Is this package still compatible with Laravel 9 and PHP 8.1+?

No, the last release was in 2017, so it lacks native PHP 8.x support. You’ll need to manually patch type errors or use composer constraints to lock older PHP versions. Test thoroughly, as named arguments and union types may break compatibility. Consider a private fork if long-term use is planned.

How do I install and configure Payum with PayPal Express Checkout in Laravel?

First, install the core Payum package (`payum/payum`) and this extension (`payum/paypal-express-checkout-nvp`). Register a service provider in `config/app.php` or use Laravel’s package discovery. Configure PayPal credentials (API username, password, signature) in your gateway setup. Payum’s docs provide a Symfony-based example; adapt it for Laravel’s service container.

Does this package support PayPal’s REST API, or is NVP the only option?

This package only supports PayPal’s deprecated NVP API. PayPal now recommends REST, so evaluate alternatives like `payum/paypal-rest-gateway` or `srmklive/paypal` for future-proofing. If NVP is a hard requirement, plan for migration to REST when PayPal enforces it, possibly by wrapping both gateways behind feature flags.

How do I handle sandbox vs. live PayPal environments in Laravel?

Use environment-specific configuration (e.g., `.env` variables) to toggle between sandbox and live modes. Payum allows dynamic gateway configuration, so define separate gateways in your Laravel config for each environment. Test thoroughly in sandbox before deploying to production, as API responses differ between modes.

What’s the best way to store payment data persistently with Payum in Laravel?

Payum defaults to in-memory storage, which is lost on server restarts. Use `payum/payum-db-orm` for database persistence, compatible with Eloquent. Create a `payum_gateways` table to store configurations (e.g., PayPal credentials) and a `payum_transactions` table for order tracking. Example migrations are provided in the TPM assessment.

Are there security risks using this package in production?

Yes, risks include unpatched vulnerabilities in Payum’s core or dependencies (e.g., Guzzle). Since the package is unmaintained, manually audit dependencies for CVEs. Encrypt sensitive data (e.g., PayPal tokens) and ensure PCI DSS compliance with logging and access controls. Consider isolating the payment logic in a microservice for added security.

How do I test PayPal webhooks (IPN/PDT) locally in Laravel?

Mock PayPal’s IPN/PDT responses using Laravel’s HTTP testing tools or a service like `laravel-paypal-ipn`. Configure Payum to listen for webhook events and validate signatures. In CI/CD, use a test PayPal sandbox account to simulate transactions. Ensure your tests cover both success and failure scenarios (e.g., invalid signatures, duplicate notifications).

What alternatives exist for PayPal integration in Laravel if this package isn’t suitable?

For REST API support, use `payum/paypal-rest-gateway` or `srmklive/paypal`. Laravel Cashier is another option if you need subscriptions. For simpler needs, consider PayPal’s official PHP SDK or a dedicated Laravel package like `gloudemans/shoppingcart` with PayPal add-ons. Evaluate based on your need for NVP, REST, or subscription support.

How do I handle failed transactions or retries with this package?

Implement retry logic in your Laravel application by catching Payum exceptions (e.g., `PayumException`) and re-triggering the payment flow. Use Laravel’s queue system to defer retries. For critical failures, notify admins via email or a dashboard. Payum’s event system can help log failures for auditing. Consider a fallback to manual review if automation fails.

Can I migrate from this package to PayPal REST later without rewriting the entire integration?

Yes, design your Laravel app to abstract PayPal logic behind a service interface. Use dependency injection to swap `payum/paypal-express-checkout-nvp` for `payum/paypal-rest-gateway` later. Start by implementing both gateways in parallel, then gradually phase out NVP. Payum’s modular architecture supports this approach, but plan for data migration (e.g., transaction history) if needed.

Weave Code

Code Weaver

Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.

Paypal Express Checkout Nvp Laravel Package

payum/paypal-express-checkout-nvp

Payum extension for integrating PayPal Express Checkout (NVP) payments in PHP apps. Includes gateway implementation, resources and docs via Payum, with support links and MIT license.

View on GitHub

Deep Wiki

Context7

[READ-ONLY] Subtree split of the Payum PaypalExpressCheckoutNvp Component -- clone into Payum/Paypal/ExpressCheckout/Nvp/ (master at payum/payum)

