See: https://github.com/laravel/framework/pull/47309
# Laravel 11 Skeleton Overview
### General Notes
More environment variables have been added to the `.env.example` file.
The default `QUEUE_CONNECTION` variable value has been updated to `database` instead of `sync`.
The `BROADCAST_DRIVER` and `CACHE_DRIVER` environment variables have been renamed to `BROADCAST_CONNECTION` and `CACHE_STORE`, respectively.
The HTTP Kernel has been removed. Configuration that was previously done in this file can be done in the `bootstrap/app.php` file, including registering / replacing middleware.
The console kernel has been removed. Schedules can be defined in the console “routes” file. Commands generated by `make:command` are automatically loaded and do not require registration. Additional command loading paths can be registered in the `bootstrap/app.php` file.
The exception handler has been removed. Exception handling behavior can be configured in the `bootstrap/app.php` file via `reportable`, `renderable`, `throttle`, and more. Callbacks received by these functions will have their type hints inspected to see if they handle a given exception.
The base HTTP controller no longer extends any other classes (requiring new middleware definition feature). No traits are included by default on the base controller. Authorization can be done using facades, or traits can be added manually.
All middleware has been removed. Configuration of these middleware’s behavior can be done via static methods on the middleware themselves (see framework notes).
The `User` model now utilizes a `casts` method instead of a property. The `HasApiTokens` trait has been removed by default since Sanctum is not installed by default.
All service providers except the `AppServiceProvider` have been removed. Policies are auto-discovered and gates can be registered in `AppServiceProvider`. Likewise, events can be registered in `AppServiceProvider`. Routing behavior is now determined / customized in the `bootstrap/app.php` file.
New `bootstrap/app.php` file can be used to customize core framework behavior like routing, container bindings, middleware, and exception handling.
Sanctum is no longer installed by default (see `install:api`).
Configuration files are not present by default. Can be published by `config:publish` command. Default values are present in the framework and application level configuration now cascades with framework definitions, so only customized values need be present in application level configuration files.
Migration files have been re-dated to be evergreen. The `password_reset_tokens` table migration has been combined into the `users` table migration file. Likewise, the `jobs` table migration has been combined into a single migration with the `failed_jobs` table.
Echo bootstrapping has been removed by default. It is re-inserted by new `install:broadcasting` command.
API and channel routes files are not present by default, can be recreated by `install:api` and `install:broadcasting` respectively.
Inspired by https://github.com/laravel/framework/pull/36415
As JetStream/Fortify uses a `current_password` field when allowing a user to change their password, and as JetStream is one of the starter kits listed on the docs, this PR adds `current_password` in the `$except` option of the `TrimStrings` middleware.
* Don't flash `current_password` input
With starter packs like Jetstream, the `current_password` input is used.
I believe that adding `current_password` to the `$dontFlash` list by default would help to ensure new projects follow security best practices from the get-go.
* Update Handler.php
Co-authored-by: Taylor Otwell <taylor@laravel.com>
