Laravel 13, Native PHP 3.1, and ingesting data

Hello friends, welcome back to the Laravel News podcast. It is episode 255. It is also Tuesday the 31st of March. Michael, tomorrow morning is April 1st, which means you have to have some sort of fun something planned for your kids, right? I mean, what are you going to do? What's what's what's No none of that. We are It is already April 1st here. Oh, that's right. You guys April fools. You don't get to all like, you know, for me it's like, you know, the kids wake up like, "Oh, school is canled today or something like that." And then not really a thing here. Like we just wait until all of you wake up and you know, all the companies. I think it's Look, I loathe to say it, but I think it's considered cringe these days to do anything for April Fools. That's probably true. But uh Laravel 14 is coming out tomorrow. I heard tomorrow. Yeah, we we skipped we had to actually bump everything. Dad, what was that, dude? Okay. So, were you bit by that? Did you guys get bit by that? No. No, we didn't get bit by it. We're We're on a non-impacted version that there we've gone through and I think we're adding this like the npm flag. This is a Yeah. security thing. Um there's there's like a if you're on a version of npm 11 or greater or if you're using I think bun does this by default you can set a flag two two different flags. One of them is to not run post install scripts and which you know stops it from slurping up all of your credentials, environment variables, keys, etc., etc. And the other one, there's like a flag that you can set on npm that will prevent it from allowing you to do an install of a package that's less than 2 days old. And this is a double-edged sword, of course. you know, obviously you won't get swept up in these supply chain attacks, but you also won't you won't be able to install um zero fixes and things like that. So, you know, just just something to be mindful of. But it's not not not even a direct dependency. The way the the attack service of this thing worked was that if even if it was a a dependency of a dependency, which there's a fancy word for that that I that I can't remember off the top of my head, but a transient dependency, you know, it's installed in your application because some package that you're using is using Axios. imped fairly quickly to remove the imped day yesterday cuz the the clawed code source code got like there was something else that happened as well. So probably because of Axios. I'm just kidding. But what if it was? Who knows? We don't speculate like that here surely. No, of course not. uh which led me on a journey today of trying to figure out like okay what are the keys that I have sitting around that I probably shouldn't have sitting around and mostly honestly in our CI environment which are GitHub actions you think oh those those are safe those are safe and secure and whatever but like if npm install ran on that for axios version 1.14 then it could also pull those out of there and so I'm like okay what sort of ways can I prevent uh like personal access tokens longive personal access tokens from being used in sort of any sort of situation where you know I have dependencies that are on uh repos that are still belonging to my organization. So I need to use a personal access token but how can I do that in a way that doesn't sit around for a year but more like an hour. So that's what I did today and uh had some good progress. We will talk about that on our other show. But today folks we are talking about Laravel news because this is the Laravel news podcast. So we're going to jump into the Laravel 13 release. Mr. Dinda, I'm going to let you take this one, my friend, because uh you put the show notes together and I just feel like you deserve it. So, hit us. Let's go. So, Laravel 13th on March the 17th was released. The new version of Laravel 13 does require PHP 8.3 as the minimum version and will follow Laravel's standard support cycle with bug fixes through to Q3 of 2027 and security updates through Q1 of 2028. According to the Laravel team, much of their focus during this release cycle has been minimizing breaking changes. Instead, we have dedicated ourselves to shipping continuous quality of life improvements throughout the year that do not break existing applications. As always, if you want a simple way to upgrade, check out Laravel Shift. I think we would be remiss not to mention there was a bit of conversation about this in uh in lie of the release. Um so, Laravel 13 came out. Laravel Shift of course had the Laravel 13 upgrade available. And as part of the Laravel 13 release, the Laravel team also announced that they were including a I think it was a boost skill or a you know an agent skill to handle doing the upgrades. And there was a lot of conversation people reaching out to Jag people asking what is the value of shift when when AI uh tooling exists. And I think the the main thing and the reason that you know you and I and lots of people still are using Laravel shift is because the goals of the two things are different. Laravel shift is there to make it look as though your application was always running the latest version of Laravel whereas the AI tooling is kind of there to just do the the changes to go from you know 12 to 13. So um different philosophies. It's really cool to see also that JMAC and Laravel Shift are adopting AI and kind of using it. So for every comment that it places into your PR, your your shift PR, it will also give you a copy pasteable um prompt that you can give to your AI agent to go through and address things because there's always bits and pieces that Laravel shift can't quite do. Or Yeah. Or or it offers you some suggestions on what you need to go and look for just to make sure that your application is covered in in specific scenarios. And so you can just copy and paste the the tooling and and go through that. So yeah, that right off the bat. But as I said, PHP 8.3 is now required. PHP 8.2 support has been dropped. There is a whole swag of first class PHP attribute supported. So you can now define uh in eloquent models for example instead of a protected dollar table property you can now use a table attribute you can use a hidden attribute and a fillable attribute all on top of your model class. So instead of configuring behavior through class properties you can now define things using inline attributes on models jobs console commands and 15 plus other locations. This is a fully optional and backwards compatible change. I know that there's still some people that are um not not totally uh in favor of using attributes. They they look ugly that, you know, it's a new it's a new paradigm within PHP even though it's been around now I think since you know PHP 8.1 or something like that. You know, it's not it's not really being used a whole lot um particularly in the in the Laravel community. So, it's cool that it's there as an option, but if you still want to keep using the properties, you don't have to. Um Laravel shift will do this in a discrete commit for you. So if you don't want