Frequently asked questions about Paypal Express Checkout Nvp

Is this package still compatible with Laravel 9 and PHP 8.1+?: No, the last release was in 2017, so it lacks native PHP 8.x support. You’ll need to manually patch type errors or use composer constraints to lock older PHP versions. Test thoroughly, as named arguments and union types may break compatibility. Consider a private fork if long-term use is planned.
How do I install and configure Payum with PayPal Express Checkout in Laravel?: First, install the core Payum package (`payum/payum`) and this extension (`payum/paypal-express-checkout-nvp`). Register a service provider in `config/app.php` or use Laravel’s package discovery. Configure PayPal credentials (API username, password, signature) in your gateway setup. Payum’s docs provide a Symfony-based example; adapt it for Laravel’s service container.
Does this package support PayPal’s REST API, or is NVP the only option?: This package only supports PayPal’s deprecated NVP API. PayPal now recommends REST, so evaluate alternatives like `payum/paypal-rest-gateway` or `srmklive/paypal` for future-proofing. If NVP is a hard requirement, plan for migration to REST when PayPal enforces it, possibly by wrapping both gateways behind feature flags.
How do I handle sandbox vs. live PayPal environments in Laravel?: Use environment-specific configuration (e.g., `.env` variables) to toggle between sandbox and live modes. Payum allows dynamic gateway configuration, so define separate gateways in your Laravel config for each environment. Test thoroughly in sandbox before deploying to production, as API responses differ between modes.
What’s the best way to store payment data persistently with Payum in Laravel?: Payum defaults to in-memory storage, which is lost on server restarts. Use `payum/payum-db-orm` for database persistence, compatible with Eloquent. Create a `payum_gateways` table to store configurations (e.g., PayPal credentials) and a `payum_transactions` table for order tracking. Example migrations are provided in the TPM assessment.
Are there security risks using this package in production?: Yes, risks include unpatched vulnerabilities in Payum’s core or dependencies (e.g., Guzzle). Since the package is unmaintained, manually audit dependencies for CVEs. Encrypt sensitive data (e.g., PayPal tokens) and ensure PCI DSS compliance with logging and access controls. Consider isolating the payment logic in a microservice for added security.
How do I test PayPal webhooks (IPN/PDT) locally in Laravel?: Mock PayPal’s IPN/PDT responses using Laravel’s HTTP testing tools or a service like `laravel-paypal-ipn`. Configure Payum to listen for webhook events and validate signatures. In CI/CD, use a test PayPal sandbox account to simulate transactions. Ensure your tests cover both success and failure scenarios (e.g., invalid signatures, duplicate notifications).
What alternatives exist for PayPal integration in Laravel if this package isn’t suitable?: For REST API support, use `payum/paypal-rest-gateway` or `srmklive/paypal`. Laravel Cashier is another option if you need subscriptions. For simpler needs, consider PayPal’s official PHP SDK or a dedicated Laravel package like `gloudemans/shoppingcart` with PayPal add-ons. Evaluate based on your need for NVP, REST, or subscription support.
How do I handle failed transactions or retries with this package?: Implement retry logic in your Laravel application by catching Payum exceptions (e.g., `PayumException`) and re-triggering the payment flow. Use Laravel’s queue system to defer retries. For critical failures, notify admins via email or a dashboard. Payum’s event system can help log failures for auditing. Consider a fallback to manual review if automation fails.
Can I migrate from this package to PayPal REST later without rewriting the entire integration?: Yes, design your Laravel app to abstract PayPal logic behind a service interface. Use dependency injection to swap `payum/paypal-express-checkout-nvp` for `payum/paypal-rest-gateway` later. Start by implementing both gateways in parallel, then gradually phase out NVP. Payum’s modular architecture supports this approach, but plan for data migration (e.g., transaction history) if needed.

Popularity trends

Recorded values over time (once-a-day snapshots). May 21, 2026 – Jun 19, 2026

GitHub · stars

GitHub · forks

GitHub · watchers

Packagist · monthly downloads

View on GitHub

Stars

Favorites

Forks

Score

9.6

Score breakdown

Sum of components, capped 0–100. Halved if archived.

Stars

input: 48

+0.2
Forks

input: 32

+1.0
Open issues + PRs

input: 0

+0.0
Releases

input: 28

+8.4
Recency

input: 3426

+0.0
Issue opportunity

input: 0

+0.0
Laravel News mentions

input: 0

+0.0
Dependents

input: 0

+0.0

Total 9.6

Opportunity

34.6

Opportunity score breakdown

Hidden gem signal × 0.65 + contribution need × 0.35, scaled by health factor.

Hidden gem

log(monthly_downloads / (stars + 1)) × 25

62.6
Contribution need

open_issues + open_prs: 0

0.0
Health factor

archived + recency + open issues

×0.85

Total 34.6

License

MIT

Last release

Jan 31, 2017

Watchers

Downloads

16K/mo

Dependents

Open issues

Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.

Add packages to context

No packages found.

directorytree/privacy-filter-classifier

directorytree/privacy-filter

datacore/hub-sdk

develia/commons

cuci/prototurk-sdk

cuci/prototurk-sdk-symfony

develia/geo-bundle

dreamzy/livewire-charts

touchestate-sdk/php-sdk

22h/doctrine-garbage-collection-bundle

agtp/agtp-php

agtp/mod-php

splash/sonata-admin

splash/metadata

splash/openapi

splash/scopes

splash/toolkit

testo/output-teamcity

testo/bridge-symfony

spatie/flare-daemon-runtime