Typed Translation Accessors in Laravel 13.15.0

The Laravel team released v13.15.0 with typed translation accessors, JSON Schema deserialization, a dedicated Cloud queue driver, and a couple of security-related validation and routing fixes.

• Typed trans()->string() and trans()->array() accessors
• JSON Schema array deserialization and multi-type union support
• A dedicated Cloud queue driver with managed queue handling
• A fix for a date_equals validation bypass and tighter route unserialization

#What’s New

#Typed Translation Accessors

The translation helpers return broad types: __() returns array|string|null, and trans() returns Translator|array|string. That works in Blade, but it adds friction in strictly-typed code and static analysis. This release adds two typed accessors on the Translator to return a concrete type:

public function label(): string
{
    return trans()->string($this->name);
}
 
public function options(): array
{
    return trans()->array($this->options_key);
}

The approach mirrors existing typed helpers like config() and request(). See #60443.

#JSON Schema Deserialization

The JsonSchema component gained a fromArray() deserializer that turns a raw JSON Schema array back into Type objects, the inverse of serialization. The release also adds multi-type union support to the schema builder. See #60387 and #60455.

#Dedicated Cloud Queue Driver

Several changes land a dedicated queue driver for Laravel Cloud’s managed queues. Managed queues are booted before service providers, the queue throws a ManagedQueueNotFoundException when a configured queue is missing, and FIFO queue name normalization was corrected. The request ID header was renamed from X-Request-ID to Cloud-Request-ID and is now output in logs. See #60181, #60199, #60276, #60189, #60166, and #60316.

#Enums in Queue::route()

You can now pass enum cases to Queue::route() for both the queue name and the connection when routing jobs. See #60402.

#Security: date_equals Validation Bypass

The date_equals rule used loose comparison. An invalid date string parses to null, and null == 0 evaluates to true, so an invalid date could pass validation against a reference date that parses to a falsy value (for example 1970-01-01 00:00:00). The fix uses strict comparison for the equal operator while keeping loose comparison for legitimate DateTime objects. See #60393.

#Security: Restricted Route Unserialization

Routing unserialization now restricts the classes it will accept, reducing the surface for object injection during route caching and resolution. See #60391.

#Number Helper Fixes

A few edge cases in the Number helper were corrected: Number::fileSize() now handles negative byte values, Number::trim() no longer returns null for INF and NAN, and Number::pairs() now handles negative step values gracefully while throwing an exception for a zero step to prevent infinite loops. See #60147, #60322, and #60324.

#Other Fixes and Improvements

• Fixed infinite recursion when a model scope is defined with a private attribute, and when a middleware group references itself (#59958, #60002)
• queue:failed now shows the real class name (#60279)
• Added Prohibitable to cache:clear and queue:flush (#60430)
• Made InvokedProcess macroable (#60392)
• Ensured unchanged compiled Blade views are not left expired (#60401)
• Added generics to DatabaseTransactionsManager getters and QueueRoutes::all() (#60420, #60447)

References

• Official changelog
• Release v13.15.0

Source: https://laravel-news.com