it, you can just roll it back as well. Uh Laravel 13 also introduces officially the first party Laravel AI SDK that provides a unified API for text generation, tool calling agents, embeddings, audio images, and vector store integrations. We've spoken about this on the podcast before. And also as part of that, Laravel includes firstparty JSON API resources making it straightforward to return responses compliant with the JSON API specification. These resources handle resource object serialization, relationship inclusion, sparse field sets, links, JSON API compliant response headers and more. This is the spiritual successor to a package that Tim McDonald built many years ago. I think even during the co times was when he put that that original version together. Um, so it's good to see that that's still getting some life out there. Absolutely. Laravel 13 also adds Q routing by class via the Q do route method, allowing you to define default Q connection routing rules for specific jobs in a central place. That's actually really nice. I really like that because typically you were having to do it on the job itself. Um, and so you'd have to dig through each of them to kind of find out where they were at. This is very, very nice. Yeah, I like that. Probably shove them all into a uh into some kind of service provider to handle it all as well in one place so you know where to look for everything. Mhm. Uh Laravel 13 also has native vector query support embedding workflows and related APIs documented across search queries and the AI SDK. These features make it straightforward to build AI powered search experiences using Postgress and PG vector including similarity search against embeddings generated directly from strings. We have links to all that for you in the show notes of course. And the last thing that we're going to touch on here is the C touch method that extends a cached items TTL without fetching or restoring. So previously you'd have to do like this whole get and put dance to to get the value and then put it back into the cache with an extended expiry. You can now call C dotouch and give it the uh cache key and say I want to extend it by 3600 seconds or you could pass it at daytime or you can pass null and that will extend it indefinitely. Um, yes. So, as I said previously, you would need to do a get and then a put to to get the value and then and put it back in there. So, that's all done for you. Importantly, Laravel's established support policy, Laravel 13, will receive bug fixes, as I said at the top of this section, until Q3 of 2027 and security updates until Q1 of 2028. Uh, no exact dates, just um quarter targets for these things. I'm sure as we get closer, they'll pin a date specifically. Uh but yeah, as we said, if you want an easy way to keep a project up to date, make it look as though they were always running the latest version of Laravel, you check out Laravel Shift and Shift will open API with a nice atomic commits for you to review in just a few clicks. But that is all for Laravel 13. Links to all of that information in the show notes. I will say as well, we have applications that we've been running since Laravel version 4 and they're indistinguishable from uh you would never know. Yeah, they've we've used Shift to update every version since well, I don't know if a version 4 got updated with Shift, but uh since Shift has been available, we've used Shift to update those applications, and you cannot tell. They are quite nice and so does feel uh fresh and clean. Every time you walk into it, it's just like, yep, it's brand new. Uh feels like a a nice Laravel 12 application. So, very cool. All right, on the Laravel train here. As far as the team, the Laravel team is concerned, Laravel prompts 0.3.15 is out. So prompts, if you don't know what this is, this is basically the tooling that Laravel provides to create your own TUI, right? Terminal user interface. So there's now several new features that make it easier to create interactive, real time, and even AIdriven terminal applications. So Joe Tannenbomb said that in the building of the cloud the Laravel cloud CLI they decided to just take the work that they had been doing bake it into prompts itself. So there's these new primitives that have come out and some unreleased stuff. So we're going to talk about what each one of those are. Now the new task helper makes it simple to run long running operations while keeping users informed. This was previously sort of difficult to do. You only had a couple options. is you could do like a progress bar sort of situation. But with this, you can now include a live updating spinner, scrolling log output, a clear success, warning or error states that persist after completion. You can also dynamically update the task label as the progress changes. So you don't have to get stuck with just a single progress bar. Lots of different ways to be able to keep the user up to date. Especially useful for things like deployments, installs, or any process where visibility into what's happening behind the scenes is important to keep the user informed and just kind of generally let them know the job isn't hung. This is where we're at in the process right now. Streaming output is also something that was challenging before, but the stream prompt enables incremental output directly to the terminal. It includes built-in word wrapping, uh, ANC support, smooth fade in effects, things like AI generated responses like you're used to seeing in cloud, chat, GPT interfaces, live logs, progressive outputs from APIs, anything that anything that could arrive over time can now be displayed naturally in the command line interface. Smarter inputs with autocomplete. So users get type ahead suggestions. So they think like Zshell uh sort of you know you have those um you know as you start to type get it will suggest options for you right users get that type ahead suggestion but you still retain full control over their input. So you can provide a static array of options, a dynamic closure that filters suggestions as the user types. Uh perfect for things like config keys, file paths, or commonly used values where uh the speed of the user's input. They're trying to get through this quickly where that matters. This is a great option. Dynamic context with select prompt info. So selectbased prompts now support this dynamic info panel. So by passing a closure you can display contextual details for each option based on that currently selected or currently highlighted option. So that works for select, multi select, search, multisarch and suggest. So the use cases include things like showing a the pricing or the description or an ID or additional metadata as a user sort of you know tabs over those things or highlights over those things so that users can make better decisions. You could think of something like you're going over your failed jobs and all you show initially is the exception itself and as you arrow over that it shows you the ID over to the right and sort of the details of the exception etc. All right, setting terminal titles with