Day 2 Update: Unblocked — Full PR List, Confidence Ratings, and What's Next
This is a follow-up to yesterday's post. I was unblocked from the Laravel GitHub organisation yesterday — thank you.
Since being unblocked, I've been submitting the fixes I had queued up. The scope has grown well beyond the original 25 patches. Here's the full accounting of everything that's been submitted, what still lives on forks/gists, confidence levels for each fix.
Master tracking gist: GitHub Gist
The numbers
- 91 PRs submitted to upstream laravel/* repos
- 39 open, 45 closed, 1 merged
- 26 repos touched
- 30 gists with standalone patches
- Plus 100 PRs on my personal forks (many overlap with upstream submissions)
I know that's a lot. Apologies for the influx — I've been trying to submit gradually and push to my own forks first to avoid overwhelming maintainers. Many of the closed ones were closed by maintainers (understandably), and the fixes for those still live on my forks if anyone wants to pick them up.
Context
I've been using Claude Code to systematically work through open issues across the Laravel ecosystem. Every fix targets an existing open issue that already has community reports. The process was:
- Find issues with multiple reports or long comment threads
- Have Claude Code analyse the root cause and write a fix
- Run the repo's full test suite
- Test on my Windows machine (and macOS where applicable)
- Document before/after results
I develop sometimes on Windows 11 Pro (AMD Ryzen 9 9950X3D, PHP 8.4 via Herd, WSL2, Docker Desktop). A lot of the Windows-specific issues I have experienced first hand from using it. The Laravel team is predominantly on macOS, so some Windows edge cases are easy to miss — it is a different testing surface that I happen to cover. I've also verified the cross-platform fixes on macOS (Darwin 25.3.0, PHP 8.4.19) Mac 2021 M1 16gb which is getting old now but still good.
These PRs may still need proper review and testing and need to consider edge cases that I may not be aware of. Laravel team also have to consider if they want to support the features and changes I have added. I'm not expecting anything to be merged on faith. Some may need adjustments, and I'm happy to iterate. Anyone can replicate what I've done by pointing Claude Code at these same issues — the fixes themselves aren't special, but hopefully the testing and documentation saves some review time.
Already merged (1)
This one made it in:
| Repo | PR | Title |
|---|---|---|
| laravel/dusk | #1189 | Fix findButtonByText to prefer exact text match over contains |
Open upstream PRs — by repo
laravel/cloud-cli (29 open)
This was the deepest dive. The cloud CLI is relatively new and had a lot of low-hanging fruit — bug fixes, missing features, and test coverage. It also adds some additional features (nice to haves). I have combined all these efforts into 1 big PR on my own fork and will be testing and reviewing the forked cloud-cli and reporting on any bugs or issues I find from actual real world testing.
| PR | Title | Confidence | Notes |
|---|---|---|---|
| #25 | Fix token deduplication and stale token accumulation | 85% | Straightforward data cleanup |
| #32 | Add --hide-secrets flag to redact env var values | 80% | New feature, clean implementation |
| #33 | Add --token flag and LARAVEL_CLOUD_API_TOKEN env var support | 80% | Standard CLI auth pattern |
| #34 | Fix inconsistent error handling between commands and resolvers | 75% | Touches many files — needs careful review |
| #35 | Fix token validation performance with cached org names | 80% | Performance improvement |
| #36 | Enable commented-out application command tests | 70% | Tests may have been disabled for a reason |
| #37 | Improve resolver error messages with specific failure context | 85% | UX improvement, additive |
| #42 | Fix wrong RequestException import in 7 commands | 90% | Clear bug — wrong class imported |
| #43 | Comprehensive test coverage — 87 files, 378 tests, 3% to 100% | 65% | Massive — needs thorough review |
| #52 | Fix 5 bugs found during test coverage work | 85% | Found while writing tests |
| #53 | Add missing CLI options for non-interactive create commands | 75% | Feature addition |
| #54 | Refactor: decompose Ship.php from 788 to 152 lines | 60% | Major refactor — may not match team's vision |
