge.webp`",

Hi! If I use this package with my project I has a problem. My package.json has a "git dependency" like this:

{
  "peerDependencies": {
    "package": "git+ssh://git@bitbucket.org/team/project.git"
  }
}

And npm-install-peers breaks.

using prompt engineering techniques provide enhancement to the Claude service class in the Claude prompt class, creating functions commonly used in Laravel applications. For example, brand builder, seo product optimizer, video and or image captioner, automated chatbots #goodfirstissue

I've did my (not that) frequent scan of the Stripe docs and came across some new IDs that this package could start generating. I'd prefer these were all done in one PR, so if someone picks this up, let's get them all done! 😄

Core Resources

• Event Destinations

Payment Methods

• Cash Balance Transactions

Billing

• Sources
• Invoice Rendering Templates
• Credit Grants
• Credit Balance Transaction
• Usage Record Summary

Capital (New Section)

• Financing Offers

When attempting to filter tests by test or file name pressing the "Enter" key has no effect.

Pressing "Enter" at the default screen correctly triggers a "test run" where all tests are run.

Laravel Version

11

PHP Version

8.3

Database Driver & Version

Mariadb

Description

mariadb-client versions 11+ sets the --ssl option to true per default. This causes the following error whenever you load or dump a schema:

ERROR 2026 (HY000): TLS/SSL error: SSL is required, but the server does not support it

This can be avoided by using the --skip-ssl command, but Laravel has no option to enter/configure it.

Steps To Reproduce

Example with dumping:

• install mariadb-client 11 or higher
• php artisan schema:dump
• error

Example with loading:

• install mariadb-client 11 or higher
• add a dump to database/schema
• in tests/TestCase.php add use RefreshDatabase trait

namespace Tests;

use Illuminate\Foundation\Testing\RefreshDatabase;
use Illuminate\Foundation\Testing\TestCase as BaseTestCase;

abstract class TestCase extends BaseTestCase
{
  use RefreshDatabase;
}

• php artisan test
• error

Description: I am using Flasher 2.0.1 in my Laravel 11 project and would like to know how to properly use the Flasher library in JavaScript. Additionally, I want to ensure that the JavaScript configuration is consistent with the settings defined in the flasher.php configuration file.

Details: Flasher Version: 2.0.1 Laravel Version: 11 Problem: Need guidance on using the Flasher library with JavaScript in a way that mirrors the configuration set in flasher.php.

Problem

I was trying to upgrade 1.15.14 to 2.1.1 (php-flasher/flasher-symfony ; php-flasher/flasher-sweetalert) and I've found a breaking change regarding Symfony config. Previously, root_script was nullable but now it has been refactored to main_script and by which also the signature has changed to be no longer be nullable.

1.15.14

https://github.com/php-flasher/php-flasher/blame/c06624768dc760dce4a75f74db10c7a24bcaa409/src/Prime/Response/Resource/ResourceManager.php#L57

2.1.1

https://github.com/php-flasher/php-flasher/blob/db485d1ff2df61b750bbc7996ef8d8bec773d5fe/src/Prime/Response/Resource/ResourceManager.php#L30

This now causes issues as root_script: ~ (now main_script: ~) no longer works. My setup has the Javascripts assets @flasher/flasher and @flasher/flasher-sweetalert installed separately with NPM so it can be easily used with Webpack Encore instead of PHP flasher injecting remote/local assets in the head.

Is there a possibility to make this nullable again?

Laravel Version

11.41.3

PHP Version

8.4.3

Database Driver & Version

Mysql 8.0.40 - Debian 12

Description

When pushing a job to the database queue using the displayName() method to set a custom display name in the queue worker, and with the $deleteWhenMissingModels property set to true, a ModelNotFoundException is still logged and the job is going through the fail() lifecycle if the model is deleted in the meantime.

