
Daniel Newns
1.1K posts

Daniel Newns
@DanielNewns
Co-Founder & Technical Director of @jumptwenty4, Writer over on https://t.co/VdKz0VlXEz, Speaker, Laravel developer, dog owner. https://t.co/455olYPNvi








Artisan Weekly Edition 92 is here, and what a week it's been. Laravel London Summer Social has happened, England's still in the World Cup, and the heatwave has properly begun. While you're staying cool indoors, here are the top 10 Laravel links from this week that deserve your attention. 🥇 WHY WE BUILT NATIVEPHP The team behind NativePHP have published a brilliant piece explaining why they built the framework and where it fits in the modern development landscape. NativePHP enables Laravel developers to build native desktop and mobile applications using the framework they already know, eliminating the need to maintain separate codebases for web, desktop, and mobile platforms. The article from @simonhamp explores how converging trends in device capabilities, PHP maturity, and AI-assisted development have made it possible to use Laravel as a complete application platform across all devices. It's a fascinating read that challenges the traditional boundaries of what we consider "web" development. nativephp.com/blog/why-we-bu… 🥈 IMMUTABLE VERSIONS ON PACKAGIST Packagist has rolled out a significant security improvement that every Laravel developer should know about. The platform now enforces immutable version metadata, preventing silent rewrites when git tags are modified. @naderman explains how deleted versions remain visible with explanatory reasons, improving supply chain security and preventing the confusion that can arise when packages are updated after initial publication. This is a meaningful step forward in protecting the PHP ecosystem from supply chain attacks and accidental breaking changes. blog.packagist.com/immutable-vers… 🥉 APIGUIDE.DEV | AUTHORITATIVE HTTP & API REFERENCE @JustSteveKing has created something genuinely useful for anyone building APIs. This comprehensive reference directory covers HTTP status codes, headers, error schemas, and standardised Problem+JSON patterns. It includes practical guides for common scenarios like rate limiting, concurrency control, and validation failures. If you've ever found yourself googling "what HTTP status code should I use for..." this is the resource you've been waiting for. apiguide.dev 4️⃣ NOT YOUR GRANDPA'S PHP PHP has been dismissed for decades, but modern PHP is fast, typed, and can even build native desktop apps. In this Developer Advocate Chat, @codefoster sits down with Jim Seconde, PHP Developer Advocate at Vonage, to discuss how PHP has evolved over the years and why it's worth another look. It's a great conversation for anyone who still encounters the tired "PHP is dead" arguments, and it's packed with examples of what makes modern PHP so compelling. Perfect viewing whilst the England match is on in the background. youtube.com/watch?v=fc9b4D… 5️⃣ BEYOND THE BASTION: SECURE ARTISAN COMMAND EXECUTION WITH AWS SYSTEMS MANAGER @alberto_arena has written a practical guide addressing a common challenge: how do you run Laravel Artisan commands on EC2 instances after SSH access is removed for security compliance? The article demonstrates how to leverage AWS Systems Manager Run Command as a secure, auditable alternative to traditional SSH access for manual operations. If you're working in environments with strict security requirements, this is essential reading. albertoarena.it/posts/beyond-t… 6️⃣ REAL-TIME LARAVEL WITHOUT WEBSOCKETS (INERTIA POLLING) Real-time updates in Laravel usually mean reaching for WebSockets, but @christophrumpel demonstrates that a lot of the time you don't actually need them. In this video, he shows how polling with Inertia has become remarkably powerful. You'll see live updates in a single line with usePoll, partial reloads with `only`, and the new concurrency modes (overlap, cancel, rest) that give you real control over how requests behave. Sometimes the simpler solution is the better one. youtube.com/watch?v=oFv0vR… 7️⃣ BUILDING A FLAT-FILE BLOG WITH LARAVEL FOLIO @spec_tacul_ar has put together a comprehensive tutorial demonstrating how to create a simple, database-free blog within Laravel using Folio and YAML front matter. It's