Sorry, you need to enable JavaScript to visit this website.
Skip to main content

Symfony Station Communiqué - 6 May 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communiqué. It's your weekly review of the essential news in the Symfony and PHP development communities. DrupalCon was last week, so there are lots of developments from that Symfony-based CMS.

Take your time and enjoy the items most valuable to you.

Thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

Please note that links will open in a new browser window. My opinions will be in bold.

Symfony

As always, we will start with the official news from Symfony.

Highlight -> “This week, Symfony 4.4.41, 5.4.8, and 6.0.8 maintenance versions were released. In addition, the second beta of Symfony 6.1 was published so you can test it in your real projects before its final release. Meanwhile, the SymfonyWorld Online 2022 Summer Edition conference announced new talks and speakers.

Lastly, a big thank you to all of you who have been following this weekly summary for 800 consecutive weeks, making it one of the longest-running series in the entire software industry.”

A Week of Symfony #800 (25 April - 1 May 2022)

Congratulations.

Javier Eguiluz continues to update us on what’s coming in 6.1 with:

New in Symfony 6.1: Service Decoration Attributes

New in Symfony 6.1: Service Autowiring Attributes

New in Symfony 6.1: Serializer Profiling

New in Symfony 6.1: Configurable Semaphores

New in Symfony 6.1: Simpler Bundle Extension and Configuration

This item is self-explanatory.

The old Symfony Flex infrastructure is shutting down

SymfonyCasts announced, “On our old Symfony 5 project, a lot of recipes need to be updated! Including the most important Flex recipe: symfony/framework-bundle. We’ll update this to the latest version and talk about why things changed... like new “env” config, Runtime component & preloading!”

This week on SymfonyCasts

Platform.sh announces, “After the release of Infrastructure Metrics and Observability for the Dedicated infrastructure projects, we are thrilled to announce the immediate availability of this feature for all environments of your Professional projects. A new Metrics tab will now be present on the environment level, to give you insight and visibility over your application, worker and service containers.”

Infrastructure Metrics available for all Professional projects

Technology Magazine held an:

Executive Q&A with Fred Plais, CEO & Co-founder of Platform.sh

Featured Item

Featured Item graphic

I love JavaScript approaches like Stimulus, Livewire, and Inertia. There is more on the last two at the bottom of this communiqué.

Viktor Markov writes, “I’ve decided to create a document with examples of how we can implement different features with Stimulus. If you are not familiar with it yet — it’s a simple framework that allows writing structured JavaScript code within controllers.”

Stimulus Use Cases

This Week

Ludovic Frank explains why:

As a developer, Symfony is my framework of choice (in French)

Nicolas Moral writes, “Using Symfony controller without Request, is like riding a bike: it seems complicated at first, in the end it couldn’t be easier.”

Symfony without Request

Quable team members review several sessions from the recent SymfonyLive in Paris.

Quable at SymfonyLive 2022 (in French)

Also in French, Les Tilleuls Coop says:

We are speakers Summer Edition 2022! Discover some new features in this preview

The Akashic Seer site is back with:

Symfony 5+ how to view dump output with AJAX requests

Azay Karimli is starting a series of posts for Symfony newbies.

Get started with Symfony 6 for beginners.

CMSs

Dries Buytaert writes, “Last week, 1,300 Drupalists gathered in Portland, Oregon for DrupalCon North America.

In good tradition, I delivered my State of Drupal keynote. You can watch the video of my keynote or download my slides (262 MB).

I covered a lot of ground in this presentation, so I broke down my written summary into a three-part blog series. Part 1 below focuses on Drupal 10 updates. I'll be publishing Part 2 and Part 3 later this week, which will focus on Drupal's evolved purpose/vision and Drupal 11 proposed initiatives.”

State of Drupal presentation (April 2022)

Part 1 - Drupal is for ambitious site builders

It’s for me evidently.

Matt Glaman adds:

Improve the Drupal developer experience to empower the Ambitious Site Builder

Droptica notes, “When creating websites on Drupal, as developers, we should try to make our job easier. Managing modules, users, generating code – all these processes can be automated and performed with single commands.’

Which Drupal Development Tools are Worth Using? 7 Handy Solutions

Sebin Jacob follows up on a tweet from Drupal icon, Gábor Hojtsy with:

Here Are Some Cool Drupal Contrib-Modules, Check (them) Out!

Speaking of Gábor, he has this for us.

The epic story of the last week of how Drupal's frontend and backend look changed after 11 years at DrupalCon Portland

Daniel Phin says, “This post introduces a completely new way of implementing Drupal hooks. You can finally get rid of your .module files, eliminating many calls to \\Drupal with dependency injection in hooks.”

A modern alternative to Hooks

arnabroychowdhury explores:

Testing For Cross Browser Compatible Web App using Joomla

Chris Müller shares his experience with a:

Migration to TYPO3/composer-cms-installers version 4

Platforms

Despite many challenges, Yii Software published a newsletter.

Yii news 2022, issue 1

PHP logo

PHP

This week

The May issue of php[architect] is out.

May issue release: One Last Slice

Mhammed Talhaouy shares:

5 Advanced PHP Tricks That Only Expert PHP Developers Follow

Viktor Daróczi continues his series on functional php programming:

Waiting for the Miracle — Functional Programming in PHP (Part 7)

Anton Ukhanev opines, “Suggestion for PHP development: forget about the word "array" in human-readable docs, var names, etc. Conceptually, an array is either a list or a map. These two have separate interfaces, since they are consumed differently, and therefore have different types.

PHP Array: A Gross Mistake

Teman Ngoding notes, “Sorting makes many tasks that require accessing or obtaining a specific set of data very easy and efficient. In this tutorial, we will learn how to use the built-in PHP functions to sort various types of arrays.”

How to Sort Arrays in PHP

Alessandro Castellano shows us program a redirect in PHP.

PHP Redirect Tutorial

Lucas Pereyra says, “A couple of days ago, I saw a YouTube short from a highly recommended channel that shows a very elegant way of dealing with try/catch blocks nesting and repetition in JavaScript, and I wondered whether something similar could be done for PHP.

We use try/catch blocks in PHP to make our programs fault-tolerant or to provide error handling up to a certain point. With try/catch blocks we can gracefully process certain errors that might occur at runtime without necessarily making our application stop.”

A PHP Pattern To Avoid Try/Catch Blocks Repetition

Rector PHP has an announcement:

New in Rector 0.12 - Introducing Rector Config with Autocomplete | Rector - Automated Way to Instantly Upgrade and Refactor any PHP code

Andrew Savetchuk asks:

What is PHP CS Fixer and how can it help you keep your code cleaner?

Stefano Alletti writes, “PHP Mess Detector is yet another one of those tools that help to keep the code base manageable and clean. It applies certain rules to check the quality of the code. This document is intended as a guide to initializing PHPMD rules on PHPStorm.”

My PHPMD Configuration on PHPStorm

Timo Schinkel makes:

The case for immutability

In Brazilian Portuguese, Caio Flavio looks at Command Query Separation (CQS):

CQS Pattern - Quando, como e por quê utilizar?

Jordi Bassaganas says, “you’ve been assigned a task that requires to do accurate calculations on huge numbers. For example, it could be the case that a bank with millions of customers operating globally wants to find out how much the entire world economy is worth. Well, all you need to know is there’s a PHP library called Money that will help you impress everyone because it supports big integer operations in PHP.”

Arithmetic Operations With Huge Numbers

Kareem Zock takes a look at:

Zebra: a series of 6 advantageous PHP libraries/classes

Code logo

Other

Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).

The cyber response to Russia’s War Crimes

CyberScoop reports, “U.S. Cyber Command conducted nine “hunt forward” operations in different countries last year, a data point he shared to illustrate why the command’s use of persistent engagement is critical to its success.”

Cyber Command did nine 'hunt forward' ops last year, including in Ukraine

Bloomberg reports on an individual mission:

U.S. Sent Cyber Team to Lithuania Over Threat of Russian Hacking

Euronews reports that “After seven years of tracking and debunking pro-Kremlin disinformation campaigns in the bloc, the EU's anti-fake news agency is now looking even further east in a bid to counter Chinese propaganda.

Two reports from EUvsDisinfo were over the past few weeks released in Chinese — a first for the Task Force. Both were on fake news over the war in Ukraine.”

EU anti-fake news agency starts debunking in Chinese

Forbes reports on:

Preparing For Cyber Attacks – Strengthening Defenses Against Nation-State Threats

The Evil Empire Strikes Back

U.S. News and World Report notes, “The British Foreign Office said on Sunday Russia is using a troll factory to spread disinformation about the war in Ukraine on social media and target politicians across a number of countries including Britain and South Africa.”

Britain Says Russian Troll Factory Is Spreading Disinformation on Social Media

The Guardian reports that, “Facebook moderators have called on the company to let them take action against users who praise or support the Russian military’s atrocities in Bucha and across Ukraine.”

Facebook moderators call on firm to do more about posts praising Bucha atrocities

They also have:

Russia’s trolling on Ukraine gets ‘incredible traction’ on TikTok

And:

Spanish prime minister’s phone ‘targeted with Israeli spyware’

The Record reports, “After knocking out the internet service in Kherson, Ukraine, this weekend, Russian forces reinstated service but routed it through Russia’s network instead of Ukrainian telecommunications infrastructure.”

Russia reroutes internet in occupied Ukrainian territory through Russian telcos

In news that surprises no one, NPR reports:

Journalist says Britain has become a safe deposit box for oligarchs' ill-gotten gains

And in news that exemplifies the stupidity of the Russian military, Business Insider reports:

A Russian soldier who was in Bucha during the executions was identified because he spray-painted his Instagram handle in a civilian's home

Cybersecurity

GitHub will require all users who contribute code on GitHub.com to enable one or more forms of two-factor authentication (2FA) by the end of 2023.

