Posts tagged with spatie
We just released laravel-screenshot, a new package to take screenshots of web pages in Laravel apps.
It uses a driver-based architecture, so you can choose between Browsershot (which requires you to install Chromium) and Cloudflare Browser Rendering (which can be used on environments like Laravel Cloud).
Let me walk you through the package.
Laravel's built-in authorization is great when permissions are defined in code. With gates and policies, you can write logic like this:
// Defined in code, requires a deploy to change
Gate::define('edit-posts', function (User $user) {
return $user->is_admin;
});
But in some projects roles and permissions are dynamic: created by users, managed through an admin panel, or changed at runtime without deploying code. Our Laravel Permission package can help you dynamically create roles and permissions.
We just released v7 which doesn't bring any new features, but cleans up the internal code and modernizes it. Let me walk you through what the package can do.
Join thousands of developers
Every two weeks, I share practical tips, tutorials, and behind-the-scenes insights from maintaining 300+ open source packages.
No spam. Unsubscribe anytime. You can also follow me on X.
A while ago, we released laravel-pdf, a package to generate PDFs in Laravel apps.
Under the hood, it used Browsershot (and therefore Puppeteer/Chrome) to convert HTML to PDF. That approach works great, but it does require Node.js and a headless Chrome binary on your server.
Last week, my buddy Dries shared on X how to generate PDFs using Cloudflare services. This way doesn’t require Node or any binaries. Very neat! This unlocks PDF generation for environments where Node or Chrome cannot be installed easily, like Laravel Cloud.
To support this way of rendering a PDF, we’ve released a new major release (v2) of Laravel PDF. The package now ships with three drivers: Browsershot, Cloudflare Browser Rendering, and DOMPDF. You can also create your own driver. On top of that, we've added queued PDF generation and the ability to set PDF metadata. And to let your AI understand our package, we've added a Laravel Boost skill.
Let me walk you through all of it.
If you're using AI tools like Claude Code to help write code, you've probably noticed they don't automatically know your team's coding conventions. The AI might write perfectly valid PHP, but it won't follow your specific style guide unless you tell it to. That's the problem Laravel Boost solves. It…
– tighten.com - submitted by Kayla Helmick
We released version v1.5.0 of Parental, our package that adds support for Single Table Inheritance (STI) in Laravel. This new version allows types to become other types and use numeric type columns instead of strings. It also adds new helper methods for eager-loading.
Read more [tighten.com]
Shawn Hooper enjoys the new presets we recently added to our Laravel CSP package.
Read more [shawnhooper.ca]
I'm excited to share that we've released a new package called spatie/laravel-url-ai-transformer. This one can get the content of a webpage and transform it into something else using AI.
In this blog post, I'd like to share why I've created it and how you can use it.
– tighten.com - submitted by Kayla Helmick
This article continues the series on integrating Trix with Laravel by focusing on user mentions using the Rich Text Laravel package. It walks through adding a Tribute.js-powered mention picker in the editor, implementing back-end support via an AttachableContract and Signed Global IDs, and even scaffolds a notification system to email mentioned users.
Read more [tighten.com]
A critical security vulnerability was just disclosed for Livewire v3, as Stephen Rees-Carter wrote about on Securing Laravel. The vulnerability (CVE-2025-54068) allows unauthenticated attackers to achieve remote code execution in specific scenarios. What makes this particularly concerning is that exploitation doesn't require authentication or user interaction - just a component mounted and configured in a particular way.
This vulnerability affects all Livewire v3 versions up to 3.6.3. If you're running any version in that range, attackers could potentially run arbitrary PHP code on your server. Stephan warns us the open-source nature of the fix means attackers may already be reverse-engineering the patch to identify and abuse the exploit.
Many production apps are probably running vulnerable versions right now, with their developers completely unaware. This is where automated security monitoring becomes invaluable - using Laravel Health to check for vulnerabilities, and optionally services like Oh Dear to send you notifications when issues are detected.
We just tagged stable release for two new spatie packages: spatie/ping and spatie/simple-tcp-client. In this blogpost, I'd like to share why these were developed and how you can use them.
A nice video from Povilas on our newest pacakage
Read more [www.youtube.com]
Povilas from Laravel Daily made a cool video about our packages.
Read more [www.youtube.com]
We'll cover resizing, image optimization, and UI enhancements and show how Spatie's packages and products can make the whole process easier, more efficient, and even a bit fun.
Read more [spatie.be]
I’m proud to announce that we’ve released a new package called spatie/laravel-passkeys that makes adding passkeys to a Laravel app as easy as it can be.
Read more [spatie.be]
Here's a fun little sideproject from my colleague Seb. This web app is built with Laravel, Alpine.js, and Tailwind CSS. Content is stored in Markdown files and loaded with our sheets package.
Read more [php-operators.com]
If you held an individual Spatie employee at gunpoint (please don't) and forced them to pick a favorite, you'll get a 50/50 split. But when we look at the choice at hand as a team, it becomes easier to determine the right fit.
Read more [spatie.be]
Here's the recording of the talk I did at this years Laracon India. In this talk, I show how we use our laravel-multitenancy package to make Mailcoach tenant aware. Enjoy!
We just tagged & released a new major version of spatie/laravel-csp, a package to manage your Laravel app's content security policy. The development goal for version 3 was to reduce the boilerplate of configuring a policy for common services like Google Tag Manager, Fathom Analytics, Adobe Fonts…
Read more [spatie.be]
Here's how you can use our Laravel Data package.
Read more [matthiasweiss.at]
– stefanzweifel.dev - submitted by Stefan Zweifel
A new Laravel package to protect sensitive routes or actions with a confirmation-screen and ask for the two-factor authentication code of a user.
Read more [stefanzweifel.dev]