perfect for embedding blog functionality without the overhead of full CMS infrastructure. If you've ever wanted to add a blog to your Laravel application without spinning up a separate WordPress instance or managing database migrations for content, this approach is worth exploring. spec.tacul.ar/articles/flat-… 8️⃣ THIS WEEK IN PHP INTERNALS | JULY 8, 2026 Another great insight into this week in PHP Internals by Artisan Build. @ProjektGopher delivers a brilliant snapshot of what's happening in the world of PHP core development. If you've not been keeping up to date with RFCs or what's going on in PHP internals, these videos are fantastic for getting a quick overview. It's fascinating to see what's being discussed for future versions of the language we all use every day. youtube.com/watch?v=5Rr_H3… 9️⃣ BUILT AN AI-POWERED WAF FOR PHP/LARAVEL APPS IN AFRICA — HERE'S WHAT IT CATCHES A student developer from Cameroon, Nchiminyi Jezreel, has built a security tool that explains exactly why it blocked a request. The article tells the story of how and why this web application firewall was created, and demonstrates how to install it in just 30 seconds. It's inspiring to see developers from across the globe contributing meaningful security tools to the Laravel ecosystem. The AI-powered approach to explaining security decisions is particularly clever. @jnchiminyi/built-an-ai-powered-waf-for-php-laravel-apps-in-africa-heres-what-it-catches-5e48c6ffacd2" target="_blank" rel="nofollow noopener">medium.com/@jnchiminyi/bu…
🔟 STOP PROMPT INJECTION WITH A LOCAL LLM GUARD - SHIP AI WITH LARAVEL EP11 Episode 11 of Ship AI with Laravel, the brilliant series over on Laravel News where @harrisrafto has built a full AI platform using Laravel 13 and the Laravel AI SDK. This is the series finale, and it's a cracker. First, Harris demonstrates the problem: with the right messages, he socially engineers his own support agent into revealing its entire system prompt, its tools, and its internal instructions. Then he shows how the order lookup tool will happily return another customer's data if it accepts any order ID. Both are real vulnerabilities that ship in AI applications every single day. Then he shows you how to fix them with four layers of defence. If you're building anything with AI in Laravel, this episode is absolutely essential viewing. youtube.com/watch?v=tXsy6A… That's your lot for Edition 92. Stay cool in this heatwave, and keep building brilliant things with Laravel. --- Follow us: Daniel Newns: @DanielNewns Artisan Weekly: @artisan_weekly



Last chance to grab a spot - Laravel London's summer social is tomorrow night. Free drinks, good chat, no talks. O'Neill's Kings Cross, 6:30pm. laravel.london


Artisan Weekly Edition 91 What a week in the Laravel community! Laravel London met on the 8th of July, @enunomaduro kicked off an epic 48-hour live-streamed build creating a Slack app in Laravel (catch it on YouTube: youtube.com/watch?v=gPHN3w…), and our Laravel Live interview videos are being edited and will be released soon. Let's dive into this week's top 10 links. 🥇 You Probably Don't Need a Database Per Tenant Have you ever wondered whether you should be using a database per tenant for your multi-tenancy application? @ollieread has you covered with this exceptionally thorough post examining what you should actually be doing in your multi-tenancy architecture. The piece challenges common assumptions and provides evidence-based guidance on choosing the right tenancy isolation strategy for your Laravel application. By @ollieread ollieread.com/articles/you-p… 🥈 This Week in PHP Internals | July 1, 2026 This week's video from @ProjektGopher was particularly spicy! It sounds like a lot has happened on the Deprecations RFC, which turned into a debate about honesty, Rob Landers opened Primary Constructors, and a user wrote a heartfelt "Disheartening Rant" about async – all whilst the two flagship votes (Generics and __exists) both fell and the small, focused changes sailed through. By @ProjektGopher youtube.com/watch?v=dX_Hd_… 🥉 Composer and Packagist Supply Chain Security in 2026 Recent attacks on PHP packages via compromised GitHub accounts have forced a hard look at supply chain security with Composer and Packagist. @naderman covers