Originally published at https://laravel.com
viewAny
RegisterController
Capsule::table
MethodtoArray
BelongsTo::update
MethodLang::trans
and Lang::transChoice
MethodsLang::getFromJson
MethodInput
FacadeWe attempt to document every possible breaking change. Since some of these breaking changes are in obscure parts of the framework only a portion of these changes may actually affect your application.
Likelihood Of Impact: Medium
PHP 7.1 will no longer be actively maintained as of December 2019. Therefore, Laravel 6.0 requires PHP 7.2 or greater.
Update your laravel/framework
dependency to ^6.0
in your composer.json
file.
Next, examine any 3rd party packages consumed by your application and verify you are using the proper version for Laravel 6 support.
viewAny
Likelihood Of Impact: High
Authorization policies attached to controllers using the authorizeResource
method should now define a viewAny
method, which will be called when a user accesses the controller's index
method. Otherwise, calls to the index
method of the controller will be rejected as unauthorized.
RegisterController
ControllerLikelihood Of Impact: Medium
If you are overriding the register
or registered
methods of Laravel's built-in RegisterController
, you should ensure that you are calling parent::register
and parent::registered
from within your respective methods. The dispatching of the Illuminate\Auth\Events\Registered
event and the logging in of the newly registered user has been moved to the registered
method, so if you are overriding this method and not calling the parent method, the user registration process will fail.
Likelihood Of Impact: Low
The constructor signature of the Illuminate\Auth\Access\Response
class has changed. You should update your code accordingly. If you are not constructing authorization responses manually and are only using the allow
and deny
instance methods within your policies, no change is required:
/*** Create a new response.
*
* @param bool $allowed
* @param string $message
* @param mixed $code
* @return void
*/
public function __construct($allowed, $message = ‘’, $code = null)
Illuminate\Contracts\Auth\Access\Gate
ContractLikelihood Of Impact: Low
The Illuminate\Contracts\Auth\Access\Gate
contract has received a new inspect
method. If you are implementing this interface manually, you should add this method to your implementation.
Likelihood Of Impact: Medium
Carbon 1.x is no longer supported since it is nearing its maintenance end of life. Please upgrade your application to Carbon 2.0.
AWS_REGION
Environment VariableLikelihood Of Impact: Optional
If you plan to utilize Laravel Vapor, you should update all occurrences of AWS_REGION
within your config
directory to AWS_DEFAULT_REGION
. In addition, you should update this environment variable’s name in your .env
file.
table
MethodLikelihood Of Impact: Medium
This change only applies to non-Laravel applications that are using illuminate/database
as a dependency.
The signature of the Illuminate\Database\Capsule\Manager
class’ table
method has updated to accept a table alias as its second argument. If you are using illuminate/database
outside of a Laravel application, you should update any calls to this method accordingly:
/*** Get a fluent query builder instance.
*
* @param \Closure|\Illuminate\Database\Query\Builder|string $table
* @param string|null $as
* @param string|null $connection
* @return \Illuminate\Database\Query\Builder
*/
public static function table($table, $as = null, $connection = null)
cursor
MethodLikelihood Of Impact: Low
The cursor
method now returns an instance of Illuminate\Support\LazyCollection
instead of a Generator
The LazyCollection
may be iterated just like a generator:
$user = App\User::cursor();
foreach ($users as $user) {
//
}
BelongsTo::update
MethodLikelihood Of Impact: Medium
For consistency, the update
method of the BelongsTo
relationship now functions as an ad-hoc update query, meaning it does not provide mass assignment protection or fire Eloquent events. This makes the relationship consistent with the update
methods on all other types of relationships.
If you would like to update a model attached via a BelongsTo
relationship and receive mass assignment update protection and events, you should call the update
method on the model itself:
// Ad-hoc query… no mass assignment protection or events…$post->user()->update([‘foo’ => ‘bar’]);
// Model update… provides mass assignment protection and events…
$post->user->update([‘foo’ => ‘bar’]);
toArray
Likelihood Of Impact: Medium
The Eloquent model’s toArray
method will now cast any attributes that implement Illuminate\Contracts\Support\Arrayable
to an array.
Likelihood Of Impact: Medium
Laravel 6.0 has received performance optimizations for integer key types. If you are using a string as your model’s primary key, you should declare the key type using the $keyType
property on your model:
/*** The “type” of the primary key ID.
