Laravel team has been released Laravel V9.4 with awesome features, fixes, and updates. The features include the capability to override CSRF cookies, a Str::lcfirst() method, a soleValue() method, an optional retry mechanism for queued mailables, and many more.

Support modifying a char column type

Hafez Divandari contributed a new feature that provides support for modifying a char column type.

Schema::table('users', function (Blueprint $table) {
    $table->char('name', 50)->nullable()->change();
});

Before this feature, modifying a char column led to an error, but now doctrine/dbal package actually supports modifying char column types as StringType::class by setting fixed option to true.

So this PR maps Laravel char to its Doctrine equivalent string type and sets the fixed option to true that finally gets the SQL snippet to declare a CHAR column.

Allow VerifyCsrfToken’s CSRF cookie to be extended

jaggy has introduced the ability to override the VerifyCsrfToken by defining a newCookie method on an application’s extended CSRF middleware.

There are some cases in multi-tenant systems that the user might want to change the CSRF token name to prevent 419 errors. Multiple Auth providers make this happen as well mainly in XHR requests. This also allows multi-tenant systems to update the token’s domain (ie, pull the current tenant’s custom domain) from the middleware layer.
By allowing the cookie to be extended in user-land, the user can create 2 different VerifyCsrfToken classes and allow it to be modified without having to extend the whole addCookieToResponse method.

class VerifyCsrfToken extends Middleware {
    protected function newCookie($request, $config)
    {
        return new Cookie(
            "XSRF-TOKEN-{$request->user()->type}",
            $request->session()->token(),
            $this->availableAt(60 * $config['lifetime']),
            $config['path'],
            $config['domain'],
            $config['secure'],
            false,
            false,
            $config['same_site'] ?? null,
        );
    }
}

Add soleValue method to query builders

Matthew Hailwood contributed to a PR in which he adds a new method to both builders soleValue which is the same logic as value (removing the null checks since sole will bail) and uses sole instead of first internally:

Before

// bails if there is not exactly one result, but returns an object
$query->sole(['id']); 

// returns just the value, but no safety around there being exactly one result
$query->value('id');  

//if we want the id of the sole result we must do:
$query->sole(['id'])->id.

After

// bails if there is not exactly one result, but returns an object
$query->sole(['id']);    

// returns just the value, but no safety around there being exactly one result
$query->value('id');     

// bails if there is not exactly one result and returns just the value
$query->soleValue('id'); 

Added lcfirst() to Str and Stringable

Vincent Prat introduced a lcfirst() method to the Str and Stringable classes, which also supports non-ASCII characters and adds DX consistency with ucfirst wrapper.

Str::lcfirst('Laravel'); // laravel
Str::lcfirst('Laravel framework'); // laravel framework
Str::lcfirst('Мама'); // мама
Str::lcfirst('Мама мыла раму'); // мама мыла раму

Add retryUntilmethod to queued mailables

MaxGiting introduced the ability to specify a retryUntil() method or timeoutAt property on a queued Mailable, like you can for queued notifications, which was added in the following PR #30141

For more details, you can visit the complete list of new features and updates on GitHub.