title. So the new title helper allows you to update the terminal window or tab title up at the top uh programmatically. It's really useful for longunning commands. Users can monitor the progress at a glance even when the terminal is in the background. Um so if you have multiple tabs open, you can kind of see what's going on there. Sending desktop alerts with notify. Really cool here. Brings native system notifications to your CLI application. Mac OS and Linux support. Uh ideal for background tasks like deployment builds uh etc. Building AI powered CLI apps. These new primitives work really well together. So like a simple example would be something like accepting your user input, updating the terminal with title saying hey we're responding. processing that request using an AI agent with task updating them. Hey, we're sending this prompt to the agent. We're getting a response and then streaming that generated response with the stream helper. So, this pattern uh opens the door for powerful AI developer uh sorry AIdriven developer tools directly in the terminal. You can learn more about that at the documentation laravel.com/doccks13.x/prompts. Inertia version 3 is here with optimistic updates. use HTTP and more. We have spoken about the beta release of Inertia version 3 earlier this year and the final release ships with all of those features alongside a number of fixes and refinements accumulated during the beta period. The release touches the core package as well as all three adapters that's react and spelt. So amongst the new things, Axios is no longer a required dependency. So we dodged a bullet there. Inertia now ships with its own XHR client which removes the Axios dependency which is about 15 kilobytes of gzipped JavaScript from your bundle by default. If you do rely on Axios interceptors or need to preserve existing behavior, this is still available as an optional peer dependency. The new use HTTP hook covers the long-standing gap for making HTT requests that don't trigger a page navigation. It returns reactive state processing errors progress and is dirty matching the developer experience of use form and also integrates with pre-cognition version two for real-time validation. The hook itself is intended for routes that return response JSON rather than inertia doop render. Inertia version 3 also adds a first class optimistic update API across the router use form and use HTTP hooks. Changes are applied immediately to page state and automatically rolled back on non-200 level responses and only keys explicitly defined in the callback are snapshotted. Concurrent optimistic updates are also handled and multiple inflight requests each carry their own roll back snapshot. The form component also gains an optimistic prop and both optimistic and transform callbacks now have generic type inference. There is a use layout props and set layout props hook that gives pages a clean way to pass pass data into their layout without reaching for an event bus or provide and inject. And SSR now works during npm rundev without running a separate NodeJS server process. There is a whole heap other features shipping along with version 3. There is instant visits. We've spoken previously about create create inertia app not requiring any arguments giving you a zero config setup when using the V plugin. There is a preserve fragment option. There is a preserve errors option. There is a reloading slot prop for the deferred uh element. There is HTTP error base class, a popover API progress bar, react script mode and a spelt 5 adapter as well as shared page props in event and create inertia app types. This is a major release with breaking changes including updated framework version requirements, the Axios removal ESM only output and a number of renamed APIs. You should review the official upgrade guide for the full list of changes before upgrading. We'll have links to all of that for you in the show notes. Awesome folks. 13.2. We've already got an update for Laravel 13. Let's talk about what's on here. So, first thing up is symmetrical eloquent model attributes. Okay, let me just preface this by saying if you are not yet using attributes in PHP, you should consider it. Give it a shot. They're especially useful in enums. We have found we've talked about this on other show before. We've talked about this in Laravel news before. There's been some really great articles on how you can colllocate other pieces of information next to your backed enums using attributes. That's the thing that got me started with them and I never looked back. They are actually very very nice. My favorite use of these attributes in Laravel is an observed by attribute which you can put on your eloquent model. Previously, you used to have to do something like in, you know, you'd have to overwrite the boot method of a model or you'd have to put it in a service provider somewhere to say that this model is observed by this other class. It was just not super discoverable, right? And so now you have an observed by attribute that you put at the top of your eloquent model, pass in the class, and everybody who's looking at the model knows, okay, this has an observer. It's very nice. Along with that then we have got some additional changes for how these attributes are getting used on eloquent models. So previously in version 13 there was the ability to be able to have the table attribute but then inside of that table attribute you'd had like named parameters like table timestamps false date format you it was just was felt you were trying to cram too much stuff into one particular attribute. So rather than packing multiple concerns into one attribute, each concern now has its own dedicated attribute. So now you just have pound sign date format U, that's one attribute. Pound sign without timestamps, that's another attribute. So these new attributes mirror properties that already exist on eloquent models. So if before you were saying without time stamps, it now can just be done as an attribute. So this makes it easier to configure model behavior declaratively at the class level. All right, enum support. We love us some good enum support in addition to attributes. We've been pushing hard on this enum front uh in the PHP community and in Laravel. Laravel is adding new enum support uh all over the place. So where is it now happening in these attributes is where it's happening. So if you have a Q um attribute on a particular job, right? So you can have maybe inest audit logging is your job and it implements should Q. Well, previously you'd have to have like in you'd have to do like this on Q and then pass in the Q, right? Um, and if you're like me, you're using enums back enums for all of those sort of like Q channels. Well, now instead of having to do that, you can just do an attribute pound Q and then you can pass in your enum, right? Q channels double colon log ingestion whatever and it will automatically cast that to its value, its corresponding string value. So you don't have to do arrow value all over the place. Uh, which was annoying. So you don't have to do that