Laravel 10.25 Released

This week, the Laravel team released v10.25 with exception throttling, a Str::take() method, and more. Laravel saw plenty of fixes, updates, and typo fixes this week, which is always appreciated from the community!

#Throttle exceptions

Tim MacDonald contributed the ability to throttle exceptions by sampling/rate limiting exception reporting. Your exception Handler class can define a throttle() method which gives you flexibility to rate limit based on an exception type:

// App\Exceptions\Handler
use App\Exceptions\ApiMonitoringException;
use Illuminate\Broadcasting\BroadcastException;
use Illuminate\Cache\RateLimiting\Limit;
use Throwable;
 
/**
 * Throttle incoming exceptions.
 */
protected function throttle(Throwable $e): mixed
{
    return match (true) {
        $e instanceof BroadcastException => Limit::perMinute(300),
        $e instanceof ApiMonitoringException => Lottery::odds(1, 1000),
        default => Limit::none(),
    };
}

Note that you can return a Limit which you can use to limit the amount of logs logged (per minute in the example), a Lottery instance, or simply don't return anything if you want to opt-out for a given exception type.

Check out the documentation on Throttling Reported Exceptions to start using exception throttling in Laravel 10.25.

#String take() method

Moshe Brodsky contributed a take() method to Str and Stringable that is syntactic sugar for substr() when you want to start at the first character:

// Before
str('abcdef')->substr(0, 2) // 'ab'
Str::substr('abcdef', 0, 2); // 'ab'
 
// After
str('abcdef')->take(2) // 'ab'
Str::take('abcdef', 2); // 'ab'

You can also take characters from the end with negative numbers:

#Increase bcrypt rounds to 12

Stephen Rees-Carter contributed increasing bcrypt rounds from 10 to 12:

PHP is increasing the default bcrypt cost to either 11 or 12 to keep up with increases in computing, so we should do the same within Laravel. The current default of 10 was set in PHP 11 years ago, which is no longer a suitable default.

12 appears to be the sweet spot between performance and security, as confirmed by a member of the Hashcat team. Symfony uses a cost of 13, however that may be too high for some servers.

See Pull Request #48494 for further details on this change.

#Release notes

You can see the complete list of new features and updates below and the diff between 10.24.0 and 10.25.0 on GitHub. The following release notes are directly from the changelog:

#v10.25.0

• [10.x] Fix key type in @return tag of EnumeratesValues::ensure() docblock by @wimski in https://github.com/laravel/framework/pull/48456
• [10.x] Add str()->take($limit) and Str::take($string, $limit) by @moshe-autoleadstar in https://github.com/laravel/framework/pull/48467
• [10.x] Throttle exceptions by @timacdonald in https://github.com/laravel/framework/pull/48391
• [10.x] Fix blade failing to compile when mixing inline/block @php directives by @CalebDW in https://github.com/laravel/framework/pull/48420
• [10.x] Fix test name for stringable position by @shawnlindstrom in https://github.com/laravel/framework/pull/48480
• [10.x] Create fluent method convertCase by @rmunate in https://github.com/laravel/framework/pull/48492
• [10.x] Fix CanBeOneOfMany giving erroneous results by @Guilhem-DELAITRE in https://github.com/laravel/framework/pull/47427
• [10.x] Disable autoincrement for unsupported column type by @ikari7789 in https://github.com/laravel/framework/pull/48501
• [10.x] Increase bcrypt rounds to 12 by @valorin in https://github.com/laravel/framework/pull/48494
• [10.x] Ensure array driver expires values at the expiry time by @timacdonald in https://github.com/laravel/framework/pull/48497
• [10.x] Fix typos by @szepeviktor in https://github.com/laravel/framework/pull/48513
• [10.x] Improve tests for Arr::first and Arr::last by @tamiroh in https://github.com/laravel/framework/pull/48511
• [10.x] Set morph type for MorphToMany pivot model by @gazben in https://github.com/laravel/framework/pull/48432
• [10.x] Revert from using createOrFirst in other *OrCreate methods by @tonysm in https://github.com/laravel/framework/pull/48531
• [10.x] Fix typos in tests by @szepeviktor in https://github.com/laravel/framework/pull/48534
• [10.x] Adds updateOrCreate on HasManyThrough relations regression test by @tonysm in https://github.com/laravel/framework/pull/48533
• [10.x] Convert exception rate limit to seconds by @timacdonald in https://github.com/laravel/framework/pull/48543
• [10.x] Adds the firstOrCreate and createOrFirst methods to the HasManyThrough relation by @tonysm in https://github.com/laravel/framework/pull/48541
• [10.x] Handle custom extensions when caching views by @timacdonald in https://github.com/laravel/framework/pull/48524
• [10.x] Set prompt interactivity mode by @jessarcher in https://github.com/laravel/framework/pull/48468