laravel · taylorotwell · Nov 21, 2025 · Nov 21, 2025
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -19,6 +19,9 @@ jobs:
       matrix:
         php: [8.2, 8.3, 8.4]
         laravel: [11, 12]
+      include:
+        - php: 8.5
+          laravel: 12
 
     name: PHP ${{ matrix.php }} - Laravel ${{ matrix.laravel }}
 

diff --git a/composer.json b/composer.json
@@ -24,9 +24,8 @@
     },
     "require-dev": {
         "mockery/mockery": "^1.6",
-        "orchestra/testbench": "^9.0|^10.0",
-        "phpstan/phpstan": "^1.10",
-        "phpunit/phpunit": "^11.3"
+        "orchestra/testbench": "^9.15|^10.8",
+        "phpstan/phpstan": "^1.10"
     },
     "autoload": {
         "psr-4": {

diff --git a/tests/Controller/AuthenticateRequestsTest.php b/tests/Controller/AuthenticateRequestsTest.php
@@ -8,6 +8,7 @@
 use Laravel\Sanctum\Sanctum;
 use Orchestra\Testbench\Concerns\WithWorkbench;
 use Orchestra\Testbench\TestCase;
+use PHPUnit\Framework\Attributes\DataProvider;
 use Workbench\App\Models\User;
 use Workbench\Database\Factories\PersonalAccessTokenFactory;
 use Workbench\Database\Factories\UserFactory;
@@ -56,9 +57,7 @@ public function test_can_authorize_valid_user_using_authorization_header()
             ->assertSee($user->email);
     }
 
-    /**
-     * @dataProvider sanctumGuardsDataProvider
-     */
+    #[DataProvider('sanctumGuardsDataProvider')]
     public function test_can_authorize_valid_user_using_sanctum_acting_as($guard)
     {
         PersonalAccessTokenFactory::new()->for(

diff --git a/tests/Controller/FrontendRequestsAreStatefulTest.php b/tests/Controller/FrontendRequestsAreStatefulTest.php
@@ -8,6 +8,7 @@
 use Laravel\Sanctum\Sanctum;
 use Orchestra\Testbench\Concerns\WithWorkbench;
 use Orchestra\Testbench\TestCase;
+use PHPUnit\Framework\Attributes\DataProvider;
 use Workbench\App\Models\User;
 use Workbench\Database\Factories\UserFactory;
 
@@ -97,9 +98,7 @@ public function test_middleware_keeps_session_logged_in_when_sanctum_request_cha
             ->assertSee($user->email);
     }
 
-    /**
-     * @dataProvider sanctumGuardsDataProvider
-     */
+    #[DataProvider('sanctumGuardsDataProvider')]
     public function test_middleware_can_deauthorize_valid_user_using_acting_as_after_password_change_from_sanctum_guard($guard)
     {
         $user = UserFactory::new()->create();

diff --git a/tests/Feature/GuardTest.php b/tests/Feature/GuardTest.php
@@ -15,6 +15,7 @@
 use Mockery;
 use Orchestra\Testbench\Concerns\WithWorkbench;
 use Orchestra\Testbench\TestCase;
+use PHPUnit\Framework\Attributes\DataProvider;
 use stdClass;
 use Workbench\App\Models\User;
 use Workbench\Database\Factories\PersonalAccessTokenFactory;
@@ -221,9 +222,7 @@ public function test_authentication_with_token_fails_if_user_provider_is_invalid
         Event::assertNotDispatched(TokenAuthenticated::class);
     }
 
-    /**
-     * @dataProvider invalidTokenDataProvider
-     */
+    #[DataProvider('invalidTokenDataProvider')]
     public function test_authentication_with_token_fails_if_token_has_invalid_format($invalidToken)
     {
         $factory = Mockery::mock(AuthFactory::class);