This happens because the handleModelNotFound() method in CallQueueHandler resolves the job name using $class = $job->resolveName();, which calls JobName::resolve($this->getName(), $this->payload()); This method returns the displayName, which is not a valid class name because the displayName is changed.

As a result, ReflectionClass fails to reflect the class, causing the system to incorrectly determine that shouldDelete is false, leading to running the fail() lifecycle of the job in stead of quietly discard the job.

Steps To Reproduce

1. Create a database job with the $deleteWhenMissingModels property set to true
2. Add a model to the constructor of the job
3. Add an custom displayName() method to the job that returns an non existing class
4. Create a test that creates the model, dispatches the job and delete the model before running the (DB) queue worker.
5. Make sure to run the test expecting no errors to be logged.

https://www.algolia.com/doc/libraries/javascript/v5/upgrade/

Calling for help from Docker experts. We need to create the best possible docker-compose.yml file for this project. The application requirements are well defined (we use env vars, Webpack Encore, PHP 7.1, Symfony 4.1, SQLite database, etc.) so it should be possible to create that file.

Describe the bug I have a table which has an order column. When I reorder the elements I update each model with the new order. Because the table has some large JSON columns I select only id and order columns for efficiency. I set the new order and save the model.

foreach (Faq::query()->get(['id', 'order']) as $faq) {
    $faq->order = $newOrder[$faq->id];
    $faq->save();
}

The diffs created in the activity_log table look like this:

{
   "old": {
      "order": 1,
      "answer": null,
      "question": null
   },
   "attributes": {
      "order": 2,
      "answer": "long JSON content",
      "question": "long JSON content"
   }
}

From what I see laravel-activitylog fetches the model with all columns from the database before creating a log entry which kind of defeats the purpose of my "select list optimization" and produces an incorrect diff.

Generally I want these large JSON columns to be logged in case a user changes them but in this case I only change the order column so I would like to see only the order column in the diff.

I have tried running these updates straight off the Eloquent builder:

Faq::query()->where('id', $id)->update(['order' => $newOrder[$id]]);

but in this case nothing is logged.

I have the following activitylog configuration for my models:

public function getActivitylogOptions(): LogOptions
{
    return LogOptions::defaults()
                     ->logAll()
                     ->logOnlyDirty()
                     ->logExcept([
                         'id',
                         'created_at',
                         'updated_at',
                     ]);
}

To Reproduce Select a subset of columns from the database, change these columns, save the model and see that other (not initially selected) columns are present in the diff.

Expected behavior Only columns that've actually been changed should be present in the diff.

Versions

• PHP: 8.1
• Database: MySQL 8
• Laravel: 9.31.0
• Package: 4.6.0

For some reason, our test suite is super slow. We should look into this and try to decrease memory usage and speed it up.

Parallel run:

  Tests:    316 passed (785 assertions)
  Duration: 13.64s
  Parallel: 10 processes

Regular run:

  Tests:    316 passed (785 assertions)
  Duration: 96.30s

Many of them are out of date, some by a few major versions!

It would be great to get these into good order and start keeping them up to date

When encountering nested tokens, they are parsed only during formatting, not when compiling the pattern. And the type of tokens are validated only during the rendering as well. But the native implementation detects such error during the instantiation: https://3v4l.org/Sf69D This means that the error handling required for the polyfill is not the same than for the native implementation.

Describe the bug

When you attempt to dump a binary string or anything containing one (like an array or an object), Ray does not dump anything. It just fails silently.

Versions

Ray version (you can see this in "About Ray"): 2.8.1

You can use composer show to get the version numbers of:

• spatie/ray package version: 1.41.2
• spatie/laravel-ray package version (if applicable): 1.37.1

PHP version: 8.2.17 Laravel version (if applicable): 11.18.1

To Reproduce

Add this in your code:

ray(hex2bin('ae0f3d'));

Expected behavior

Ray should display this (like the console when dump is used):

b"®\x0F="

Desktop (please complete the following information):

• OS: MacOs
• Version: 14.6.1

Bug description

Currently, the plugin calculates width/height incorrectly when swapping aspect ratios, leading to incorrect HTML output. When changing the aspect ratio of an image, the longest side should remain fixed, and the other side should be calculated accordingly.