what Packagist has shipped in response: transparency log, malware detection, Composer 2.10 dependency policies, version immutability, and the work still ahead including mandatory MFA, organisational controls, immutable artefacts, and build provenance. He also explores the infrastructure powering it all and the funding side of running critical open-source infrastructure. By @naderman youtube.com/watch?v=ACxuzG… 4️⃣ Clonio CLI: Clone Production Databases With Anonymised Data Have you ever needed to grab a copy of your production database to fix a specific issue but been held back because of the PII data it holds? @paulredmond introduces a new package that allows you to clone your production database and anonymise it at the same time, solving this common development challenge. By @paulredmond laravel-news.com/clonio-cli-clo… 5️⃣ Laravel Live UK 2026 A comprehensive recap of Laravel Live UK 2026 from Jon Purvis, covering his experience attending the conference including speaker highlights on optimising workflows, value objects, and code quality tools. The article shares practical takeaways from Ryan Chandler, Harris Raftopoulos, and Yannick Chenot's talks, along with insights on travelling to and socialising at Laravel events. By Jon Purvis jonathanpurvis.co.uk/laravel-live-u… 6️⃣ What if every Filament write went through an aggregate? @alberto_arena introduces filament-event-sourcing, a plugin that seamlessly integrates Spatie's event sourcing package with Filament's admin panel. The plugin routes all create, edit, and delete actions through domain aggregates whilst preserving Filament's standard forms and workflows, eliminating the previous trade-offs between using event sourcing and maintaining Filament's built-in functionality. By @alberto_arena albertoarena.it/posts/introduc… 7️⃣ Security Tip: Have You Heard Of Slopsquatting? A security warning from @valorin about slopsquatting, where attackers register package names that AI coding agents commonly hallucinate. The article includes practical advice on protecting your Laravel applications from malicious packages by carefully managing composer installs when using AI development tools. By @valorin securinglaravel.com/security-tip-h… 8️⃣ Ship AI with Laravel: Test Your AI System with Zero API Calls In this episode @harrisrafto demonstrates how to test the whole thing with Pest and zero API calls, using the SDK's faking system. It works exactly like faking mail, notifications, or queues in Laravel – you define the responses up front and assert that the right prompts went out. By @harrisrafto laravel-news.com/ship-ai-with-l… 9️⃣ Everything About the Context Facade A comprehensive deep dive from @wendell_adriel into Laravel's Context facade, exploring how to use execution metadata to improve debugging across requests, queued jobs, and logs. The article covers the mental model, lifecycle integration, practical examples, and best practices for when and when not to use Context in Laravel applications. By @wendell_adriel wendelladriel.com/blog/everythin… 🔟 PHP Annotated @brendt_gd shows us how to build an API with Tempest, his PHP framework. A great look at an alternative approach to building modern PHP applications. By @brendt_gd youtube.com/watch?v=TGei2L… --- Follow us: Daniel Newns: @DanielNewns Artisan Weekly: @artisan_weekly




🔥 Artisan Weekly Edition 90 🔥 What a week! Sweltering heat, the come-down from a brilliant Laravel Live UK event, catching up with the inbox mountain, and of course plenty of reading. Here are the top 10 Laravel links that caught our attention this week: 🥇 LaraPlugins Perf Audit: 12 Fixes That Saved My Server When your server memory sits at 90%+ and you're indexing 76,000 packages, it's time for a proper audit. @daniel_petrica walks through 12 practical optimisations that brought LaraPlugins.io back from the brink - covering Horizon worker tuning, queue management strategies, database indexing wins, and smart Cloudflare cache handling. This is the kind of real-world performance deep dive every Laravel developer should bookmark. By Daniel Petrica danielpetrica.com/laraplugins-pe… 🥈 Shipping Laravel Boost Guidelines With Your Package Package maintainers, listen up. @peterfox has written the definitive guide to shipping AI guidelines and agent