Sorry, you need to enable JavaScript to visit this website.
Skip to main content

Symfony Station Communiqué - 19 July 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communiqué. It's your weekly review of the essential news in the Symfony and PHP development communities. We also cover the cybersecurity world in detail this week. There is a plethora of Symfony items this week. Hell yeah!

Take your time and enjoy the items most relevant and valuable to you.

As always, thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

My opinions will be in bold.


Many of the items we curate are on Medium. I recommend investing in membership as you can access everything you want to read. It’s a small investment in boosting your career. As may have noticed non-members can only access a limited number of articles per month.

Become a member here! The compensation we receive from your use of this link helps pay for our weekly communiqué.


Symfony

As always, we will start with the official news from Symfony.

Highlight -> “This week was the most intense in Symfony development activity in months. We completed and merged tens of new features and improvements for the upcoming Symfony 6.2 version, including: a Doctrine entity argument resolver, options to sort files in case insensitive mode and by extension and size, console autocompletion for zsh shells, security logout improvements and new options, etc.“

A Week of Symfony #812 (18-24 July 2022)

Symfony announced:

Zoom in on Profiling Symfony & PHP apps workshop at SymfonyCon Disneyland Paris 2022

SymfonyCasts continues expanding their Symfony 6 Fundamentals Course.

This week on SymfonyCasts

Featured Item

Featured Item graphic

Mohammed Farhaz writes, “PHP Design patterns have proven to be extremely useful to developers and are a huge problem solver. Following best practices is crucial to writing efficient code. PHP Design patterns is an Object-Oriented Programming (OOP) concept that is now also used in Drupal 9 projects.

With Drupal’s adoption of modern PHP and OOP concepts since version 8, design patterns can be leveraged for cleaner and more robust programming. In this article, we will discuss a few commonly used design patterns in PHP and how to use patterns like dependency injections in Drupal.”

An Introduction to Design Patterns in PHP (and leveraging them in Drupal)

This Week

Sergii Demianchuk finishes his series on:

Symfony ElasticSearch – Search service and Query builder

Nerdpress covers:

Converting umlaute with the Symfony String component

GromNAN shares how to build Symfony pages with async blocks:

GitHub - GromNaN/async-page-builder-demo: Symfony Live Paris 2022

Dariel Vicedo continues his series:

Creating a Symfony project from zero to success in 52 weeks (week 3)

Dave Newson examines:

Symfony & When to catch exceptions

Tomas Votruba looks at:

8 New Features in Config Transformer that Convert Symfony YML to PHP

Vladimir explores a:

Demo Symfony Currency Converter

Xun Zhou shows us how to:

Use D-MVC Pattern in Symfony Application

Edouard Courty asks:

What is message queuing and why should you use it?

Using the Symfony Console Output Nuno Maduro explains the:

Null Object Pattern in PHP

eCommerce

Tea Trakoštanec explains:

How to add a Bootstrap Theme in Sylius

CMSs

Drupal’s Automatic Updates initiative and the Project Browser initiative each have an experimental version available as a contributed module for testing.

Scroll to the Drupal News section of this newsletter.

I love (not) the way you have to install the module for automatic updates with Composer via the command line. 🤦‍♂️

WebWash shows us:

Add Widgets to Sidebar using Field Group in Drupal

Ryan Robinson demonstrates how he created a generic Drupal-friendly container working with GitPod.

Drupal GitPod Container 1: .Dockerfile

The Peoples BLOG explores:

Usage of Local Php Security Checker for Drupal Applications

Millie Kaimuru has her:

Top 10 Drupal Websites Worldwide

I am not sure what the criteria are other than being famous.

Previous Weeks

The Drupal Association recommends:

Adopting Small Changes to Give Back to Drupal and Open Source

Lullabot warns of:

The Dangers of Inline Editing Structured Content

Now that Drupal 10 is finalized, OpenSense Labs looks at:

The new features and improvements in Drupal 10

On a related note, Mike Herchel explains:

Supporting an unknown amount of menu items within Olivero’s menu

PHP logo

PHP

This Week

Edouard Courty states the obvious.

