Release Notes

Curated highlights, migration guidance, and structured summaries of Glueful framework releases.

This page is a curated layer over the raw authoritative CHANGELOG.md. For complete detail (including every Added/Changed/Removed/Fix line) consult the full changelog.

Release Summary

VersionCodenameDateTypeRiskPrimary Theme
1.7.2Antares2025-10-21PatchLowRoute loading resilience + dev server logs
1.7.1Canopus2025-10-21PatchLowExtension discovery/boot fix
1.7.0Procyon2025-10-18MinorMediumAsync & concurrency subsystem
1.6.2Capella2025-10-14PatchLowMail templates config ownership
1.6.1Arcturus2025-10-14PatchLowJWT RS256 signing
1.6.0Sirius2025-10-13MinorLowDI artifacts + conditional caching + DSN utils
1.5.0Orion2025-10-13MinorMediumNotifications DI + safer email flow
1.4.2Rigel2025-10-11PatchLowDocs + PSR-4 tidy-up
1.4.1Rigel2025-10-11PatchLowInstall flow hardening (SQLite-first)
1.4.0Rigel2025-10-11MinorMediumUnified session store, legacy removal
1.3.1Altair2025-10-10PatchLowInstall UX (CI non-interactive)
1.3.0Deneb2025-10-06FeatureLowHTTP client retries
1.2.0Vega2025-09-23Feature+BreakingMediumTasks & Jobs overhaul
1.1.0Polaris2025-09-22InfraLowTesting infrastructure
1.0.0Aurora2025-09-20MajorHighFirst stable split

v1.7.0 - Procyon

Released: October 18, 2025

Major async/concurrency subsystem. Fiber‑based scheduler, async HTTP client with streaming/pooling, buffered I/O, cooperative cancellation, metrics instrumentation, and a Promise‑style wrapper. Centralized configuration and DI wiring included.

Key Highlights

Fiber‑Based Async Scheduler

  • Glueful\\Async\\FiberScheduler with spawn, all, race, sleep
  • Resource‑limit guards (max concurrent tasks, per‑task execution time, optional memory/FDS caps)
  • Rich metrics hooks (suspend/resume, queue depth, cancellations, resource limits)

Async HTTP + Streaming

  • Glueful\\Async\\Http\\CurlMultiHttpClient with cooperative polling and optional max_concurrent
  • poolAsync() for concurrent requests; HttpStreamingClient::sendAsyncStream() for chunked callbacks
  • FakeHttpClient for test isolation

Async I/O + Helpers

  • AsyncStream and BufferedAsyncStream with line/whole‑read helpers and buffered reads/writes
  • Helpers: scheduler(), async(), await(), await_all(), await_race(), async_sleep(), async_sleep_default(), async_stream(), cancellation_token()
  • Promise wrapper: Glueful\\Async\\Promise with then/catch/finally, all/race

Configuration & DI

  • New config/async.php for scheduler, http, streams, limits
  • AsyncProvider wires Metrics, Scheduler, HttpClient; registers AsyncMiddleware (alias async)

Migration Notes

  • Backward‑compatible defaults: limits disabled when set to 0
  • To adopt in routes, add middleware alias async or use helpers (async(), await_all(), etc.)

v1.6.2 - Capella

Released: October 14, 2025

Template configuration responsibility moved to the Email Notification extension.

What's Changed

  • The primary templates directory is now controlled by the Email Notification extension configuration
  • Framework no longer sets a default services.mail.templates.path
  • Custom paths, caching, layout, mappings, and globals remain supported

Migration Notes

  • If you relied on the framework default templates path, configure email-notification.templates.extension_path in the extension
  • Or set services.mail.templates.path in your app config

v1.6.1 - Arcturus

Released: October 14, 2025

JWT RS256 signing support for generating JWTs using an RSA private key.

Key Highlights

  • Auth/JWT: JWTService::signRS256(array $claims, string $privateKey)
  • Requires PHP openssl extension

Risk scale: High = architectural changes / broad API shifts; Medium = targeted breaking or migration; Low = additive or internal refactors.

v1.6.0 - Sirius

Released: October 13, 2025

Minor features and DX improvements. This release focuses on compiled DI artifacts, conditional HTTP caching helpers, and configuration utilities.

Key Highlights

Compiled Container Artifacts

  • di:container:compile now emits services.json at storage/cache/container/services.json with fields: shared, tags, provider, type, alias_of.
  • di:container:map prefers the compiled services.json in production (no reflection overhead).
  • ContainerFactory prefers a precompiled container class in production when available.