| #58 | Fix database command bugs — restore, snapshot, cluster update | 80% | Multiple targeted fixes |
| #63 | Add --hide-secrets flag to redact connection credentials | 80% | Security feature |
| #64 | Add global --application and --environment flags | 70% | Opinionated UX change |
| #70 | Add environment:start and environment:stop commands | 70% | New commands — depends on API support |
| #71 | Add deployment:logs command | 75% | New command |
| #72 | Add env:variables delete and metrics commands | 70% | New commands |
| #74 | Fix 8 reliability issues in cloud ship command | 80% | Bug fixes in critical path |
| #75 | Auto-show deployment logs on failure | 85% | UX improvement |
| #80 | Add command aliases and cloud use context command | 70% | Opinionated UX |
| #81 | Add env:pull and env:push commands for .env file sync | 75% | New feature |
| #82 | Add --dry-run flag for deploy and ship commands | 80% | Safety feature |
| #87 | Fix credential leak in DatabaseOpen and remove dead code | 90% | Security fix |
| #90 | Fix InstanceDelete return constant and AuthToken empty tokens guard | 85% | Small targeted fixes |
| #92 | Fix incorrect documentation in markdown files | 90% | Docs only |
| #95 | Fix hardcoded URLs for private Cloud compatibility | 85% | Makes self-hosted work |
| #101 | Add cloud status command | 75% | New command |
| #102 | Add debug, health check, and ci:setup commands | 70% | New commands |
laravel/forge-cli (4 open)
| PR | Title | Confidence | Notes |
|---|---|---|---|
| #109 | Fix critical bugs: missing DB types, null references, path logic | 85% | Multiple clear bugs |
| #110 | Fix typo, password exposure, version check error handling | 85% | Security + UX |
| #111 | Hide unimplemented command, centralise DB types, null safety | 75% | Code quality |
| #125 | Fix php_uname() ValueError on PHP 8.4+ | 95% | Clear PHP version compat fix |
laravel/forge-sdk (2 open)
| PR | Title | Confidence | Notes |
|---|---|---|---|
| #206 | Fix missing return values, URL inconsistencies, comparison operators | 80% | Multiple small fixes |
| #207 | Fix incorrect and inconsistent docstrings | 75% | Docs |
laravel/forge-monitor (2 open)
| PR | Title | Confidence | Notes |
|---|---|---|---|
| #76 | Fix critical bugs: incorrect import, null returns, SQL interpolation | 85% | Security + correctness |
| #77 | Improve error handling in commands, notifications, config validation | 75% | Hardening |
laravel/forge-database-backups (1 open)
| PR | Title | Confidence | Notes |
|---|---|---|---|
| #10 | Fix security vulnerabilities and improve reliability | 80% | Security fixes in backup script |
laravel/larachat (1 open)
| PR | Title | Confidence | Notes |
|---|---|---|---|
| #6 | Migrate to Laravel AI SDK with conversation memory | 60% | Large migration — may not match direction |
Fixes on forks (not yet submitted upstream)
These are ready to submit gradually. All live on my GitHub forks with full PR descriptions and test results.
Windows Fixes
| Fork PR | Issue | Title | Confidence | Notes |
|---|---|---|---|---|
| JoshSalway/sail #1 | sail #850 | Windows/WSL detection in sail script | 85% | Tested on Git Bash + Windows PHP |
| JoshSalway/sail #2 | sail #843 | .sh → .sql for testing DB init | 95% | Matches existing PostgreSQL approach |
| JoshSalway/sail #3 | sail #815 | xvfb-run for headed browser tests | 80% | Works in Docker, transparent for non-browser |
| JoshSalway/sail #4 | sail #809 | Update sail share default host/port | 90% | Config fix |
| JoshSalway/octane #1 | octane #1100 | POSIX signal constant fallbacks for Windows | 90% | defined() checks are safe, zero behaviour change on Linux/macOS |
| JoshSalway/octane #3 | octane #1077 | Propagate #[Singleton] attribute bindings | 75% | Needs real Octane testing |
| JoshSalway/octane #4 | octane | Fix null worker crash in Swoole during reload | 80% | Edge case fix |
| JoshSalway/prompts #1 | prompts #201 | Static spinner for --no-ansi | 85% | Fallback rendering |
| JoshSalway/prompts #2 | prompts #189 | Fix nested Symfony style tags | 80% | Regex fix |
| JoshSalway/installer #1 | installer #410 | Only run post-root-package-install if exists | 90% | Guard check |
| JoshSalway/installer #2 | installer #465 | Apply package manager to GitHub workflows | 85% | Template fix |
