Laravel Support Policy Explained (2026): Bug Fixes vs Security Fixes + EOL Dates
The Laravel support policy looks simple on paper, but it drives real engineering decisions. Laravel gives each major release 18 months of bug fixes and 2 years of security fixes. That difference matters. A version may still receive security updates after normal bug-fix support ends, but that does not make it a comfortable long-term base for active product work. Teams usually start caring about support policy when an upgrade feels urgent. The better approach is to use the support window early, while you still have time to plan properly. If your team already knows it needs a structured migration path, our Laravel upgrade services guide is the best next step.
Understanding the Laravel support policy helps teams budget maintenance, plan upgrades, and decide how long an older version can safely stay in production.
Last updated: April 2026
The short answer
Laravel supports each major release for 18 months with bug fixes and for 2 years with security fixes. That means older versions move from “fully supported” to “security fixes only” sooner than many teams expect. Laravel 10 is already out of support. Laravel 11 reached the end of security support on March 12, 2026. Laravel 12 stays supported into 2027, and Laravel 13 is the current major release with security fixes through March 17, 2028.
If you want the current-version answer first, start with our latest Laravel version guide. Use this page when the real question is support timing, risk, and what your team should do next.
What the Laravel support policy actually means
Many teams hear the word “supported” and assume the framework still receives everything: regular fixes, maintenance, and security updates. Laravel does not use support that way. First, normal bug-fix support ends. After that, the version may still receive security fixes for a limited period. Once security support ends, that version is effectively end-of-life for serious production work.
This is where teams often get into trouble. They keep shipping on an older version because the app still runs, but support policy is about more than whether the app boots. It affects how confidently you can maintain the product, upgrade dependencies, and respond when something goes wrong.
Laravel support policy: bug fixes vs security fixes
Bug fixes cover the everyday issues that affect framework behavior: defects, regressions, and non-security problems that show up during normal development. Once bug-fix support ends, you should not expect Laravel to keep smoothing out those issues for that version.
Security fixes are much narrower. They address vulnerabilities that could put applications at risk. A version in the security-fixes-only phase still has some life left, but not much breathing room. You can keep it running for a short period while you prepare the next move, but you should not treat it as a comfortable long-term platform.
This distinction sits at the heart of the Laravel support policy. Teams often say “we’re still supported” when what they really mean is “we have not reached the final deadline yet.” Those two statements are not the same.
Laravel support policy dates at a glance
| Laravel Version | Supported PHP | Release Date | Bug Fixes Until | Security Fixes Until |
|---|---|---|---|---|
| Laravel 10 | PHP 8.1–8.3 | February 14, 2023 | August 6, 2024 | February 4, 2025 |
| Laravel 11 | PHP 8.2–8.4 | March 12, 2024 | September 3, 2025 | March 12, 2026 |
| Laravel 12 | PHP 8.2–8.5 | February 24, 2025 | August 13, 2026 | February 24, 2027 |
| Laravel 13 | PHP 8.3–8.5 | March 17, 2026 | Q3 2027 | March 17, 2028 |
Laravel’s official release notes are the source of truth for these dates. They also confirm the annual major-release cadence and the current PHP support ranges for Laravel 10 through 13.
The Laravel support policy matters most when a team has to choose between staying briefly on Laravel 12 or moving directly to Laravel 13. At that point, support dates stop being documentation details and start shaping real delivery plans.
Is Laravel 11 still supported?
No. Laravel 11 reached the end of its security support window on March 12, 2026. Teams still running Laravel 11 should move upgrade planning out of the “later” bucket and into active work. Some teams may still choose Laravel 12 as a stepping stone. Others should evaluate a direct move to Laravel 13, especially if their dependency stack is healthy enough to support it.
If your main question is version targeting rather than support policy alone, our latest Laravel version guide goes deeper into Laravel 12 vs 13 planning.
Why the Laravel support policy matters for real teams
Support policy affects far more than compliance language. It influences how confidently your team can ship features, upgrade packages, manage infrastructure, and respond to bugs without accumulating hidden risk. The older the framework version gets, the more likely you are to run into package conflicts, upgrade friction, and maintenance work that feels slower than it should.
