Versioning Scheme
Laravel's versioning scheme maintains the following convention:
paradigm.major.minor. Major framework releases are released
every six months (February and August), while minor releases may be
released as often as every week. Minor releases should
never contain breaking changes.
When referencing the Laravel framework or its components from your
application or package, you should always use a version constraint such
as 5.8.*, since major releases of Laravel do include
breaking changes. However, we strive to always ensure you may update to
a new major release in one day or less.
Paradigm shifting releases are separated by many years and represent fundamental shifts in the framework's architecture and conventions. Currently, there is no paradigm shifting release under development.
Support Policy
For LTS releases, such as Laravel 5.5, bug fixes are provided for 2 years and security fixes are provided for 3 years. These releases provide the longest window of support and maintenance. For general releases, bug fixes are provided for 6 months and security fixes are provided for 1 year. For all additional libraries, including Lumen, only the latest release receives bug fixes.
| Version | Release | Bug Fixes Until | Security Fixes Until |
|---|---|---|---|
| 5.0 | February 4th, 2015 | August 4th, 2015 | February 4th, 2016 |
| 5.1 (LTS) | June 9th, 2015 | June 9th, 2017 | June 9th, 2018 |
| 5.2 | December 21st, 2015 | June 21st, 2016 | December 21st, 2016 |
| 5.3 | August 23rd, 2016 | February 23rd, 2017 | August 23rd, 2017 |
| 5.4 | January 24th, 2017 | July 24th, 2017 | January 24th, 2018 |
| 5.5 (LTS) | August 30th, 2017 | August 30th, 2019 | August 30th, 2020 |
| 5.6 | February 7th, 2018 | August 7th, 2018 | February 7th, 2019 |
| 5.7 | September 4th, 2018 | March 4th, 2019 | September 4th, 2019 |
| 5.8 | February 26th, 2019 | August 26th, 2019 | February 26th, 2020 |
Laravel 5.8
Laravel 5.8 continues the improvements made in Laravel 5.7 by
introducing has-one-through Eloquent relationships, improved email
validation, convention based automatic registration of authorization
policies, DynamoDB cache and session drivers, improved scheduler
timezone configuration, support for assigning multiple authentication
guards to broadcast channels, PSR-16 cache driver compliance,
improvements to the artisan serve command, PHPUnit 8.0
support, Carbon 2.0 support, Pheanstalk 4.0 support, and a variety of
other bug fixes and usability improvements.
Eloquent HasOneThrough Relationship
Eloquent now provides support for the hasOneThrough
relationship type. For example, imagine a Supplier model
hasOne Account model, and an Account model has one
AccountHistory model. You may use a hasOneThrough
relationship to access a supplier's account history through the account
model:
/**
* Get the account history for the supplier.
*/
public function accountHistory()
{
return $this->hasOneThrough(AccountHistory::class, Account::class);
}Auto-Discovery Of Model Policies
When using Laravel 5.7, each model's corresponding authorization policy
needed to be explicitly registered in your application's
AuthServiceProvider:
/**
* The policy mappings for the application.
*
* @var array
*/
protected $policies = [
'App\User' => 'App\Policies\UserPolicy',
];Laravel 5.8 introduces auto-discovery of model policies as long as
the model and policy follow standard Laravel naming conventions.
Specifically, the policies must be in a Policies directory
below the directory that contains the models. So, for example, the
models may be placed in the app directory while the
policies may be placed in the app/Policies directory. In
addition, the policy name must match the model name and have a
Policy suffix. So, a User model would
correspond to a UserPolicy class.
If you would like to provide your own policy discovery logic, you may
register a custom callback using the
Gate::guessPolicyNamesUsing method. Typically, this method
should be called from your application's
AuthServiceProvider:
use Illuminate\Support\Facades\Gate;
Gate::guessPolicyNamesUsing(function ($modelClass) {
// return policy class name...
});Note: Any policies that are explicitly mapped in your
AuthServiceProviderwill take precedence over any potential auto-discovered policies.
PSR-16 Cache Compliance
In order to allow a more granular expiration time when storing items
and provide compliance with the PSR-16 caching standard, the cache item
time-to-live has changed from minutes to seconds. The put,
putMany, add, remember and
setDefaultCacheTime methods of the
Illuminate\Cache\Repository class and its extended classes,
as well as the put method of each cache store were updated
with this changed behavior. See the related
PR for more info.
If you are passing an integer to any of these methods, you should
update your code to ensure you are now passing the number of seconds you
wish the item to remain in the cache. Alternatively, you may pass a
DateTime instance indicating when the item should
expire:
// Laravel 5.7 - Store item for 30 minutes...
Cache::put('foo', 'bar', 30);
// Laravel 5.8 - Store item for 30 seconds...
Cache::put('foo', 'bar', 30);
// Laravel 5.7 / 5.8 - Store item for 30 seconds...
Cache::put('foo', 'bar', now()->addSeconds(30));Multiple Broadcast Authentication Guards
In previous releases of Laravel, private and presence broadcast channels authenticated the user via your application's default authentication guard. Beginning in Laravel 5.8, you may now assign multiple guards that should authenticate the incoming request:
Broadcast::channel('channel', function() {
// ...
