What’s New in Laravel 13? Complete Guide to Features & Updates

Laravel 13 was released on March 17, 2026, and announced at Laracon EU 2026 by Taylor Otwell. This release continues the framework’s tradition of annual major versions, but it carries more strategic weight than a standard maintenance cycle. The headline story is not a single breaking feature: it is the graduation of the Laravel AI SDK from experimental to production-stable, positioning Laravel as the first major PHP framework with a first-party, provider-agnostic AI development layer built directly into the ecosystem.

The core philosophy of this release centers on two principles: minimal disruption for existing applications, and meaningful capability additions for teams building modern software. Most Laravel 12 applications will complete the upgrade in under one hour, and the framework team has publicly described this as a zero-breaking-change release for the majority of codebases.

However, that framing requires an important qualification. ‘Zero breaking changes’ refers to the upgrade effort under normal conditions, not the complete absence of behavioral differences. There are specific changes to cache prefix formatting, model booting restrictions, CSRF middleware naming, and DELETE query behavior that will affect a subset of production applications. These are covered in detail in the breaking changes section below.

PHP 8.3 is now the minimum supported runtime. Support for PHP 8.2 has been fully dropped. Before any upgrade work begins, verify that your server is running PHP 8.3 or higher.

Support timeline: bug fixes are provided through Q3 2027, and security fixes continue through Q1 2028. Teams on older versions without a clear upgrade plan are accumulating both technical and security risk.

Also Read – Laravel vs Django vs NestJS: The 2026 Backend Framework Comparison

Key New Features in Laravel 13

Laravel 13 ships with a cohesive set of additions that address developer experience, AI capability, queue management, and data querying. Each feature below is summarized with enough detail for a technical decision-maker to assess business and implementation impact.

1. Laravel AI SDK (Stable)

The Laravel AI SDK, previously available as a beta package, is now a first-party, production-stable component of the framework. This is the most significant addition in the release from a product capability standpoint.

The SDK is designed to be provider-agnostic. It works with OpenAI and Anthropic out of the box, and switching between providers is a single configuration value change rather than a code rewrite. The unified interface abstracts away provider-specific API differences, retry logic, and error normalization.

Capabilities included in the stable SDK:

• Text generation with streaming support
• Tool-calling agents that can invoke functions and compose multi-step workflows
• Image creation
• Audio synthesis
• Embedding generation for semantic search and vector operations

A basic agent invocation looks like this:

$result = SalesCoach::make()->prompt('Summarize this customer inquiry: ' . $input);

For engineering and product teams, the business implication is direct. You can now build AI-powered features inside a standard Laravel application without custom abstraction layers, third-party SDK gymnastics, or maintaining your own retry and error-handling logic. The SDK integrates with Laravel’s queue system, meaning long-running AI tasks slot naturally into existing job infrastructure.

2. Native PHP Attributes Across the Framework

Laravel 13 completes the migration toward native PHP Attributes as the standard way to configure framework behavior. This replaces property declarations and configuration arrays in more than 15 framework locations.

On controllers, you can now apply middleware and authorization directly:

#[Middleware('auth')]

#[Authorize('admin')]

class DashboardController extends Controller { ... }

On job classes, you can define retry behavior, backoff strategy, and timeouts inline:

#[Tries(5)]

#[Backoff(60)]

#[Timeout(120)]

#[FailOnTimeout]

class ProcessOrderJob implements ShouldQueue { ... }

The practical effect is that configuration is colocated with the code it governs. Developers reading a job class see its retry policy immediately, without tracing back to a service provider or config file. This reduces cognitive overhead and makes onboarding faster on codebases with many job classes.

3. Domain-Specific Route Priority

Laravel 13 optimizes route handling by introducing automatic Domain-Specific Route Priority. This mechanism ensures domain-constrained routes take precedence over generic wildcard routes, eliminating resolution conflicts and simplifying architecture for multi-tenant applications without sacrificing overall request throughput.

4. Optimized Core Foundation

Continuing the trend of structural efficiency, Laravel 13 carries forward the lean, minimal application skeleton first established in Laravel 11. This consistent architecture preserves a modular design that eliminates unnecessary bloat, providing developers with a highly optimized, lightweight foundation for modern, rapid application deployment.