Conditional HTTP Caching

  • New ConditionalCacheMiddleware handles ETag/If‑None‑Match and Last‑Modified/If‑Modified‑Since to return 304 efficiently.
  • Response::withLastModified(DateTimeInterface) helper for setting validators.

DSN Utilities

  • Glueful\\Config\\DsnParser with parseDbDsn() and parseRedisDsn().
  • New CLI: config:dsn:validate validates DSNs from flags or environment (e.g., DATABASE_URL, REDIS_URL).

Notes

  • OpenTelemetry support is planned as a Glueful extension package (not part of the core framework).

v1.5.0 - Orion

Released: October 13, 2025

Notifications DI wiring and safer email flows. This release introduces a shared notifications provider and makes email verification/password reset flows more robust.

Key Highlights

Notifications DI Provider

  • New NotificationsProvider registers shared ChannelManager and NotificationDispatcher in the container.
  • Extensions can register channels/hooks against the dispatcher during boot.

Safer Email Flows

  • Email verification and SendNotification now prefer DI‑resolved dispatcher/channel with safe fallbacks.
  • Removed hard ExtensionManager prechecks; channel availability is evaluated at send time.
  • Soft diagnostics when the email channel is unavailable or when no channels succeeded.

What's Changed

  • Retry configuration aligned to email-notification.retry.

v1.4.2 - Rigel (Patch)

Released: October 11, 2025

Developer‑facing tidy‑ups; no runtime behavior changes.

Fixes

  • PSR‑4 autoloading for tests: corrected a test namespace to match Glueful\\Tests\\… and remove Composer warnings during autoload generation.

Documentation

  • Roadmap and this page updated to reflect 1.4.1’s SQLite‑first install flow and non‑interactive flags.

v1.4.1 - Rigel (Patch)

Released: October 11, 2025

Installation flow hardening and SQLite‑first defaults. This patch improves non‑interactive installs and avoids fragile checks during initial setup.

Key Highlights

SQLite‑first Install & Non‑Interactive Flags

  • Install enforces SQLite during setup; other engines can be configured after install
  • migrate:run executed with --force; in quiet installs also --no-interaction and --quiet
  • cache:clear during install passes --force and respects quiet mode flags
  • Removed DB connection health check during install (SQLite does not require network; migrations surface issues)

Quick Usage

# Default (SQLite) install
php glueful install --quiet --force

# After switching DB in .env, run migrations
php glueful migrate:run -f --no-interaction

Notes

  • Post‑install message now includes a brief guide for switching databases and running migrations later.

v1.4.0 - Rigel

Released: October 11, 2025

Rigel consolidates session management behind a single, testable SessionStore API and removes the legacy TokenStorageService. It unifies TTL policy, standardizes DI resolution, and hardens cache-key handling for tokens.

Key Highlights

Unified Session Store

  • New SessionStoreInterface + default SessionStore for create/update/revoke/lookup/health
  • Canonical TTL helpers: getAccessTtl(), getRefreshTtl() (provider + remember‑me aware)
  • DI consistency with SessionStoreResolver utility and ResolvesSessionStore trait
  • Safe cache keys for token mappings (hashed tokens + sanitized prefixes)

What's Changed

  • TokenManager defers TTL policy to SessionStore and persists sessions via the store.
  • JwtAuthenticationProvider and SessionCacheManager resolve the store via the trait; fewer ad‑hoc new calls.
  • SessionAnalytics prefers the store for listing sessions (falls back to cache query when needed).
  • JWTService cleanup; rely on DB‑backed revocation.

Removed

  • TokenStorageService and TokenStorageInterface (fully migrated to SessionStore).
  • Deprecated code paths tied to the legacy storage/invalidation.

Migration Notes

If you previously referenced TokenStorageService, migrate to SessionStoreInterface:

use Glueful\\Auth\\Interfaces\\SessionStoreInterface;

/** @var SessionStoreInterface $store */
$store = container()->get(SessionStoreInterface::class);

// Create
$created = $store->create($user, $tokens, 'jwt', false);

// Read / Update / Revoke
$session = $store->getByAccessToken($tokens['access_token']);
$updated = $store->updateTokens($tokens['refresh_token'], $newTokens);
$revoked = $store->revoke($newTokens['access_token']);

v1.3.1 - Altair

Released: October 10, 2025

Altair improves CI/automation ergonomics: the installation command now runs truly non-interactive for scripted environments, and static analysis warnings are cleaned up.

