Convenient Content Security Policies with Spatie Laravel CSP 3 Presets
Shawn Hooper enjoys the new presets we recently added to our Laravel CSP package.
Read more [shawnhooper.ca]
Transform your URLs with AI using our new Laravel package original
I'm excited to share that we've released a new package called spatie/laravel-url-ai-transformer. This one can get the content of a webpage and transform it into something else using AI.
In this blog post, I'd like to share why I've created it and how you can use it.
Join 9,500+ smart developers
Get my monthly newsletter with what I learn from running Spatie, building Oh Dear, and maintaining 300+ open source packages. Practical takes on Laravel, PHP, and AI that you can actually use.
No spam. Unsubscribe anytime. You can also follow me on X.
"If you are one of the *millions* who have downloaded a Spatie package, then you understand the quality that Freek aims for. The newsletter is of the same quality of any Spatie package you're using."
Introducing Rich Text Laravel - Part 2
– tighten.com - submitted by Kayla Helmick
This article continues the series on integrating Trix with Laravel by focusing on user mentions using the Rich Text Laravel package. It walks through adding a Tribute.js-powered mention picker in the editor, implementing back-end support via an AttachableContract and Signed Global IDs, and even scaffolds a notification system to email mentioned users.
Read more [tighten.com]
How to monitor your Laravel app for critical vulnerabilities original
A critical security vulnerability was just disclosed for Livewire v3, as Stephen Rees-Carter wrote about on Securing Laravel. The vulnerability (CVE-2025-54068) allows unauthenticated attackers to achieve remote code execution in specific scenarios. What makes this particularly concerning is that exploitation doesn't require authentication or user interaction - just a component mounted and configured in a particular way.
This vulnerability affects all Livewire v3 versions up to 3.6.3. If you're running any version in that range, attackers could potentially run arbitrary PHP code on your server. Stephan warns us the open-source nature of the fix means attackers may already be reverse-engineering the patch to identify and abuse the exploit.
Many production apps are probably running vulnerable versions right now, with their developers completely unaware. This is where automated security monitoring becomes invaluable - using Laravel Health to check for vulnerabilities, and optionally services like Oh Dear to send you notifications when issues are detected.
Introducing spatie/ping and spatie/simple-tcp-client original
We just tagged stable release for two new spatie packages: spatie/ping and spatie/simple-tcp-client. In this blogpost, I'd like to share why these were developed and how you can use them.
How to use one-time passwords in Laravel
A nice video from Povilas on our newest pacakage
Read more [www.youtube.com]
15 Lesser known Spatie Laravel Packages and Projects
Povilas from Laravel Daily made a cool video about our packages.
Read more [www.youtube.com]
Five levels of handling images in Laravel
We'll cover resizing, image optimization, and UI enhancements and show how Spatie's packages and products can make the whole process easier, more efficient, and even a bit fun.
Read more [spatie.be]
A package to handle passkeys in Laravel original
I’m proud to announce that we’ve released a new package called spatie/laravel-passkeys that makes adding passkeys to a Laravel app as easy as it can be.
Read more [spatie.be]
Introducing PHP Operators
Here's a fun little sideproject from my colleague Seb. This web app is built with Laravel, Alpine.js, and Tailwind CSS. Content is stored in Markdown files and loaded with our sheets package.
Read more [php-operators.com]
Livewire and Inertia: how we love and use both at Spatie
If you held an individual Spatie employee at gunpoint (please don't) and forced them to pick a favorite, you'll get a 50/50 split. But when we look at the choice at hand as a team, it becomes easier to determine the right fit.
Read more [spatie.be]
Implementing Multitenancy in Laravel original
Here's the recording of the talk I did at this years Laracon India. In this talk, I show how we use our laravel-multitenancy package to make Mailcoach tenant aware. Enjoy!
🚀 Laravel CSP v3 has been released, now supports presets
We just tagged & released a new major version of spatie/laravel-csp, a package to manage your Laravel app's content security policy. The development goal for version 3 was to reduce the boilerplate of configuring a policy for common services like Google Tag Manager, Fathom Analytics, Adobe Fonts…
Read more [spatie.be]
Bulletproofing Inertia: How I maximize Type Safety in Laravel Monoliths
Here's how you can use our Laravel Data package.
Read more [matthiasweiss.at]
Introducing laravel-tfa-confirmation
– stefanzweifel.dev - submitted by Stefan Zweifel
A new Laravel package to protect sensitive routes or actions with a confirmation-screen and ask for the two-factor authentication code of a user.
Read more [stefanzweifel.dev]
Introducing Rich Text Laravel: A package to integrate Trix into Laravel applications
– tighten.com - submitted by Kayla Helmick
This article covers installing Rich Text Laravel and Trix in a Laravel app, adding rich text attributes to models, migrating existing content from plain text, and integrating Trix’s file attachment feature with Laravel.
Read more [tighten.com]
Create a domain using Spatie event sourcing
– albertoarena.it - submitted by Alberto Arena
Laravel event sourcing generator adds a new Artisan command that can generate a full domain directory structure for Spatie event sourcing.
Read more [albertoarena.it]
Mixing up our styling recipe for Ray v3
– myray.app - submitted by Spatie
Read more [myray.app]
How to test all routes in your Laravel app by writing just a single Pest test original
We’ve released a new package called spatie/pest-plugin-route-testing. This package can test all common routes in your Laravel app by writing a single test.
In this blog post, I’d like to tell you all about it.
A package to use Filepond in your Livewire component original
We’ve published a new package called livewire-filepond, which contains a component to easily upload files.
Under the hood, Filepond, a powerful JavaScript library to upload files, is used.