*
* @var string
*/
protected $keyType = ‘string’;
Likelihood Of Impact: Medium
To prevent possible CSRF attacks, the email/resend
route registered by the router when using Laravel’s built-in email verification has been updated from a GET
route to a POST
route. Therefore, you will need to update your frontend to send the proper request type to this route. For example, if you are using the built-in email verification template scaffolding:
{{ __(‘Before proceeding, please check your email for a verification link.’) }}{{ __(‘If you did not receive the email’) }},
<form class=“d-inline” method=“POST” action=“{{ route(‘verification.resend’) }}”>
@csrf
<button type=“submit” class=“btn btn-link p-0 m-0 align-baseline”>
{{ __(‘click here to request another’) }}
</button>.
</form>
MustVerifyEmail
ContractLikelihood Of Impact: Low
A new getEmailForVerification
method has been added to the Illuminate\Contracts\Auth\MustVerifyEmail
contract. If you are manually implementing this contract, you should implement this method. This method should return the object’s associated email address. If you’re App\User
model is using the Illuminate\Auth\MustVerifyEmail
trait, no changes are required, as this trait implements this method for you.
Likelihood Of Impact: High
All str_
and array_
helpers have been moved to the new laravel/helpers
Composer package and removed from the framework. If desired, you may update all calls to these helpers to use the Illuminate\Support\Str
and Illuminate\Support\Arr
classes. Alternatively, you can add the new laravel/helpers
package to your application to continue using these helpers:
composer require laravel/helpers
Lang::trans
& Lang::transChoice
MethodsLikelihood Of Impact: Medium
The Lang::trans
and Lang::transChoice
methods of the translator have been renamed to Lang::get
and Lang::choice
.
In addition, if you are manually implementing the Illuminate\Contracts\Translation\Translator
contract, you should update your implementation’s trans
and transChoice
methods to get
and choice
.
Lang::getFromJson
MethodLikelihood Of Impact: Medium
The Lang::get
and Lang::getFromJson
methods have been consolidated. Calls to the Lang::getFromJson
method should be updated to call Lang::get
.
Likelihood Of Impact: Low
The mandrill
and sparkpost
mail drivers have been removed. If you would like to continue using either of these drivers, we encourage you to adopt a community maintained package of your choice that provides the driver.
Likelihood Of Impact: Low
A lingering part of the Nexmo notification channel was removed from the core of the framework. If you’re relying on routing Nexmo notifications you should manually implement the routeNotificationForNexmo
method on your notifiable entity as described in the documentation.
Likelihood Of Impact: Low
The PasswordBroker
no longer restricts or validates passwords. Password validation was already being handled by the ResetPasswordController
class, making the broker’s validations redundant and impossible to customize. If you are manually using the PasswordBroker
(or Password
facade) outside of the built-in ResetPasswordController
, you should validate all passwords before passing them to the broker.
Likelihood Of Impact: Medium
In previous releases of Laravel, the php artisan queue:work
command would retry jobs indefinitely. Beginning with Laravel 6.0, this command will now try a job one time by default. If you would like to force jobs to be tried indefinitely, you may pass 0
to the –tries
option:
php artisan queue:work --tries=0
In addition, please ensure your application’s database contains a failed_jobs
table. You can generate a migration for this table using the queue:failed-table
Artisan command:
php artisan queue:failed-table
Input
FacadeLikelihood Of Impact: Medium
The Input
facade, which was primarily a duplicate of the Request
facade, has been removed. If you are using the Input::get
method, you should now call the Request::input
method. All other calls to the Input
facade may simply be updated to use the Request
facade.
between
MethodLikelihood Of Impact: Low
In previous releases of Laravel, the scheduler’s between
method exhibited confusing behavior across date boundaries. For example:
$schedule->command(‘list’)->between(‘23:00’, ‘4:00’);
For most users, the expected behavior of this method would be to run the list
command every minute for all minutes between 23:00 and 4:00. However, in previous releases of Laravel, the scheduler ran the list
command every minute between 4:00 and 23:00, essentially swapping the time thresholds. In Laravel 6.0, this behavior has been corrected.
Likelihood Of Impact: Low
The rackspace
storage driver has been removed. If you would like to continue using Rackspace as a storage provider, we encourage you to adopt a community maintained package of your choice that provides this driver.
We also encourage you to view the changes in the laravel/laravel
GitHub repository. While many of these changes are not required, you may wish to keep these files in sync with your application. Some of these changes will be covered in this upgrade guide, but others, such as changes to configuration files or comments, will not be. You can easily view the changes with the GitHub comparison tool and choose which updates are important to you.
#laravel #php #web-development