PHP is not even close to dying.

Farhan Tanvir shares:

7 Useful PHP Libraries You Should Use in Your Next ProjectーPart- 2

Hugo Martinez proposes:

PhpStorm Plugins You Should Know

Umang Prajapati explores the:

PHP Rest API

Matthias Noback asks:

When to use a trait?

The Longhorn Conference is looking for presenters.

Longhorn PHP Conference CFP

Dino Cajic continues his extensive tutorial series.

PHP — P72: Errors Intro

David Boschmann continues from an article in June:

Learning php in 2022 — Vol.2

Michał Romańczuk explores:

Equal or identical. How to compare variables?

Supervillan, Igieborelvis (based on his name) conquers the world via:

SOLID: Fundamental Principles of Software Development using PHP (2)

Triple shares:

10 Tips for PHP Developers starting with Node.js

anastasionico explains:

Refactoring with PHPStan

Yoda Conditions

Codeception 5 is out. They are featured on our Support Ukraine page.

Codeception 5

PHP paragon Matthias Noback shares this:

My book-writing workflow

The PHP Foundation has:

PHP Core Roundup #4

PHP Watch looks at:

What's New in Composer 2.4

Previous Weeks

And:

Serverless PHP Applications on Digital Ocean Functions

Laravel News demonstrates:

Working with Data in API Integrations

Kodwings explains using a:

PHP recursive function to generate a parent/child tree

Exakat shows us:

5 ways to give a name to your booleans

Code logo

Other

Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).

The cyber response to Russia’s War Crimes

The Next Web shares:

Here’s how you can help build Ukraine’s drone army

Protocol reports:

EU agrees to gas rationing as Russia cuts flow

CNBC reports:

Hacktivist group Anonymous is using six top techniques to 'embarrass' Russia

The Hill reports:

US, Ukraine sign pact to expand cooperation in cyberspace

The Evil Empire Strikes Back

Wired reports:

Russia Is Quietly Ramping Up Its Internet Censorship Machine

The Jerusalem Post reports:

Israeli company Candiru allegedly behind cyberattacks against journalists

Cybersecurity/Privacy

The Hill reports:

US bolsters cyber alliance to counter rising Iran threat

We’re fighting one set of religious asshats with the help of two other religious asshat states.

CNN reports:

FBI investigation determined Chinese-made Huawei equipment could disrupt US nuclear arsenal communications

Venture Beat reports:

CISA chief calls for continuous global collaborations to combat cyberthreats

How to gain an unfair advantage over cyberattackers: “Mission control” cybersecurity

Jack Naglieri shows us how to:

Think Like a Detection Engineer, Pt. 1: Logging

Think Like a Detection Engineer, Pt. 2: Rule Writing

The Markup asks:

Who Is Collecting Data from Your Car?

Decipher reports:

U.S. Government Grapples With Cyber Incident Reporting Pain Points

Experts Urge Congress to Pressure Commercial Spyware Vendors

PCMag reports:

Microsoft Spots Cyber Mercenaries Using Windows, Adobe Zero-Day Exploits

More

The New Stack opines on:

The Future of Open Source, or Why Open Core Is Dead

Smashing Mag compares HTML elements:

<article> vs. <section>: How To Choose The Right One

The Otterlord examines Svelte, Tauri, and Bun in:

A Quick Look into the Future of JavaScript

TechCrunch reports:

CircleCI partners with GitLab

Protestware on the rise: Why developers are sabotaging their own code

The Next Web advises:

European or not, make sure your AI business sticks to EU data laws

That’s it for this week. Please share this communiqué.

Also, be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early).

If you don't already follow us on Twitter at @symfonfystation.

And since it may be turning into a full-scale dumpster fire, we are now on Mastodon as well at @symfonystation@phpc.social. Consider joining the @phpc.social instance.