| JoshSalway/installer #3 | installer #441 | Remove unsupported formatting tags | 90% | Simple removal |
| JoshSalway/installer #4 | installer #471 | Prevent infinite loop on self-update failure | 85% | Guard against edge case |
| JoshSalway/wayfinder #1 | wayfinder #160 | Fix TypeError on inline variable assignment | 80% | Edge case in TS generation |
| JoshSalway/wayfinder #2 | wayfinder #190 | Fix array_is_list TypeError on overlapping paths | 85% | Clear bug |
| JoshSalway/wayfinder #3 | wayfinder #195 | Emit generic type parameters in TS conversion | 75% | TypeScript edge case |
Cross-Platform Fixes
| Fork PR | Issue | Title | Confidence | Notes |
|---|---|---|---|---|
| JoshSalway/framework #2 | framework #56652 | Fix memory leak in query log for Octane workers | 85% | Clear leak |
| JoshSalway/framework #4 | framework #58377 | Remove unnecessary clone in SessionManager | 95% | One-line fix, 93 tests pass |
| JoshSalway/framework #5 | framework #57456 | Fix previousPath() for external referrers | 85% | URL handling fix |
| JoshSalway/framework #6 | framework #59012 | Fix TypeError in Http::retry() with null callback | 90% | Type safety fix |
| JoshSalway/framework #7 | framework #57961 | Catch UniqueConstraintViolationException in session | 85% | Race condition guard |
| JoshSalway/framework #8 | framework #59024 | Locale-independent MySQL lost connection detection | 80% | Internationalisation fix |
| JoshSalway/framework #9 | framework #53278 | Skip maintenance.php with cache driver | 85% | Logic fix |
| JoshSalway/framework #10 | framework | Fix File::types() discarding chain config | 80% | Validation fix |
| JoshSalway/framework #11 | framework | Fix inconsistent accessor attribute name conversion | 75% | Edge case |
| JoshSalway/framework #12 | framework | Add configurable key prefix to ThrottleRequestsWithRedis | 70% | Feature addition |
| JoshSalway/framework #13 | framework | Fix FileStore cache deserialization with sub-10-digit timestamps | 80% | Edge case fix |
| JoshSalway/framework #14 | framework | Set working directory for schedule:work subprocess | 85% | Path resolution fix |
| JoshSalway/cashier-stripe #1 | cashier-stripe #1817 | Webhook reconciliation for failed swap payments | 75% | Has a consistency window — needs review |
| JoshSalway/cashier-stripe #3 | cashier-stripe #1773 | Fix subscription type race condition | 80% | Concurrency fix |
| JoshSalway/cashier-stripe #4 | cashier-stripe #1824 | Fix webhook failing to clear trial_ends_at | 90% | Clear null-handling bug |
| JoshSalway/cashier-paddle #1 | cashier-paddle #310 | Webhook race conditions in subscription creation | 80% | Same pattern as Stripe fix |
| JoshSalway/horizon #1 | horizon #1678 | Release unique job locks when clearing queues | 85% | Lock cleanup |
| JoshSalway/horizon #2 | horizon #1704 | Scope WaitTimeCalculator to supervisor queues | 80% | Metric accuracy |
| JoshSalway/horizon #3 | horizon #1698 | Fix null access in JobPayload::id() for corrupt jobs | 90% | Null guard |
| JoshSalway/horizon #4 | horizon #1668 | Fix 'delayed until' showing wrong time | 85% | Display bug |
| JoshSalway/horizon #5 | horizon #1647 | Fix AutoScaler not respecting minProcesses on startup | 80% | Scaling logic |
| JoshSalway/telescope #1 | telescope #1691 | Fix 401 behind Docker/reverse proxy after Sentinel | 80% | Proxy detection |
| JoshSalway/telescope #2 | telescope #1693 | Fix ExtractTags crash for listeners with event-typed tags() | 85% | Type handling |
| JoshSalway/telescope #3 | telescope | Fix crash recording events for composite key models | 80% | Edge case |
| JoshSalway/telescope #4 | telescope | Prevent duplicate migrations on telescope:install | 85% | Idempotency |
| JoshSalway/echo #1 | echo #475 | Fix WebSocket channel leak on React unmount | 85% | Resource cleanup |
| JoshSalway/folio #1 | folio #148 | Fix route() helper positional parameters | 80% | Routing fix |
| JoshSalway/pail #1 | pail | Fix crash on malformed JSON log lines | 90% | Error handling |
| JoshSalway/pail #2 | pail | Show deprecation warnings with deprecation logging | 80% | Feature |
| JoshSalway/passport #1 | passport #1894 | Fix session serialisation with JSON format | 80% | Serialisation fix |