anymore. This brings that attribute behavior in line with with what was already supported through the property directly. So that works both for the Q and the connection attributes on jobs. Okay. Release on signal for without overlapping. If you're scheduling a command inside of the console.php and you put on there without overlapping. So personal example, we have a job that runs every 10 seconds without overlapping. What that means is as soon as the job starts to run, it puts a cache key in like a mutex and if in 10 seconds that job hasn't finished, it will not run another instance until that one command has finished running. So it prevents this overlap which is really good. However, sometimes what happens is that process receives uh like the process gets killed, right? So let's say like the server is getting rebooted, right? That can happen. the lock is left set and so when theuler restarts it doesn't it doesn't clear the cache and so it never runs again. Um not good. So what you can do now is you can say arrow without overlapping which provides that same behavior. But then you could say release on signal. And what that will do is if it receives a termination signal sig term, sig int or sig quit, the task will then run immediately after theuler restarts because it will clear out that key on those uh on those uh signals that it would receive. It does require the pcntl extension which I think is available on on most of the versions of PHP that we're going to be running. However, uh valid note there. Okay, couple more pieces here. Unique constraint violation exception uh now includes column and index details. So if you have a exception like this, which is like you're queuing a nope, not that something else. It's if you're trying to create a model or something in the database and a like let's say that you have a unique constraint on the email column. if that email is already in your database. Before it was just nope, unique constraint violation exception didn't include any information. Well, now it exposes the columns and the index name that is involved in that exception so that you have a little bit better data. There's a table here that describes what information specifically is provided based on what driver you're using. Um, but in either case, it's going to be a much nicer debugging experience because you're going to have both of those pieces of information available. What index was it conflicting with and what column was that on? Okay. Schedule list command now shows cron expressions adjusted to the time zone configured on each task rather than always displaying them in the application's default time zone. So that makes the output consistent with when the task will actually run. I just learned now that the time zone can be configured per task. Did not know that. Pretty dang cool though. Did not know that. The back off attribute is now variatic. I always forget what variotic means until I see an example. So here's what that means. It's when you can pass in multiple values without specifying the argument name. You just pass them in and then it basically explodes them or compacts them I suppose into the different um like into an array, right? So instead of passing in an array, you just pass 10 comma 30 comma 60 comma 90 comma whatever and it just says oh that's an array value. This back off attribute now accepts a variatic list of delay values matching the array based approach available via the backoff property on Q jobs. So if a job fails and you want it to wait 10 seconds before trying again and then wait 30 seconds before trying it and then wait 60 seconds before trying again, you can now just pass those in. Instead of having to use an array, you just pass in 10, 30, 60. All good there. Okay, last thing here. Magic factory methods now accept multiple arrays. Um, factories have been magic. They have been so cool. They used to be so difficult to do. And I don't remember exactly who it was who brought factories to the forefront. They've been great, but they also are quite complex. If you've not read the documentation on these, I would highly suggest doing so. Make your life great so long as you know what you're doing. So, the dynamic has factory methods like has posts or has tags. Those now accept multiple arrays. So you can pass different attribute sets for each related model without using a for each sequence method manually. So what you can have is say user factory has posts and then instead of uh you know you could just pass in multiple arrays to that particular has posts method and it will create multiple posts belonging to that same user under the hood passing those multiple arrays triggers for each sequence. Uh really cool there. A couple other fixes and improvements of course big release for being the second release of 13. Really cool stuff. Laravel debug bar has just released released version 4.2.0 that adds a skill for Laravel boost. You can install it by rerunning boost install and then you get the ability to browse the latest request, see collected data and show details, show an overview of queries with duplicates and query details with back trace and even explain results. That is the main highlight feature for this version. Uh next up and into the news, native PHP version 3.1 is the biggest performance leap yet and it is not a minor bump. This is the single biggest performance update that they have ever shipped. It is providing 10 times faster response times, background job processing, Android 8 and above support, and full ICU on iOS, and a whole lot more. Every request used to go through a full Laravel boot cycle, which was 2 to 300 milliseconds each time. That is now gone. Version 3.1 of native PHP boots Laravel once and reuses the kernel across all subsequent requests and response times dropped to as little as between 5 and 30 milliseconds. So your app finally feels native. Live wire state, router state for side instances, they're all handled automatically and it falls back to classic mode gracefully if needed. So I guess this is like the Octane equivalent, you know, or the uh swool or franken PHP running. Now in a similar situation, uh 3.1 also ships with ZTS thread safe PHP and a dedicated background Q worker on its own thread. You can set the Q connection to database and that's it. Dispatch your jobs like normal and the worker starts automatically and longunning tasks never block your UI. jobs will survive app restarts on both iOS and Android. The minimum SDK drops from Android 13 to Android 8, massively improving the number of devices that can now run your app. SDK versions are fully configurable. iOS builds now include full ICU support. The PHP International extension works on both platforms and Filament works on iOS and Android out of the box. There are no workarounds, no compromises. It is optional with the d-with or d- without ICU flags. Uh more goodies, PHP 8.3 to 8.5 are auto detected from the composer.json binaries cached locally. There is a plug-in multi-register which allows you to discover and register all plugins in one pass. There is a platform shorthand so