Do you own or work for an organization that would be interested in our promotion opportunities? If so, please get in touch with us. We’re in our infancy, so it’s extra economical. 😉

More importantly, if you are a Ukrainian company with coding-related products, we can offer free promotion on our Support Ukraine page. Or, if you know of one, get in touch.

Keep coding Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Symfony Station Communiqué - 4 February 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communiqué. It's your weekly review of the most essential news in the Symfony and PHP development communities. Take your time and enjoy the items most valuable for you.

Thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

Please note that links will open in a new browser window. My opinions, if I present any, will be in bold.

 

SYMFONY

 

As always, we will start with the official news from Symfony.

Highlight -> "This week, Symfony 4.4.37, 5.3.14, 5.4.3 and 6.0.3 maintenance versions were released. In addition, a potential security vulnerability related to CSRF tokens in forms was found and fixed in security releases for all maintained versions."

A Week of Symfony #787 (24-30 January 2022)

 

The team fixed a security issue. “The Symfony form component provides a CSRF protection mechanism by using a random token injected in the form and using the session to store and control the token submitted by the user. When using the FrameworkBundle, this protection can be enabled or disabled with the configuration. If the configuration is not specified, by default, the mechanism is enabled as long as the session is enabled.

In a recent change in the way the configuration is loaded, the default behavior has been dropped and, as a result, the CSRF protection is not enabled in form when not explicitly enabled, which makes the application sensible to CSRF attacks.”

CVE-2022-xxxx: CSRF token missing in forms

 

They also fixed an issue with Twig. "When in a sandbox mode, the arrow parameter of the sort filter must be a closure to avoid attackers being able to run arbitrary PHP functions."

Twig security release: disallow non closures in the sort filter

 

SymfonyCasts unveiled a Symfony 6 track with courses on Symfony 6, EasyAdmin, and Upgrading to Symfony 6. The Harmonious Development with Symfony 6 course is free!

Learn Symfony 6: Unlock new possibilities with PHP's most powerful framework

 

Via SensioLabs: at Symfony World Winter 2021, two experts from SensioLabs were speakers. Following this online conference where more than 1,000 people attended in two days, they shared with us their experience and talked about their topic. A glimpse behind the scenes of the SymfonyWorld!

Symfony World Winter 2021: the interview with two speakers from SensioLabs

 

Platform.sh consolidates its management team with appointment of Ori Pekelman and Fabien Potencier as CSO and CPO. Don’t worry, Fabien isn’t leaving Symfony.

Platform.sh consolidates its management team with appointment of Ori Pekelman and Fabien Potencier as CSO and CPO

 

Symfony is excited to announce the organization of the international Symfony conference as initially planned at Disneyland Paris from November 15 to 18, 2022 for a full week of Symfony. Join us at SymfonyCon Disneyland Paris 2022 to learn and share the latest about Symfony while having fun at Disneyland Paris with us! The conference will be held at the newly redesigned Disney's Hotel New York - Art of Marvel!

Excited to announce SymfonyCon Disneyland Paris 2022

 

Featured Item Graphic

 

Featured Item

 

Block Protocol is a new project that aims to build a block system for embedding interactive blocks in any web application. The goal is to create a more interoperable and open web where these blocks can be shared through a standardized protocol. The initial draft of the Block Protocol spec is being incubated by the team at HASH, an open source data, modeling, and simulation platform.

Making the web better. With blocks!

By the way we are currently moving a site from WordPress site to Drupal and will be using HASH’s Web Components block module along with Gutenberg blocks module for the content creation. There is more on this below.

 

This Week

 

These type of posts are a dime a dozen, but this is a comprehensive one.

Symfony vs Laravel: Choosing The Right PHP Framework

 

Mert Simseck (great name) writes “I don’t know where to start but I was excited to write this post. I haven’t been developing applications with PHP and Symfony for a few years. Luckily I’ve built my latest API with Symfony 6 and PHP 8 and I feel like I’m back home.”

