Laravel developers now get websockets setup in ~40 seconds, for free, using https://t.co/L2kbFeHyOb and the new composer package π₯
artisan vask:install will auth with https://t.co/64mTdrNgMK, give you a websocket app, and set those details in your .env file so you're ready to go πͺ
Coming soon: your agent will register for you, no OAuth needed π
Most "licensing" packages assume you're always online.
laravel-licensing doesn't. PASETO tokens signed by a rotatable signing key, chained to a root you keep cold. Polymorphic seats. Laravel 12+.
https://t.co/XbnFZSiLHs
#laravel
5/6
Key compromised at 3am? One command:
php artisan licensing:keys:rotate --reason=compromised
Old `kid` revoked, new signing key issued and chained to root, public bundle republished. Zero client config changes β same root, new chain.
4/6
Issue an offline token for a device fingerprint:
php artisan licensing:offline:issue --license=KEY --fingerprint=device-abc --ttl=7d
Client verifies against the public bundle. No phone-home for the next 7 days.
3/6
Bind a license to any model β Workspace, Account, Device, anything:
public function license() {
return $this->morphOne(License::class, 'licensable');
}
Each seat = one LicenseUsage row. Concurrency-safe with pessimistic locks.
2/6
The trust chain is two-level:
- Root key β signs nothing but signing-key certs. Stays cold.
- Signing key β short-lived, has a `kid`, signs every offline token.
Rotate the signing key whenever you want. Clients keep validating against the same root.
1/6
Why does this matter?
Desktop apps, on-prem installs, air-gapped envs, flaky networks. If your license check 500s when AWS does, your paying customers can't open the app they paid for.
Public-key crypto fixes this. The client only needs the root public key.
If you use Laravel Valet and Safari feels slow on .test domains, the fix is simple.
Safari tries IPv6 first, times out, then falls back to IPv4. Just tell dnsmasq to also resolve .test to the IPv6 loopback address and restart it.
Thanks to my colleague @rubenvanassche for this one.
A few things I've noticed as all devs write code with AI.
When you write foundational / architectural code of a new project by hand, you "feel" the code pushing back if your abstraction isn't right. You feel when something is harder than it should be. The code is telling you it's not in the right shape. Good engineers are sensitive to this.
When you're using an LLM, you keep pushing right through this in a way that feels like you're making progress, and it may even be directionally correct in a sense, but the underlying foundation of it all is actually bad in a way that either kills progress of the LLM later as it buckles under the complexity it has created or destroys your ability to maintain the code long term.
Related to this, I see a general restlessness with just sitting and thinking about a problem for a while.
As I've been working on a new library here at Laravel, there have been days where it feels like I mainly just stare at my screen thinking about something. When Claude Code is at your fingertips, it's tempting to just start yapping into the terminal and watching code come out the other end. Again, directionally correct in some ways, but often doesn't land on the elegant solution that is waiting to be discovered.
this package will save you if you need to export a large amount of data
it exports 10,000 rows in 3 seconds using less than 3MB of memory
the best when it comes to performance
meet rap2hpoutre/fast-excel
π₯ Here are some of the most basic monitoring techniques you can start using immediately:
- Spatie laravel-health
- Error tracking
- Synthetic checks
It takes ~30 minutes to set up these.
π§΅ Keep Reading
The new Event::defer() method allows you to delay the dispatching of all events until after a given closure has been executed. β
Thanks @dbpolito! π