5. Advanced Queue System

Queue configuration has been centralized through a new Queue::route() method. Instead of setting queue connection and name properties on each job class individually, you can define routing for all job classes from a single location, typically inside a service provider.

Queue::route([

ProcessOrderJob::class => 'orders',

SendEmailJob::class => 'notifications',

]);

This eliminates the need to repeat queue configuration at every dispatch site, and makes it trivial to reroute job classes during high-load periods or infrastructure changes without touching individual job files.

Job-level attributes extend this further. The #[Tries], #[Backoff], #[Timeout], and #[FailOnTimeout] attributes described in the native attributes section apply directly to job classes, replacing the equivalent property declarations.

6. Cache::touch() for TTL Extension

A new Cache::touch() method allows you to extend the time-to-live of a cached item without retrieving its value and writing it back. For high-read caches where the value is not needed but expiration must be deferred, this reduces overhead and simplifies the code required.

7. PreventRequestForgery Middleware

The CSRF middleware has been renamed from VerifyCsrfToken to PreventRequestForgery and enhanced with origin-aware verification. The functional behavior is the same, but the new implementation is more precise in how it validates request origin alongside token matching. Any withoutMiddleware() calls that reference VerifyCsrfToken by class name will need to be updated.

8. JSON:API Resource Support

First-party support for the JSON:API specification is now available through a dedicated resource layer. Teams building APIs that need to comply with the JSON:API spec no longer require external packages to handle serialization, relationship linking, and pagination formatting.

9. Native Vector Similarity Search

The query builder now includes a whereVectorSimilarTo() method that integrates with PostgreSQL’s pgvector extension. This allows similarity search queries to be expressed in standard Eloquent syntax rather than raw SQL:

Article::whereVectorSimilarTo(’embedding’, $queryVector)->limit(10)->get();

For applications building semantic search, recommendation systems, or retrieval-augmented generation pipelines, this removes the need for a raw query or a separate search service for basic vector operations.

10. Laravel Reverb Database Driver

Laravel Reverb, the first-party WebSocket server, now includes a database driver. This means real-time features can be run without a Redis dependency, which simplifies infrastructure for applications that do not otherwise require Redis and reduces operational cost for smaller deployments.

Also Read – Is your Laravel Schema ready for Prime Time? Find out in Minutes with DBStan

What Breaking Changes Does Laravel 13 Introduce?

The ‘zero breaking changes’ description that accompanied the Laravel 13 release refers to the upgrade effort for a well-maintained Laravel 12 codebase. It does not mean the absence of behavioral differences. The following changes have the potential to affect production applications, and each one requires a deliberate fix rather than an automated migration.

Review the table below, identify which changes apply to your application, and address them before promoting to production.

Change	Who Is Affected	Fix
Cache and Redis key prefix format: underscores replaced with hyphens	Any application using Redis, file, or database cache with a prefix configured	Set CACHE_PREFIX and REDIS_PREFIX explicitly in .env to your previous value
Session cookie name format change: same underscore-to-hyphen shift	Any application with active user sessions at deploy time	Set SESSION_COOKIE explicitly in .env; existing sessions will be invalidated otherwise
CSRF middleware renamed from VerifyCsrfToken to PreventRequestForgery	Any route or test that references VerifyCsrfToken by class name in withoutMiddleware()	Update all withoutMiddleware([VerifyCsrfToken::class]) calls to use PreventRequestForgery::class
Model instantiation inside boot() now throws a LogicException	Applications with Eloquent models that instantiate other models during the boot lifecycle	Move model instantiation logic outside the boot() method
Container::call() nullable class parameters now return null instead of a Carbon instance	Applications relying on the previous implicit Carbon resolution behavior	Add explicit bindings or defaults for affected nullable parameters
DELETE with JOIN now includes ORDER BY and LIMIT clauses for MySQL	Any application using joined DELETE queries, particularly bulk-delete operations	Review and test all joined DELETE queries before deploying to production
Morph pivot table name pluralization change: custom pivot models now require explicit table names	Applications using morphed pivot relationships with custom pivot model classes	Add an explicit $table property to affected custom pivot model classes
Pagination view name changed from pagination::default to pagination::bootstrap-3	Applications using pagination views with the default name reference	Update any custom pagination references to use the new view name

If your application upgrades from Laravel 10 or 11, these changes combine with all breaking changes from those intermediate versions. The cumulative list is substantially longer than what appears above.

