-
Notifications
You must be signed in to change notification settings - Fork 299
Add laravel-best-practices skill #628
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open
pushpak1300
wants to merge
10
commits into
main
Choose a base branch
from
add_laravel_best_practice_skill
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
+2,071
−21
Open
Changes from 7 commits
Commits
Show all changes
10 commits
Select commit
Hold shift + click to select a range
8fb3b45
Add laravel-best-practices skill
pushpak1300 0343aae
Formatting
pushpak1300 1e07401
Update SKILL.md
pushpak1300 e470e20
Improve laravel-best-practices skill with modern patterns and fixes
pushpak1300 503771f
Formatting
pushpak1300 b694c3c
Remove opinionated rules and add consistency-first principle to larav…
pushpak1300 8748b49
Concise Skill
pushpak1300 18370c1
Merge branch 'main' into add_laravel_best_practice_skill
pushpak1300 e953f47
Fix whereIn example to use select() subquery instead of pluck()
pushpak1300 fa2b5ba
formatting
taylorotwell File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,189 @@ | ||
| --- | ||
| name: laravel-best-practices | ||
| description: "Apply this skill whenever writing, reviewing, or refactoring Laravel PHP code. This includes creating or modifying controllers, models, migrations, form requests, policies, jobs, scheduled commands, service classes, and Eloquent queries. Triggers for N+1 and query performance issues, caching strategies, authorization and security patterns, validation, error handling, queue and job configuration, route definitions, and architectural decisions. Also use for Laravel code reviews and refactoring existing Laravel code to follow best practices. Covers any task involving Laravel backend PHP code patterns." | ||
| license: MIT | ||
| metadata: | ||
| author: laravel | ||
| --- | ||
|
|
||
| # Laravel Best Practices | ||
|
|
||
| Best practices for Laravel 12, prioritized by impact. Each rule teaches what to do and why. For exact API syntax, verify with `search-docs`. | ||
|
|
||
| ## Consistency First | ||
|
|
||
| Before applying any rule, check what the application already does. Laravel offers multiple valid approaches — the best choice is the one the codebase already uses, even if another pattern would be theoretically better. Inconsistency is worse than a suboptimal pattern. | ||
|
|
||
| Check sibling files, related controllers, models, or tests for established patterns. If one exists, follow it — don't introduce a second way. These rules are defaults for when no pattern exists yet, not overrides. | ||
|
|
||
| ## Quick Reference | ||
|
|
||
| ### 1. Database Performance → `rules/db-performance.md` | ||
|
|
||
| - Eager load with `with()` to prevent N+1 queries | ||
| - Enable `Model::preventLazyLoading()` in development | ||
| - Select only needed columns, avoid `SELECT *` | ||
| - `chunk()` / `chunkById()` for large datasets | ||
| - Index columns used in `WHERE`, `ORDER BY`, `JOIN` | ||
| - `withCount()` instead of loading relations to count | ||
| - `cursor()` for memory-efficient read-only iteration | ||
| - Never query in Blade templates | ||
|
|
||
| ### 2. Advanced Query Patterns → `rules/advanced-queries.md` | ||
|
|
||
| - `addSelect()` subqueries over eager-loading entire has-many for a single value | ||
| - Dynamic relationships via subquery FK + `belongsTo` | ||
| - Conditional aggregates (`CASE WHEN` in `selectRaw`) over multiple count queries | ||
| - `setRelation()` to prevent circular N+1 queries | ||
| - `whereIn` + `pluck()` over `whereHas` for better index usage | ||
| - Two simple queries can beat one complex query | ||
| - Compound indexes matching `orderBy` column order | ||
| - Correlated subqueries in `orderBy` for has-many sorting (avoid joins) | ||
|
|
||
| ### 3. Security → `rules/security.md` | ||
|
|
||
| - Define `$fillable` or `$guarded` on every model, authorize every action via policies or gates | ||
| - No raw SQL with user input — use Eloquent or query builder | ||
