Nugsoft Developer Guides

Third-Party Packages

Evaluation

Evaluate third-party packages before adding them to your project.

  • Assess package quality, maintenance, and compatibility with Laravel and your PHP version.
  • Prefer well-supported, widely-used packages with active maintainers and good documentation.
  • Check for recent updates, open issues, and community adoption.
  • Review package dependencies and potential security risks.

Approval

  • Document new dependencies in project documentation (e.g., README, docs/dependencies.md).
  • Get team/CTO approval for major or critical packages.
  • Use Composer to manage package installation and updates.

Example:

composer require spatie/laravel-permission

Maintenance

  • Keep packages up to date using Composer (composer update).
  • Remove unused or deprecated packages to reduce security risks and maintenance overhead.
  • Monitor for security advisories and apply updates promptly.
  • Test application after package updates to catch breaking changes.

Best Practices

  • Avoid using abandoned or unmaintained packages.
  • Prefer packages with clear versioning and semantic releases.
  • Use Laravel's official or recommended packages when possible.
  • Document package usage and configuration for new team members.
Back to Top