Software security starts with the developer: Securing developer accounts with 2FA

The Times of Israel reports, “Three young Israelis formerly serving in military cyber units have figured out how to locate your digital footprint — and give you the tools to delete it.”

Right to be forgotten: Israeli tech firm says it can delete your digital footprint

VentureBeat reports, “A fundamental change in approach is long overdue. Instead of operating with a narrow focus on the ever-changing tactics, techniques and procedures (TTPs) of attackers, enterprises need to place a higher priority on actively safeguarding the assets they’re after. That is the foundational component to data-centric security — protecting data at the core, not from the perimeter.”

The case for data-centric security in 2022

They also have:

Cybersecurity and the Pareto Principle: The future of zero-day preparedness

And:

Apple, Microsoft, and Google announce plans to enable passwordless authentication for billions of devices

Leor Hurwitz notes, “Prioritizing data security often comes at the expense of a good UX. To balance client needs with user preferences, product managers must use research, constant calibration, and a dose of creativity.”

How to Reduce UX Friction in Secure Product Development

More

Germán Cocca writes, “In this article we're going to take a look at programming paradigms, a fancy title to describe popular ways or styles to organize your programming.”

Programming Paradigms – Paradigm Examples for Beginners

Laravel News notes, “Lately, I've been getting this question a lot from Laravel developers: "What should I learn/use - Livewire or Inertia.js?" And, of course, the answer is very individual, but let's try to compare them and provide more context for the decision.”

Livewire is the equivalent of Stimulus and Turbo in Symfony. The article below will expose you to Inertia.js.

Livewire or Inertia.js?

Via Smashing Mag the awesomely coiffed Josh Comeau writes, “Every now and then, someone will ask for my recommendations on UI frameworks. By “UI framework”, I mean any third-party package that is focused on providing styled UI components. It includes CSS frameworks like Bootstrap, as well as JS component libraries like Material UI or Ant Design.

My answer to this question tends to catch people off guard: I don’t use them, and I don’t think they should be used for most consumer-facing products.”

You Don’t Need A UI Framework

Oriol Banus goes into “a deep dive to understand the architecture of components, from the simplest ones to more complex elements.

Create components following this three-step process, and ensure you have a well-designed UI element that developers can easily build.”

The architecture of a component

This is a great article from our acquaintance, Brian Rinaldi.

The Top 6 Static Site Generators in 2022

Kinsta shows us:

How to Minify JavaScript — Recommended Tools and Methods

InfoWorld asks:

Will JavaScript containers overtake Linux containers?

Chris Nielsen opines that before long all apps will be cross-platform and not native.

I replaced my native iOS app with a cross-platform web app and no one noticed

I hope so!

That's it for this week. Thanks for making it to the end of another edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.

Please share this post. :) Also, be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early). And follow us on Twitter at @symfonfystation. And since it may be turning into Shitter, we are now on Mastodon as well at @symfonystation@phpc.social. Consider joining the @phpc.social instance.

Do you own or work for an organization that would be interested in our promotion opportunities? If so, please get in touch with us. We’re in our infancy, so it’s extra economical. ;)

More importantly, if you are a Ukrainian company with coding-related products, we can offer free promotion on our Support Ukraine page. Or, if you know of one, get in touch.

Keep going Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Symfony Station Communiqué - 29 April 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communiqué. It's your weekly review of the essential news in the Symfony and PHP development communities.

DrupalCon Portland was this week, so there was lots of news about Drupal 10. There was plenty from Symfony as well.

Take your time and enjoy the items most helpful to you.

Thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

Please note that links will open in a new browser window. My opinions will be in bold.

Symfony

As always, we will start with the official news from Symfony.

Highlight -> “This week, Symfony development focused on the upcoming Symfony 6.1  version, finishing some new features for it and polishing its already merged new features.”

A Week of Symfony #799 (18-24 April 2022)

There were two release announcements:

Symfony 6.0.8 released

Symfony 6.1.0-BETA2 released

Javier Eguiluz continues to update us on what’s coming in 6.1 with:

New in Symfony 6.1: Improved Routing Requirements and UTF-8 Parameters

New in Symfony 6.1: Serializer Context Builders

New in Symfony 6.1: Draft Emails

This item is self-explanatory.

More speakers and talks announced at SymfonyWorld Online 2022 Summer Edition

SymfonyCasts announced, “We’ve got a FRESH tutorial for you this week: the one where we upgrade our Symfony 5 app to Symfony 6.... without breaking anything!”

This week on SymfonyCasts

Featured Item

https://symfonystation.com/sites/default/files/inline-images/Featured-Item_1_0.png

Speaking of SymfonyCasts, this week we will toot our own horn as the saying goes.

And speaking of Toots, you may already follow us on Twitter at @symfonfystation. And since it may be turning into Shitter, we are now on Mastodon as well at @symfonystation@phpc.social.

Consider joining the @phpc.social instance. The home to your toots does not offer reach (yet), but it does offer authenticity and civility. More on this at the bottom of this communiqué .

Plus, it’s elephant-like. ;)

Back to our article, it explores and reviews SymfonyCast’s “Harmonious Development with Symfony 6” tutorial course in detail. Best of all, the course and the review are free. They are a fantastic way to introduce yourself to the Symfony programming framework and the official learning platform.

A review of SymfonyCast’s Free “Harmonious Development with Symfony 6” Course

This Week

More tooting.

Exploring the Symfony Ecosystem on Flipboard.

Grégoire Hébert notes, “If you happen to read the service tag mechanism in the Symfony documentation, you'll discover that any service can be defined along with a tag.

Service tags are a way to tell Symfony or other third-party bundles that your service should be registered in some special way.”

[Symfony] Inject a tagged iterator in a more natural way

Have you ever heard of Contao? If the answer might be "No", we are about to change that now.

Get in touch with Contao CMS

But, if you read these communiqués regularly, the answer is yes. ;)

Drupal announced:

Drupal Core News: Drupal 10 will be released December 14, 2022

Drupal.org blog: What’s new on Drupal.org - Q1 2022

Acquia has a new tool for monitoring the transition to 10.

New Drupal 10 readiness dashboard on dev.acquia.com

Lullabot looks at:

The Present and Future of Drupal’s Administrative Interface

Verity-Thinks writes, “A content management system (CMS) for editors that generates a static site optimized for speed and security? Why not! Many static-site generators still require technical knowledge and/or developer intervention. So, the idea of offering our clients a Drupal CMS to manage their site was definitely enticing. It was especially attractive given we could (comparatively) forget about security for the resulting site.

Inspired by emerging WordPress-as-a-Static-Services, the team agreed to explore and build a Drupal-as-a-Static-Service proof of content (POC) for some of our existing Drupal sites.”

Drupal-as-a-Static-Service

Centarro says, “While many Drupal developers have at least some eCommerce experience, the number of people in our community who make it their primary focus is rather small. This isn't surprising, given Drupal is most often used as a CMS, not an eCommerce platform. However, it does mean that when you encounter an eCommerce opportunity, you may not be making the most effective pitch you can to win the merchant's business.

One way to improve your pitch is to make sure you're using the same vocabulary to describe eCommerce features and concepts as the rest of the eCommerce industry.”

The ABCs of PDPs and PLPs

Continuing with eCommerce, Khrystyna Oliinyk shows us:

How to Easily Import Orders from Magento to Your Software

This Year

Matt Glaman writes, “I recently did a deep dive into command authoring with Drush, which is where I discovered two amazing new features: auto-discovery of commands via autoloading and the addition of attributes for defining your commands.”

Writing Drush commands with PHP attributes

Gary Clarke has a YouTube series on building a Microservice with with Symfony Framework (version 6). He says, “In this introduction we'll look at microservice architecture and the benefits of its use.”

Create a Microservice with Symfony Part 1: Introduction (Symfony 6 Tutorial 2022)

PHP logo

PHP

This week

The PHP Foundation provides its first roundup of its efforts to maintain, improve, and grow PHP.

PHP Roundup #1 - PHP Foundation

Simply Stef continues her series of articles called PHP 101 Fundamentals. It includes this helpful one.

PHP 101: Loops

Plus this.

Getting to grips with Regular Expressions [Regex]

Brent explores:

What's new in PHP 8.2

Rahoul Gohil writes, “In a previous article, I got a good response about the mistakes that people made in PHP. There I forgot to mention the most common mistake made by many developers out there. They write nested queries inside the while loop of PHP.”

Avoid Nested Queries in PHP Loop

Lucas Pereyra notes, “PHP __sleep and __wakeup methods are magic methods (methods that PHP will invoke during special moments or cases) that PHP provides for dealing with serialization/deserialization of class instances (objects) during runtime. Serializing an object basically means creating a string representation of that object, so that it can be temporarily stored or saved (e.g. dumping it into a text file) and restored later.”

PHP __sleep and __wakeup magic methods: How and when to use them?

Abdlrahman Saber wants you to:

Stop using regular exceptions in PHP!

Viktor Daróczi continues his series on functional PHP programming with:

The Irresistible Container — Functional Programming in PHP (Part 6)

Freek.dev says, “PHP is a wonderful dynamic language that's capable of many cool things. I recently stumbled upon something quite fantastic that I want to share with you.”

Creating PHP interfaces, traits, and classes dynamically at runtime

Doeken.org notes, “The Middleware Pattern allows you to easily change the input and output of an action.”

How the PHP Middleware Pattern works and can easily be applied

Sanasar Yuzbashyan writes, “we will look on how we can add a very powerful dd() function to any PHP project in just a few steps. I think you will agree with me that this is much more convenient than var_dump()  or print_r().”

The dd() function in each PHP project

Boris DeBot explores installing WSL2 for the LAMP stack.

