5 Must-Haves in Your Laravel AppServiceProvider

When you start a new Laravel project make sure the following things are included in the AppServiceProvider's boot() method.

1. To prevent accidental data loss, restrict destructive commands like php artisan migrate:fresh from running in production:

   use Illuminate\Support\Facades\DB;
   
   DB::prohibitDestructiveCommands(
   	$this->app->isProduction();
   );
   

2. Make sure the application only runs over HTTPS to keep user data secure:

   use Illuminate\Support\Facades\URL;
   
   URL::forceHttps(
   	$this->app->isProduction()
   );
   

3. Ensures the users' passwords have not been compromised in data leaks.

   use Illuminate\Validation\Rules\Password;
   
   Password::defaults(fn () => $this->app->isProduction() ? Password::min(8)->uncompromised() : null);
   

4. Keep models strict to prevent accessing properties that no longer exist:

   use Illuminate\Database\Eloquent\Model;
   
   Model::shouldBeStrict();
   

5. Save yourself from a potential bug. (If you're unsure about what I mean, I recommend reading this article.)

   use Illuminate\Support\Facades\Date;
   
   Date::use(CarbonImmutable::class);