How do I serialize a closure for Laravel queue jobs using this package?

Wrap your closure in `new SerializableClosure($closure)`, optionally set a secret key with `SerializableClosure::setSecretKey('secret')`, then serialize it. Laravel’s queue system will handle the rest during job execution. Ensure your closure is stateless or uses Laravel’s DI container for dependencies.

Is this package compatible with Laravel 11 or older versions?

This package is officially supported for Laravel 12/13 and PHP 7.4+. While it may work with older Laravel versions, test thoroughly for compatibility, especially with PHP 8.3+ features like method attributes. Laravel 11 users should check the `opis/closure` v3.x compatibility notes.

What’s the difference between signed and unsigned closures?

Signed closures use a secret key to verify integrity after deserialization, preventing tampering. Unsigned closures are faster but lack security. Use signed closures for untrusted data (e.g., cached closures from user input) and unsigned for internal, trusted workflows like queue jobs.

Can I use this for caching closures in Laravel’s Redis or Memcached drivers?

Yes, but ensure your cache driver supports serialized data. Serialize the `SerializableClosure` object and store it directly. For security, always use a secret key if the cached data might be accessed by untrusted processes. Test with nested closures if using middleware chains.

Why does my closure fail to deserialize in production but works in development?

Check for unsupported syntax like multiple closures on the same line or PHP 8.4+ features (e.g., virtual properties) not enabled in your production environment. Verify the secret key matches between serialization and deserialization contexts. Debug with `try-catch` for `SerializableClosureException`.

Does this package support PHP 8.5’s new features like virtual properties?

Yes, this package is actively developed for PHP 8.5+ and supports modern features like virtual properties, enums, and named arguments. Update to the latest version (v2.0.11+) if using PHP 8.4+. Test edge cases like closures referencing virtual properties in your CI environment.

How do I handle errors when deserializing a tampered closure?

Wrap deserialization in a `try-catch` block to catch `SerializableClosureException`. For signed closures, invalid signatures throw exceptions; unsigned closures may silently fail if the closure is malformed. Log errors and implement fallback logic (e.g., recreate the closure dynamically) for critical paths.

Is there a performance impact compared to Laravel’s built-in `serialize()`?

Minimal overhead—this package optimizes for closure-specific logic. Benchmark your use case, but expect similar performance to `serialize()` for simple closures. The cost increases slightly with nested closures or signed payloads. For micro-optimizations, avoid overusing serialization in hot paths.

Can I use this for Laravel middleware or event listeners with dynamic logic?

Absolutely. Serialize closures for stateful middleware (e.g., `Bus::chain`) or event listeners with conditional logic. Store the serialized `SerializableClosure` in the container or cache. For middleware, ensure the closure’s dependencies are resolvable during deserialization (e.g., via Laravel’s DI container).

What alternatives exist if I don’t need signing or advanced features?

For simple cases, Laravel’s native `serialize()` may suffice if your closures are stateless and trusted. However, this package adds security (signing), supports modern PHP features, and avoids FFI. Alternatives like `opis/closure` (v4.x) require FFI, which is incompatible with most Laravel web servers. Weigh security needs against simplicity.

Weave Code

Code Weaver

Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.

Serializable Closure Laravel Package

laravel/serializable-closure

Securely serialize and unserialize PHP closures with Laravel’s maintained fork of opis/closure 3.x, updated for modern PHP without requiring FFI. Wrap closures in SerializableClosure, set a secret key, and safely persist or transport executable callbacks.

View on GitHub

Deep Wiki

Context7

laravel/serializable-closure provides a secure, framework-friendly way to serialize and unserialize PHP closures without relying on PHP’s FFI. Forked from opis/closure 3.x, it maintains compatibility with modern PHP versions while avoiding FFI requirements that are often disabled in web environments.

Use it to safely persist closures for caching, queue payloads, or other transport/storage needs—optionally protecting serialized data with a secret key.

