RepoJournal
Laravel

@laravel

PHP's most popular framework — Forge, Vapor, and a massive paying audience

Pick a date

  1. Sun 3 may
  2. Mon 4 may
  3. Tue 5 may
  4. Wed 6 may
  5. Thu 7 may
  6. Fri 8 may
  7. Sat 9 may
  8. Sun 10 may
  9. Mon 11 may
  10. Tue 12 may
  11. Wed 13 may
  12. Thu 14 may
  13. Fri 15 may
  14. Sat 16 may
  15. Sun 17 may
  16. Tue 19 may
  17. Thu 21 may
  18. Sat 23 may
  19. Sun 24 may
  20. Mon 25 may
  21. Tue 26 may
  22. Wed 27 may
  23. Thu 28 may
  24. Fri 29 may
  25. Sat 30 may
  26. Sun 31 may
  27. Mon 1 jun
  28. Mon 8 jun
  29. Tue 9 jun
  30. Today 10 jun

The Wire · Showcase

FORTIFY PATCHES PASSKEY REGRESSION, MCP PREPS CLIENT LIBRARY

By RepoJournal · Filed · About Laravel

Fortify shipped a hotfix overnight for a passkey configuration bug that broke application overrides, while the MCP server team extracted protocol versions into a shared enum ahead of the incoming client library.

Fortify v1.37.2 landed this morning to fix a regression introduced just one release ago [1]. The bug prevented applications from overriding default passkey confirmation settings, a breaking change that would have forced teams to either revert or work around the constraint [2]. This is a patch you should pull immediately if you're running 1.37.1 and using passkeys in authentication flows.

On the MCP front, the team is laying groundwork for the client library [3]. Protocol version management was hardcoded into the server, but now both client and server need to speak the same language during the initialize handshake [4]. Extracting versions to a shared enum prevents duplication and ensures neither side drifts. This is infrastructure work that clears the path for client-side shipping.

Fortify also hardened its CI/CD pipeline by pinning GitHub Actions to commit SHAs and adding Dependabot config [5]. This is good security hygiene that more packages should adopt. Maestro continues steady work on branch main with no breaking changes or surprises.

Action items

References

  1. [1] v1.37.2 ↗ laravel/fortify
  2. [2] [1.x] Fix passkey password confirmation defaults ↗ laravel/fortify
  3. [3] Extract protocol versions to shared enum for client reuse ↗ laravel/mcp
  4. [4] Extract protocol versions to shared enum for client reuse (#215) laravel/mcp
  5. [5] v1.37.1 ↗ laravel/fortify

FAQ

What changed in Laravel on May 16, 2026?
Fortify shipped a hotfix overnight for a passkey configuration bug that broke application overrides, while the MCP server team extracted protocol versions into a shared enum ahead of the incoming client library.
What should Laravel teams do about it?
Upgrade Fortify to v1.37.2 before next deploy if you're using passkeys • Monitor MCP client library for incoming releases
Which Laravel repositories shipped on May 16, 2026?
laravel/fortify, laravel/mcp

For your repos

The showcase is a teaser.
Your wire is the product.

Same engine. Different stack. Below: what changes when the wire is yours.

Showcase wire

  • 14 famous open source orgs
  • One wire per day
  • Public, generic
  • Read on the web, when you remember

Your wire

  • Up to 1,500 of your repos - orgs, deps, vendors
  • Morning and evening briefs
  • Action items routed to your team
  • Slack delivery, email, breaking-news CVE alerts

Want a hands-on demo first? Ask a current user for an invite link.