Key Highlights

Install Command: Non-Interactive Mode

  • php glueful install skips the environment confirmation prompt when any of these flags are present: --quiet, --no-interaction, or --force.
  • Keeps helpful output; add Symfony's global -q if you want near-silent runs.

What's Changed

  • Unattended installs: skip Have you set all required environment variables? when running with --quiet, --no-interaction, or --force.
  • DX: remove redundant method_exists() check around InputInterface::isInteractive() to satisfy PHPStan.

Quick Usage

# CI-safe, non-interactive install
php glueful install --quiet --force

# Or use Symfony's global flag to reduce verbosity further
php glueful install --quiet --force -q

Migration

  • No action required. For CI pipelines, prefer --quiet --force to avoid prompts.

v1.3.0 - Deneb

Released: October 6, 2025

Deneb refines the HTTP client with first-class, configurable retries via Symfony's retry system, improving resilience and clarity for API integrations.

Key Highlights

HTTP Client Retry Support

  • Automatic retry logic with configurable strategies
  • Built on Symfony's RetryableHttpClient for production-ready reliability
  • Sensible defaults for common scenarios (payments, external APIs)

What's New

  • Retry Configuration API: New Client::withRetry(array $config) method to wrap any configured client with retry logic
  • ApiClientBuilder Enhancements:
    • retries() - Configure retry behavior
    • buildWithRetries() - Build client with retries enabled
    • getRetryConfig() - Inspect retry configuration
  • Smart Defaults: Preset retry configurations for payments and external service integrations

Code Example

use Glueful\Http\Client;
use Glueful\Http\Builders\ApiClientBuilder;

// Configure retries with custom settings via DI + scoped client
$client = app(Client::class)
    ->createScopedClient(['base_uri' => 'https://api.example.com'])
    ->withRetry([
        'max_retries' => 3,
        'delay_ms' => 1000,
        'multiplier' => 2.0,
        'status_codes' => [429, 500, 502, 503, 504],
    ]);

// Or use builder with presets
$apiClient = (new ApiClientBuilder(app(Client::class)))
    ->baseUri('https://payment-gateway.com')
    ->forPayments()
    ->buildWithRetries();

Additional Context

Underlying change: retry logic migrated from prior internal handling to Symfony's strategy model (status-based exponential backoff) improving observability and consistency.


v1.2.0 - Vega

Released: September 23, 2025

Vega introduces robust task management architecture and enhanced testing reliability. Named after one of the brightest stars in the night sky, this release brings enhanced reliability and clarity to task execution and framework testing infrastructure.

Key Highlights

Tasks/Jobs Architecture

  • Clean separation of business logic (Tasks) from queue execution (Jobs)
  • Support for both direct execution and queued processing
  • Comprehensive task management system for common operations

What's New

Task Management System

New task classes for common maintenance operations:

  • CacheMaintenanceTask - Comprehensive cache maintenance
  • DatabaseBackupTask - Automated backups with retention policies
  • LogCleanupTask - Log file cleanup
  • NotificationRetryTask - Retry failed notifications
  • SessionCleanupTask - Session maintenance

Queue Job Wrappers

Reliable queue integration with dedicated job classes:

  • CacheMaintenanceJob, DatabaseBackupJob, LogCleanupJob
  • NotificationRetryJob, SessionCleanupJob
  • Built-in failure handling and logging

Enhanced Console Commands

# New cache maintenance command with improved options
php glueful cache:maintenance --operation=clearExpiredKeys

# Enqueue instead of running immediately
php glueful cache:maintenance --operation=fullCleanup --queue

Comprehensive Testing Suite

  • Complete integration test coverage for all Tasks and Jobs
  • Enhanced test bootstrap with proper DI container management
  • Fixed test interference issues

Stability & Fixes

  • Improved container state isolation in tests.
  • Reduced interference between suites by refining bootstrap resets.

Removed (for clarity)

  • Legacy Cron classes replaced by Tasks + Queue Jobs.

Migration Guide

Breaking Changes: The src/Cron/ directory has been removed in favor of the new src/Tasks/ + src/Queue/Jobs/ pattern.