}, ['guards' => ['web', 'admin']])Token Guard Token Hashing
Laravel's token guard, which provides basic API
authentication, now supports storing API tokens as SHA-256 hashes. This
provides improved security over storing plain-text tokens. To learn more
about hashed tokens, please review the full API authentication documentation.
Note: While Laravel ships with a simple, token based authentication guard, we strongly recommend you consider using Laravel Passport for robust, production applications that offer API authentication.
Improved Email Validation
Laravel 5.8 introduces improvements to the validator's underlying
email validation logic by adopting the
egulias/email-validator package utilized by SwiftMailer.
Laravel's previous email validation logic occasionally considered valid
emails, such as example@bär.se, to be invalid.
Default Scheduler Timezone
Laravel allows you to customize the timezone of a scheduled task
using the timezone method:
$schedule->command('inspire')
->hourly()
->timezone('America/Chicago');However, this can become cumbersome and repetitive if you are
specifying the same timezone for all of your scheduled tasks. For that
reason, you may now define a scheduleTimezone method in
your app/Console/Kernel.php file. This method should return
the default timezone that should be assigned to all scheduled tasks:
/**
* Get the timezone that should be used by default for scheduled events.
*
* @return \DateTimeZone|string|null
*/
protected function scheduleTimezone()
{
return 'America/Chicago';
}Intermediate Table / Pivot Model Events
In previous versions of Laravel, Eloquent model events were not dispatched when attaching, detaching, or syncing custom intermediate table / "pivot" models of a many-to-many relationship. When using custom intermediate table models in Laravel 5.8, the applicable model events will now be dispatched.
Artisan Call Improvements
Laravel allows you to invoke Artisan via the
Artisan::call method. In previous releases of Laravel, the
command's options are passed via an array as the second argument to the
method:
use Illuminate\Support\Facades\Artisan;
Artisan::call('migrate:install', ['database' => 'foo']);However, Laravel 5.8 allows you to pass the entire command, including options, as the first string argument to the method:
Artisan::call('migrate:install --database=foo');Mock / Spy Testing Helper Methods
In order to make mocking objects more convenient, new
mock and spy methods have been added to the
base Laravel test case class. These methods automatically bind the
mocked class into the container. For example:
// Laravel 5.7
$this->instance(Service::class, Mockery::mock(Service::class, function ($mock) {
$mock->shouldReceive('process')->once();
}));
// Laravel 5.8
$this->mock(Service::class, function ($mock) {
$mock->shouldReceive('process')->once();
});Eloquent Resource Key Preservation
When returning an Eloquent resource collection from a route, Laravel resets the collection's keys so that they are in simple numerical order:
use App\User;
use App\Http\Resources\User as UserResource;
Route::get('/user', function () {
return UserResource::collection(User::all());
});When using Laravel 5.8, you may now add a preserveKeys
property to your resource class indicating if collection keys should be
preserved. By default, and to maintain consistency with previous Laravel
releases, the keys will be reset by default:
<?php
namespace App\Http\Resources;
use Illuminate\Http\Resources\Json\JsonResource;
class User extends JsonResource
{
/**
* Indicates if the resource's collection keys should be preserved.
*
* @var bool
*/
public $preserveKeys = true;
}When the preserveKeys property is set to
true, collection keys will be preserved:
use App\User;
use App\Http\Resources\User as UserResource;
Route::get('/user', function () {
return UserResource::collection(User::all()->keyBy->id);
});Higher Order orWhere Eloquent Method
In previous releases of Laravel, combining multiple Eloquent model
scopes via an or query operator required the use of Closure
callbacks:
// scopePopular and scopeActive methods defined on the User model...
$users = App\User::popular()->orWhere(function (Builder $query) {
$query->active();
})->get();Laravel 5.8 introduces a "higher order" orWhere method
that allows you to fluently chain these scopes together without the use
of Closures:
$users = App\User::popular()->orWhere->active()->get();Artisan Serve Improvements
In previous releases of Laravel, Artisan's serve command
would serve your application on port 8000. If another
serve command process was already listening on this port,
an attempt to serve a second application via serve would
fail. Beginning in Laravel 5.8, serve will now scan for
available ports up to port 8009, allowing you to serve
multiple applications at once.
Blade File Mapping
When compiling Blade templates, Laravel now adds a comment to the top of the compiled file which contains the path to the original Blade template.
DynamoDB Cache / Session Drivers
Laravel 5.8 introduces DynamoDB cache and session
drivers. DynamoDB is a serverless NoSQL database provided by Amazon Web
Services. The default configuration for the dynamodb cache
driver can be found in the Laravel 5.8 cache
configuration file.
Carbon 2.0 Support
Laravel 5.8 provides support for the ~2.0 release of the
Carbon date manipulation library.
Pheanstalk 4.0 Support
Laravel 5.8 provides support for the ~4.0 release of the
Pheanstalk queue library. If you are using Pheanstalk library in your
application, please upgrade your library to the ~4.0
release via Composer.