spatie

All my posts about spatie.

How to monitor your Laravel app for critical vulnerabilities original

Jul 18th 2025 by Freek Van der Herten – 6 minute read

A critical security vulnerability was just disclosed for Livewire v3, as Stephen Rees-Carter wrote about on Securing Laravel. The vulnerability (CVE-2025-54068) allows unauthenticated attackers to achieve remote code execution in specific scenarios. What makes this particularly concerning is that exploitation doesn't require authentication or user interaction - just a component mounted and configured in a particular way.

This vulnerability affects all Livewire v3 versions up to 3.6.3. If you're running any version in that range, attackers could potentially run arbitrary PHP code on your server. Stephan warns us the open-source nature of the fix means attackers may already be reverse-engineering the patch to identify and abuse the exploit.

Many production apps are probably running vulnerable versions right now, with their developers completely unaware. This is where automated security monitoring becomes invaluable - using Laravel Health to check for vulnerabilities, and optionally services like Oh Dear to send you notifications when issues are detected.

Introducing spatie/ping and spatie/simple-tcp-client original

Jul 15th 2025 by Freek Van der Herten – 4 minute read

We just tagged stable release for two new spatie packages: spatie/ping and spatie/simple-tcp-client. In this blogpost, I'd like to share why these were developed and how you can use them.

Join 9,500+ smart developers

Get my monthly newsletter with what I learn from running Spatie, building Oh Dear, and maintaining 300+ open source packages. Practical takes on Laravel, PHP, and AI that you can actually use.

No spam. Unsubscribe anytime. You can also follow me on X.

How to use one-time passwords in Laravel

Jun 11th 2025 – www.youtube.com

A nice video from Povilas on our newest pacakage

15 Lesser known Spatie Laravel Packages and Projects

Jun 4th 2025 – www.youtube.com

Povilas from Laravel Daily made a cool video about our packages.

Five levels of handling images in Laravel

May 12th 2025 – spatie.be

We'll cover resizing, image optimization, and UI enhancements and show how Spatie's packages and products can make the whole process easier, more efficient, and even a bit fun.

Read more [spatie.be]

A package to handle passkeys in Laravel original

May 9th 2025 – spatie.be

I’m proud to announce that we’ve released a new package called spatie/laravel-passkeys that makes adding passkeys to a Laravel app as easy as it can be.

Read more [spatie.be]

Introducing PHP Operators

May 7th 2025 – php-operators.com

Here's a fun little sideproject from my colleague Seb. This web app is built with Laravel, Alpine.js, and Tailwind CSS. Content is stored in Markdown files and loaded with our sheets package.

Livewire and Inertia: how we love and use both at Spatie

May 6th 2025 – spatie.be

If you held an individual Spatie employee at gunpoint (please don't) and forced them to pick a favorite, you'll get a 50/50 split. But when we look at the choice at hand as a team, it becomes easier to determine the right fit.

Read more [spatie.be]

Implementing Multitenancy in Laravel original

Apr 7th 2025 by Freek Van der Herten – 1 minute read

Here's the recording of the talk I did at this years Laracon India. In this talk, I show how we use our laravel-multitenancy package to make Mailcoach tenant aware. Enjoy!

🚀 Laravel CSP v3 has been released, now supports presets

Mar 26th 2025 – spatie.be

We just tagged & released a new major version of spatie/laravel-csp, a package to manage your Laravel app's content security policy. The development goal for version 3 was to reduce the boilerplate of configuring a policy for common services like Google Tag Manager, Fathom Analytics, Adobe Fonts…

Read more [spatie.be]

Bulletproofing Inertia: How I maximize Type Safety in Laravel Monoliths

Mar 18th 2025 – matthiasweiss.at

Here's how you can use our Laravel Data package.

Introducing laravel-tfa-confirmation

Feb 11th 2025 – stefanzweifel.dev - submitted by Stefan Zweifel

A new Laravel package to protect sensitive routes or actions with a confirmation-screen and ask for the two-factor authentication code of a user.

Introducing Rich Text Laravel: A package to integrate Trix into Laravel applications

Feb 5th 2025 – tighten.com - submitted by Kayla Helmick

This article covers installing Rich Text Laravel and Trix in a Laravel app, adding rich text attributes to models, migrating existing content from plain text, and integrating Trix’s file attachment feature with Laravel.

Create a domain using Spatie event sourcing

Dec 26th 2024 – albertoarena.it - submitted by Alberto Arena

Laravel event sourcing generator adds a new Artisan command that can generate a full domain directory structure for Spatie event sourcing.

Mixing up our styling recipe for Ray v3

Dec 6th 2024 – myray.app - submitted by Spatie

How to test all routes in your Laravel app by writing just a single Pest test original

Jul 19th 2024 by Freek Van der Herten – 4 minute read

We’ve released a new package called spatie/pest-plugin-route-testing. This package can test all common routes in your Laravel app by writing a single test.

In this blog post, I’d like to tell you all about it.

A package to use Filepond in your Livewire component original

Jul 16th 2024 by Freek Van der Herten – 2 minute read

We’ve published a new package called livewire-filepond, which contains a component to easily upload files.

Under the hood, Filepond, a powerful JavaScript library to upload files, is used.

A package to display solutions on the Laravel error page original

Jul 3rd 2024 by Freek Van der Herten – 7 minute read

When Laravel switched to a simpler exception page, the ability to display solutions for an exception was lost.

Our latest package, called spatie/laravel-error-solutions brings back that powerful feature. When installed, it will display solutions for most common exceptions.

Here’s how that looks it:

And yes, some solutions, like the one in the screenshot above, can be executed on the exception page too.

In this blog post, I’d like to tell you all about it!

Building Laravel Error Share

Jun 26th 2024 – sebastiandedeyne.com

Here's how our latest package works under the hood.

Become a debugging wizard with RAY

Jun 17th 2024 – youtu.be - submitted by Bert De Swaef

In this video we're learning how to use Ray to debug your projects. Weither your working with Laravel, PHP, Javascript or some other programming language, Ray is there for you.

Debugging your project was made easy by the guys over at Spatie. They designed and developed a debugging tool for us, called Ray. Available at https://myray.app