you can use I for iOS and a Android everywhere. And unused dependencies in React, HTTP and React socket are now gone. It is a drop-in upgrade. There are no breaking changes. You can just compose require the new version and run the native install command with the d- force argument and that's it. Very cool. They're killing it over there. Let's talk about prompt deck. Uh prompt deck feels more like a package to me than news. What do you think, Mr. Direinda? I mean, I'm just going by what what the what the categories are. All right. Well, I'm just going to tell I'm just going to say it as if it's news, but it's very cool either way. Prompt deck allows you to manage AI prompts as versioned files in Laravel. So, Victor Ukam gives Laravel applications a structured way to manage AI prompts, storing them as versioned markdown files on disk rather than embedding strings directly in application code. Okay, let's talk about what we're saying here. Um, there may be you could think of it almost like a skill I suppose, right? So, we've got Claude and on occasion you need it to do a particular thing. And so, instead of having to save that prompt in a little copy paste and a sublime text pad over to the side, you say, "I'm going to create a skill out of this." And then I can tell Claude, "Use this skill when you're doing this particular thing." It reads that prompting and then uses that as part of its input. Um, prompt deck allows you to sort of do a similar thing with your Laravel application. So it you save these prompt files onto disk so that they are then able to be version controlled. Uh you can have something like variable interpolation. It's like blade syntax almost uh in these markdown files. And then you have artisan commands for creating listing testing and activating those prompt versions. Uh you have AB testing support to compare prompt versions by token usage latency and cost. And then it also has integration with Laravel AI and it has prompts template trait. Let's let's talk about use cases here. First of all, if we're going through the life cycle of creating a new prompt, you're going to PHP artisan make prompt and then name it. So let's say we're making a prompt called order summary. It's going to scaffold that out into the resources prompts directory and then you can edit that uh with uh you can edit what it creates was a system.md system. Markdown file to provide here some different variables. Again, you can think of it like a blade file. So, you are a customer service agent summarize the following order dollar sign order. Here's the order it's going to be, right? And so then if you wanted to do that, you would just in your Laravel code, you write prompt deck get order summary. So that's like the skill you can think of. And then you pass it those order details. It will use that prompt that you previously created, passing along those order details and will ask the customer service agent as it were to summarize the following order. Of course, this is a very basic example, but you could think about how you might have multiple prompings that you would want to reuse. Instead of storing those in just plain text somewhere on your disk, you now have a place to store them specifically uh so that it's nice and easy to test and it's a great convention. There's also a to message method that returns a message array that's compatible with open AAI anthropic and similar API formats. As mentioned before, there is a AI SD there AI SDK integration. Um, and uh you can find out more about that on GitHub at github.comtoprompt- deck. It actually looks really cool. I can see this being super useful moving into the future here for us specifically. I know that we have this like text agent uh or sorry agent two-way texting conversations where there's going to be multiple times that based on the scenario I want to be able to provide a human in the loop response suggestion and so I could say use this prompting passing in the message history that the user has sent through and then give me a response that is you know similar to this or like with this in mind and so being able to have a place where those are nicely stored uh that's really handy. I think it's a pretty cool convention and I think this could be really useful. Definitely check that one out. Yeah. We're doing we're doing some work at the moment and just I think by and large lots of us are doing this stuff and at the moment we don't we don't have the ability to to present it all. It's all in um in code. So we we've got you know blade files that have got markdown in them that that include all of this stuff. But being able to kind of display it so that anyone in the business can see what what we're using for different situations would be useful as well. Uh Laracon AU returns to Brisbane uh on the 4th to the 6th of November 2026 and brings the Laravel community together once again. Now in its sixth year, Laracon AU has become a gathering point for Laravel developers across the APAC region and beyond. Join us for two days of technical talks, hallway conversations, and shared experiences building real applications with Laravel. The CFP is now open and we I specifically am inviting the community to submit talks for this year's event. We're looking for a more uh technical schedule, but we're also not necessarily technical talks, but deeper explorations. We want to focus on uh trade-offs and real world experiences and things that you know if I see the talk on Thursday, I can take back some solution to work with me on Monday. Uh it takes place in Brisbane once again, a city known for its warm spring weather, riverfront precincts, and vibrant developer communities. We encourage people that are coming to plan their travel to arrive on the 4th of November. More details will come in the coming weeks. I did put out a tweet earlier today that we're still we've we've had a good start to submissions for um talks this year. We're looking for some specific gaps to be filled at the moment just where we're looking at the submissions around things that um we still are wanting more content on. So if you're if you got a be beginner friendly tools focused talk, we're looking for some more 45minut deeper technical dives. We've got talks on architecture and system design and product and real world decision- making. There's four categories if you wanted to uh consider submitting your talks. We would love to see some more people from Australia and New Zealand as well submitting talk submissions. We always get loads of uh submissions from overseas. We want to see our local stocks be bolstered as well. So at laron.au/speak, au/speak. We've also got a guide this year. If you want some more tips, tricks, ideas, examples on kinds of talks to submit at laron.au/speak/guide, but we'll have links to all of that for you in the show notes. Very cool. This next one's uh interesting. This is sort of a proof of concept for what's possible with web assembly in the PHP ecosystem. So this is a handy tool for quick prototyping, live demos or sharing reproducible Laravel examples without having to spin