Best websites to discover Laravel packages (and how to evaluate quality)
Where to find Laravel packages
1) Packagist
The canonical registry for Composer packages.
2) GitHub
Use it to evaluate:
- issue responsiveness,
- release frequency,
- tests,
- docs.
3) Laravel News
Good for discovering new releases and community picks.
4) Curated lists
“Awesome Laravel” style lists can be useful, but always verify maintenance status.
How to evaluate a package (practical checklist)
- Is it actively maintained?
- Does it support your Laravel version?
- Are there tests?
- Are docs clear?
- Any security notes?
Safe installation habits
- pin versions carefully,
- read breaking changes,
- test in staging first.
How I evaluate a package before installing it
On Aviwebsquad I use a simple scorecard:
- Maintenance — last release within 6 months, open issues answered
- Tests — CI badge green, Pest/PHPUnit in repo
- Adoption — realistic download counts on Packagist (not the only signal)
- Fit — does it solve one problem well, or is it a framework inside the framework?
Red flags: abandoned docs, PHP version mismatch, no license file, typosquat package names.
Sites worth bookmarking
| Source | Best for |
|---|---|
| Packagist | Canonical Composer registry |
| Laravel News | Release announcements |
GitHub topic laravel-package |
Discovery + code review |
| Official Laravel docs packages page | First-party recommendations |
FAQ
Is Packagist enough on its own?
It is the install source, not a quality filter. Always read the GitHub repo before composer require.
Should I trust "awesome" lists?
Use them as starting points. Verify each package with the scorecard above.
How do I avoid abandoned packages?
Check abandoned hints on Packagist and whether Laravel version support matches yours.
Packagist search tactics that actually work
Do not install from page one of search results. Use filters:
type:laravel-packagewhen applicablephp:^8.4compatibility in composer.json of the package- Sort by downloads but read abandoned flag
Example workflow I use before composer require:
- Open GitHub → Actions tab → is CI green on
main? - Read
CHANGELOG.mdfor breaking changes in last 12 months - Grep my codebase for overlapping packages (two auth helpers = delete one)
Laravel-specific directories worth your time
Official Laravel packages — Cashier, Horizon, Scout, Socialite, Sanctum. Start here before community clones.
Laravel News links — editorially filtered; good for discovering release posts, not exhaustive search.
GitHub laravel topic + stars — useful for greenfield choices; verify issue triage yourself.
Spatie — high signal for production utilities (media, permissions, settings). Not sponsored—just consistent quality.
Red flags (do not install)
- Last commit > 18 months ago on active Laravel version
- No license file
- Package name typosquatting popular libs (
laravel-framworkstyle) - README promises “enterprise” with zero tests
How this ties to Aviwebsquad
This CMS uses Sanctum, Filament, Spatie Media Library, and Spatie Settings—all vetted with the checklist above. Documenting the stack honestly matters more for AdSense than listing 50 packages you never used.
FAQ
Is Composer the only install path?
Yes for PHP. JavaScript tooling is separate (npm); do not confuse Packagist with npm.
Should I pin dev-main?
Only in experiments. Production sites pin semver releases.
How many packages is too many?
If you cannot explain why each dependency exists in one sentence, remove some.