Voila! Symfony and PHP 8.1

 

.com Software says “Today we’re going to write a Symfony validator using the Test-Driven-Development technique. As you may know, it requires writing the test first, only then the code itself.”

Designing a Symfony Validator - the TDD way

 

Mike Milano explores:

Symfony Development with Lando

There will be more on PHP local development tools below.

 

Fabio Hiroki has another solid article for us. He says “in this article I'll show basic concepts for handling concurrent requests by building a banking web application. When coding there are some traps we need to pay attention specially because it's not a scenario easy to test.”

Database concurrency as simple as possible

 

Smaine Milianni always has something useful to share. Here he asks “emojis are part of our way of communicating, what about adding them to your Symfony form when a user needs to select a country?”

Emoji flag in the Symfony CountryType

 

Cool Zero parle the Power of the interface in Symfony. (en francais)

Le pouvoir de l’interface

 

Lindevs shows us:

2 Methods to Clear Cache using Console Command in Symfony 6

 

Cory Weinberg writes “although Drupal is not the most popular CMS, it is by far the best solution for non-standard and highly loaded services. Drupal is a free and open-source system that boasts high engine power, solid security, and reliability. Therefore, it is highly popular with many companies, regardless of the niche your business operates in.

With Drupal, you get the limitless possibilities of a framework and the convenience of a full-fledged CMS.”

Drupal Website Development – Key Features & Specs

Many of his points are why Symfony Station uses it.

 

PHP annotations will be replaced by attributes in upcoming versions according to Danial Sipos. “PHP 8 came with a lot of cool new features in the language. Among them, we finally have a native way of “annotating” classes, methods and all sorts of things. I used quotes because of the very ubiquitous Annotations library from Doctrine which we are using now to do similar things. PHP attributes are on their way to slowly replace those. I think. Don’t hold me to it though.”

PHP 8 attributes: Drupal 9 plugin discovery proof of concept

 

Mathias Noback writes about technical writing in:

Millennials doing things everyone should know about

 

Timeless

Inspector logo

Sponsored Article

We published our second sponsored article on Symfony Station exploring how code-driven monitoring helps you deliver successful Symfony products. Like all our articles it is now available via audio.

How code-driven monitoring helps you deliver successful Symfony products

All sponsored articles are for products we have vetted and stand behind. We either use them or would do so if they were applicable to the Symfony Station site.

 

PHP logo

PHP

 

This Week

 

Erik the Coder continues his look at modern PHP.

PHP crash course : require, include, files manipulation and enumerations

 

Ajay Kapoor notes “With PHP being the most widely used web programming language, it’s easy to forget that it will be twenty-eight years old in 2022. In the tech world, that’s an eternity, but in business, it’s barely any time at all. If you’re currently using PHP or considering using it in the future, you might be wondering what the top benefits of using this technology are.”

Top Business Benefits of PHP for Web Development in 2022

 

Andrea Pollastri shares his PHP development stack.

PHP Developer Tools (2022)

 

Speaking of tools, for local development I have long used Local for WordPress projects. I am moving our parent organization, Mobile Atom Code’s, site over to Drupal. I am using Lando to convert the backend and DDEV to build a new theme for the frontend.

This article shows you how to use DDEV with GitPod.

DDEV and GitPod

 

Vonage Dev writes “it may surprise some readers that asynchronous PHP is nothing new. PHP5.5 introduced generators way back in 2014 which set us on this path, and since then we have seen the creation of amphp, ReactPhp, and OpenSwoole.”

Asynchronous PHP With Revoltphp & Vonage Voice API

 

Will Earp has a two-part series for us on PHP minification.

The State of Minification in PHP – How 1 Project Grew into 6

The State of Minification in PHP – How 1 Project Grew into 6 (Part 2)

I plan on testing his Torque WordPress plugin.