Serialize closures via SerializableClosure and restore them with getClosure()
Optional signing/encryption using SerializableClosure::setSecretKey()
Designed for web-safe environments (no FFI dependency)
Compatible with PHP 7.4+
Notes on common caveats (e.g., REPL/Tinker, same-line closures)

Frequently asked questions about Serializable Closure

How do I serialize a closure for Laravel queue jobs using this package?: Wrap your closure in `new SerializableClosure($closure)`, optionally set a secret key with `SerializableClosure::setSecretKey('secret')`, then serialize it. Laravel’s queue system will handle the rest during job execution. Ensure your closure is stateless or uses Laravel’s DI container for dependencies.
Is this package compatible with Laravel 11 or older versions?: This package is officially supported for Laravel 12/13 and PHP 7.4+. While it may work with older Laravel versions, test thoroughly for compatibility, especially with PHP 8.3+ features like method attributes. Laravel 11 users should check the `opis/closure` v3.x compatibility notes.
What’s the difference between signed and unsigned closures?: Signed closures use a secret key to verify integrity after deserialization, preventing tampering. Unsigned closures are faster but lack security. Use signed closures for untrusted data (e.g., cached closures from user input) and unsigned for internal, trusted workflows like queue jobs.
Can I use this for caching closures in Laravel’s Redis or Memcached drivers?: Yes, but ensure your cache driver supports serialized data. Serialize the `SerializableClosure` object and store it directly. For security, always use a secret key if the cached data might be accessed by untrusted processes. Test with nested closures if using middleware chains.
Why does my closure fail to deserialize in production but works in development?: Check for unsupported syntax like multiple closures on the same line or PHP 8.4+ features (e.g., virtual properties) not enabled in your production environment. Verify the secret key matches between serialization and deserialization contexts. Debug with `try-catch` for `SerializableClosureException`.
Does this package support PHP 8.5’s new features like virtual properties?: Yes, this package is actively developed for PHP 8.5+ and supports modern features like virtual properties, enums, and named arguments. Update to the latest version (v2.0.11+) if using PHP 8.4+. Test edge cases like closures referencing virtual properties in your CI environment.
How do I handle errors when deserializing a tampered closure?: Wrap deserialization in a `try-catch` block to catch `SerializableClosureException`. For signed closures, invalid signatures throw exceptions; unsigned closures may silently fail if the closure is malformed. Log errors and implement fallback logic (e.g., recreate the closure dynamically) for critical paths.
Is there a performance impact compared to Laravel’s built-in `serialize()`?: Minimal overhead—this package optimizes for closure-specific logic. Benchmark your use case, but expect similar performance to `serialize()` for simple closures. The cost increases slightly with nested closures or signed payloads. For micro-optimizations, avoid overusing serialization in hot paths.
Can I use this for Laravel middleware or event listeners with dynamic logic?: Absolutely. Serialize closures for stateful middleware (e.g., `Bus::chain`) or event listeners with conditional logic. Store the serialized `SerializableClosure` in the container or cache. For middleware, ensure the closure’s dependencies are resolvable during deserialization (e.g., via Laravel’s DI container).
What alternatives exist if I don’t need signing or advanced features?: For simple cases, Laravel’s native `serialize()` may suffice if your closures are stateless and trusted. However, this package adds security (signing), supports modern PHP features, and avoids FFI. Alternatives like `opis/closure` (v4.x) require FFI, which is incompatible with most Laravel web servers. Weigh security needs against simplicity.

View on GitHub

Stars

599

Favorites

602

Forks

Score

34.6

License

MIT

Last release

Apr 7, 2026

Watchers

Downloads

10M/mo

Dependents

Open issues

Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.

Add packages to context

No packages found.

davejamesmiller/laravel-breadcrumbs

artisanry/parsedown

christhompsontldr/phpsdk

enqueue/dsn

bunny/bunny

enqueue/test

enqueue/null

enqueue/amqp-tools

milesj/emojibase

bower-asset/punycode

bower-asset/inputmask

bower-asset/jquery

bower-asset/yii2-pjax

laravel/nova

spatie/laravel-mailcoach

spatie/laravel-superseeder

laravel/liferaft

nst/json-test-suite

danielmiessler/sec-lists

jackalope/jackalope-transport