Installation de WSL 2 et de la pile logicielle LAMP

And we have this announcement:

PHPStan 1.6.0 With Conditional Return Types and More!

Last Week

Matthias Noback says, “I was tweeting something about having separate "DDD" and "ORM" entities in a project in a project, and that I don't understand this. There were some great comments and questions, thanks a lot for that! To be honest, I understand more about it now. In this article I'll try to provide some more information about this.”

DDD entities and ORM entities

Code logo

Other

Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).

The cyber response to Russia’s War Crimes

NBC reports how:

From office work to drone drops: Ordinary Ukrainians join wartime supply effort

Montana Public Radio asks:

How does Ukraine keep intercepting Russian military communications?

And The Verge asks:

They’ve leaked terabytes of Russian emails, but who’s reading?

The Guardian shows how:

The artists of Ukraine find their voice in a cry of resistance

Wired reports that:

Ukraine War Prompts Europe's New Emergency Rules for the Internet

The Evil Empire Strikes Back

Axios covers this announcement:

Microsoft: Russia has conducted hundreds of cyberattacks against Ukraine

This ZDNet article shows Evil is evil, even to itself.

Bronze President spies on Russian targets as Ukraine invasion continues

Cybersecurity

TechRepublic asks:

OAuth 2.0: What is it and how does it work?

VentureBeat reports that:

Dangerous malware is up 86%: Here’s how AI can help

TechRadar reports that:

APIs are becoming a cybersecurity disaster zone

GitHub says, “Do you worry that a CVE will hurt the reputation of your project? In reality, CVEs are a tracking number, and nothing more. Here's how we think of them at GitHub.”

Removing the stigma of a CVE

Inc. opines, “Keeping your networks secure protects us all.”

We agree.

Good Cyber Hygiene is a Civic Duty

I just bought Mozilla’s VPN this week, so of course, I ran across this afterward.

Microsoft readies a built-in VPN for Edge powered by Cloudflare

More

TechCrunch reports that:

The rise of defense tech is bringing Silicon Valley back to its roots

Taylor Hunt has this fantastic article:

Routing: I’m not smart enough for a SPA

If you read the featured item you will find the article below is one I definitely need to read. ;)

The Front-End Developer's Guide to the Terminal

VentureBeat also reports that:

Spotify dances to the beat of open source

By the way, Joe Rogan, if you are reading this, hello and fuck off!

The Overflow writes, “Are the robots coming for your job? You’ve heard this question before (we’ve even asked it before). But in 2022, with AI increasingly ubiquitous in the lives of most coders, the issue feels more pressing.

Given the explosive progress AI has made over the last few years, it might seem like only a question of time (or data) until its mastery over complex, nuanced problems clearly outstrips our own. From Go to poker to StarCraft II, AI has bested humans in plenty of arenas where we were once uncontested champions. Is the same true of coding?

The robots are coming for (the boring parts of) your job

The International JavaScript Conference looks at the Trade-offs and Technologies behind Progressive Web Apps.

One App to rule them all?

Amplitudo looks at the MVC pattern. Which you may be familiar with.

MVC — Model View Controller

Grant Horwood goes into detail on:

just enough curl for api devs

As we mentioned in the Featured Item section, Endgaget says, “We may not yet know exactly what Elon Musk’s takeover of Twitter means for the platform, but one Twitter alternative is already booming as a result of the news. Mastodon, the open-source social media service which bills itself as the “largest decentralized social network on the internet,” has been "exploding" since Musk's acquisition, according to its founder.”

After Musk's Twitter takeover, an open-source alternative is 'exploding'

There is good news for us web programmers in another VentureBeat item.

Report: Website usage has grown 57% since 2020

That's it for this week. Thanks for making it to the end of another edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.

Please share this post. :) Also, be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early). And follow us on Twitter at @symfonfystation or Mastodon at @symfonystation@phpc.social. Consider joining the @phpc.social instance.

Do you own or work for an organization that would be interested in our promotion opportunities? If so, please get in touch with us. We’re in our infancy, so it’s extra economical. ;)

More importantly, if you are a Ukrainian company with coding-related products, we can offer free promotion on our Support Ukraine page. Or, if you know of one, get in touch.

Keep going Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Symfony Station Communiqué - 22 April 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communiqué. It's your weekly review of the essential news in the Symfony and PHP development communities.

PHP news was slow this week, so we added coverage to our Other section, including the tech aspects of the war crimes in Ukraine.

Take your time and enjoy the items most valuable to you. And a Happy Earth Day to you as well!

Thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

Please note that links will open in a new browser window. My opinions will be in bold.

Symfony

As always, we will start with the official news from Symfony.

Highlight -> “This week, the first beta of Symfony 6.1 was released in preparation for its final release in 6 weeks. Meanwhile, we published some blog posts about new Symfony 6.1 features, such as improved ExpressionLanguage syntax and the Locale Switcher. Lastly, the SymfonyWorld Online conference (June 16-17, 2022) announced its first speakers.”

A Week of Symfony #798 (11-17 April 2022)

They also announced the following:

Last days of Call for Papers for SymfonyCon Disneyland Paris 2022

SymfonyCasts finish their free look at Symfony 6.

This week on SymfonyCasts

Platform.sh announced that “Each of your applications can define custom operations, aka Source Operations, which can be triggered manually or via an automation process (for example, a cron).

When those custom operations run, they can change your codebase (for example, apply a security patch, update a dependency or install a specific extension), and push those changes live.”

Automated code updates

Featured Item

https://symfonystation.com/sites/default/files/inline-images/Featured-Item_1_0.png

SymfonyCasts’ free Symfony 6 tutorial is now fully released!

Be sure to take it or watch the individual chapters relevant to you.

Harmonious Development with Symfony 6

This Week

Alexandre Daubois shows us "A simple but powerful way to manage messages and file types!"

Symfony’s MIME in 5 minutes

Coding 010 says, “Today I saw the Symfony 6.1.0-BETA1 released a blog post and quickly scanned for updates regarding Enum support. And yes, a new feature was listed: [HttpKernel] Add a controller argument resolver for backed enums. I quickly set up a testing project to play around with this.”

Symfony 6.1, routing and PHP 8.1 Enums

Marco Pfeiffer asks, “You have a working project, and you need to add a full-text search. But most databases (SQL, Document) do not contain reasonable fuzzy searches, so you need to bring a specialized database (like Elasticsearch) into your project.

But how?”

3 Ways on How To Use ElasticSearch in a Symfony Project with ApiPlatform

The Codest writes, “This article was created to show you the most useful and retrieving tips and tricks about Symfony Console Development.”

PHP Development. Symfony Console Component - Tips Tricks

Krzysztof Lobermajer notes, “Legacy code is something I do not want to deal with. It is always not well written, hard to read, and very complicated.

The first thing we want to do when starting to work with a new legacy project is to rewrite everything from scratch.

A better approach is to rewrite step by step, one module at a time. Let legacy live with a new codebase, arm in arm. It can be achieved by using a strangler pattern. Unfortunately, such an approach is also not always possible.

Taming involves reducing refactoring activities and focusing more on introducing new features to make something improvements visible to the customers.

Legacy code - strangle or tame?

The API Platform Conference is the only event dedicated to the API Platform and its ecosystem.

API Platform Conference 2022

Code Bilby has many short posts on the topic of the Twig templating engine. Check them out.

TWIG - Code Bilby

We covered CakePHP in our article, Exploring the 7 PHP Frameworks using Symfony Components. In this article, Stephen Pearl compares it to CodeIgniter.

The Most Significant Differences Between CakePHP and CodeIgniter

Bounteous has a look at:

Drupal 10: Uncovering New Features and Benefits

Last Week

Redfin Solutions explains its role in:

Leading Drupal’s Project Browser Strategic Initiative

Meanwhile, ImageX looks at:

The Easy Out of the Box Initiative for Drupal: even more user-friendliness!

See all the strategic initiatives.

Wim Leers covers the changes made in the CKEditor5 for Drupal 10 during Dev Days Ghent.

Drupal Dev Days Ghent 2022: sprints FTW!

Alain Schlesser says, “Bento is a relatively new high-performance web components library that makes it easy to optimize your web properties for an excellent page experience. It was initially conceived to make the AMP project's performance insights and engineering expertise available to more people and with fewer strings attached. Bento components are self-contained and can be used in a gradual mix-and-match approach.

Bento components are packaged as React or Preact components for seamless integration into any framework using such a stack. However, they are also provided as standardized Web Components so that they can be used anywhere else where (P)React might not be available.”

This could include the Gutenberg Module in Drupal.

Using Bento Components in Gutenberg Blocks

PHP logo

PHP

This week

Simply Stef is starting a series of articles called PHP 101 Fundamentals. It includes this helpful one.

PHP 101: Understanding Functions

Kinsta has this extensive and insightful comparison article for us.

Node.js vs. PHP: A Head-to-Head Comparison

Jordi Bassaganas writes, “I’ll be sharing a series of posts that show how similar PHP and TypeScript are — they’re probably more similar than you’d initially think. I will explain helpful tips on how to do object-oriented programming (OOP) in both of them. More specifically, I’m transcribing a statically-typed, object-oriented PHP codebase into TypeScript from scratch.”

Why TypeScript and PHP Are Good Friends

Fig announced that “that starting in version 1.0.57, it now supports over a dozen new terminals and IDEs including PhpStorm.

Fig now supports JetBrains IDEs

On a related note, JetBrains shows us how to:

Create PHP Courses Inside PhpStorm With EduTools

Last Week

Ahmet Özışık looks at:

PHPUnit failing with exit code 255

Code logo

Other

Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).