up an entire environment. So this is called Liinal. So is a browserbased IDE for Laravel powered by web assembly. So this was written by Andrew Schumlin. Browserbased IDE lets you write, run and preview a applications entirely in the browser. So that means there's no server setup. There is no local PHP installation requires required. It accomplishes this by running PHP 8.4 via web assembly. So Eric had a talk um with the creator I believe. Let me double check that real quick. Nope. Nope. He's just showing us a demo. No talk with the creator. Just showing us a demo. Uh so once you have this running, you get a full development environment in a single browser tab. Here they are there. Here's the things that you get. You get a code editor. So you can browse and edit your files with syntax highlighting for PHP blade, JavaScript, TypeScript, JSON, and CSS. Uh it's thus powered by code mirror. And then you have a preview pane. So you can navigate routes for your website. You can see rendered HTML with tailwind CSS version 4 injected automatically. You could preview pane. You have a terminal where you can run artisan commands with command history. You have an a open AI agent uh powered assistant that can read and write files and execute commands on your behalf. And then you also have a uh tool window which has the ability to they do things like connect it up to a GitHub repo or you know choose your preferred editor scheme or export this to a file system. It zips up the entire project and makes it as a little sharable zip. Um so this isn't a composer package you pull into an existing project. Instead you clone uh this liinal down and then you build it locally and then you can uh run it in your browser there. So some cool things with sharing and syncing there are some limitations right because there's uh is PHP and web assembly. There's no external network access from the PHP code. So you can't pull things from uh from the web. Uh the pre-bundled vendor directory cannot be modified. It's a SQL light only situation. You can't use Postgress or MySQL. And then performance of course of course is going to be a little bit slower than native PHP but that's to be expected. So again interesting proof of concept maybe useful for you. Uh I could see it being used in a you know again in maybe like a demo situation where here's the code and here's the here is the uh sort of output of that all in one nice little package there. Pretty cool. Check that one out. Last bit of news we have today. Laravel boost version 2.4 4 was released and adds a security audit to the add skill command, introduces a new Laravel best practices skill and adds an ignore option to the skills update command. Just very high level stuff here. So, as I mentioned, the add skill command is been added. This now runs a security audit before installing a skill, giving developers a chance to review potential issues before the skill is added to their project. The new Laravel best practices skill encodes Laravel best practice guidance which Claude can draw on when helping with Laravel projects. The new ignore option for the skills update command lets you skip updates for a specific skills giving more control over which skills get updated when running the update command. The herd MCP integration has been removed in favor of using the herd CLA directly. Uh the core guideline for token optimization has been updated to reduce token usage and keeping prompt overhead lower during AI assisted sessions. We've also added an oorthth field to the open code nightw watch MCP config. Improve the folio routing skill description and removed redundant core guideline reference and fixed typos in livewire skill description. We have links to the full change log and the 2.4 release in the show notes for you. Sounds good. Uh we have got a new package. We're going to transition into the packages here now. In case you thought we were in packages, we weren't. We are now transitioning into packages. And the first one we're going to talk about is called Lens Lens for Laravel. What this does is this brings web content accessibility guideline auditing to your local development workflow. That web content accessibility guideline oftentimes is referred to as W CAG, WC A. you don't have to say the whole thing about every time. Uh, and let's be honest, accessibility is something that I don't really like to have to do. Uh, it's really easy to overlook during development. It's hard to catch regressions in your code review because you have to pull it all down and sort of look at it. And so, this is a difficult problem to solve if it's just dependent on you staring at the page and and recognizing uh what's different or what's what's wrong there. So, uh, Jacob Leensky created this dev package that scans your running applications for W CAG violations using Axe Core, which I'm not exactly sure what that is, but I'm guessing it is a library designed to catch these violations. And then it maps that issue back to the specific blade template file number and then shows you where it was originated so that you can you can change it to make it compliant. Again, these are accessibility things of course and so things like contrast or like I don't know line height. I'm not exactly sure. Um there's all sorts of things like that, right? But it will the the nice thing about this is it actually maps it to the place where you can go fix it. Think of it like PHP stand uh where PHP stand will say here's a violation. Here's the here's the file number that it's at. Like you can go find it right there. This is like that for WAG violations. It says here's the blade file that changed it and here's where you need to fix that. So lens depends on puppeteer which is a headless chromium browser powered by spasi browser browser shot. So you do need node installed along uh side of php 8.2 or higher and then laravel 101 or 12 but that's it. There's no additional setup required will automatically discover service provider pull in AlpineJS Tailwind from a CDN etc. But then it gives you this dashboard lens for laravel dashboard in your local app. And from there you can audit a single page, a list of pages. You can crawl your entire sitemap discovery uh or link following uh you know up to 50 pages by default. And so it will then group those uh violations a double AAA with each violation showing the CSS selector, the source blade file number and a line number and then a link to the relevant W CAG documentation. Um the dashboard of course is restricted to only your local environment by default so it doesn't accidentally get shipped to production. You can also do a CLI version so that you can ship this in your CI/CD integration so you have a lens audit artisan command which is really nice. There are a couple other artisan command uh which I will let you uh look at yourself. And then lastly, pretty cool, there is also the ability to configure an AI provider so that lens can then suggest changes uh or patches directly in that dashboard to your agent and then it will make those suggested changes for you. your your agent will of