skills alongside your Laravel packages using Laravel Boost. Learn how to give coding agents like Claude and Cursor the working context they need about your package automatically - making your package genuinely AI-ready from day one. By @peterfox badge.laravel.cloud/guides/adding-… 🥉 Inside Laravel's Starter Kits with Wendell Adriel On the Laravel Podcast, @mattstauffer sits down with @wendell_adriel for a brilliant conversation about the starter kits he's been building since joining Laravel. They chat about Wendell's journey into coding, his path to Laravel, and the thinking behind the starter kits that help thousands of developers kick off new projects every week. By @mattstauffer share.transistor.fm/s/e9df7856 4️⃣ Laravel Cloud Managed Queues vs Horizon Compared Choosing between Laravel Cloud's new Managed Queues and battle-tested Horizon? @hafizzeeshan619 has written the comparison you need. This thorough analysis examines the trade-offs between auto-scaling SQS-backed workers that scale to zero and Horizon's Redis-powered flexibility, covering crucial limitations like the 15-minute delay cap and what Redis features you sacrifice when making the switch. By @hafizzeeshan619 hafiz.dev/blog/laravel-c… 5️⃣ Managed Queues: Deep Dive with Kieran Brown @LeahTCodes brings us a deep dive video session with Kieran Brown exploring Laravel Cloud's Managed Queues in detail. If you want to understand how these SQS-backed workers really work under the hood and when they're the right choice for your application, this is essential viewing. By @LeahTCodes youtube.com/watch?v=5SApcr… 6️⃣ What Happens When OpenAI Goes Down at 2AM – Ship AI with Laravel EP9 It's 2am, OpenAI goes down, and your AI agent is locked to a single provider. Not ideal. In episode 9 of Ship AI with Laravel, @harrisrafto tackles production readiness head-on with automatic provider failover, queued background jobs, and middleware for logging, rate limiting, and cost tracking. Essential viewing if you're building anything AI-powered. By @harrisrafto youtube.com/watch?v=39rkuX… 7️⃣ Optimising Workflows & Shipping to Production Missed @ryangjchandler 's talk at Laravel Live UK? You're in luck - the slides are now available. Ryan shares his insights on reducing friction when shipping code to production, covering workflow optimisations that make a real difference to developer efficiency. Well worth reading through if you're looking to tighten up your deployment pipeline. By @ryangjchandler …for-developer-efficiency.on-forge.com 8️⃣ The Polling API Is the Most Underrated RFC PHP Has Shipped in Years @JustSteveKing makes a compelling case that PHP 8.6's Polling API RFC is the most underrated feature to land in years. This in-depth look explains how native access to high-performance I/O multiplexing mechanisms like epoll and kqueue finally brings PHP's async capabilities in line with modern runtimes like Node.js and Go. The future of PHP async is looking bright. By @JustSteveKing juststeveking.com/articles/php-8… 9️⃣ bcrypt and Laravel: 72 Bytes, Not 72 Characters Here's a gotcha that could bite you: bcrypt has a 72-byte password limit, not a 72-character limit. @ivan_mykhavko explores how this affects multi-byte character sets like Cyrillic, CJK, and emoji in Laravel applications, and how Laravel's character-based validation can inadvertently allow passwords that get truncated or corrupted by bcrypt's byte-based limit - potentially locking users out. Important reading if you serve an international audience. By @ivan_mykhavko dev.to/tegos/bcrypt-a… 🔟 How Sportmonks Handles 600M API Requests/Week on Laravel Cloud @SportMonks_com Sportmonks migrated 12 applications to Laravel Cloud and now serves 600 million API requests per week with zero infrastructure failures. The sports data API company went from constant weekend check-ins and recurring downtime to 99.9% uptime and autoscaling that handles 1,000+ jobs per second during live matches. This customer story shows Laravel Cloud handling serious production load. By @laravelphp laravel.com/cloud/customer… That's your lot for this week! Ten brilliant reads, watches, and listens from across the Laravel community. Stay cool out there. ☀️ --- Follow us: Daniel Newns: @DanielNewns Artisan Weekly: @artisan_weekly




