How to Upgrade to Laravel 13 — Step by Step

The following steps apply to a standard upgrade from Laravel 12. For applications on Laravel 10 or 11, see the multi-version upgrade section below before starting this process.

Step 1: Verify PHP Version

Laravel 13 requires PHP 8.3 or higher. Run the following command on your server or local environment:

php -v

If the output shows PHP 8.2 or lower, upgrade your PHP runtime before touching any framework dependencies. Attempting to upgrade Laravel without the correct PHP version will cause Composer to fail with a dependency resolution error.

Step 2: Audit Dependencies

Before changing composer.json, identify which packages in your project are not yet compatible with Laravel 13:

composer why-not laravel/framework 13.*

Pay particular attention to ecosystem packages that integrate deeply with the framework. Livewire, Inertia.js, Filament, the Spatie package family, Laravel Cashier, Horizon, and Scout are widely used and should be checked individually.

Step 3: Establish a Test Baseline

Run your full test suite before making any changes. Record the pass and fail counts. This is your rollback reference. If you have no test suite or meaningful coverage, treat this upgrade as higher-risk and consider a professional engagement.

php artisan test

Step 4: Update composer.json

Update the relevant lines in your composer.json:

"laravel/framework": "^13.0"

"phpunit/phpunit": "^12.0"

Do not run composer update yet. Make all dependency version changes first.

Step 5: Run the Upgrade

Run the Composer update command with the flag that allows transitive dependency updates:

composer update --with-all-dependencies

If this fails with a dependency resolution error, return to Step 2 and identify the blocking package. Update it or replace it before retrying.

Step 6: Apply Breaking Change Fixes

Work through the breaking changes table from the previous section. The fixes that apply to most applications are:

• Set CACHE_PREFIX, REDIS_PREFIX, and SESSION_COOKIE explicitly in .env
• Update withoutMiddleware() calls from VerifyCsrfToken::class to PreventRequestForgery::class
• Drain all queues before deploying — the serialization format changed and mixed-version workers can cause failures
• Review any DELETE with JOIN queries for MySQL

Step 7: Clear All Caches

php artisan config:clear && php artisan cache:clear && php artisan view:clear && php artisan route:clear

Step 8: Run Tests Again

Any new test failures at this point indicate a breaking change that applies to your application. Investigate each failure before promoting to production. Do not deploy with a failing test suite unless you have explicitly accepted and understood the risk.

Automation vs. professional service: Laravel Shift automates most of Steps 4 through 6 and saves approximately one hour on a clean Laravel 12 codebase. For applications on Laravel 10 or 11, or those with heavy third-party package dependencies, structural debt, or compliance requirements, a professional upgrade engagement is typically faster and lower-risk than a DIY approach.

Also Read – DBStan Enhancements: Catching Database Problems Before They Impact You

Upgrading from Laravel 10 or 11? Here’s What Changes

A direct jump from Laravel 10 to Laravel 13 is not supported in the way a single-version upgrade is. Laravel upgrades are sequential by design. The practical migration path is 10 to 11, then 11 to 12, then 12 to 13. In some cases a 10 to 12 path is viable, but confirm the officially supported sequencing against the Laravel upgrade guides before deciding.

Each major version introduces its own set of breaking changes. When you upgrade across multiple versions, every breaking change from every intermediate version applies to your codebase simultaneously. The cumulative list for a 10-to-13 migration is significantly longer than the eight items in the table above.

There is also a structural dimension. Laravel 11 introduced a new application skeleton with a considerably slimmed directory structure, consolidated service providers, and a simplified bootstrapping model. If your application was built on Laravel 10’s skeleton, migrating that structure adds effort beyond Composer version changes. It requires decisions about which service providers to consolidate, how to map old configuration patterns to new ones, and whether to migrate incrementally or restructure in a single pass.