The cyber response to Russia’s War Crimes

TechCrunch has:

An inside look at a Ukrainian fintech startup adapting to life during wartime

Politico Pro reports that:

Russia’s propaganda machine takes another hit

The Next Web covers:

How Russia and Ukraine are using social media as the war drags on

PCMag notes that the:

Pentagon is Impressed by Starlink's Fast Signal-Jamming Workaround in Ukraine

MSN reports, “Cybersecurity experts representing 30 NATO members are fighting a digital war this week to defend a fictional island country in the northern Atlantic Ocean. Though “Berylia” is fake, experts involved hope the lessons learned from the staged attack will better prepare them for the possibility of a Russian attack as war ravages Ukraine.”

NATO Plays Cyberwar to Prep for a Real Russian Attack

The Evil Empire Strikes Back

Reuters have an exclusive:

Senior EU officials were targeted with Israeli spyware

Tech Monitor reports, “Critical national infrastructure is at “increased risk of malicious cyber activity” perpetrated by Russia, according to a warning by the UK and its allies in the ‘Five Eyes’ security alliance. A rare joint advisory from the Five Eyes nations states that the war in Ukraine and the sanctions imposed on Russia mean the threat to infrastructure has increased in recent days.

’A storm on the horizon’: Five Eyes issue Russian cyberattack warning

Gizmondo reports that:

FBI Says North Korea Behind Biggest Crypto Theft in History Against Axie Infinity

The Guardian has this depressing story.

Facebook posts disputing Bucha atrocities were shared 208,000 times in a week

Cybersecurity

Explore our article on Symfony Security

VentureBeat reports that:

Ransomware targeting virtualization platforms is on the rise, Mandiant says

Tech.co reports, “Ransomware-as-a-service (RaaS) group BlackCat, has already compromised 60 entities worldwide, according to a FLASH warning issued by the Federal Bureau of Investigation (FBI) this week.

The report confirms that the recently established BlackCat group are typically requesting ransom payments of several million dollars, and are carrying out their attacks using Rust, a highly advanced coding language.”

FBI Warning as BlackCat Ransomware Breaches at Least 60 Organizations

More

Make Use Of shows us:

How to Use Flex to Align HTML Elements

Dave Rupert shares:

7 Web Component Tricks

TechRepublic covers why:

Why Web3’s promises of decentralization fall flat

MSN opines:

Obama’s plans to fight disinformation are better than most

The NewStack provides:

An Introduction to JSON

InfoWorld reports on:

The steady march of general-purpose databases

Muhammed Hilmi Koca writes, “In this short series of 2 or 3 articles, I will try to talk about the most useful, interesting, and fun “sentinel” feature of Redis.”

Distributed Cache Systems and High Availability on Redis: vol. 1

Vladimir Khorikov looks at:

Modeling Relationships in a DDD Way

Tomasz Dobrowolski has a good What and Why look at TDD.

Test-Driven Development: What Is It And Why You Should Be Using It as a Developer to Reduce Your Bugs

VentureBeat also reports that:

Postman API platform hits 20M users, helps drive the ‘API economy’

That's it for this week. Thanks for making it to the end of another edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.

Please share this post. :) Also, be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early). And follow us on Twitter at @symfonfystation.

Do you own or work for an organization that would be interested in our promotion opportunities? If so, please get in touch with us. We’re in our infancy, so it’s extra economical. ;)

More importantly, if you are a Ukrainian company with coding-related products, we can offer free promotion on our Support Ukraine page. Or, if you know of one, get in touch.

Keep going Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Symfony Station Communiqué - 15 April 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communiqué. It's your weekly review of the most essential news in the Symfony and PHP development communities.

Again, we cover the tech aspects of the war crimes going on in Ukraine and how you can help.

Take your time and enjoy the items most valuable to you.

Thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

Please note that links will open in a new browser window. My opinions will be in bold.

Symfony

As always, we will start with the official news from Symfony.

Highlight -> “This week, Symfony celebrated the SymfonyLive Paris 2022 conference, one of the first official non-virtual Symfony conferences since the COVID-19 pandemic started. The next opportunity to meet the community in person will be the SymfonyCon Disneyland Paris 2022 conference on November 17-18, 2022. Meanwhile, we started publishing the New in Symfony 6.1 blog posts in preparation for its upcoming release.”

A Week of Symfony #797 (4-10 April 2022)

Javier Eguiluz previews upcoming features of the 6.1 update.

New in Symfony 6.1: Improved ExpressionLanguage Syntax

New in Symfony 6.1: Locale Switcher

This is self-explanatory.

Symfony 6.1.0-BETA1 released

They also announced:

First selected speakers announced at SymfonyWorld Online 2022 Summer Edition

SymfonyCasts continues their free look at Symfony 6 and Easy Admin paid courses.

This week on SymfonyCasts

Platform. sh announced:

Platform.sh Renews Partnership with Adobe to Power the Future of Commerce

Featured Item

https://symfonystation.com/sites/default/files/inline-images/Featured-Item_1_0.png

Our featured article this week proves we aren’t always serious. But we are usually mad.

Please reply with a link to this article every time you see a “PHP is dying” post from some idiot.

PHP Is Not “Dying” You Clickbait Wankers!

This Week

We have a new article here at Symfony Station. Check out:

Exploring the 7 PHP Frameworks using Symfony Components

JoliCode has a review of SymfonyLive Paris 2022.

SymfonyLive Paris 2022 – En chair et en os

Demianchuk Sergii writes, “welcome to the 3rd article devoted to the theme: “How to work with ElasticSearch using Symfony PHP framework”. Previous article (Part 2: Symfony ElasticSearch and docker environment) is located here. Here we will start to investigate the Symfony skeleton project. But at first it would be great to refresh in our mind the architecture scheme from the Part 1: Symfony ElasticSearch.

Symfony ElasticSearch, Front Controller, API documentation

Eelco Verbrugge is back to review.

Symfony Unit Testing

Prestashop features a key member of their team in this article.

Merchant, freelance developer, and top contributor: Daniel Hlaváček’s experience with the PrestaShop project

Zoya Scoot has this Magento writeup.

Magento Open Source 2.4.4: Release Notes (Everything You Need to Know)

Kévin Dunglas says, “At SymfonyLive Paris, I introduced a new PHP library to build Solid applications: Solid Client PHP. In this presentation, I review the Solid protocol and how it could give back the control of personal data to end-users.”

Building Decentralized Web Apps with Solid and PHP

Matt Glaman advises:

Avoid using loadByProperties to load Drupal entities

Altudo opines, “The competitive advantage that Drupal has over other Content Management Systems is being an open-source CMS. It is economical to implement, easy to maintain and secure to use. It is a platform that excels in delivering the right content to the right people at the right time.”

Drupal - The Best Open Source CMS With Significant Features

J Rockowitz writes, “Every few years, organizations have to rework their digital strategy starting with establishing a web presence, adopting a CMS, sharing content, building a responsive mobile website, creating personalized user experiences, and authoring voice-friendly content. This list won’t stop there. Headless CMSs are not a trend - they are a major shift in how organizations create and manage their content to make it easier to future-proof an organization's digital strategy for their next digital challenge.”

The future of our Drupal CMS and Schema.org: APIs, UI, and UX

PHP logo

PHP

This week

Wooter Carabain helps us write clean code.

Clean code in PHP: 5 tips to help you!

Security Lit Limited notes, “In this blog article we shall be covering vulnerabilities that you could experience while dealing with PHP applications. Some vulnerabilities are particular to PHP, whereas the others are universal.”

Vulnerabilities in PHP Based Applications

Kpicaza writes, “As promised in our previous post about Async PHP, we already have the project running in production for some sections of our applications. The search middleware has good enough performance using Symfony MicroKernel + Road Runner as a server.

This time, we want to explain how to manage a strict development continuous integration pipeline in PHP. That means respecting the best practices and standards of the PHP language.”

Strict Development CI for PHP

Grant Horwood notes, “there's not a tremendous amount of documentation on writing command line scripts in PHP, and if you're looking to build an interactive script that leverages your existing code, the process can be frustrating. This series of posts is designed to cover the basic constructs we will need to write effective interactive scripts in PHP.”

Writing command line scripts in PHP: part 3; interactive input

Doeke Norg says, “Sometimes it can be useful to use a callback function or other callable to prevent a bunch of code duplication.

Let's say you have an event subscriber that encrypts and decrypts data in the life cycle of an entity. When the entity is stored, some data will be encrypted; and when the entity is loaded, the data will be decrypted.”

Quick tip: Using callbacks to prevent code duplication

genie-oh writes, “in this article, we use Closure (same to Anonymous Function) to reduce the overhead of debug logging with contextual data. Anonymous Function is useful in various cases and languages.”

[PHP] try to reduce overhead of debug logging using Closure(same to anonymous function)

Jordi Bassaganas says:

PHP Became Strongly-Typed

Lucas Pereyra has:

A quick performance optimization example using PHP generators

He also notes, “A couple of days ago, ... I started to struggle with a docker compose build problem when attempting to install my PHP dependencies using Composer, inside of the Dockerfile’s container building steps (these are the steps executed when you run a dockercompose build).

I decided to share with you this issue and a couple of workarounds you can apply when facing it, with a simple yet practical example.”

Docker Compose, PHP & Composer: the missing “vendors” folder issue

Lena Charles shows us how to:

How to Hire the Best PHP Developers

And Antonello Zanini show us how to build a PHP script to validate and verify emails.

Email Syntax Validation and Existence Verification in PHP

Laravel News shares the details on a newly free PHP book.

BaseCode: A Field Guide to Writing More Readable Code

A new version of the PhpStorm IDE is out.

What’s New in PhpStorm 2022.1

Last Month

PHP Sandbox reached their 10,000th user.

10k users: The Journey

Timeless

Shawn McCool says, “When we create a class, we give it a name. What does this name represent?