Step 1: Update Namespace Imports

Before:

use Glueful\Cron\CacheMaintenance;
use Glueful\Cron\DatabaseBackup;

After:

use Glueful\Tasks\CacheMaintenanceTask;
use Glueful\Queue\Jobs\CacheMaintenanceJob;

Step 2: Update Service Registration

Before:

// In your service provider
$container->set('cron.cache', CacheMaintenance::class);

After:

// Tasks are auto-registered via TasksProvider
// For queued execution, push the Job wrapper via QueueManager:
use Glueful\Queue\Jobs\CacheMaintenanceJob;
use Glueful\Queue\QueueManager;

$queue = app(QueueManager::class);
$queue->push(CacheMaintenanceJob::class, ['operation' => 'clearExpiredKeys'], 'maintenance');

Step 3: Update Direct Execution

Before:

$cronJob = new CacheMaintenance();
$cronJob->execute();

After:

/** @var CacheMaintenanceTask $task */
$task = app(CacheMaintenanceTask::class);
$task->handle(['driver' => 'redis', 'operation' => 'clearExpiredKeys']);

v1.1.0 - Polaris

Released: September 22, 2025

Polaris introduces comprehensive testing infrastructure and enhanced documentation to guide framework development. Like the North Star that guides navigation, this release provides developers with the tools and knowledge to build robust applications.

Key Highlights

Testing Infrastructure

  • Base TestCase class for application-level tests
  • Framework state reset utilities for isolation
  • Expanded event system documentation

What's New

  • Testing Utilities: Base TestCase with container access ($this->get()), app boot, refresh support
  • Event Documentation: Expanded conceptual and usage coverage (listeners, dispatch patterns)
  • (Planned / Pending) Event abstraction & HTTP helper methods (e.g. post(), assertStatus()) — not yet present in current codebase; will appear in a future minor.

Example (Current Capabilities)

use Glueful\Testing\TestCase;

final class UserLifecycleTest extends TestCase
{
    public function test_boots_application(): void
    {
        $this->assertNotNull($this->app());
        $this->assertTrue($this->has(\Glueful\Logging\LogManager::class));
    }
}

Helpers like $this->post() or $this->assertStatus() will be documented once implemented; they are intentionally omitted here to avoid confusion.


v1.0.0 - Aurora

Released: September 20, 2025

Aurora — The first stable release of the split Glueful Framework package. This version establishes the framework runtime as a standalone library with comprehensive features and sets a clear baseline for future 1.x releases.

Key Highlights

Major Features

  • Custom Dependency Injection system (DSL + compiled container)
  • Permissions & authorization layer
  • Observability & metrics (profiling + middleware)
  • Security middleware suite (auth, rate limiting, CSRF, headers, guards)
  • File upload pipeline (validation, S3, signed URLs)
  • Extensions system v2 (deterministic provider discovery)

What's New

Router

  • Fast static/dynamic matching with first-segment bucketing
  • Attribute-based route definitions (#[Get], #[Post], etc.)
  • Route cache compiler with automatic invalidation
  • Standardized JSON errors for 404/405
use Glueful\Routing\Attributes\{Get, Post};

class UserController
{
    #[Get('/users/{id}')]
    public function show(int $id): Response
    {
        // Route automatically registered
    }

    #[Post('/users')]
    public function create(Request $request): Response
    {
        // POST /users
    }
}

Dependency Injection Overhaul

  • Custom lightweight container optimized for Glueful
  • DSL for service registration with compile-time generation
  • Compiled container support for faster production startup
// Typical application bootstrap (dev/prod aware)
use Glueful\Container\Bootstrap\ContainerFactory;

$container = ContainerFactory::create(prod: false); // prod:true enables compilation path

// Overriding / adding a service at runtime (e.g. during tests)
$testContainer = $container->with([
    'fake.clock' => fn() => new \Glueful\Support\Clock\FrozenClock('2025-10-08T00:00:00Z'),
]);

// Accessing a service
$logger = $testContainer->get('logger');

// Defining services in a Provider (preferred for framework + extensions)
use Glueful\Container\Providers\BaseServiceProvider;
use Glueful\Container\Definition\FactoryDefinition;

final class PaymentProvider extends BaseServiceProvider
{
    public function defs(): array
    {
        return [
            // FactoryDefinition gives you full control
            'payment.client' => new FactoryDefinition('payment.client', function(\Psr\Container\ContainerInterface $c) {
                return new PaymentClient($c->get('http.client'), baseUrl: config('payments.base_url'));
            }),
            // Simple autowire helper (shared by default)
            PaymentService::class => $this->autowire(PaymentService::class),
        ];
    }
}

Service registration happens through Provider defs() returning definitions; runtime overrides use $container->with([...]).