Applications on Laravel 10 or 11 are also more likely to carry accumulated structural debt: controllers with embedded business logic, missing or thin test coverage, tight coupling between service classes, or dependency on packages that have since been deprecated or unmaintained. An upgrade surfaces this debt because automated tools cannot resolve architectural problems, only syntactic ones.

This is where automated tools like Laravel Shift reach their practical limits. Shift handles mechanical transformations well. It cannot make architectural decisions, cannot resolve hidden coupling, and cannot provide post-upgrade test coverage. Multi-version migrations from legacy code are the scenario where a professional engagement delivers faster results and meaningfully lower risk than a self-managed process.

IT Path Solutions handles multi-version Laravel upgrades end-to-end: dependency audit, incremental version migration, test coverage remediation, and post-upgrade AI SDK feature adoption for teams that want to move quickly after getting to Laravel 13.

Common Laravel 13 Upgrade Errors and How to Fix Them

The following errors appear most frequently after a Laravel 13 upgrade. Each entry is formatted as symptom, cause, and fix so you can diagnose quickly without reading through the full upgrade notes.

Symptom	Cause	Fix
All users are logged out after deployment	Session cookie name changed from underscore to hyphen format in Laravel 13	Set SESSION_COOKIE explicitly in .env to preserve the previous cookie name
LogicException thrown on model instantiation	A model is being instantiated inside a boot() method, which is now disallowed	Move model instantiation logic outside the boot() lifecycle method
Jobs are failing immediately after upgrade	Queue serialization format changed; pre-upgrade jobs in the queue use the old format	Drain all queues before deploying; run a mixed worker pool temporarily if needed
Composer cannot resolve dependencies	One or more packages have not released a version compatible with laravel/framework:^13.0	Run composer why-not laravel/framework 13.* and upgrade or replace blocking packages
QueryException on DELETE with JOIN statements	ORDER BY and LIMIT are now included in MySQL DELETE with JOIN queries	Review and test all joined DELETE logic before promoting to production
PHP version mismatch error during composer update	The server is still running PHP 8.2, which is not supported by Laravel 13	Upgrade PHP to 8.3 or higher before attempting the framework upgrade
CSRF middleware class not found	VerifyCsrfToken was renamed to PreventRequestForgery in Laravel 13	Update all withoutMiddleware() calls to reference PreventRequestForgery::class

If the fixes above have not resolved your issue, the problem is likely in your application’s architecture rather than the upgrade itself. Contact IT Path Solutions for a diagnostic review.

Laravel Shift vs. Hiring a Developer — Which Is Right for Your Upgrade?

This is one of the most common questions teams ask when planning a Laravel upgrade, and the honest answer is that it depends on your codebase, not on preference. Both options have clearly defined strengths and clearly defined limits.

What Laravel Shift Does

Laravel Shift is an automated migration tool built and maintained by Jason McCreary, a well-regarded contributor to the Laravel ecosystem. It automates the mechanical changes required for a version upgrade: updating composer.json dependencies, replacing deprecated method calls, adopting new PHP syntax patterns, and applying attribute-based configuration where applicable.

For a clean Laravel 12 codebase with good test coverage, Shift typically saves approximately one hour of manual work. It is priced at roughly $9 to $39 per Shift depending on the version distance. For the specific scenario it is designed for, it is the right tool.

Where Shift Reaches Its Limits

Laravel Shift handles syntactic and structural transformations. It cannot:

• Identify or resolve hidden coupling in controllers or service classes
• Make architectural decisions about how to restructure code affected by breaking changes
• Provide post-upgrade test coverage or validate that behavior is preserved
• Support a compliance or zero-downtime deployment requirement
• Handle multi-version migrations where the cumulative change surface is large

The Decision Guide

Choose Laravel Shift If…	Choose a Professional If…
Your application is already on Laravel 12	Your application is on Laravel 10 or 11 and requires a multi-version migration
You have solid test coverage (70% or above)	Your application has minimal or no test coverage
No compliance or zero-downtime deployment requirements	You have compliance requirements or a zero-downtime deployment constraint
A developer is available to review and merge the Shift pull request	Your team does not have internal Laravel expertise to handle post-Shift issues
You are not planning to adopt Laravel 13’s AI SDK features immediately	You want to adopt AI SDK features after the upgrade and need architectural guidance

The deciding factor is codebase complexity, not preference. Shift is a legitimate, well-regarded tool with a strong track record for straightforward upgrades. Reaching for professional help is the right call when complexity exceeds what automation can safely handle.

