Looking to hire Laravel developers? Try LaraJobs

laravel-safe-config maintained by genyaa

Description
Keep selected Laravel config values dynamic after config:cache
Author
Auke de Jong
Last update
2026/04/21 02:34 (dev-dependabot/github_actions/dependabot/fetch-metadata-3.1.0)
License
MIT
Links
Homepage - GitHub - Packagist
Downloads
0
Tags
laravel - genyaa - laravel-safe-config

dev-dependabot/github_actions/dependabot/fetch-metadata-3.1.0

Last update
2026/04/21 02:34
License
MIT
Require
  • php ^8.5||^8.4||^8.3
  • spatie/laravel-package-tools ^1.16
  • illuminate/contracts ^13.0||^12.0||^11.0
dev-main

Last update
2026/03/24 21:56
License
MIT
Require
  • spatie/laravel-package-tools ^1.16
  • php ^8.5||^8.4||^8.3
  • illuminate/contracts ^13.0||^12.0||^11.0
v1.0.0

Last update
2026/03/24 21:52
License
MIT
Require
  • php ^8.5||^8.4||^8.3
  • spatie/laravel-package-tools ^1.16
  • illuminate/contracts ^13.0||^12.0||^11.0
Comments
comments powered by Disqus

Laravel Safe Config

Latest Version on Packagist GitHub Tests Action Status GitHub Code Style Action Status Total Downloads

genyaa/laravel-safe-config overrides Laravel's default config:cache command so selected environment variables are not being written as to file values into the cached config file.

Installation

You can install the package via composer:

composer require genyaa/laravel-safe-config

Create a safe-config.php file in the root of your Laravel project:

php artisan safe-config:install

If the file already exists and you want to replace it, use:

php artisan safe-config:install --force

This file should return a list of environment variable names that must remain secret after config caching:

return [
	'APP_KEY',
	'DB_PASSWORD',
	// ...
];

Usage

Once the package service provider is loaded, Laravel resolves config:cache through this package.

php artisan config:cache

Any environment variable listed in your root safe-config.php file will be emitted into the cached config file as a runtime getenv() lookup.

For example:

return [
	'APP_KEY',
	'DB_PASSWORD',
	// ...
];

During config:cache, the package automatically discovers which config values depend on each listed environment variable by probing fresh configuration snapshots. Those cached config values are then not permanently frozen at cache-build time. When the cache file is loaded, Laravel will read them through getenv(), and if getenv() returns false, the cache falls back to the value that existed when config:cache was run.

Testing

composer test

Changelog

Please see CHANGELOG for more information on what has changed recently.

Credits

License

The MIT License (MIT). Please see License File for more information.