Classes are boundaries. On the outside is the rest of the entire world. On the inside is some combination of data and behavior.

What goes inside a class and what stays outside? In order to determine what is contained within a class, we reference its design paradigm.”

Adding Real Capabilities To Systems Through Naming

PHP Delusions writes, “During a decade of active participation on Stack Overflow I was able to determine a set of reasons that lead to the most frequent questions on Q&A sites. It turned out that most questions are caused by not following a rather limited set of basic principles.

These principles, although being universal, are almost as universally ignored or even violated in virtually every PHP tutorial out there. And I would say it's one of the biggest problems of PHP community.”

The most important basic principles of web programming

Code logo

Other

Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).

The Atlantic opines, “Americans need to cure what ails our democracy, ridding ourselves of our incipient Russification. ... I worry that we’ll soon forget about Ukraine. It’s far away, and Americans have famously short attention spans.”

I Worry We’ll Soon Forget About Ukraine

We sure as fuck won’t forget Ukraine.

The cyber response to Russia’s War Crimes

Wired reports:

How Russia's Invasion Triggered a US Crackdown on Its Hackers

They also have:

Russia Is Leaking Data Like a Sieve

TechCrunch reports:

Microsoft seizes domains used by Russian spies to target Ukraine

Bleeping Computer writes, “A hacking group used the Conti's leaked ransomware source code to create their own ransomware to use in cyberattacks against Russian organizations.

While it is common to hear of ransomware attacks targeting companies and encrypting data, we rarely hear about Russian organizations getting attacked similarly.

Hackers use Conti's leaked ransomware to attack Russian companies

The Evil Empire Strikes Back

MIT Technology Review reports:

Russian hackers tried to bring down Ukraine’s power grid to help the invasion

TechCrunch also reports that “U.S. government agencies are warning that state-backed hackers have developed custom malware that enables them to compromise and hijack commonly used industrial control system (ICS) devices.”

US warns of state-backed malware designed to hijack critical infrastructure systems

Cybersecurity

TechCrunch also says:

The US needs a tech doctrine

This should apply to any democracy.

ZD Net reports that “Microsoft takes control of ZLoader's botnet infrastructure, which is used to spread malware and ransomware.”

Microsoft: We've just disrupted this ransomware-spreading botnet

More

Did you know if you’re a paid member of Medium you have access to these resources?

Directory of Books from The Pragmatic Programmers on Medium

PragPub on Medium

Khalil Stemmler asks:

Is DDD Overrated?

Laravel News reports on a:

Style Guide Generator for Tailwind CSS

ZDNet also writes:

Sorry, developers: Microsoft's new tool fixes the bugs in software code written by AI

And to the applause of JS Geeks everywhere,

Microsoft launches TypeScript 4.7 Beta

Kinsta asks and answers:

What Is PostgreSQL?

Joshua Otwell has this helpful article.

Multi-level Aggregation Using MySQL GROUP BY WITH ROLLUP

That's it for this week. Thanks for making it to the end of another edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.

Please share this post. :) Also, be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early). And follow us on Twitter at @symfonfystation.

Do you own or work for an organization that would be interested in our promotion opportunities? If so, please contact us. We’re in our infancy so it’s extra economical. ;)

More importantly, if you are a Ukrainian company with coding-related products, we can provide you with free promotion on our Support Ukraine page. Or if you know of one, get in touch.

Keep going Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Symfony Station Communiqué - 8 April 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communiqué. It's your weekly review of the most essential news in the Symfony and PHP development communities.

Again, we cover the tech aspects of the war crimes going on in Ukraine and how you can help.

Take your time and enjoy the items most valuable to you.

Thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

Please note that links will open in a new browser window. My opinions will be in bold.

 

Symfony

 

As always, we will start with the official news from Symfony.

Highlight -> “This week, Symfony 4.4.40, 5.4.7, and 6.0.7 maintenance versions were released. Meanwhile, the upcoming Symfony 6.1 version added new features such as a Serializer profiler panel and a simpler bundle/extension configuration. Lastly, the SymfonyLive Paris 2022 conference will take place next week.”

A Week of Symfony #796 (28 March - 3 April 2022)

 

Javier Eguiluz previews an upcoming feature of the 6.1 update.

New in Symfony 6.1: HtmlSanitizer Component

 

SymfonyCasts continues their free look at Symfony 6 and Easy Admin paid courses.

This week on SymfonyCasts

 

Platform. sh announced “We’re excited to announce that Platform.sh now offers OpenSearch as a service available and included on all plans. OpenSearch is a distributed RESTful search and analytics engine you can use for log analytics, a search backend, clickstream analytics, and more.

With the recent move by ElasticSearch to switch to a licensing model, it was important for us to propose a strong open-source alternative. And OpenSearch is completely open-source, so you could run and manage it on your own. But if you add it to a Platform.sh project as a service, all of the infrastructure is taken care of. All you have to take care of is your data: indexing it and retrieving it.”

OpenSearch is here

 

We missed this last week. Blackfire Monitoring now integrates with API-Platform.

API-Platform Support

 

Featured Item

 

https://symfonystation.com/sites/default/files/inline-images/Featured-Item_1_0.png

 

Democracies are far from perfect. However, while sometimes chaotic and prone to taking one step back for every two forward, they are the best governments in the world. Currently, they are in a growing battle with autocracies ranging from tyrannical to criminal for the future of mankind.

The Copenhagen Pledge puts forward a vision for the digital age, based on democratic values and human rights. It serves as the overall value framework for the Tech for Democracy initiative.

Take and sign the pledge

 

Its Action Coalitions target specific issues at the intersection of tech, democracy, and human rights. Coalition partners engage in concrete activities and deliver concrete solutions in line with the Copenhagen Pledge.

Action Coalitions

 

The Action Programme contains recommendations ****on how to transform the Copenhagen Pledge into action and charts a path for various areas, such as how to truly improve digital responsibility and mobilization.

Action Programme

 

Find the full Action Programme and civil society´s 8 recommendations here.

 

Please get involved today. You have to have open societies to have open-source.

 

This Week

 

WeLoveDevs says, “Ce questionnaire, d'environ 10 minutes, est proposé par Smaïne Miliani ainsi que la communauté WeLoveDevs.com (entreprises, experts, formateurs, indépendants) pour aider les développeurs à auto-évaluer leurs connaissances.” If you are fluent in French, take this test.

Test Symfony 6

 

Mohamad Eldhemy explores:

The What-Why-How Guide of PHP code quality tools

 

Sriram webnexs asks:

What Is the Magento Marketplace Extension and How Does It Work?

 

tangled net writes “Grav CMS allows developers to give third parties the ability to manage their (structured) content in a very elegant and flexible way. At the same time, there are few restrictions on how this content ends up displayed on the website — as long as the developer knows what he is doing.”

Grav CMS — A way to pass URL parameters in a frontend form

 

Unearthed says, “we use the AWS service Cognito to issue JWTs to clients during authentication. From there, the JWT is exchanged with whichever services the user is interacting with in order to validate their identity. This is helpful when building out a service graph, since each JWT can describe an authenticated users session without any direct dependency on a user service.

It's worth mentioning, if you are using Symfony, there is a Symfony Bundle which will make some of the factories and services used in this blog post available from the container. In our application we decided instantiating these dependencies directly was preferable.”

Decoding and validating AWS Cognito JWTs with PHP

 

#! Code has this very useful article for us:

Drupal 9: Getting A Good Score In Google PageSpeed Insights

 

Droptica notes “In this article, we’ll present what standards are used to create Drupal projects. We will show you the basic aspects that are worth paying attention to and the tools that make work easier.”

What are Drupal Coding Standards, and How to Use Them in Your Daily Work?

 

Arslan Ijaz looks at:

Amazing UX design using Drupal

 

Last Month

Matt Robinson shares:

What to Do With Your Drupal 7 Website

 

Christian Kolb has two articles for us:

Using CQRS in Symfony

Using id value objects for better readability and type safety

 

PHP logo

PHP

 

This week

 

The April edition of php[architect] is out.

php[architect]

 

Tomasz Dobrowolski shows us:

Why You Should Limit Your Use of Comments to Make Cleaner Code as a Developer

 

Study Section notes “A session is a way to continue information across different web pages to recognize users as they traverse a site or app. There is absolutely no way a server could remember a specific user between multiple requests, which is why we call the HTTP protocol a stateless protocol.”

Explaining this pattern with example in PHP — Server Session State

 

Farhan Tanvir shares “Here are 7 VSCode extensions which will help you to make the best use of VScode if you are a PHP developer.”

7 useful VSCode extensions for a PHP developer

 

Yacine Touati discusses:

Setting up Dockerized cron jobs: For example, using PHP and MySQL

 

The one and only Brent is back with “You've probably used the strategy pattern before: a behavioral pattern that enables selecting an algorithm at runtime.

Let's consider a classic example: the user provides some input either in the form of XML, JSON or an array; and we want that input to be parsed to a pretty JSON string.”

Dynamic Strategies

 

Jordi Bassaganas shares his:

Titanic Truth About JavaScript, TypeScript, and PHP

 

Hicham Ben Kachoud continues his SOLID series with the I:

Interface Segregation Principle

 

Jarek writes “Generic types are templates which allow us to write code without specifying a particular type of data on which it will work. Thanks to them, we avoid redundancy and the objects operate on the previously declared types. A good example is collections of various types. If we want to be sure that a collection consists of a given data type, we can either create a separate class to store each type, use various types of assertions, or just use generic types.”

How To Start Using Generic Types In PHP

 

Last Month

 

Andreas Moller notes “The chances are that you are already aware of the concept of named constructors. If not, take a look at Matthias Verraes' excellent article Named Constructors in PHP.

When it comes to consistently naming constructors, I currently apply the following rules for different types of objects.

