WARNING You're browsing the documentation for an old version of Laravel. Consider upgrading your project to Laravel 11.x.
Upgrade Guide
- Upgrading To 5.3.0 From 5.2
- Upgrading To 5.2.0 From 5.1
- Upgrading To 5.1.11
- Upgrading To 5.1.0
- Upgrading To 5.0.16
- Upgrading To 5.0 From 4.2
- Upgrading To 4.2 From 4.1
- Upgrading To 4.1.29 From <= 4.1.x
- Upgrading To 4.1.26 From <= 4.1.25
- Upgrading To 4.1 From 4.0
Upgrading To 5.3.0 From 5.2
Estimated Upgrade Time: 2-3 Hours
{note} We attempt to document every possible breaking change. Since some of these breaking changes are in obscure parts of the framework only a portion of these changes may actually affect your application.
Updating Dependencies
Update your laravel/framework dependency to 5.3.* in your composer.json file.
You should also upgrade your symfony/css-selector and symfony/dom-crawler dependencies to 3.1.* in the require-dev section of your composer.json file.
PHP & HHVM
Laravel 5.3 requires PHP 5.6.4 or higher. HHVM is no longer officially supported as it does not contain the same language features as PHP 5.6+.
Deprecations
All of the deprecations listed in the Laravel 5.2 upgrade guide have been removed from the framework. You should review this list to verify you are no longer using these deprecated features.
Application Service Providers
You may remove the arguments from the boot method on the EventServiceProvider, RouteServiceProvider, and AuthServiceProvider classes. Any calls to the given arguments may be converted to use the equivalent facade instead. So, for example, instead of calling methods on the $dispatcher argument, you may simply call the Event facade. Likewise, instead of making method calls to the $router argument, you may make calls to the Route facade, and instead of making method calls to the $gate argument, you may make calls to the Gate facade.
{note} When converting method calls to facades, be sure to import the facade class into your service provider.
Arrays
Key / Value Order Change
The first, last, and where methods on the Arr class, in addition to their associated global helper functions, now pass the "value" as the first parameter to the given callback Closure. For example:
Arr::first($array, function ($value, $key) {
return ! is_null($value);
});In previous versions of Laravel, the $key was passed first. Since most use cases are only interested in the $value it is now passed first. You should do a "global find" in your application for these methods to verify that you are expecting the $value to be passed as the first argument to your Closure.
Artisan
The make:console Command
The make:console command has been renamed to make:command.
Authentication
Authentication Scaffolding
The two default authentication controllers provided with the framework have been split into four smaller controllers. This change provides cleaner, more focused authentication controllers by default. The easiest way to upgrade your application to the new authentication controllers is to grab a fresh copy of each controller from GitHub and place them into your application.
You should also make sure that you are calling the Auth::routes() method in your routes/web.php file. This method will register the proper routes for the new authentication controllers.
Once these controllers have been placed into your application, you may need to re-implement any customizations you made to these controllers. For example, if you are customizing the authentication guard that is used for authentication, you may need to override the controller's guard method. You can examine each authentication controller's trait to determine which methods to override.
{tip} If you were not customizing the authentication controllers, you should just be able to drop in fresh copies of the controllers from GitHub and verify that you are calling the
Auth::routesmethod in yourroutes/web.phpfile.
Password Reset Emails
Password reset emails now use the new Laravel notifications feature. If you would like to customize the notification sent when sending password reset links, you should override the sendPasswordResetNotification method of the Illuminate\Auth\Passwords\CanResetPassword trait.
Your User model must use the new Illuminate\Notifications\Notifiable trait in order for password reset link emails to be delivered:
<?php
namespace App;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;
class User extends Authenticatable
{
use Notifiable;
}{note} Don't forget to register the
Illuminate\Notifications\NotificationServiceProviderin theprovidersarray of yourconfig/app.phpconfiguration file.
POST To Logout
The Auth::routes method now registers a POST route for /logout instead of a GET route. This prevents other web applications from logging your users out of your application. To upgrade, you should either convert your logout requests to use the POST verb or register your own GET route for the /logout URI:
Route::get('/logout', 'Auth\LoginController@logout');Authorization
Calling Policy Methods With Class Names
Some policy methods only receive the currently authenticated user and not an instance of the model they authorize. This situation is most common when authorizing create actions. For example, if you are creating a blog, you may wish to check if a user is authorized to create any posts at all.
When defining policy methods that will not receive a model instance, such as a create method, the class name will no longer be passed as the second argument to the method. Your method should just expect the authenticated user instance:
/**
* Determine if the given user can create posts.
*
* @param \App\User $user
* @return bool
*/
public function create(User $user)
{
//
}The AuthorizesResources Trait
The AuthorizesResources trait has been merged with the AuthorizesRequests trait. You should remove the AuthorizesResources trait from your app/Http/Controllers/Controller.php file.
Blade
Custom Directives
In prior versions of Laravel, when registering custom Blade directives using the directive method, the $expressio