How to reproduce

For an image of 3000x1688px as a source:

{{ responsive:image ratio="16/9" md:ratio="9/16" }}

it returns:

<picture>
    <source [...] >
    <source [...] >
    <source [...] >
    <img src="/img/asset/hash/image.jpg?w=3000&amp;h=1688&amp;s=9358bb54be5d388a9a2529a4196dcfc6" alt="" width="3000" height="1688">
</picture>

Now for the same image as source but with:

{{ responsive:image ratio="9/16" md:ratio="16/9" }}

it returns:

<picture>
    <source [...] >
    <source [...] >
    <source [...] >
    <img src="/img/asset/hash/image.jpg?w=3000&amp;h=5333&amp;s=6c5c0bb8447dbd7ff61a692f98b5f46d" alt="" width="3000" height="5333">
</picture>

The calculated aspect ratio is correct, but the dimensions are not. The generated values exceed the original image size.

In this last example, the correct height should be 3000px, and the width should be 1688px to ensure the image stays within its original dimensions.

Environment

Environment
Application Name: local
Laravel Version: 11.41.3
PHP Version: 8.3.14
Composer Version: 2.8.5
Environment: development
Debug Mode: ENABLED
URL: local.test
Maintenance Mode: OFF
Timezone: Europe/Paris
Locale: en

Cache
Config: NOT CACHED
Events: NOT CACHED
Routes: NOT CACHED
Views: CACHED

Drivers
Broadcasting: null
Cache: file
Database: sqlite
Logs: stack / single
Mail: smtp
Queue: redis
Session: file

Statamic
Addons: 3
Sites: 1
Stache Watcher: Disabled (auto)
Static Caching: Disabled
Version: 5.46.0 PRO

Statamic Addons
rias/statamic-redirect: 3.9.3
spatie/statamic-responsive-images: 5.2.1
statamic/seo-pro: 6.5.0

Installation

Fresh statamic/statamic site via CLI

Antlers Parser

regex (default)

What happened?

I just installed package and complement for AI powered solution. When I create an issue to test it I get :

I had to change the links function like this to make it work for me:

public function links(): array
{
    $rawText = Str::finish($this->rawText, 'ENDLINKS');

    $textLinks = $this->between('LINKS', 'ENDLINKS', $rawText);

    $textLinks = explode(PHP_EOL, $textLinks);

    $links = [];

    foreach ($textLinks as $textLink) {
        $textLink = str_replace('\\', '\\\\', $textLink);
        $textLink = str_replace('\\\\\\', '\\\\', $textLink);

        $decodedLink = json_decode($textLink, true);

        if ($decodedLink !== null) {
            $links[$decodedLink['title']] = $decodedLink['url'];
        }
    }

    return $links;
}

How to reproduce the bug

When I install the package in my project and use it with AI powered

Package Version

1.0

PHP Version

8.2.14

Laravel Version

11.14

Which operating systems does with happen with?

Windows

Notes

No response

• standard tags
• input fields
• components
• patterns

Add code snippets for each block

I think a "Manage Localization" settings page would be more useful for language settings or something else like display timezone...

Let's try out Filament and move our own admin panels to it. This should provide us with a much more powerful admin backend.

https://filamentphp.com

Laravel Version

11.41.3

PHP Version

8.4.3

Database Driver & Version

No response

Description

For some reason it seems that calling /link?url=https://www.foo.com/?utm_campaign=some%20campaign in my application will fail to validate the url parameter there. Calling Str::isUrl('https://www.foo.com/?utm_campaign=some%20campaign')directly in tinker returnstruethough. However, dumping$request->input('url')in the controller reveals that the%20character there has done MIA. That also happens if I use+` as a space encoder.