  • services
  • exceptions
  • entities
  • value objects”

Naming constructors

 

Incredibly there were two articles on this last month.

 

Stefan Priebsch writes “Despite a greatly improved type system in versions 7 and 8, PHP does not support constructor overloading. If an object has to be created in different ways, so-called named constructors are used. Are there any best practices for naming them?”

How do you name constructors?

Code logo

Other

 

Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).

 

The cyber response to Russia’s War Crimes

 

CNBC reports “Alex Iskold, a tech entrepreneur and start-up investor, revived the 1K Project to provide direct relief to Ukrainian families impacted by the war.”

A Ukrainian Techie Combined ‘Code and People' to Raise $3.5 Million So Far for Families Back Home

 

TechCrunch reports:

Twitter limits reach for Russian government accounts and bans most POW imagery

 

Fortune reports “Hacker collective Anonymous announced on Twitter that it successfully breached and leaked the personal data of 120,000 Russian soldiers.

"All soldiers participating in the invasion of Ukraine should be subjected to a war crime tribunal," Anonymous said in the message.

The leak included personal information like dates of birth, addresses, passport numbers, and unit affiliation.

Anonymous takes revenge on Putin’s brutal Ukraine invasion by leaking the personal data of 120,000 Russian soldiers

After what we have seen this week, IMHO these soldiers are legitimate targets for hacktivism.

 

NBC reports “Distributed Denial of Secrets, is best known for curating, publishing, and promoting giant caches of files from a variety of sources, including U.S. police departments, the conservative social media platform Gab and the far-right Oathkeepers, a prominent group involved in the Jan. 6 riot.

But since Russia invaded Ukraine, Best and her colleagues have been inundated with files that hacktivists say they’ve stolen from Russian banks, energy companies, government agencies, and media companies. For weeks, the group has scrambled to translate, verify, format, and upload files that they can assess are legitimate and new, with the caveat that they usually haven’t gone through every single file to assess if it hasn’t been altered or planted with malicious software.”

Hackers flood the internet with what they say are Russian companies' files

 

The AP reports “The Biden administration has charged a Russian oligarch linked to the Kremlin with violating U.S. government sanctions, and disrupted a cybercrime operation that was launched by a Russian military intelligence agency, officials said Wednesday.”

US charges Russian oligarch, dismantles cybercrime operation

 

The New York Times reports that the:

U.S. Says It Secretly Removed Malware Worldwide, Pre-empting Russian Cyberattacks

 

Politico reports that “The firms that helped document the Russian invasion of Ukraine are now finding imagery of atrocities.”

Satellite companies join the hunt for Russian war crimes

 

Cloudflare writes “Following Russia’s unjustified and tragic invasion of Ukraine in late February, the world has watched closely as Russian troops attempted to advance across Ukraine, only to be resisted and repelled by the Ukrainian people. Similarly, we’ve seen a significant amount of cyber attack activity in the region. We continue to work to protect an increasing number of Ukrainian government, media, financial, and nonprofit websites, and we protected the Ukrainian top-level domain (.ua) to help keep Ukraine’s presence on the Internet operational.

At the same time, we’ve closely watched the significant and unprecedented activity on the Internet in Russia. The Russian government has taken steps to tighten its control over both the technical components and the content of the Russian Internet. For their part, the people in Russia are doing something very different. They have been adopting tools to maintain access to the global Internet, and they have been seeking out non-Russian media sources. This blog post outlines what we’ve observed.”

What Cloudflare is doing to keep the Open Internet flowing into Russia and keep attacks from getting out

 

On a related note, NPR asks “What do Russians know about what's happening in Ukraine? Well, it depends in large part on what independent media they're able to access - access the Russian government has been forcefully trying to restrict. So many Russians have been relying on VPNs - virtual private networks - that obscure their identity online and allow them to access blocked websites.”

Some Russians are skirting website restrictions through VPNs. What are they?

 

Radio Free Europe reports “Western governments imposed crushing sanctions on Russia for its unprovoked attack and foreign companies began pulling out of the country, setting its economy reeling and making investments in the technology sector unattractive. Three days later, Krupnik froze his project, and on March 9 he fled to Turkey, seeing a bleak future back home.”

'A Nail In The Coffin': Tech Workers Are Fleeing Russia and The Impact Will Last For Years

 

The Evil Empire Strikes Back

 

TechCrunch reports “The mass exodus of IT specialists has been met with hostility from Moscow.”

Tech workers describe detentions and interrogations as they flee Russia

If you are in Russian IT and want to escape the new Iron Curtain, we suggest you get the fuck out now. If not enjoy the Gulag.

 

CBS reports “A group of hackers with ties to the Belarusian government broke into the Facebook accounts of Ukrainian military officials and posted videos calling on the Ukrainian army to surrender.

Meta's head of security policy, Nathaniel Gliecher, said the videos posted on the accounts of Ukrainian military officials were not seen by users and were taken down by the platform before it could be shared with others.”

Russian-backed hackers broke into Facebook accounts of Ukrainian military officials

 

The Jerusalem Post reports “China launched a massive cyber operation against the Ukrainian military and its nuclear facilities before Russia began its invasion, according to UK intelligence reports obtained by The Times.

The British reports were backed up by Ukraine's national security service, the SBU, which claimed China coordinated thousands of cyberattacks and hacking attempts on official Ukrainian government sites.”

China carried out massive cyberattack operation on Ukraine - report

 

The New York Times notes:

Bristling against the West, China rallies domestic sympathy for Russia

 

The Guardian reports “Putin may be ‘playing a long game’ on the cyber front, with attacks underway but not fully understood.”

Russia’s slow cyberwar in Ukraine begins to escalate, experts say

 

The Associated Press reports “Though Russia is the country that invaded its neighbor Ukraine, the Kremlin’s version relentlessly warns social media users across Latin America that the U.S. is the bigger problem. “Never forget who is the real threat to the world,” reads a headline, translated here from Spanish. The article, originally posted in late February on Twitter by RT en Español, is intended for an audience half a world away from the fighting in Kyiv and Mariupol.”

Russia aims Ukraine disinformation at Spanish speakers

 

Cybersecurity

 

ZDNet reports “The US Federal Government's latest attempt to create a centralized office for cybersecurity within a major agency will also be tasked with exploring economic and policy concerns within cyberspace.”

US Bureau of Cyberspace and Digital Policy officially commences operations

 

TechRepublic has this discouraging bit of news:

Developers do not view application security as a top priority, study finds

 

They also have:

5 tools to make encryption key management easier

 

GitHub shows us:

How Dependabot empowers you to keep your projects secure

They also have:

Prevent the introduction of known vulnerabilities into your code

 

More

 

The NewStack shares this from Caleb Porzion “It was at this point that he came up with the idea for Alpine.js, the minimalist framework that puts JavaScript behavior directly in your markup, which would offer some of the interactivity of Vue.js without any of the complexity.

“Alpine is the modern jQuery, that’s my vision for it,” Porzio explained in an interview. “When I started in web development, jQuery was what you did to sprinkle in stuff on your front end. Your whole front end wasn’t driven by a frontend framework, it was driven by something like Rails. I still like to write web apps that way. I’ve come full circle, I did the whole SPA thing and there’s nothing wrong with it, per se, but for a lot of use cases it’s just way too much complexity.”

Alpine.js Brings JavaScript Interactivity without Complexity to HTML

 

Infoworld notes “SQLite is embedded everywhere. Will Postgres follow suit?”

Postgres everywhere

 

Docker discusses:

Getting Started with Docker Desktop

They also have:

CTO Chat: Overcoming the Developer Experience Gap (feat. RedMonk & Flow.io)

 

VSCode writes ”The Visual Studio Code team has used this insight as the heart of their research over the years: if we can reduce time spent on overhead, like reading about environment setup, then we can increase productivity time. We have a vision where developers don't have to keep fighting the same battles over and over again. This means a consistent development setup that can handle the never-ending churn of version upgrades, configuration changes, and hardware refreshes.

But what does the path look like to get us there? Let's examine the journey to increase developer productivity that has led us from local development to container-based development, to the cloud.”

Using Containers to move from Local to Remote Development

 

TechCrunch reports “At its Team ’22 conference, Atlassian announced the launch of Atlas, a new service for cross-functional team updates it previously offered as a beta under the name “Team Central.” The service is meant to be a central repository for what teams are working on — with those updates limited to a Twitter-like 280 characters.”

Atlassian launches Atlas to improve team alignment

 

Sule-Balogun Olanrewaju Ganiu says, “This article will teach you an alternative approach to testing client APIs using Thunder Client, an open-source extension available on  VS Code marketplace.”

Thunder Client – An Alternative Way to Test Restful APIs

 

That's it for this week. Thanks for making it to the end of another edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.

 

Please share this post. :) Also, be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early). And follow us on Twitter at @symfonfystation.

 

Do you own or work for an organization that would be interested in our promotion opportunities? If so, please contact us. We’re in our infancy so it’s extra economical. ;)

 

More importantly, if you are a Ukrainian company with coding-related products, we can provide you with free promotion on our Support Ukraine page. Or if you know of one, get in touch.

 

Keep going Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Symfony Station Communiqué - 1 April 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communiqué. It's your weekly review of the most essential news in the Symfony and PHP development communities.

Again, we cover tech aspects of the war crimes going on in Ukraine and how you can help.

Take your time and enjoy the items most valuable to you.

Thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

Please note that links will open in a new browser window. My opinions will be in bold.

 

Symfony

 

As always, we will start with the official news from Symfony.

Highlight -> “This week, Symfony development activity focused on fixing bugs, especially on the HttpClient component, and polishing the new features of the upcoming Symfony 6.1 version, such as the new local switcher. Meanwhile, SymfonyLive Paris 2022 conference is coming in just two weeks and SymfonyCon Disneyland Paris 2022 conference announced the last days of its early-bird discounts.

