Hey LaraDevs 👋,

I am proud to present a new "A Day with Laravel" issue. If you think of a resource that could be useful for the Laravel dev community, let me know on FrameworkHeroes News in Laravel section.

If you don't want to miss any future news about the Laravel ecosystem, you should subscribe now!

Thanks to Sevalla for sponsoring this newsletter

Sevalla is the home to your upcoming web projects. Host and manage your apps, databases and static sites in a single, intuitive platform. ✨

Discover Sevalla

Laravel 13.12.0: New attributes for the Scheduler and control over listener discovery

Released on 26 May, this version includes:

• The withAttributes() method for adding metadata to scheduled tasks.
• The ShouldBeDiscovered interface to finely control which listeners are auto-discovered.
• Other improvements (SQLite URI support, tests, etc.).

» Read the article

Laravel Live Japan (26–27 May in Tokyo)

The official Laravel event in Japan took place in Tachikawa. The programme included a keynote by Taylor Otwell on Laravel updates, talks on AI and modern monoliths, and a strong international community presence with live AI translation. Feedback has been very positive regarding the atmosphere and the discussions.

While we wait for the videos of the various talks (perhaps), here is an impressive demo by Marcel Pociot producing music directly with PHP and Laravel

Managed Queues on Laravel Cloud (announced on 26 May)

A major new feature on Laravel Cloud: managed queues that auto-scale according to workload, display failed jobs in a built-in dashboard, and scale down to zero when inactive. Perfect for simplifying deployments.

» Read the article

Moat: A GitHub security review tool by Nuno Maduro (launched in late May)

An official tool that analyses the security posture of your GitHub, GitHub.org or repository (2FA, branch protection, signed commits, etc.) with a single command and provides recommendations. Very useful in the wake of recent supply-chain attacks.

» Read the article

Security bonus

Laravel Lang localisation packages (such as laravel-lang/lang) were compromised via a supply chain attack: the attackers rewritten existing GitHub tags to point to malicious code in a fork, without altering the main source code.

This allowed a cross-platform credential stealer (via Composer) to be silently installed, which steals cloud keys, tokens, passwords, crypto wallets, .env files, etc., and which affected hundreds of historical versions.

Packagist has already responded by removing the malicious versions.

» Read the article

I need your support 🙏

If you found this newsletter helpful, I would be delighted if you could drop a small coin into my piggy bank (ko-fi or PayPal)

A free alternative to support me? Of course! Place your next Amazon order with my affiliate link

The objective of this newsletter?

🎯 Regularly deliver to you, recent or important resources (videos, articles, GitHub repositories, packages, tutorials, ...) that I could find on Laravel and its ecosystem.

See you soon for the next issue. If you haven't already done so, subscribe!