Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message
Log in Register
Home
Packages
Hashing
Assessments

Hashing Laravel Package

illuminate/hashing

Laravel’s hashing component for securely storing and verifying passwords. Provides simple APIs and drivers for bcrypt and Argon2 (including Argon2id), automatic rehashing when options change, and configurable settings for cost and memory/time limits.

View on GitHub
Deep Wiki
Context7

Technical Evaluation

Architecture fit: The package is designed as a standalone component of Laravel's ecosystem, making it highly compatible with Laravel-based applications. However, when used outside Laravel, it requires additional dependencies (e.g., illuminate/contracts, illuminate/support), which may introduce complexity. The subtree split approach ensures alignment with Laravel's core architecture but ties its evolution to Laravel's release cycle.
Integration feasibility: High due to Composer-based installation. The package is well-documented within Laravel's ecosystem, but standalone usage requires manual dependency management. The API consistency with Laravel's Hash facade simplifies integration for existing Laravel projects.
Technical risk: Dependency management is a key risk; improper handling could lead to version conflicts. Maintenance is tightly coupled to Laravel's updates, potentially introducing breaking changes if not tracked closely. As a subtree split, standalone testing coverage may be limited compared to the full framework.
Key questions: What are the exact Composer dependencies for standalone usage? How frequently does the package receive updates outside Laravel releases? Are there known issues with non-Laravel environments? What PHP versions are supported, and how does it handle deprecated PHP features?

Integration Approach

Stack fit: Ideal for Laravel projects where it integrates natively with the framework's service container and configuration. For non-Laravel stacks (e.g., Slim, Symfony), integration is possible but requires additional setup for dependency injection and configuration.
Migration path: For projects using other hashing libraries (e.g., password_hash), migration involves replacing direct calls with the Hash facade. Laravel's documentation provides clear guidance, but custom implementations may require adapter layers for compatibility.
Compatibility: Supports PHP 7.3+ and aligns with Laravel's version requirements. Older PHP versions (e.g., 7.2 or below) are incompatible, which could block adoption in legacy environments.
Sequencing: Install via Composer, configure the hashing driver in environment variables or config files, then replace existing hashing logic with Illuminate\Hashing\HashManager or the Hash facade. Prioritize testing edge cases (e.g., password resets, authentication flows) during rollout.

Operational Impact

Maintenance: Handled by Laravel's core team, ensuring regular security patches and updates

Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
davejamesmiller/laravel-breadcrumbs
artisanry/parsedown
christhompsontldr/phpsdk
enqueue/dsn
bunny/bunny
enqueue/test
enqueue/null
enqueue/amqp-tools
bower-asset/punycode
bower-asset/inputmask
bower-asset/jquery
bower-asset/yii2-pjax
laravel/nova
spatie/laravel-mailcoach
spatie/laravel-superseeder
laravel/liferaft
nst/json-test-suite
danielmiessler/sec-lists
jackalope/jackalope-transport
twbs/bootstrap4