A Week of Symfony #795 (21-27 March 2022)

 

They also say:

See you next week at SymfonyLive Paris 2022 conference

 

SymfonyCasts continues their free look at Symfony 6 and the Easy Admin paid courses.

This week on SymfonyCasts

 

Platform.sh announced:

We’re changing the way development environment URLs are generated

 

Featured Item

 

Feature Item graphic

 

Thoughtworks notes a lack of thought by some. “We don't see teams making that trade-off analysis, blindly accepting the complexity of SPAs by default even when the business needs don't justify it. Indeed, we've started to notice that many newer developers aren't even aware of an alternative approach, as they've spent their entire career in a framework like React. We believe that many websites will benefit from the simplicity of server-side logic, and we're encouraged by techniques like Hotwire that help close the gap on user experience.”

 

SPA by default

 

Symfony and StimulusUX people.

 

This Week

 

I know I’ve shared many of these, but this one is in Spanish.

Laravel vs Symfony, ¿cuál elegir?

 

Les-Tilleuls.coop says in French, “we're fond of DDD tactical patterns! In this structural approach, we must divide and prioritize our code into three main layers: Infrastructure, Domain & Application. However, the same idea can be expressed and defined in several areas, for example, if I design a forum module as well as a real-time discussion module. In both domains, I will have a public template whose class is named 'Message', each using its own namespace: 'App\Domain\Forum\Model\Message' and 'App\Domain\Chat\Model\Message'.”

How do I make resources with the same name coexist from two different domains with API Platform?

 

Bernard NG thinks “it is preferable to use XML mapping when doing DDD.”

DDD With Symfony : How to configure Doctrine XML Mapping

 

Matthias Noback had a different take back in May of 2020.

DDD and your database

 

Michał Romańczuk has a very detailed case study of converting a nightmare legacy project to Symfony by using the Strangler Pattern.

Strangler Pattern in practice

 

Hatem Ben Yacoub has a review of a TYPO3 handbook.

The TYPO3 Guidebook reviewed. Understand and Use TYPO3 CMS.

 

You can learn more about Symfony-based CMSs like TYPO3 and Drupal here.

 

Specbee writes “Data. Files. They’re what make up your website. And how you store and serve them can make all the difference for user experience. Obviously, cloud storage has changed the way we look at and manage data. Today, we’re going to walk through one of the more popular options for Drupal websites. S3 (Simple Storage Service) is the cloud storage service provided by AWS (Amazon Web Services) and it has been providing durable, secure, and scalable cloud storage for many industries.”

How to store and serve files from Amazon S3 on your Drupal website

 

Louis Nagtegaal shows us how to handle:

Drupal Migrations in ddev

 

Timeless

Inspector logo

Sponsored Article

 

We published our third sponsored article on Symfony Station exploring how to Implement Code Execution Monitoring for your Symfony apps via Inspector. Like all our articles it is now available via audio.

 

How to Implement Code Execution Monitoring for your Symfony apps via Inspector

 

All sponsored articles are for products we have vetted and stand behind. We either use them or would do so if they applied to the Symfony Station site.

 

PHP logo

PHP

 

This week

 

The PHP Foundation published its March Newsletter.

PHP Foundation Newsletter

 

And PHP Architect published its April Issue.

php[architect] April 2022

 

Jonathan Bossenger writes “Ever since I discovered how to configure PhpStorm with Xdebug for debugging, it’s been my go-to solution for hunting down difficult to reproduce bugs. What I didn’t know until very recently was that it’s also possible to debug JavaScript using the same setup, which blew my mind!”

Debugging React, JavaScript, and PHP at the Same Time With PhpStorm

 

Bobby Jack notes “Bitmasks are as old as computing itself and, admittedly, were more useful in the days of memory scarcity and low-level programming. But there’s nothing to stop you from using them today, when appropriate. PHP makes use of bitmasks in many of its built-in functions.”

How to use bitmasks in PHP

 

Amplitudo asks:

Why are we using sessions in PHP?

 

Italo Baeza Cabrera writes “PHPUnit is a very complete testing suite, and with Mockery is even better. Most of the assertions are covered: data in arrays, strings inside strings, classes instances, and so on. Even so, PHPUnit is not perfect, and for your project, you may need a “custom” assertion. For example, I just stumbled upon the need to create a simple assertion to check if a class extending other contains a given variable set of methods.”

PHPUnit: Making your own assertion

 

Thomas Dutrion says, “Things in computing science are sometimes complex… And I consider myself a fervent proponent of self-descriptive code to limit complexity. I won’t get back on why you should unit test at least some of your code, nor will I spend time teaching how to write unit tests in this article. I will consider that all of you are ok with these concepts and implementations. Examples will be based on a PHPUnit implementation.”

Unit tests and data providers, the readable way

 

Code and Deploy shows us how to:

Sanitize Input using PHP

 

Hicham Ben Kachoud has a quick look at the S in SOLID programming.

SRP: Single Responsibility Principle

He also examines the L.

LSP: Liskov Substitution Principle

 

And regarding SOLID’s D, Guy Erez explains:

Dependency Inversion vs. Dependency Injection

This is very useful.

 

Joseph Bielawski has “A short explanation of the Bus Factor and how to hold its score at safe levels.”

What happens if your development team is hit by a bus?

 

Last Week

 

Dimitrios Lytras says, “While I wasn't paying attention, PHP got quite good.”

Modern PHP

 

Brent writes “Generics in PHP. I know I’d want them. And I know a lot of developers who agree. On the other hand, there is a group of PHP programmers, maybe even larger, that say they don’t know what generics are, or why they should care. I’m going to do a series on this blog about generics and PHP. We’ll start from the beginning, but quickly work our way to the more complex topics. We’ll talk about what generics are, why PHP doesn’t support them, and what’s possible in the future.”

Generics in PHP: The basics

 

Golems notes “What does $this mean in PHP and similar questions are increasingly appearing on the Internet. StackOverflow is also bombarded with questions about this variable. Let's find out everything related to dynamic PHP access object property with $this and break it down with examples.”

Dynamically Access PHP Object Properties with $This

 

If you ever need an extensive PHP explainer article to share, Visualwebz has you covered.

A Bit About PHP

Code logo

Other

 

Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).

 

The cyber response to Russia’s War Crimes

 

The Next Web reports “For weeks, Russia’s military assault on Ukraine has been complemented by full-fledged information warfare. The Kremlin has propagandized Russian state media, and is trying to control the narrative online too. We’ve seen a bombardment of “imposter content” circulating – including fake news reports and deep-fake videos – while Ukrainians and the rest of the world have scrambled to find ways to tell the real story of the invasion. The instant messaging app Telegram has surfaced as one of the most important channels through which to do so. But what is it about Telegram that has millions flocking to it amid the chaos?”

Why Ukrainians are turning to Telegram during the war

 

The New Zealand Herald reports “Ukraine has claimed to have uncovered the identities of more than 600 Russian spies in what has been described as a significant blow to President Vladimir Putin's espionage efforts. Officials in the war-torn country allege the unmasked individuals were carrying out "criminal" activity across Europe. The Main Intelligence Directorate of Ukraine released a slew of personal details of hundreds of alleged agents working for the FSB.”

600 Russian spies busted in huge blow to Moscow's espionage war

 

Daniel Johnson reveals:

The real reason Ukraine's information war is so successful

 

This was long overdue.

Kaspersky Named First Russian Company on Security Risk List

 

The Washington Post writes “As the U.S.-funded broadcaster is forced to shut most of its Russian operations, its Web traffic indicates that Russian people are eagerly consuming its stories.”

The Kremlin tries to stifle Radio Free Europe — and its audience surges

 

Lawfare.org reports “Companies like Meta, Google, Apple, Microsoft, Twitter and even TikTok increasingly recognize that they cannot afford to sit geopolitical crises out. The war in Ukraine is the most dramatic instance yet of platforms’ geopolitical turn—their growing engagement with security and geopolitical challenges incidental to their business operations. Platforms came a lot more prepared for the war in Ukraine compared to previous major geopolitical inflection points. They have coordinated their actions with Western governments and other international actors leading the charge against Russia.”

Platforms at War

 

The Evil Empire Strikes Back

 

Russian hackers appear to be more competent than their generals and soldiers.

Russian military reportedly hacked into European satellites at start of Ukraine war

 

ZDNet reports that:

Multiple hacking groups are using the war in Ukraine as a lure in phishing attempts

 

The Intercept reports “Internal chat logs leaked from the notorious Russian ransomware gang Conti reveal unfiltered conversations between ultranationalist hackers in which they repeat Russian President Vladimir Putin’s conspiratorial lies about Ukraine, discuss the impact of early Western sanctions against their country, and make antisemitic comments about Ukraine’s Jewish president.”

Leaked Chats Show Russian Ransomware Gang Discussing Putin’s Invasion of Ukraine

 

Cybersecurity

 

Richard Forno writes “I and other researchers at the University of Maryland, Baltimore County have studied the cybersecurity preparedness of the United States over 90,000 local government entities. As part of our analysis, working with the International City/County Management Association, we polled local government chief security officers about their cybersecurity preparedness. The results are both expected and alarming.”

Hackers are targeting US local governments — and it’s time to fight back

 

Michael Usiagwu shares “The recent increase in the severity and sophistication of cyberattacks in recent years may just signal an essential, albeit overdue, turning point in cybersecurity. The clamor by security practitioners concerning the securing of cloud technology by use of technology like Zero Trust by enterprises and organizations has never been louder, and it’s not hard to see why.”

