Podcast
Get Unstuck
Eloquent factories provide a convenient way to generate models. Even better, with the addition of multiple named states, we can quickly create alternate shapes of the same model in our app.
It's extremely useful for writing readable tests and for easily setting up a fake, but realistic, seeded environment to use locally for development, but I would never use a factory in application code.
I've seen teams do it, and I understand why it might be tempting. We went through the work of setting up those useful states, which align with the real-world use cases in our application. Why shouldn't we lean on those factories in application code to make our life easier? We could even argue that it is a form of code re-use.
But factories are not intended for use in application code. The Laravel documentation states that they are intended for use in testing and seeding only. And if we take a peek at how they work, we begin to see why.
For example, Model::factory()->create($attributes) works very differently from Model::create($attributes).
The biggest difference is that the factory disables mass assignment protection.
You're bypassing an important security feature of Eloquent if you use a factory in application code.
No matter what benefits you think you are getting, the risk is not worth it.
I'd also argue that you're setting yourself up to accidentally create fake data in your application. Factories often use the Faker library to generate random data for required fields, so unless you remember to override every field, that fake data could slip into your production database. And if your factory defines relationships, you might even end up with entirely fake related models.
Factories are great, but they only belong in testing and seeding, never in application code.
Here to help,
Joel
P.S. Do your tests rely on an extensive pre-seeded database? I'd like to show you a cleaner way to set up test data. Schedule a call and we can discuss how to make your tests more reliable and valuable.