Current Laravel template, checked to solve T894, currently contains:
config/app.php
/* |-------------------------------------------------------------------------- | Encryption Key |-------------------------------------------------------------------------- | | This key is used by the Illuminate encrypter service and should be set | to a random, 32 character string, otherwise these encrypted strings | will not be safe. Please do this before deploying an application! | */ 'key' => env('APP_KEY'), 'cipher' => 'AES-256-CBC',
We have env('APP_KEY', 'SomeRandomString') to provide a default app.key value, with the knowledge SomeRandomString is an invalid string, and a toolchain to set a valid key, so we can sync with upstream.