That is why support awareness usually turns into an execution question: how do we move to a supported version without disrupting billing flows, API consumers, queue jobs, background tasks, or internal workflows? That is exactly where a structured Laravel upgrade services guide becomes useful.
Laravel support policy for teams on Laravel 10 or 11
If you run Laravel 10, you are already past security support. If you run Laravel 11, that window has closed as well. In both cases, the right move is not panic. The right move is planning. Review the current version, check PHP compatibility, inspect your Composer dependencies, identify package risks, and decide whether a direct path to Laravel 13 makes sense or whether an intermediate step would reduce risk.
Business-critical apps need more than a version bump. They need rollout planning, regression checks, deployment safety, and rollback thinking. Treat the upgrade as an engineering project, not a background chore.
Laravel support policy for teams on Laravel 12
Teams on Laravel 12 are in a stronger position because the version still sits inside its support window. Even so, “still supported” should not turn into “ignore the roadmap.” Laravel 13 is already current, and Laravel’s own upgrade guidance frames the 12-to-13 jump as relatively light for many applications. That makes timing the main question, not whether Laravel 13 matters yet.
Laravel’s official upgrade guide is worth reading alongside your own package audit, test coverage review, and deployment checklist before you lock in that decision.
Laravel support policy for teams on Laravel 13
If you are already on Laravel 13, support pressure is low for now. Your focus should shift toward healthy maintenance habits: keep dependencies current, stay aligned with supported PHP versions, protect test coverage, and avoid pushing framework upgrades so far into the future that they become emergency work again.
That broader delivery conversation often goes beyond versioning alone. When you need help with platform stability, scaling, modernization, or long-term engineering direction, our Laravel development services page is the right commercial hub.
How Laravel support policy connects to PHP compatibility
Support windows never sit in isolation from runtime planning. Laravel 12 supports PHP 8.2 through 8.5. Laravel 13 supports PHP 8.3 through 8.5. That means framework lifecycle and PHP lifecycle move together. If your infrastructure still lags behind, your Laravel roadmap automatically gets tighter.
This is another reason the Laravel support policy matters in practice. It helps product teams and engineering teams see framework lifecycle, PHP support, deployment timing, and technical debt as one connected decision instead of four unrelated problems.
Our practical view
Laravel’s support model is clear. Bug-fix support ending should prompt planning. Security-fix support ending should trigger action. Teams on Laravel 10 or 11 should already be moving. Teams on Laravel 12 should be planning the Laravel 13 step now, not later. Teams on Laravel 13 should build habits that keep future upgrades routine.
In practice, the Laravel support policy belongs in your product roadmap, not buried in a documentation tab that nobody checks until the deadline is close.
If you are still deciding whether Laravel is the right long-term stack for your product before you commit to a roadmap, this guide on Is Laravel still the right choice in 2026 gives the broader context.
Need help planning a supported Laravel roadmap?
If your team needs help deciding whether to move directly to Laravel 13, whether the current version is already too risky to keep, or how to reduce production risk during an upgrade, start with a structured assessment. Our Laravel upgrade services guide is the best next step for migration planning, while our Laravel development services page fits broader platform work.
FAQs
What is Laravel support policy?
Laravel support policy gives each major release 18 months of bug fixes and 2 years of security fixes.
What is the difference between bug fixes and security fixes in Laravel?
Bug fixes cover general framework issues and defects. Security fixes address vulnerabilities. A version that only receives security fixes is already close to the end of its comfortable lifecycle for active product work.
Is Laravel 11 still supported?
No. Laravel 11 security support ended on March 12, 2026.
Is Laravel 12 still supported?
Yes. Laravel 12 receives bug fixes until August 13, 2026 and security fixes until February 24, 2027.
How long is Laravel 13 supported?
Laravel 13 receives bug fixes until Q3 2027 and security fixes until March 17, 2028.
Leave a Reply