In the previous article, we have introduced the Laravel 11 brings a suite of powerful new things designed to enhance developer productivity and streamline application development. The Streamlined Application Structure simplifies folder layouts, while the Enhanced Application Bootstrap reduces file clutter. Furthermore, the new updated Scheduling Facade also further enhance the development experience.
In this article, we will deep dive highlights the highlighted features and encourages developers to upgrade by outlining the benefits succinctly.
Health Routing
New Laravel 11 applications include a health routing directive which instructs Laravel to define a simple health-check endpoint. The health-check endpoint can be invoked by third-party application health monitoring services or orchestration systems, such as Kubernetes.
By default, this health-check route is served at “/up”. When HTTP requests are made to this route, Laravel will also dispatch a Diagnosing Health event, allowing to perform additional health checks that are relevant to the application. It is an out-of-the-box solution for monitoring the system’s health.
Per-second rate limiting
This feature allows for more granular control over API request loads, which is essential for high-traffic applications. Laravel now supports “per-second” rate limiting for all rate limiters, including those for HTTP requests and queued jobs. Previously, Laravel’s rate limiters were limited to “per-minute” granularity.
We should be aware not to use rate limiting to simply prevent DoS attacks, consider using a service like Cloudflare or a similar solution that can function as an intermediary between users and applications. The most effective use of rate limiting is to address bottlenecks caused by legitimate users with valid use cases. For example, a subscribe pay model is based on limiting the number of API requests to the software as a service in any given period.
Model Casts Improvements
Laravel 11 supports defining your model’s casts using a method instead of a property as in Laravel 10. This allows for streamlined, fluent cast definitions, especially when using casts with arguments.
The casts() method, which opens the possibility to use static methods on built-in casters as well as define static methods for custom casters. This update is backward-compatible with Laravel 10, still define casts via the $casts property combined with the new casts() method.
Eager Load Limit
Laravel 11 now native support for limiting the number of eagerly loaded results per parent. For previous Laravel versions, it is still possible via Jonas Staudenmeir’s eager-load-limit package.
The “once” Function
The once helper function executes the given callback and caches the result in memory for the duration of the request. Any subsequent calls to the once function with the same callback will return the previously cached result:
Automatic Password Rehashing
Laravel’s default password hashing algorithm is bcrypt. The “work factor” for bcrypt hashes can be adjusted via the config/hashing.php configuration file or the BCRYPT_ROUNDS environment variable in the .env file.
Laravel 11 defaults to 12, which is a good default for most apps, but could increase it if password security is a major concern. Laravel has addressed the missing security functionality by incorporating password rehashing into its authentication system.
Graceful Encryption Key Rotation
Laravel encrypts all cookies, including the session cookie, for every request to a Laravel application. However, rotating the encryption key would log users out and make decrypting data from the previous key impossible. In Laravel 11, you can define previous encryption keys via the APP_PREVIOUS_KEYS environment variable. When encrypting, Laravel uses the current key (from APP_KEY). When decrypting, it tries the current key first and then any previous keys. This ensures uninterrupted use even after key rotation.
This security feature enables seamless updates to encryption keys, enhancing the security of applications dealing with sensitive data.
Queue Interaction Testing
Previously, testing queued jobs for release, deletion, or manual failure was cumbersome which is required defining custom queue fakes and stubs. Now easily test these queue interactions using the “withFakeQueueInteractions” method In Laravel 11.
E-commerce platforms and applications with background job processing will benefit from better testing capabilities, ensuring reliable order processing and task execution.
Other Improvements
Improved Performance When Testing with In-Memory Databases:
- Provides a significant speed improvement when using the in-memory SQLite database for testing.
- Reuses PHP’s PDO object across connections
- Total test execution time is often cut in half.
Improved Support for MariaDB:
- In previous releases, could use MariaDB via Laravel’s MySQL driver.
- Now includes a dedicated MariaDB driver which provides better defaults for this database system.
Inspecting Databases and Improved Schema Operations:
Laravel Reverb – New Laravel Ecosystem Package
A first-party, scalable WebSocket server has been introduced to provide robust real-time capabilities to Laravel applications. Reverb is fine-tuned for speed. A single server can support thousands of connections, piping data without the delay and inefficiency of HTTP polling.
Reverb utilizes the Pusher protocol for WebSocket, making it immediately compatible with Laravel broadcasting and Laravel Echo which is a JavaScript library that makes it painless to subscribe to channels and listen for events broadcast by Laravel. It infinitely increases capacity by utilizing Reverb’s built-in support for horizontal scaling using Redis, allowing to manage connections and channels across multiple servers.
Deploy with Reverb’s first-party Forge integration – Laravel eco systems:
- Develop with Laravel’s broadcasting capabilities.
- Monitor with baked in support for Pulse as Monitoring & Observability tool aka Grafana.
Conclusion
Laravel 11 introduces a range of new features aimed at enhancing the robustness and flexibility of the framework. Health Routing and Per-second rate limiting improve application performance and security. Model Casts Improvements and Eager Load Limit enhance data handling efficiency. The new “once” function simplifies single-instance actions, while Automatic Password Rehashing and Graceful Encryption Key Rotation bolster security. Together, these features make Laravel 11 a powerful and versatile tool for modern PHP development.