Laravel 5.6.7 is available for general release and includes a new SFTP filesystem driver and a critical security advisory for Parsedown.
Laravel depends on Parsedown for Markdown parsing, so this release is a necessary security upgrade that you should install.
In tandem with the new 5.6 release, Laravel 5.5.36 also includes an upgrade to Parsedown 1.7.0 to resolve the same security advisory.
The new SFTP filesystem driver, which allows for SSH key-based authentication has the following configuration:
'sftp' => [ 'driver' => 'sftp', 'host' => 'example.com', 'username' => 'username', 'password' => 'password', 'privateKey' => '/path/to/privateKey', ],
Here are the full release notes from the Laravel 5.6 GitHub changelog:
- Added SFTP filesystem driver (#23308)
Laravel Forge Switches its Two-Factor Authentication
On Monday, March 5th, Laravel Forge will be launching a change to its two-factor authentication system and will be sw…
Parsedown v1.7.0 is released
The Parsedown team recently released v1.7.0 to address an XSS issue that caused the SensioLabs Composer vulnerability…