Upgrade to Laravel 12 and PHP 8.5 #8687
Conversation
|
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 2 potential issues.
Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.
This PR is being reviewed by Cursor Bugbot
Details
Your team is on the Bugbot Free tier. On this plan, Bugbot will review limited PRs each billing cycle for each member of your team.
To receive Bugbot reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial.
| $views = array_map(function ($item) { | ||
| return $item['name']; | ||
| }, Schema::getViews()); | ||
| }, Schema::getViews($database)); |
There was a problem hiding this comment.
getViews returns incompatible data structure breaking view logic
High Severity
The getViews() method now returns a numerically-indexed array of view name strings, but consumers expect an associative array keyed by view name with objects having a getSql() method. In shouldCreate(), the check isset($views[$viewName]) will always fail since the array uses numeric keys, causing views to always be recreated unnecessarily. In the up() method's foreach loop, $viewName becomes numeric indices (0, 1, 2...) instead of actual view names, breaking the dropped table detection logic entirely.
Additional Locations (2)
| true, // confidential | ||
| $request->user() | ||
| ); | ||
| } |
There was a problem hiding this comment.
Store method silently ignores multiple selected client types
Medium Severity
The store() method uses an if-elseif-else structure that only creates one client type, silently ignoring additional types when multiple are selected. The validation allows multiple types (array|min:1), and the update() method correctly handles both personal_access_client and password_client flags independently. However, store() only honors the first matching type—if both personal access and password are requested, only the personal access client is created. This creates an inconsistency where capabilities available via update are not available during creation.
ci:k8s-branch:2026-2-php85
ci:package-auth:task/FOUR-28803
ci:package-email-start-event:task/FOUR-28803
ci:package-collections:task/FOUR-28803
Note
Upgrade framework/deps
^8.4, Laravel^12.47, and multiple major libs (Passport^13.4, JWT^5.6, l5-swagger^9, PSR-7^2, TNTSearch driver^15, OpenAI, Kafka, PMQL, etc.).Auth/Passport changes
ClientControllerto stop extending Passport’s controller; usesClientRepository(findForUser,createPersonalAccessClient,createPasswordGrantClient,createAuthorizationCodeGrantClient), returns proper404/204, and exposessecreton create.Passport::$clientUuids = falseto preserve integer client IDs; keeps password grant and custom auth view.Session security
AuthenticateSessionnow compares session hash usingguard()->hashPasswordForCookie(...)to align with Laravel 12.Misc
CreateDataLakeViewsnow passes the database name toSchema::getTables/getViews.BuildScriptExecutorreduces retries from10to1.ExtendedPMQLallows nullable callback/user parameters..envrcto.gitignore.Written by Cursor Bugbot for commit 2b6bcc2. This will update automatically on new commits. Configure here.