Upgrade to Laravel 12 and PHP 8.4 #8687
Conversation
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 2 potential issues.
Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.
This PR is being reviewed by Cursor Bugbot
Details
Your team is on the Bugbot Free tier. On this plan, Bugbot will review limited PRs each billing cycle for each member of your team.
To receive Bugbot reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial.
| $views = array_map(function ($item) { | ||
| return $item['name']; | ||
| }, Schema::getViews()); | ||
| }, Schema::getViews($database)); |
There was a problem hiding this comment.
getViews returns incompatible data structure breaking view logic
High Severity
The getViews() method now returns a numerically-indexed array of view name strings, but consumers expect an associative array keyed by view name with objects having a getSql() method. In shouldCreate(), the check isset($views[$viewName]) will always fail since the array uses numeric keys, causing views to always be recreated unnecessarily. In the up() method's foreach loop, $viewName becomes numeric indices (0, 1, 2...) instead of actual view names, breaking the dropped table detection logic entirely.
Additional Locations (2)
| true, // confidential | ||
| $request->user() | ||
| ); | ||
| } |
There was a problem hiding this comment.
Store method silently ignores multiple selected client types
Medium Severity
The store() method uses an if-elseif-else structure that only creates one client type, silently ignoring additional types when multiple are selected. The validation allows multiple types (array|min:1), and the update() method correctly handles both personal_access_client and password_client flags independently. However, store() only honors the first matching type—if both personal access and password are requested, only the personal access client is created. This creates an inconsistency where capabilities available via update are not available during creation.
|
nolanpro
changed the title
ci:k8s-branch:2026-3-php84
ci:package-auth:task/FOUR-28803
ci:package-email-start-event:task/FOUR-28803
ci:package-collections:task/FOUR-28803
.....
Note
Upgrade to Laravel 12 / PHP 8.4
laravel/framework@^12,laravel/passport@^13,lcobucci/jwt@^5,l5-swagger@^9,psr/http-message@^2) to align with PHP 8.4Passport/Auth changes
Passport::$clientUuids = falseto match integer IDsAuth/ClientControllerto useClientRepositorydirectly: per-grant client creation methods,findForUserfor access control, explicit 404/204 responses, and exposessecreton createMiddleware/Kernel
AuthenticateSessionto only run forSessionGuardand delegate to parentmiddlewarePriorityfromHttp/KernelOther adjustments
CreateDataLakeViewsto pass database name toSchema::getTables/getViewsBuildScriptExecutorretries from 10 to 1ExtendedPMQLnullable.envrcto.gitignoreWritten by Cursor Bugbot for commit c57f6d1. This will update automatically on new commits. Configure here.