| - `{{ }}` for output escaping, `@csrf` on all POST/PUT/DELETE forms, `throttle` on auth and API routes | ||
| - Validate MIME type, extension, and size for file uploads | ||
| - Never commit `.env`, use `config()` for secrets, `encrypted` cast for sensitive DB fields | ||
|
|
||
| ### 4. Caching → `rules/caching.md` | ||
|
|
||
| - `Cache::remember()` over manual get/put | ||
| - `Cache::flexible()` for stale-while-revalidate on high-traffic data | ||
| - `Cache::memo()` to avoid redundant cache hits within a request | ||
| - Cache tags to invalidate related groups | ||
| - `Cache::add()` for atomic conditional writes | ||
| - `once()` to memoize per-request or per-object lifetime | ||
| - `Cache::lock()` / `lockForUpdate()` for race conditions | ||
| - Failover cache stores in production | ||
|
|
||
| ### 5. Eloquent Patterns → `rules/eloquent.md` | ||
|
|
||
| - Correct relationship types with return type hints | ||
| - Local scopes for reusable query constraints | ||
| - Global scopes sparingly — document their existence | ||
| - Attribute casts in the `casts()` method | ||
| - Cast date columns, use Carbon instances in templates | ||
| - `whereBelongsTo($model)` for cleaner queries | ||
|
|
||
| ### 6. Validation & Forms → `rules/validation.md` | ||
|
|
||
| - Form Request classes, not inline validation | ||
| - Array notation `['required', 'email']` for new code; follow existing convention | ||
| - `$request->validated()` only — never `$request->all()` | ||
| - `Rule::when()` for conditional validation | ||
| - `after()` instead of `withValidator()` | ||
|
|
||
| ### 7. Configuration → `rules/config.md` | ||
|
|
||
| - `env()` only inside config files | ||
| - `App::environment()` or `app()->isProduction()` | ||
| - Config, lang files, and constants over hardcoded text | ||
|
|
||
| ### 8. Testing Patterns → `rules/testing.md` | ||
|
|
||
| - `LazilyRefreshDatabase` over `RefreshDatabase` for speed | ||
| - `assertModelExists()` over raw `assertDatabaseHas()` | ||
| - Factory states and sequences over manual overrides | ||
| - Use fakes (`Event::fake()`, `Exceptions::fake()`, etc.) — but always after factory setup, not before | ||
| - `recycle()` to share relationship instances across factories | ||
|
|
||
| ### 9. Queue & Job Patterns → `rules/queue-jobs.md` | ||
|
|
||
| - `retry_after` must exceed job `timeout`; use exponential backoff `[1, 5, 10]` | ||
| - `ShouldBeUnique` to prevent duplicates; `WithoutOverlapping::untilProcessing()` for concurrency | ||
| - Always implement `failed()`; with `retryUntil()`, set `$tries = 0` | ||
| - `RateLimited` middleware for external API calls; `Bus::batch()` for related jobs | ||
| - Horizon for complex multi-queue scenarios | ||
|
|
||
| ### 10. Routing & Controllers → `rules/routing.md` | ||
|
|
||
| - Implicit route model binding | ||
| - Scoped bindings for nested resources | ||
| - `Route::resource()` or `apiResource()` | ||
| - Methods under 10 lines — extract to actions/services | ||
| - Type-hint Form Requests for auto-validation | ||
|
|
||
| ### 11. HTTP Client → `rules/http-client.md` | ||
|
|
||
| - Explicit `timeout` and `connectTimeout` on every request | ||
| - `retry()` with exponential backoff for external APIs | ||
| - Check response status or use `throw()` | ||
| - `Http::pool()` for concurrent independent requests | ||
| - `Http::fake()` and `preventStrayRequests()` in tests | ||
|
|
||
| ### 12. Events, Notifications & Mail → `rules/events-notifications.md`, `rules/mail.md` | ||
|
|
||
| - Event discovery over manual registration; `event:cache` in production | ||
| - `ShouldDispatchAfterCommit` / `afterCommit()` inside transactions | ||
| - Queue notifications and mailables with `ShouldQueue` | ||
| - On-demand notifications for non-user recipients | ||
| - `HasLocalePreference` on notifiable models | ||
| - `assertQueued()` not `assertSent()` for queued mailables | ||
| - Markdown mailables for transactional emails | ||
|
|
||