Laravel Expertise for Complex Modern Applications

Upgrading across multiple Laravel versions is rarely just a Composer update. Legacy architecture, package conflicts, missing test coverage, and deployment risk can quickly turn a “simple upgrade” into weeks of engineering overhead.

If your team needs expert support for Laravel 13 migration, AI SDK integration, performance optimization, or zero-downtime deployment planning, you can hire Laravel developer from IT Path Solutions to accelerate the process with experienced Laravel specialists.

Frequently Asked Questions

Q1: What PHP version does Laravel 13 require?

Laravel 13 requires PHP 8.3 or higher. Support for PHP 8.2 has been removed. Before beginning any upgrade, verify your server’s PHP version by running php -v. If your server runs PHP 8.2, upgrade the PHP runtime first. Attempting to upgrade the framework without the correct PHP version will cause Composer to reject the update with a dependency resolution error.

Q2: What are the breaking changes in Laravel 13?

Laravel 13 includes several behavioral changes that may affect production applications. The most impactful are:

• cache and session cookie names now use hyphen separators instead of underscores — fix by setting CACHE_PREFIX and SESSION_COOKIE explicitly in .env;
• the VerifyCsrfToken middleware has been renamed to PreventRequestForgery;
• model instantiation inside boot() methods now throws a LogicException;
• DELETE with JOIN queries now include ORDER BY and LIMIT clauses for MySQL.

Most applications upgrading from Laravel 12 will encounter only one or two of these.

Q3: How long does a Laravel 13 upgrade take?

For a standard Laravel 12 application with good test coverage, the mechanical upgrade takes approximately one hour using Laravel Shift or Composer. For applications on Laravel 10 or 11, expect one to three days due to cumulative breaking changes across multiple major versions. For applications with significant technical debt, missing test coverage, or complex package dependencies, the timeline extends further. These are cases where a professional upgrade engagement delivers faster and safer results than a self-managed process.

Q4: Can I upgrade from Laravel 10 to Laravel 13 directly?

Laravel upgrades are sequential. You cannot skip directly from version 10 to version 13 without addressing intermediate breaking changes. The practical path is 10 to 11 to 12 to 13, or in some cases 10 to 12 to 13. Each version introduces its own breaking changes, and the cumulative list for a multi-version jump is substantially longer than a single-version upgrade. IT Path Solutions handles multi-version upgrade paths as part of its Laravel migration services.

Q5: What is the Laravel AI SDK introduced in Laravel 13?

Laravel 13 includes a first-party, production-stable AI SDK that provides a unified, provider-agnostic interface for text generation, tool-calling agents, image creation, audio synthesis, and embedding generation. It supports OpenAI and Anthropic as providers. Switching between providers requires changing one configuration value. The SDK handles retry logic, error normalization, and queue integration. Teams can now build AI-powered product features inside a standard Laravel application without custom abstraction layers or third-party SDK dependencies.

Q6: Is it better to use Laravel Shift or hire a developer for a Laravel 13 upgrade?

Laravel Shift is the right choice for applications already on Laravel 12 with solid test coverage and no compliance or zero-downtime requirements. It handles the mechanical changes for approximately $9 to $39 and saves roughly one hour of work. Hiring a professional is the right choice for multi-version upgrades (Laravel 10 or 11 to 13), applications with significant technical debt or minimal test coverage, production environments with zero-downtime requirements, or teams planning to adopt Laravel 13’s AI SDK capabilities after the upgrade. The deciding factor is codebase complexity, not preference.