Freek.dev

Every once in a while, someone opens a PR on one of our open source packages adding a down function to the migration. I usually close those PRs fast with a thank you and a message “We don’t use down migrations in our projects”.

While down migrations might seem like a safety net, they're often a false comfort that potentially creates more problems than they solve.

Instead of explaining this in every PR separately, let me share why we don't write down migrations and what we do instead.

Read more

A critical security vulnerability was just disclosed for Livewire v3, as Stephen Rees-Carter wrote about on Securing Laravel. The vulnerability (CVE-2025-54068) allows unauthenticated attackers to achieve remote code execution in specific scenarios. What makes this particularly concerning is that exploitation doesn't require authentication or user interaction - just a component mounted and configured in a particular way.

This vulnerability affects all Livewire v3 versions up to 3.6.3. If you're running any version in that range, attackers could potentially run arbitrary PHP code on your server. Stephan warns us the open-source nature of the fix means attackers may already be reverse-engineering the patch to identify and abuse the exploit.

Many production apps are probably running vulnerable versions right now, with their developers completely unaware. This is where automated security monitoring becomes invaluable - using Laravel Health to check for vulnerabilities, and optionally services like Oh Dear to send you notifications when issues are detected.

Read more

We just tagged stable release for two new spatie packages: spatie/ping and spatie/simple-tcp-client. In this blogpost, I'd like to share why these were developed and how you can use them.

Read more

In this post, I'll share how I'm using PHPStan's type aliases feature to make validation rule typehints more readable and maintainable in our Laravel application.

Read more [ohdear.app]

Our new package gives you everything you need to build a secure one-time password auth flow.

Read more [spatie.be]

I’m proud to announce that we’ve released a new package called spatie/laravel-passkeys that makes adding passkeys to a Laravel app as easy as it can be.

Read more [spatie.be]

A couple of years ago, Laravel introduced a great feature which allows to run PHPUnit / Pest tests in parallel. This results in a big boost in performance.

By default, it determines the concurrency level by taking a look at the number of CPU cores your machine has. So, if you're using a modern Mac that has 10 CPU cores, it will run 10 tests at the same time, greatly cutting down on the time your testsuite needs to run completely.

A default runner on GitHub doesn't have that many cores, so you can't leverage parallel testing as good as in your typical local environments.

In this blog post, I'd like to show you a way of running your tests on GitHub, by splitting them up in small chunks that can run concurrently.

We use this technique at Oh Dear to cut down the running time of our vast testsuite from 16 minutes to only just 4. In this blog post all examples will come from the Oh Dear code base.

Read more

Here's the recording of the talk I did at this years Laracon India. In this talk, I show how we use our laravel-multitenancy package to make Mailcoach tenant aware. Enjoy!

Read more

We’ve released a new package called spatie/pest-plugin-route-testing. This package can test all common routes in your Laravel app by writing a single test.

In this blog post, I’d like to tell you all about it.

Read more

We’ve published a new package called livewire-filepond, which contains a component to easily upload files.

Under the hood, Filepond, a powerful JavaScript library to upload files, is used.

Read more

When Laravel switched to a simpler exception page, the ability to display solutions for an exception was lost.

Our latest package, called spatie/laravel-error-solutions brings back that powerful feature. When installed, it will display solutions for most common exceptions.

Here’s how that looks it:

And yes, some solutions, like the one in the screenshot above, can be executed on the exception page too.

In this blog post, I’d like to tell you all about it!

Read more

Here's the recording of the keynote at this year's PHPUKConference.

Read more

Recently, we introduced a nice new feature to Oh Dear: status badges. A status badge is a beautiful SVG that shows the uptime status of your site.

Read more

Recently, people started talking about a malware called “Androxgh0st” specifically targeting Laravel apps. In a recent edition of Securing Laravel, Stephen Rees-Carter wrote a good explanation of how it works. The malware targets apps with APP_DEBUG set to true. When enabled, Laravel will give…

Read more [ohdear.app]

We released a mini package called spatie/holidays that can calculate the public holidays of a country.

Read more

Last week, we released a new package called Laravel PDF that allows you to transform Blade views into PDFs. Under the hood, Chromium is used to perform the transformation. Because Chromium is an up-to-date browser, you can use any modern CSS you like.

Some people have asked if they can use Tailwind to style their documents. And I’m happy to report you can. Let’s take a look at a minimal example to showcase this.

Read more

I just read this nice blog post that contains a few tips on how to interview a Laravel developer. When hiring someone at Spatie, I usually tend to get a feel if a candidate is passionate about our field of work. I ask questions like: Who are the people you feel you can learn from? What blogs are you…

Read more

An introduction to the Flare GitLab integration!

Read more [flareapp.io]

A few days ago, we added a GitLab integration. In this blog post, we'll talk about the road to that integration and our struggles.

Read more [flareapp.io]

We’ve released a new package called spatie/laravel-pdf, a batteries-included package to generate PDFs in Laravel apps. Under the hood, it uses Chromium to generate PDFs from Blade views. You can use modern CSS features like grid, flexbox, and even frameworks like Tailwind to create beautiful PDFs.

In this post, I’d like to introduce and demonstrate the package.

Read more