Steps To Reproduce

routes/web.php:

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;

Route::get('/link', function(Request $request) {
    $request->validate(['url' => 'required|url']);
});

tests/Feature/UrlValidatorTest.php:

<?php

use function Pest\Laravel\getJson;

test('passes 1', function() {
    getJson('/link?url=https://www.foo.com/?utm_campaign=some%2520campaign')->assertSuccessful();
});
test('fails 1', function() {
    getJson('/link?url=https://www.foo.com/?utm_campaign=some%20campaign')->assertSuccessful();
});
test('passes 2', function() {
    getJson('/link?url=https%3A%2F%2Fwww.foo.com%2F%3Futm_campaign%3Dsome%2520campaign')->assertSuccessful();
});
test('fails 2', function() {
    getJson('/link?url=https%3A%2F%2Fwww.foo.com%2F%3Futm_campaign%3Dsome%20campaign')->assertSuccessful();
});

Test 2 and 4 will then fail here.

Is this supposed to fail like this? My understanding is that https://www.foo.com/?utm_campaign=some%20campaign is a completely valid URL though (and directly calling Str::isUrl('https://www.foo.com/?utm_campaign=some%20campaign') confirms that). Or should spaces in query parameters always be double encoded when passing them to Laravel for validation?

One workaround/hack is to add these lines before the validation is done:

$request->merge([
    'url' => Str::replace(' ', '+', $request->input('url')),
]);

Reproduction repo: https://github.com/carestad/laravel-url-validation-bug

Steps to reproduce this issue:

• having a migration file in the package.
• the migration file is already prefixed by a date and time.
• the package is configured with ->runsMigrations() in it's ServiceProvider.
• publish the migrations of the package. then the published migration name would prefixed by date again!

I reproduced this issue not only in my private package, but also in filament-attachmate package, which has a migration named as database/migrations/2024_02_24_192352_create_attachments_table.php

and the package's service provider is allowed to run migrations:

class FilamentAttachmateServiceProvider extends PackageServiceProvider
{

    public function configurePackage(Package $package): void
    {
        $package
            ->name('filament-attachmate')
            ->hasMigrations([
                '2024_02_24_192352_create_attachments_table'
            ])
            ->runsMigrations();
    }
}

everything is ok and the migration is successfully loaded. but after publishing the migration, the published filename would be prefixed again with a new date time string:

  Copying file [vendor/zeeshantariq/filament-attachmate/database/migrations/2024_02_24_192352_create_attachments_table.php] to [database/migrations/2024_10_07_135947_2024_02_24_192352_create_attachments_table.php]  DONE

the published file is prefixed by 2024_10_07_135947_2024_02_24_192352_ which is the date in vendor's filename prefixed by published date!

Some changes in the generateMigrationName method might fix this issue.

Figure our a way to show a grayed out Laravel logo as a default avatar instead of the current default GitHub one.

Hello,

I noticed that there is an incompatibility with the mbstring polyfill and PHP 8.1 / Alpine Linux, which breaks a lot of my projects as soon as the php81-mbstring is not installed, but php81-iconv is installed:

Example:

Warning: iconv(): Wrong encoding, conversion from "ASCII" to "UTF-8//IGNORE" is not allowed in phar:///var/www/localhost/htdocs/phpstan.phar/vendor/symfony/polyfill-mbstring/Mbstring.php on line 736

It looks like //IGNORE is not accepted since echo iconv('UTF-8', 'UTF-8', 'test'); works, while echo iconv('UTF-8', 'UTF-8//IGNORE', 'test'); doesn't

It should be possible to report an incident and attach components (with statuses) to incidents in a single API request.

Octane Version

2.6.1

Laravel Version

11.41.3

PHP Version

8.3

What server type are you using?