| ### 13. Error Handling → `rules/error-handling.md` | ||
|
|
||
| - `report()`/`render()` on exception classes or in `bootstrap/app.php` — follow existing pattern | ||
| - `ShouldntReport` for exceptions that should never log | ||
| - Throttle high-volume exceptions to protect log sinks | ||
| - `dontReportDuplicates()` for multi-catch scenarios | ||
| - Force JSON rendering for API routes | ||
| - Structured context via `context()` on exception classes | ||
|
|
||
| ### 14. Task Scheduling → `rules/scheduling.md` | ||
|
|
||
| - `withoutOverlapping()` on variable-duration tasks | ||
| - `onOneServer()` on multi-server deployments | ||
| - `runInBackground()` for concurrent long tasks | ||
| - `environments()` to restrict to appropriate environments | ||
| - `takeUntilTimeout()` for time-bounded processing | ||
| - Schedule groups for shared configuration | ||
|
|
||
| ### 15. Architecture → `rules/architecture.md` | ||
|
|
||
| - Single-purpose Action classes; dependency injection over `app()` helper | ||
| - Prefer official Laravel packages and follow conventions, don't override defaults | ||
| - Default to `ORDER BY id DESC` or `created_at DESC`; `mb_*` for UTF-8 safety | ||
| - S3 on Cloud/Vapor — local disk is ephemeral | ||
| - `defer()` for post-response work; `Context` for request-scoped data; `Concurrency::run()` for parallel execution | ||
|
|
||
| ### 16. Migrations → `rules/migrations.md` | ||
|
|
||
| - Generate migrations with `php artisan make:migration` | ||
| - `constrained()` for foreign keys | ||
| - Never modify migrations that have run in production | ||
| - Add indexes in the migration, not as an afterthought | ||
| - Mirror column defaults in model `$attributes` | ||
| - Reversible `down()` by default; forward-fix migrations for intentionally irreversible changes | ||
| - One concern per migration — never mix DDL and DML | ||
|
|
||
| ### 17. Collections → `rules/collections.md` | ||
|
|
||
| - Higher-order messages for simple collection operations | ||
| - `cursor()` vs `lazy()` — choose based on relationship needs | ||
| - `lazyById()` when updating records while iterating | ||
| - `toQuery()` for bulk operations on collections | ||
|
|
||
| ### 18. Blade & Views → `rules/blade-views.md` | ||
|
|
||
| - `$attributes->merge()` in component templates | ||
| - Blade components over `@include`; `@pushOnce` for per-component scripts | ||
| - View Composers for shared view data | ||
| - `@aware` for deeply nested component props | ||
|
|
||
| ### 19. Conventions & Style → `rules/style.md` | ||
|
|
||
| - Follow Laravel naming conventions for all entities | ||
| - Prefer Laravel helpers (`Str`, `Arr`, `Number`, `Uri`, `Str::of()`, `$request->string()`) over raw PHP functions | ||
| - No JS/CSS in Blade, no HTML in PHP classes | ||
| - Code should be readable; comments only for config files | ||
|
|
||
| ## How to Apply | ||
|
|
||
| 1. Identify the file type and select relevant sections (e.g., migration → §16, controller → §1, §3, §5, §6, §10) | ||
| 2. Check sibling files for existing patterns — follow those first per Consistency First | ||
| 3. Apply matching bullets; read rule files via sub-agent only when a bullet is ambiguous or the task involves a nuanced pattern | ||
| 4. Verify API syntax with `search-docs` for the installed Laravel version |
106 changes: 106 additions & 0 deletions
106
.ai/laravel/12/skill/laravel-best-practices/rules/advanced-queries.md
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,106 @@ | ||
| # Advanced Query Patterns | ||
|
|
||
| ## Use `addSelect()` Subqueries for Single Values from Has-Many | ||
|
|
||
| Instead of eager-loading an entire has-many relationship for a single value (like the latest timestamp), use a correlated subquery via `addSelect()`. This pulls the value directly in the main SQL query — zero extra queries. | ||
|
|
||
| ```php | ||
| public function scopeWithLastLoginAt($query): void | ||
| { | ||
| $query->addSelect([ | ||