course some configuration as you would expect and then uh there's a couple pieces that's just sort of a disclaimer like this can't catch all of the violations of course there are some that require human judgment but this does a great job of getting you started so definitely check that one out pretty cool slidewire allows you to build presentations using livewire and blade is a larable package for building browserbased presentation decks using livewire and blade components slides are blade templates rendered as full page livewire components allowing use of public properties with and the complete livewire component model. A deck uses the X slidewire Dodop deck and slide components and the examples provide uh the examples which you can read in the article because I'm not going to read out live wire blade HTML allows you to create simple presentations that use the neon theme with a fade transition is the ability to use fragment components to reveal content progressively within a slide and slide wise steps through each fragment before showing the next slide. So think uh transitions, bullets, you know, line by line, etc. For two-dimensional decks, the vertical slide component group slides into a vertical stack beneath a horizontal position, allowing you to drill down into a topic without leaving the main flow. Syntax highlighting is bundled via Ficky with no extra setup required. The code component accepts a language attribute along with optional theme font and font size overrides and mermaid diagrams are also supported and render in the browser when the slide becomes active. There are seven built-in themes, two-dimensional navigation, fragments, syntax highlighting and mermaid diagram support and more. Uh, shout out to Wendell Adreel who put this one together. Slide wire does require PHP 8.4, Laravel 12 and above and LiveWire 4.2 and upove. You can install all of it via uh composer. We have links to it. You can check it out at slidewire.dev. Very cool. We've talked about the circuit breaker pattern a couple times. Harris Ratopoulos actually had a talk about this at India. He's had a couple posts about this. He may even have a package on it. But we have another package here today which is by Algo Yunas bringing the circuit breaker pattern to Laravel. also allows you to track failures for a named service to prevent cascading failures when a downstream service is unavailable. So that's really what we're talking about here. The circuit breaker pattern allows you to have something like Stripe or a thirdparty API and if that thirdparty API stops responding instead of blowing up your application for the next 3 hours while it's experiencing an outage, you can allow the circuit breaker pattern to say, "Nope, the circuit is now open." And it will occasionally retry. And then once it's back up and active, it will uh sort of selfheal, but it provides uh you know this ability to stop cascading failures throughout your system uh using this pattern. So uh I'm not going to go into too much detail here because I feel again we've already detailed this pattern and how exactly it works. But if you're interested in having some of the work done for you, having a nice API that builds out the different uh states, you should definitely check this one out. Details will be in the show notes. Take the pain out of data imports with Laravel ingest. This is a package by Robin Cop and it is configurationdriven extract, transform, and load package that replaces a one-off import scripts with declarative importer classes. It handles files from a few hundred to tens of millions of rows by processing them through PHP generators and Laravel cues, keeping memory usage consistent regardless of file size. Main features include declarative importer classes using a fluent ingest config builder, automatic resolution of belongs to and belongs to many relationships, duplicate handling strategies, dry run mode for validation of imports before writing to the database, failed row tracking and downloadable CSV exports, column aliasing, dynamic model resolution on uh row data. Import sources include file upload, file system disks including S3, URL, FTP and SFTP and autogenerated artisan commands and REST API endpoints per importer. We have more details around defining importers, running the imports and monitoring the progress as well as events that are fired by the package. Uh we have links to all of that for you in the show notes. very useful package because I'm sure I'm not the only one who has built endless a million times CSV importers. So check that one out a million times. Yeah, very true. Okay. Prism workers AI. So Prism is the Laravel package that is powering some of the Laravel AI SDK. So Prism, that's what we're talking about here. But there is now a Cloudflare workers AI provider for Prism. So let's talk about that real quick. What is Cloudflare Workers AI? So Cloudflare workers AI is the ability so Cloudflare gives you the ability to have like uh serverless GPU powered servers out there that allow you to run your own models on Cloudflare's global network. So you can think it like almost like running Olama on your local machine. So you can load it up with, you know, any sort of model you want. Uh, Cloudflare has a model catalog of like 50 different open- source models that you can select from and say, "Run it on this box. Give me an IP that I can point it to." And, you know, that's my own private little thing I can use there. That's what we're talking about here. Cloudflare workers AI. So this uh, Prism workers AI package is a Cloudflare Workers AI provider for Prism PHP and the Laravel AI SDK. Okay, so it routes requests through Cloudflare's AI gateway endpoint. Uh, it can generate natural language text, structured outputs, stream responses, all the things that you would expect that these things could do. Yes, it can do text generation and streaming is what's talked about in here. How you go through to generate text using workers AI model through Prisfluent API. Uh, streaming just as it is in the documentation. Again, you're really just following a slightly different API from what you typically would just following the regular Prism documentation here. It also allows for tool calling, reasoning models with thinking content. Uh, and then it goes through the Laravel AI SDK integration. So, this post is really just, hey, if you're interested in running your own model, your own model quote unquote on the Cloudflare workers AI uh infrastructure, you can now do so do so with Prism PHP or the Laravel AI SDK. And this just goes through here is the methods and tools that are available to do that and some of the specifics around this driver. So, pretty cool. Good stuff there. Check it out if you're interested. Mode GKIT is a service for generating dynamic open graph images using your own HTML and CSS created by Peteroomum. It lets you define OG image templates directly in your codebase instead of relying on external design tools or headless browser setups. It works by adding a template tag with your OG image markup to any page on your site and