Roadrunner

Server Version

2024.3.2

Database Driver & Version

No response

Description

ok this is in the borderline to be a bug but i write it anyway.

i am deploying using deployer , i suppose will happen for any Zero Downtime Deployments.

/releases/99/
/releases/100/
/releases/101/ 

and then a symbolic link from the latest release to /current , all pretty standard.

the problem come when running artisan octane:start vendor/laravel/octane/src/Commands/StartRoadRunnerCommand.php

will set roadrunner server with '-o', 'server.command='.(new PhpExecutableFinder)->find().','.base_path(config('octane.roadrunner.command', 'vendor/bin/roadrunner-worker')),

where base_path(...) will resolve to /releases/101/ not to /current

so in next deployment e.g. (/releases/102/) , when we run artisan octane:reload it will still use old /releases/101/ source code (i checked and yes if i go back to /releases/101/ and make a change it will be present after artisan octane:reload).

the solution is very simple, in config/octane.php you just need to add:

    'roadrunner'=>[
        'command' => env('OCTANE_ROADRUNNER_WORKER_PATH', base_path('vendor/bin/roadrunner-worker')),
    ]

OCTANE_ROADRUNNER_WORKER_PATH=../../current

would be nice is this added to config/octane.php , and maybe don't use base_path

or even better a option to provide the path in octane:start

Steps To Reproduce

deploy a octane laravel app using deployer , octane:reload will not work as expected

Currently, for plural rules, the MessageFormatter polyfills uses the English rules for all locales (it ignores the locale). To be consistent with what we do in symfony/intl (used by symfony/polyfill-intl-icu to implement NumberFormatter and DateFormatter), we should rather fail explicitly here (using the English rules for a different locale would not give the right result anyway)

It should be possible to configure Cachet via a cachet:install Artisan command.

v2.x had an interactive command that would ask you questions and store the configuration.

For v3.x, this won't work exactly the same as we now have a mix of .env and database settings, but the idea is the same.

This is a big one, but would resolve https://github.com/cachethq/cachet/issues/4425

• Opt components into being monitored.
• Needs some kind of configuration (what if a Header is required to access the URL? Frequency?)
• Add a cron job that runs every minute and checks the actively components.
• Track component availability.
• Dashboard to manage component monitors, track availability etc.
• API

using prompt engineering techniques provide enhancement to the Gemini service class in the Gemini prompt class, creating functions commonly used in Laravel applications.

v2.4 allows users to add Google 2FA to their account for an added layer of security. 3.x should also implement this in some way.

Things to consider

• How to generate the code
• How do verify via 2FA when this is enabled on a users account.
• Can admins reset 2FA for a user if they've lost their 2FA device?
• How should backup codes work?

Found the \Illuminate\Database\Eloquent\Concerns\HasAttributes::originalIsEquivalent() method during code diving and it should be usable for our trait! 🎉 This PR would be mainly reasearch when that method was added, if it's compatible with our version support rules and switching our own change detection logic with the core one.

When calling mb_convert_encoding() with $fromEncoding === 'HTML-ENTITIES', the polyfill does not return functionally equivalent strings to the native function. This is because mb_convert_encoding() uses html_entity_decode() when $fromEncoding === 'HTML-ENTITIES' and that function does not return characters for many numeric entities 0-31 and 127-159. For example:

<?php

require "vendor/symfony/polyfill-mbstring/Mbstring.php";

use Symfony\Polyfill\Mbstring as p;

for($i = 0; $i < 1024; $i++) {
	$string = "&#" . $i . ";";
	$mbstring = mb_convert_encoding($string, 'UTF-8', 'HTML-ENTITIES');
	$polyfill = p\Mbstring::mb_convert_encoding($string, 'UTF-8', 'HTML-ENTITIES');
	if($mbstring != $polyfill) {
		echo "Mismatch: $string - mbstring: $mbstring; polyfill: $polyfill\n";
	}
}

outputs:

Mismatch: � - mbstring: ; polyfill: �
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring:; polyfill: 
Mismatch:  - mbstring:
                            ; polyfill: 
Mismatch:  - mbstring:
                            ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring:  polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch: ' - mbstring: '; polyfill: '
Mismatch:  - mbstring: ; polyfill: 
Mismatch: € - mbstring: €; polyfill: €
Mismatch:  - mbstring: ; polyfill: 
Mismatch: ‚ - mbstring: ‚; polyfill: ‚
Mismatch: ƒ - mbstring: ƒ; polyfill: ƒ
Mismatch: „ - mbstring: „; polyfill: „
Mismatch: … - mbstring: …; polyfill: …
Mismatch: † - mbstring: †; polyfill: †
Mismatch: ‡ - mbstring: ‡; polyfill: ‡
Mismatch: ˆ - mbstring: ˆ; polyfill: ˆ
Mismatch: ‰ - mbstring: ‰; polyfill: ‰
Mismatch: Š - mbstring: Š; polyfill: Š
Mismatch: ‹ - mbstring: ‹; polyfill: ‹
Mismatch: Œ - mbstring: Œ; polyfill: Œ
Mismatch:  - mbstring: ; polyfill: 
Mismatch: Ž - mbstring: Ž; polyfill: Ž
Mismatch:  - mbstring: ; polyfill: 
Mismatch:  - mbstring: ; polyfill: 
Mismatch: ‘ - mbstring: ‘; polyfill: ‘
Mismatch: ’ - mbstring: ’; polyfill: ’
Mismatch: “ - mbstring: “; polyfill: “
Mismatch: ” - mbstring: ”; polyfill: ”
Mismatch: • - mbstring: •; polyfill: •
Mismatch: – - mbstring: –; polyfill: –
Mismatch: — - mbstring: —; polyfill: —
Mismatch: ˜ - mbstring: ˜; polyfill: ˜
Mismatch: ™ - mbstring: ™; polyfill: ™
Mismatch: š - mbstring: š; polyfill: š
Mismatch: › - mbstring: ›; polyfill: ›
Mismatch: œ - mbstring: œ; polyfill: œ
Mismatch:  - mbstring: ; polyfill: 
Mismatch: ž - mbstring: ž; polyfill: ž
Mismatch: Ÿ - mbstring: Ÿ; polyfill: Ÿ

While many of these are control characters (and the native function does return them), the single quote (dec 39) is particularly problematic.

Octane Version

2.6.2

Laravel Version

11.16.0

PHP Version

8.3.6

What server type are you using?

Swoole

Server Version

5.1.2

Database Driver & Version

No response

Description

Before i start, this is not a duplicate to https://github.com/laravel/octane/issues/903, this is about Swoole. Also large stream responses are fixed with https://github.com/laravel/octane/issues/636, but not this case.

While using Storage::download or Storage::response, laravel is creating a stream response that uses php fpassthru($stream). Somehow the buffering between fpassthru and ob_start does not work, instead it tries to load the full file into the memory. This leads to out of memory errors while downloading very big files.

If i replace the fpassthru with a fread-while-loop it is working as expected.

I can basically make a pull request, but need help with the solution... Is this more a problem in the laravel framework or PHP itself?

Steps To Reproduce

1. Write a laravel controller that uses Storage::download() to download file with e.g. 1 GB
2. Call the controller and see the out of memory error

What happened?

After installation, I noticed that in the browser console it outputs an error of wireEl is undefined.