| 'last_login_at' => Login::select('created_at') | ||
| ->whereColumn('user_id', 'users.id') | ||
| ->latest() | ||
| ->take(1), | ||
| ])->withCasts(['last_login_at' => 'datetime']); | ||
| } | ||
| ``` | ||
|
|
||
| ## Create Dynamic Relationships via Subquery FK | ||
|
|
||
| Extend the `addSelect()` pattern to fetch a foreign key via subquery, then define a `belongsTo` relationship on that virtual attribute. This provides a fully-hydrated related model without loading the entire collection. | ||
|
|
||
| ```php | ||
| public function lastLogin(): BelongsTo | ||
| { | ||
| return $this->belongsTo(Login::class); | ||
| } | ||
|
|
||
| public function scopeWithLastLogin($query): void | ||
| { | ||
| $query->addSelect([ | ||
| 'last_login_id' => Login::select('id') | ||
| ->whereColumn('user_id', 'users.id') | ||
| ->latest() | ||
| ->take(1), | ||
| ])->with('lastLogin'); | ||
| } | ||
| ``` | ||
|
|
||
| ## Use Conditional Aggregates Instead of Multiple Count Queries | ||
|
|
||
| Replace N separate `count()` queries with a single query using `CASE WHEN` inside `selectRaw()`. Use `toBase()` to skip model hydration when you only need scalar values. | ||
|
|
||
| ```php | ||
| $statuses = Feature::toBase() | ||
| ->selectRaw("count(case when status = 'Requested' then 1 end) as requested") | ||
| ->selectRaw("count(case when status = 'Planned' then 1 end) as planned") | ||
| ->selectRaw("count(case when status = 'Completed' then 1 end) as completed") | ||
| ->first(); | ||
| ``` | ||
|
|
||
| ## Use `setRelation()` to Prevent Circular N+1 | ||
|
|
||
| When a parent model is eager-loaded with its children, and the view also needs `$child->parent`, use `setRelation()` to inject the already-loaded parent rather than letting Eloquent fire N additional queries. | ||
|
|
||
| ```php | ||
| $feature->load('comments.user'); | ||
| $feature->comments->each->setRelation('feature', $feature); | ||
| ``` | ||
|
|
||
| ## Prefer `whereIn` + `pluck()` Over `whereHas` | ||
|
|
||
| `whereHas()` emits a correlated `EXISTS` subquery that re-executes per row. A separate `pluck()` query followed by `whereIn()` lets the database use an index lookup instead. | ||
|
|
||
| Incorrect (correlated EXISTS re-executes per row): | ||
|
|
||
| ```php | ||
| $query->whereHas('company', fn ($q) => $q->where('name', 'like', $term)); | ||
| ``` | ||
|
|
||
| Correct (index-friendly lookup): | ||
|
|
||
| ```php | ||
| $query->whereIn('company_id', Company::where('name', 'like', $term)->pluck('id')); | ||
| ``` | ||
|
|
||
| ## Sometimes Two Simple Queries Beat One Complex Query | ||
|
|
||
| Running a small, targeted secondary query and passing its results via `whereIn` is often faster than a single complex correlated subquery or join. The additional round-trip is worthwhile when the secondary query is highly selective and uses its own index. | ||
|
|
||
| ## Use Compound Indexes Matching `orderBy` Column Order | ||
|
|
||
| When ordering by multiple columns, create a single compound index in the same column order as the `ORDER BY` clause. Individual single-column indexes cannot combine for multi-column sorts — the database will filesort without a compound index. | ||
|
|
||
| ```php | ||
| // Migration | ||
| $table->index(['last_name', 'first_name']); | ||
|
|
||
| // Query — column order must match the index | ||
| User::query()->orderBy('last_name')->orderBy('first_name')->paginate(); | ||
| ``` | ||
|
|
||
| ## Use Correlated Subqueries for Has-Many Ordering | ||
|
|
||
| When sorting by a value from a has-many relationship, avoid joins (they duplicate rows). Use a correlated subquery inside `orderBy()` instead, paired with an `addSelect` scope for eager loading. | ||
|
|
||
| ```php | ||
| public function scopeOrderByLastLogin($query): void | ||
| { | ||
| $query->orderByDesc(Login::select('created_at') | ||
| ->whereColumn('user_id', 'users.id') | ||
| ->latest() | ||
| ->take(1) | ||
| ); | ||
| } | ||
| ``` | ||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.