Security Enhancements

New middleware suite:

  • Authentication & Authorization
  • Rate Limiting
  • CSRF Protection
  • Security Headers
  • Admin Guard
  • IP Allow-listing

New CLI security commands:

php glueful security:check
php glueful security:scan
php glueful security:vulnerabilities

File Upload System

  • Native Symfony UploadedFile support
  • Extension and MIME validation
  • Hazard scanning for security
  • S3 storage with signed URLs
  • Configurable ACL (private by default)
use Glueful\Uploader\FileUploader;

// Upload using the framework uploader (validates and stores metadata)
$uploader = app(FileUploader::class);
$result = $uploader->handleUpload(
    $token,                   // your upload token / CSRF guard
    ['user_id' => $userId, 'key' => 'document'],
    $request->files->all()    // or $_FILES
);

// $result contains: ['uuid' => '...', 'url' => 'https://...']
// To create a presigned link for a known path on S3:
// $signedUrl = app(Glueful\Uploader\Storage\FlysystemStorage::class)
//     ->getSignedUrl('documents/example.pdf', 3600);

Observability & Metrics

  • BootProfiler for startup timing analysis
  • MetricsMiddleware for request tracking
  • ApiMetricsService for API analytics
  • Pluggable tracing middleware

Extensions System v2

  • Deterministic provider discovery
  • App providers + vendor extensions unified
  • Extension service compilation for better performance

Migration Guide

Breaking Changes: This release includes significant architectural changes. Please review carefully before upgrading.

1. Dependency Injection Container

The framework now uses a custom DI container instead of Symfony DI.

Before:

use Symfony\Component\DependencyInjection\ContainerBuilder;

$container = new ContainerBuilder();
$container->register('my.service', MyService::class);

After:

// Create container (typically done via ContainerFactory in bootstrap)
use Glueful\Container\Bootstrap\ContainerFactory;

$container = ContainerFactory::create(prod: false); // prod:true enables compilation

// Runtime service override (e.g., in tests)
$container = $container->with([
    'my.service' => fn($c) => new MyService($c->get('dependency')),
]);

// Or define services in a Provider (recommended for extensions/framework services)
use Glueful\Container\Providers\BaseServiceProvider;
use Glueful\Container\Definition\FactoryDefinition;

final class MyServiceProvider extends BaseServiceProvider
{
    public function defs(): array
    {
        return [
            // Factory definition
            'my.service' => new FactoryDefinition('my.service', function($c) {
                return new MyService($c->get('dependency'));
            }),
            // Or autowire
            MyService::class => $this->autowire(MyService::class),
        ];
    }
}

2. Event System (PSR-14)

Event system migrated from custom implementation to PSR-14.

Before:

$events->listen('user.created', function($event) {
    // Handle event
});

After:

use Psr\EventDispatcher\EventDispatcherInterface;
use Glueful\Events\Contracts\BaseEvent;
use Glueful\Events\ListenerProvider;

class UserCreated extends BaseEvent
{
    public function __construct(public User $user) {}
}

// Register listener via ListenerProvider
$provider = app(ListenerProvider::class);
$provider->addListener(UserCreated::class, function (UserCreated $event) {
    // Handle event
});

// Dispatch via PSR-14 dispatcher
$dispatcher = app(EventDispatcherInterface::class);
$dispatcher->dispatch(new UserCreated($user));

3. Storage Configuration

Migrated to Flysystem with updated configuration structure.

Before:

// config/storage.php
return [
    's3' => [
        'key' => env('AWS_KEY'),
        'secret' => env('AWS_SECRET'),
    ]
];

After:

// config/storage.php
return [
    's3' => [
        'driver' => 's3',
        'key' => env('S3_ACCESS_KEY_ID'),
        'secret' => env('S3_SECRET_ACCESS_KEY'),
        'region' => env('S3_REGION', 'us-east-1'),
        'bucket' => env('S3_BUCKET'),
        'endpoint' => env('S3_ENDPOINT'),
        'use_path_style_endpoint' => true,

        // Optional behavior hints
        'acl' => env('S3_ACL', 'private'),
        'signed_urls' => env('S3_SIGNED_URLS', true),
        'signed_ttl' => (int) env('S3_SIGNED_URL_TTL', 3600),
        'cdn_base_url' => env('S3_CDN_BASE_URL'),
    ],
];

4. Environment Variable Updates

Several environment variables have been renamed for consistency:

# Redis
REDIS_CACHE_DB REDIS_DB

# Mail
MAIL_SECURE MAIL_ENCRYPTION

# Logging
LOG_PATH LOG_FILE_PATH
# New: LOG_TO_DB=false (default)

# S3 Storage
# New variables:
S3_ACL=private
S3_SIGNED_URLS=true
S3_SIGNED_URL_TTL=3600

# PSR-15 Middleware
PSR15_ENABLED=true
PSR15_AUTO_DETECT=true
PSR15_STRICT=false

5. Validation System

Moved to rules-based system with clearer composition.