How to reproduce the bug

Just install this package in a livewire project, preferable with Filament's admin package. And see the browser console.

composer create-project laravel/laravel test;
composer require filamentphp/filament;
composer require spatie/laravel-blade-comments;

Then go through the browser console and see the error

Package Version

1.0.1

PHP Version

8.2.0

Laravel Version

10.13.0

Which operating systems does with happen with?

macOS

Notes

Filament ......................................................
Packages ...... filament, forms, notifications, support, tables
Version .............................................. v2.17.44
Views ..................................... PUBLISHED: filament

Laravel Version

11.42.0

PHP Version

8.4.3

Database Driver & Version

No response

Description

Define a custom attribute with a convoluted name using the Attribute syntax:

Example:

protected function foo1Bar(): Attribute
{
    return Attribute::make(
        get: fn () => 'yay',
    );
}

Accessing a custom attribute is internally done by a snake-to-camel case conversion. So this means both foo1_bar and foo_1_bar will yield the expected value.

However, some features in Eloquent do the inverse by calling upon the attribute cache ($getAttributeMutatorCache): a camel-to-snake case conversion. This means that foo1Bar now only translates to foo1_bar, and not anymore to foo_1_bar even though its value would get returned when retrieving it.

echo $model->foo1_bar; // "yay"
$model->append('foo1_bar');
$model->toArray(); // Works fine.

echo $model->foo_1_bar; // "yay"
$model->append('foo_1_bar');
$model->toArray(); // Call to undefined method Model::getFoo1BarAttribute() 

On the contrary, when resorting back to the good old getFoo1BarAttribute() everything works as expected for both foo1_bar and foo_1_bar.

protected function getFoo1BarAttribute()
{
    return 'yay';
}

echo $model->foo1_bar; // "yay"
$model->append('foo1_bar');
$model->toArray(); // Works fine.

echo $model->foo_1_bar; // "yay"
$model->append('foo_1_bar');
$model->toArray(); // Works fine.

So, because of internal two-way case conversions to support the newer attribute syntax some unexpected and disfunctional ambiguity gets introduced.

I think both syntaxes (Attribute vs getXXXAttribute()) should behave equally. But I'm not quite sure how to proceed with this. Should foo_1_bar get blocked for access to prevent this kind of expectations further down the line? Or should it also resolve properly when doing the camel-to-snake conversion? Or...?

Steps To Reproduce

protected function foo1Bar(): Attribute
{
    return Attribute::make(
        get: fn () => 'yay',
    );
}

$model->append('foo_1_bar');
$model->toArray();

We need a method of migrating users from 2.4 to 3.x.

Things to consider:

• Migrate settings
• Migrate resources
• Migrate subscriptions / subscribers
• Migrate API Keys

AOB (please add to this list)

As a comment on the latter, once #183 is merged, we'll need to programmatically migrate users 2.4 API Keys to 3.x using something like the following

$v2ApiKey = $v2User->api_key;

$v3User->tokens()->create([
    'name' => 'v2.4 API Key',
    'token' => hash('sha256', $v2ApiKey),
    'abilities' => ['*'],
    'expires_at' => now()->addDays(90),
]);

@jbrooksuk We need to decide on the abilities and expires_at. IMO it makes sense to throw something into the upgrade documentation that old 2.4 API Keys will continue to work for up to 90 days. But if they want to use the API after that, then they'll need to generate a new API Token using the 3.x dashboard.

Describe the bug logUnguarded() works provided that $guarded is set explicitly in the model. If it is not set explicitly but globally set, say in AppServiceProvider using Model::unguard(); then nothing is logged.

To Reproduce

1. remove $fillable and $guarded from a model that use uses LogsActivity
2. call Model::unguard(); in AppServiceProvider in the boot method
3. set

    public function getActivitylogOptions() : LogOptions
    {
        return LogOptions::defaults()->logUnguarded();
    }

4. Make some changes to a model and save them

Expected behavior Some changed properties should be logged but none are

Versions (please complete the following information)

• PHP: 8.1
• Database: MySql
• Laravel: 9.38
• Package: larvel-activitylog

As an extension of https://github.com/cachethq/core/issues/93 it'd be cool to have an option that shows completed schedules in the incident timeline.

Add in PHP 7.3 as Normalizer::normalize() argument for NFKC_Casefold normalization.