 

Ostell notes “when you think of command-line applications, PHP doesn't immediately come to mind. Yet the language powers many popular tools, either as independent programs or intended to be used within projects. Be it through its vast ecosystem of libraries and frameworks, its ability to interact with the host, or the versatility of its dependency manager, PHP features everything you need to build and ship powerful CLI applications.”

How to build and distribute beautiful command-line applications with PHP and Composer

 

Doğukan Akkaya shares:

How did we reduce Memcached memory usage in PHP

 

Anders Björkland continues his exploration of SilverStripe CMS.

Configure Email over SMTP with SilverStripe

 

Exakat notes “While doing a crowd review of naval battle code at @afup_rennes , it appeared that the ‘no array_merge() in loops’ rule was known but not clear. Indeed, why is it that this function in particular, should be avoided in loops. Hence, this article, with a journey to memory management, coding and classic PHP features. Here we go.

Speeding up array_merge()

 

The Backend Developer says “today I want to write about new 2 features about array that are newly added in php 8.1. Array unpack method was added PHP in 7.4 version but we could only use it for integers. But now we can use it for all types of arrays. This is a good 8.1 development for us.

Php 8.1-New Features | Array is a list? & Array Unpack

 

This one is self-explanatory.

PhpStorm 2021.3.2 is released

 

Last Week

 

Kateryna Shlyakhovetska writes “when you’re tired of endless code reviews and debugging, you may start wondering if there are ways to automate tedious tasks without it backfiring on you later in development. If this is something you or your team are interested in, you may want to take a closer look at server-side static analysis.”

Cut Time on Code Reviews and Project Planning With Static Analysis

Code logo

Other

 

Michael Cobb notes “API security cannot be overlooked. Learn how security testing can detect API vulnerabilities and weaknesses before attackers can take advantage of them.

Protect APIs against attacks with this security testing guide

 

Aaron Francis writes “paginating records across large datasets in a web application seems like an easy problem that can actually be pretty tough to scale. The two main pagination strategies are offset/limit and cursors. We'll first take a look at the two methods and then a slight modification that can make offset/limit extremely performant.”

Efficient Pagination Using Deferred Joins

 

MySQL has multiple storage engines, and one of those is the blackhole engine. It acts as a "black hole" that accepts data but throws it away and does not store it*.*

Safer Staging Environments with Blackhole Storage

 

GitHub has a new way to monetize your repositories.

GitHub launches Sponsors-only repositories to help foster engagement with project backers

 

A deeper integration between Microsoft Sentinel and GitHub is a win for application security, marking a major step toward helping companies address security challenges in the software supply chain, cybersecurity industry executives told VentureBeat.

Microsoft adds ‘critical’ feature for GitHub security

 

Tanvir Safar says “Cloud computing and blockchain industries may very well have one property in common; both are growing rapidly while having the potential to revolutionize their respective fields. However, up until now, pioneers within the two industries have not yet found a common interest. That could soon change as projects have started embracing the idea of integrating the blockchain into the cloud computing sector, and we could soon see a future of endless possibilities.”

Integration of the Blockchain is a Game Changer in the Cloud Computing Sector

 

So what exactly is Web3, and why is everyone in Silicon Valley obsessed with it?

Web3 is the future, or a scam, or both

I don’t know myself, but the “art” perpetrated in NFTs is horseshit. And I grew up on a cattle farm so I know what I’m talking about. ;)

 

Have you published or seen something related to Symfony or PHP that we missed? If so, please get in touch.

 

That's it for this week. Thanks for making it to the end of another extended edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.

 

Please share this post. :) Be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early). And follow us on Twitter at @symfonfystation.

 

Do you own or work for an organization that would be interested in our promotion opportunities? If so, please contact us. We’re in our infancy so it’s extra economical. ;)

 

Happy Coding Symfonistas!

 

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Subscribe to GitPod

 

 

Follow Symfony Station on Mastodon Mastodon Icon Twitter Twitter Icon Flipboard Flipboard Icon or Our Newsletter Newsletter Icon