include the Ogit client script and the service handles rendering and cing the images. You can preview a template in your browser by appending the Ogit- render query string to any URL and see your browser's dev tools to tweak it. Oh, sorry, and use your browser's dev tools to tweak it live. And because the templates are standard HTML and CSS, you can use your existing styles, fonts, images, and templating language. There is no custom DSL to learn. OGKIT provides an official Laravel package that supports Laravel's 10 through 12 at the time of writing of this article and the package auto discovers it service provider. So no additional setup is needed beyond installation and then you can use the template uh by writing some HTML and it then wrapping your template code itself inside an OG template uh block. This also works with Inertia and you can view all the docs on the Laravel integration on the OKIT website. The OKIT service offers a free tier that includes 25 pages with pay pay plans starting at $99 a year for a,000 pages. All plans include cached images and unlimited domains. Um, a page itself represents a unique URL where Ogit generates and hosts an open graph image. For more details, you can visit the OGKit website at ogkit.dev or check out the Laravel package on GitHub. Links to all of that will be there for you in the show. Very cool. Um, if you've ever had to interface with the USPS ooth to rest JSON API thing, you know, it can be a bit of a pain in the neck. And um, who doesn't like to have some of that work done for us? I do. And so the Laravel USPS package by John Paul Metting is a fullfeatured Laravel package that wraps that USPS API version three for you. So it has 20 different API domains, 80 different endpoints, uh, of course, some of the most popular features here are address validation, package trip, uh, sorry, package tracking, the ability to ship uh, or print shipping labels, pricing, carrier pickup scheduling, uh, items like that. Under the hood, it handles the OOTH 2 token management automatically and then it caches those tokens for roughly 50 minutes because they expire after an hour. It caches those for roughly 50 minutes to cut down on unnecessary author requests which is very nice. Um, so composer require it, publish the config file, add in your client ID, your client secret, and then away you go. The API is really nice. USPS do validate passing in the address, the city, the state, and the zip. it will respond respond back to you uh with like a corrected address if it was good or things like hey it needs a secondary unit right if you're sending it to an apartment complex and there is no apartment number it's going to tell you hey you're missing an apartment number um you know and additional pieces like that again if corrections were made to the submitted address a corrections key is also present in the response so you know by the way you added the zip code this way it was actually this and so there you go uh there's also Alo a ability to normalize input before it validates the address. So for example, if you put in the state of Florida, the validate command will automatically convert that to FL. Uh if you put in the zip code with like six characters four, you know, six integers four integers, it will break those up into the component pieces uh before it sends it off. So just makes a little bit more reliable. Uh you can of course find the rest of the API methods here. Again, package tracking, really nice. The ability to be able to pass in like up to 35 different uh tracking numbers at a time and get delivery information for each of those shipments is very nice. And then there's also a great website that accompanies the package itself, which talks through all of the different items uh that are available. And for those of you who are, you know, the the reason why this is important is because the legacy USPS web tools XML API was retired in January of this year. We had to go through the pain of doing this. So, you're just a little bit too late. We I wish we had this at the end of the year last year. John Paul, uh, it's Medina, actually, not Medding, Medina. Uh, we'll have to we might might switch over to this one. So, good work on that. Looks really, really nice. definitely suggest using that one. Uh just the two tutorials this week that I'll run through now. First up, building a transaction safe multi-document operations in Laravel. This tutorial will help you learn how to use MongoDB's multi-document acid transactions in Laravel to ensure data consistency across collections when atomic operations aren't enough with practical examples of handling rollbacks and failures. You'll learn when at topic You'll learn when atomic operations aren't sufficient for data consistency. How to use Laravel's DB transaction with MongoDB. Understanding transaction rollbacks, commits, and failure scenarios and best practices for keeping transactions fast and reliable. And Harris Rafopoulos back in front of the camera this time talking about shipping AI with Laravel and building your first agent with Laravel 13's AI SDK. As we said at the top of the show, Laravel 13 ships with an official AI SDK providing you with agents, tools, embeddings, vector stores, and streaming. It is first party and built into the framework. Harris used it to build a support AI, a customer support platform where the agent looks up real orders from the database, searches a knowledge base with rag retrieval augmented generation. Yes. classifies tickets by category and sentiment, streams responses through a livewire chat UI, pulls live data from the web, and blocks prompt injections with a local LLM before they ever reach Open AI. You can watch the full demo video if you want to see the finished product. Uh, but we have links to all of that for you in the show notes. How cool is that? That's a great one. Good job, Harris. I'm excited to watch that one actually. Very, very cool. Watch the full demo here. So, he's got just a link off to the video where it links to um this a quick two and a half minute demo. Really exciting to watch that one. Uh really cool stuff. Believe he's putting out as like a multi-part series of how he built it as well. But the yeah, the demo is just as you say, the 2 and a half minute video that that goes through everything that it does. So, this we'll have a link here as well to the first episode where he goes from fresh Laravel 13 app to a working support agent in about 10 minutes. The dude's a monster. Good job, Harris. We're proud of you, dude. Folks, that is it for this episode. Episode 255. You 255. You can find show notes for this episode at podcast.lairvel-news.com255. Would really appreciate it if you would rate this pod uh cast up five stars in your pod catcher of choice would be amazing. And of course, if you ever have any questions, hit us up on X on Twitter at Jacob Penno or Larville News. Michael, my friend, it has been a pleasure. I hope you have a wonderful week. Happy April Fools and we'll see you folks in two weeks. Well, have a have a good Easter. Absolutely. See you guys. Bye.