Before:

$validator = new Validator([
    'email' => 'required|email',
]);

After:

use Glueful\Validation\Validator;
use Glueful\Validation\Rules\{Required, Email};

$validator = new Validator([
    'email' => [new Required(), new Email()],
]);

$errors = $validator->validate($data);

6. Router Changes

Routes now return standardized JSON for errors.

404 Response:

{
    "error": "Not Found",
    "message": "The requested resource was not found",
    "status": 404
}

405 Response:

{
    "error": "Method Not Allowed",
    "message": "Method POST not allowed. Allowed methods: GET, PUT",
    "status": 405,
    "allowed_methods": ["GET", "PUT"]
}

7. FileUploader Changes

FileUploader now resolves repositories via the DI container.

Before:

$uploader = new FileUploader($storage);
$uploader->setRepository($repository);

After:

// Repository is auto-resolved from container
$uploader = $container->get(FileUploader::class);

Upgrade Checklist

When upgrading between major or minor versions:

  • Review breaking changes for your target version
  • Update environment variables (.env)
  • Update configuration files in config/
  • Run composer update
  • Clear compiled caches: php glueful cache:clear
  • Update service provider registrations
  • Run your test suite
  • Review and update custom middleware
  • Check deprecated features in your codebase

Semantic Versioning

Glueful follows Semantic Versioning:

  • Major versions (2.0.0): Breaking changes, major new features
  • Minor versions (1.1.0): New features, backward-compatible
  • Patch versions (1.0.1): Bug fixes, backward-compatible

Support Policy

  • Latest minor version: Active development, new features, bug fixes
  • Previous minor version: Bug fixes for 6 months
  • Older versions: Security fixes only for 12 months

Release Names

Glueful releases are named after stars and celestial objects:

  • Aurora (1.0.0) - The dawn of the framework
  • Polaris (1.1.0) - The guiding star
  • Vega (1.2.0) - Bright and reliable
  • Deneb (1.3.0) - Distant but brilliant

v1.5.0 - Orion (Minor)

Released: October 13, 2025

Notification system wiring improvements with a shared DI provider and a safer email verification flow that avoids hard prechecks.

Key Highlights

Notifications DI Provider

  • New NotificationsProvider binds ChannelManager and NotificationDispatcher as shared services
  • Extensions can register channels and hooks during boot without ad‑hoc construction

Safer Email Verification & Password Reset

  • EmailVerification/SendNotification resolve dispatcher/channel via DI first (with a clean fallback)
  • Removed ExtensionManager prechecks; rely on dispatcher/channel availability at send time
  • Soft diagnostics log when the email channel is unavailable or no channels succeed

Other Changes

  • Align retry configuration lookup to email-notification.retry (consistent with the extension)
  • Namespacing and static analysis fixes; line‑length formatting for diagnostics

Migration Notes

If you referenced config('extensions.EmailNotification.retry'), update to config('email-notification.retry'). No breaking API changes are introduced in 1.5.0.


v1.7.1 - Canopus

Released: October 21, 2025

Patch release that fixes extension discovery and boot sequencing so enabled extensions reliably load at runtime.

What’s Fixed

  • Framework initializes extensions by calling ExtensionManager::discover() before ::boot().
  • Extension migrations registered via loadMigrationsFrom() are now discovered by migrate:status / migrate:run.
  • CLI extensions:why and extensions:list now accurately reflect included providers after boot.

Impact

  • If you saw “EXCLUDED from final provider list” or “No pending migrations found” for extension migrations, this patch resolves it. No configuration changes required.

v1.7.2 - Antares

Released: October 21, 2025

Patch release improving route loading resilience in extensions and reducing noise in the development server logs.

What’s Fixed

  • Extensions: ServiceProvider::loadRoutesFrom() is now idempotent and exception‑safe.
    • Prevents duplicate route registration when a routes file would otherwise be loaded twice.
    • Catches exceptions from route files; logs and continues in production, rethrows in non‑production for fast feedback.

Developer Experience

  • CLI serve: Reclassifies PHP built‑in server access/startup lines (written to STDERR) as normal output to avoid false [ERROR] entries while preserving real error reporting.