| JoshSalway/socialite #1 | socialite #754 | Fix PKCE session crash in stateless mode | 85% | Session/state handling |
| JoshSalway/socialite #2 | socialite #740 | Make redirect config key optional | 90% | Config flexibility |
| JoshSalway/pulse #1 | pulse #476 | Replace md5() with sha2() for MySQL 9.6 | 90% | Forward compat |
| JoshSalway/scout #1 | scout | Use model primary key for database queries | 80% | Query correctness |
| JoshSalway/serializable-closure #1 | serializable-closure | Fix crash with method-only attributes | 80% | Edge case |
| JoshSalway/fortify #1 | fortify | Fix lowercase_usernames not respected on password reset | 85% | Consistency fix |
| JoshSalway/jetstream #1 | jetstream | Fix hasTeamRole() TypeError when pivot role is null | 90% | Null guard |
| JoshSalway/nightwatch #1 | nightwatch | Fix duplicate assignment, double Clock, incorrect uInt32 max | 85% | Multiple small bugs |
| JoshSalway/nightwatch #8 | nightwatch | Remove unused Number class | 90% | Dead code |
| JoshSalway/nightwatch #9 | nightwatch | Add NotificationFailed event support | 75% | Feature addition |
| JoshSalway/nightwatch #10 | nightwatch | Add unit tests for utility and infrastructure classes | 70% | Test coverage |
| JoshSalway/mcp #1 | mcp #138 | Prevent OAuth routes overriding existing routes | 85% | Route conflict |
| JoshSalway/mcp #2 | mcp #143 | Render tool exceptions as MCP errors | 85% | Error handling |
Gist-only patches (original 25 from day 1)
These are the original patches from yesterday's post, all verified on both Windows and macOS with full test suites. Many have since been submitted as fork PRs above or are ready to submit upstream.
| Issue | Title | Confidence | Gist | Fork PR |
|---|---|---|---|---|
| wayfinder #128 | Replace DIRECTORY_SEPARATOR with / in TS imports |
Patch | Fixed upstream (repo restructured) | |
| installer #472 | proc_open with inherited stdio for Windows TTY | 80% | Patch | Fork #5 |
| vs-code-extension #575 | Detect absolute paths before base_path() | 80% | Patch | Fork #1 |
| prompts #191 | Regex newline counting for Windows PHP_EOL | 95% | Patch | Fork #3 |
| octane #1034 | Respect --poll flag for FrankenPHP watcher | 85% | Patch | Fork #2 (closed) |
| vite-plugin-wayfinder #10 | Pass Vite root as cwd, shell:true | 70% | Patch | Fork #1 |
| cashier-stripe #1759 | Webhook race condition duplicate subscriptions | 85% | Patch | Fork #2 (closed) |
| framework #58207 | OOM jobs retry infinitely with maxExceptions | 75% | Patch | Fork #16 |
| framework #56395 | Pipeline memory leak — two-line fix | 95% | Patch | Fork #17 |
| reverb #344 | TypeError crash — operator precedence bug | 90% | Patch | Fork #1 |
| serializable-closure #126 | v2.0.9 regression breaks Bus::chain | 85% | Patch | Fork #2 |
| horizon #1535 | Silent 60-second queue stalls — add logging | 90% | Patch | Fork #6 |
| cashier-stripe #1817 | swapAndInvoice free upgrade — webhook reconciliation | 75% | Patch | Fork #1 (open) |
| pulse #461 | Multi-server deadlocks — atomic Redis lock | 80% | Patch | Fork #2 |
| framework #57070 | Sub-minute scheduling skips at boundaries | 90% | Patch | Fork #18 |
| reverb #273 | Presence channels wrong user list at scale | 65% | Patch | Fork #2 |
| octane #1004 | Zero-downtime deployment with symlinks | 70% | Patch | Fork #5 |
| framework #57262 | incrementEach() updates ALL rows — data corruption | 90% | Patch | Fork #3 (closed) |
| framework #58377 | SessionManager duplicate Redis connections | 95% | Patch | Fork #4 (open) |
| wayfinder #161 | Dashed route names produce invalid TS identifiers | 75% | Patch | Fork #4 |
| wayfinder #178,#159 | Inertia imports + parameter shadowing | Patch | Fixed upstream (repo restructured) | |
| scout #957 | Timeout jobs block queue forever | 95% | Patch | Fork #2 |
| framework #56652 | Query log memory leak in Octane workers | 85% | Patch | Fork #2 (open) |
Last thoughts
If any maintainers are reading this — sorry again for the volume. I try to ensure every fix is documented with before/after test results and links back to the original issue.
If there are problems with any of these fixes or you'd prefer a different approach, I'm happy to adjust. The full details for every fix are in the master gist.
Previous post: 25 Laravel Bug Fixes — Tested, Verified, Ready to Merge