Zero Trust — The Silver Lining to Cloud Cyber Attacks

 

GitHub notes “Securing your projects is no easy task, but end-to-end supply chain security is more top of mind than ever. We’ve seen bad actors expand their focus to taking over user accounts, commonly used dependencies, and also build systems. Defending against these attacks is hard because there’s no one thing you can do to protect your project end-to-end.

To help you defend against these attacks, we created new guides in our Docs that cover how to get started securing your end-to-end supply chain.”

How to secure your end-to-end supply chain on GitHub

 

More

 

Rachel Lawson @rachel_norfolk says on Twitter, “If you are mining bitcoin in Europe then you are using up energy that could otherwise be heating people’s homes. You are directly helping Putin’s invasion of Ukraine by making it harder to apply sanctions on energy coming from Russia.”

 

On a related note, The Guardian reports a “campaign, called Change the Code Not the Climate and coordinated by Environmental Working Group is calling on bitcoin to change the way bitcoins are mined in order to tackle its outsized carbon footprint. The software code that bitcoin uses – known as “proof of work” – requires the use of massive computer arrays to validate and secure transactions. Rival cryptocurrency Etherium is shifting to another system – “proof of stake” – that it believes will reduce its energy use by 99%.

Climate groups say a change in coding can reduce bitcoin energy consumption by 99%

 

Wired opines “A string of “sabotage” incidents in open source software is reigniting discussions of how to safeguard projects that underpin digital platforms and networks around the world. Many of the recent incidents have been dubbed “protestware” because they relate to open source developers making code changes to express support for Ukraine amidst Russia's invasion and ongoing attack of the country.”

The Fragile Open Source Ecosystem Isn’t Ready for ‘Protestware’

 

Docker announced Extensions.

Docker Extensions Preview

 

GitHub shows us how to:

Save time with partial re-runs in GitHub Actions

 

They also announced CoPilot Labs. A VS Code extension for experimental applications of Copilot.

GitHub Copilot Labs

 

Jonas Ulrich writes “We're still wasting massive amounts of valuable development cycles in the frontend world by working in silos, or by to at least some extent reinventing the wheel for every project. Results suffer in the process, impacting real-world results for users and content creators alike. How did we get here, and what could a way forward look like? How we've already come a long way, and why still (so far) even Jamstack hasn't been the sole answer, either...”

Unlocking the frontend - a call for standardizing component APIs pt.1

 

UX Tools notes “The term “user error” implies that it’s the user’s fault when they do something wrong. But in the vast majority of cases, the fault actually rests with the designer for having created an interface that is confusing or makes it too easy for the user to make a mistake. The solution to user errors is not to blame the user or try to train the mistakes out of them. The solution is to redesign the product in such a way that it prevents errors from occurring in the first place.’

How Designers Can Prevent User Errors

 

Louis Lazarus says, “there is a whole bunch of lesser-used attributes that I was sure I’d forgotten about, and probably a whole bunch of attributes I didn’t even know existed. This post is the result of my research, and I hope you’ll find some of these useful to you, as you build HTML pages in the coming months.”

Those HTML Attributes You Never Use

 

That's it for this week. Thanks for making it to the end of another edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.

Please share this post. :) Also, be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early). And follow us on Twitter at @symfonfystation.

Do you own or work for an organization that would be interested in our promotion opportunities? If so, please contact us. We’re in our infancy so it’s extra economical. ;)

More importantly, if you are a Ukrainian company with coding-related products, we can provide you with free promotion on our Support Ukraine page. Or if you know of one, get in touch.

Keep going Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Symfony Station Communiqué - 25 March 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communiqué. It's your weekly review of the most essential news in the Symfony and PHP development communities.

We again cover the tech aspects of the war crimes going on in Ukraine and how you can help. Symfony news was light this week, so we’ve added extra Drupal and cybersecurity coverage.

Take your time and enjoy the items most valuable for you.

Thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

Please note that links will open in a new browser window. My opinions will be in bold.

 

Symfony

 

As always, we will start with the official news from Symfony.

Highlight -> “This week, Symfony announced the merging of SymfonyCloud into Platform.sh. In addition, SymfonyCasts published the new (and free) Symfony 6 video tutorials. Finally, SymfonyCon Disneyland Paris 2022 conference announced the end of its early bird registration period.”

A Week of Symfony #794 (14-20 March 2022)

 

They also announced there’s:

1 week left before the end of early bird registration for SymfonyCon Disneyland Paris 2022

 

SymfonyCasts continues their free look at Symfony 6 and the Easy Admin paid courses.

This week on SymfonyCasts

 

Featured Item

 

Feature Item graphic

 

It’s long past time to make your Symfony applications as secure as possible.

As should be obvious to anyone not living under a rock, cybersecurity is critical. This has always been the case, but it’s even more important now thanks to the Russian war crimes in Ukraine.

The potential for a cyber-war has never been higher. As Russia struggles with illegally occupying Ukraine it may lash out with cyber-attacks against anyone supporting the Ukrainian nation.

Russia’s fellow rogue state allies, Belarus, Iran, North Korea, and China, could increase their current efforts. Plus, many cyber-criminal gangs are based in these countries.

 

Examine the Reassuringly Robust Flexibility and Extensibility of Symfony Security

 

This is the most important, original content Symfony Station has created to date so please be sure to read it.

 

This week

 

Jolicode writes “Once upon a time, a developer was asked to move a form from one application to another. The source application was a Symfony app. The target application was WordPress, the CMS that runs the Web.

 

Follow us in that journey that will take you to the edge of what is possible and what should not be done, but most importantly it will show you how to use the full power of Symfony Form inside the WordPress CMS.”

Using Symfony Form in WordPress

 

Prestaconcept shows us “how to cut out your code that has become too complex with the decorator pattern, using Symfony.”

Le pattern Décorateur avec Symfony

 

Rajesh Bhimani says, “Drupal 10 is coming soon. Are you ready for this new version? Are wondering since Drupal 9 is quite new, why is Drupal 10 being released? There are a few practical reasons for Drupal 10 early release, which we will discuss in this article. But before it arrives, we have to get prepared for it.”

Hint - It’s tightly tied to Symfony 6.

Are you ready to upgrade to Drupal 10? Know how to prepare for the upcoming update!

 

Evolving Web “Drupal's API-enabled architecture opens up infinite possibilities for a decoupled Drupal, separating its back-end CMS from its front-end theming system and giving us the tools to use our Drupal installation as a content hub for various technologies and applications.”

This two-part series should apply to straight Symfony in general.

Building Decoupled Drupal - Part 1

 

Building Decoupled Drupal - Part 2

 

Vishwa Chikate shows us “how to mock the global Drupal object when writing unit test cases for the custom code.”

Drupal 8/9: Unit Test cases mocking the global Drupal object and Services

 

He also has:

REST API: How we implement resource handlers for PATCH req:

 

Jacob Rockowitz notes “Recently, I shared a guide for auditing, reviewing, and improving a Drupal module. I suggested that developers experiment with the drush generate command, which uses the Drupal Code Generator to help gain an overall understanding of the potential architecture of a Drupal module. Here I put my recommendation to the test by generating an example module using the Drupal Code Generator library."

Understanding the architecture of a Drupal module using the Drupal Code Generator library (a.k.a. the drush generate command)

 

Nicolas Pennec says, “Drupal is an open-source content management platform powering millions of websites and applications. Here we will see how you can easily deploy a simple Drupal website on Docker to the cloud with ScaleDynamics.”

How to deploy Drupal on cloud with Docker

 

Timeless

Inspector logo

Sponsored Article

 

We published our third sponsored article on Symfony Station exploring how to Implement Code Execution Monitoring for your Symfony apps via Inspector. Like all our articles it is now available via audio.

 

How to Implement Code Execution Monitoring for your Symfony apps via Inspector

 

All sponsored articles are for products we have vetted and stand behind. We either use them or would do so if they applied to the Symfony Station site.

 

PHP logo

PHP

 

This week

 

Nabila Khansa writes “Clean code plays a major role in the understandability of a code, along with its readability, changeability, extensibility, and maintainability. It is vital for building a successful and maintainable product, especially when you are part of a developer team. You should always think about the next person who will maintain your code.”

Let’s Take Out the Trash: Writing Cleaner Code

 

Victor Todoran notes “Ever since the release of PHP 8.0 all I’ve been hearing is constructor property promotion. It’s a neat little trick and I like it, though it wasn’t of much help when I started work on PHP 8 compatibility. This article is a high-level overview meant to show you some of the things you need to look into before you can upgrade to PHP 8 and to encourage you to research the topic on your own.”

Migrating From PHP 7.4 to PHP 8.0

 

There are many PHP 8 articles, but this one directly compares code examples from 7 and ones refactored with 8.

What’s New in PHP 8.1?

 

Tomasz Dobrowolski says, “Functions are fundamental to writing code, making it vital that you write them well. Well-written functions make your code efficient, easy to read and reduce the chance of errors. Here is a list of advice on writing good functions with PHP examples.”

10 Ways to Use Functions in Your Code to Become a Better PHP Developer

 

Brent is back and writes “Collections; they are probably the easiest way to explain what generics are about, but they also are the example that everyone talks about when discussing generics. It’s not uncommon for people to think that “generics” and “collections with a type” are the same thing. That’s definitely not the case.”

Generics in depth

 

This tutorial shows us how to work with files in PHP.

PHP File — Open/Read/Write/Close

 

Italo Baeza Cabrera notes “If you want a free and simple route to host a private package in Github and download it to your project, there is one.”

PHP: Use your private repository in Composer, without SSH keys

 

Vitalii Marenkov says, “Domain-driven design advises to create aggregates and other complicated objects in factories. In PHP we can define constructor as private or protected and then the object can be created only in a factory method in the class itself. But it violates the single-responsibility principle. Is there another way?”

Forbidding of creating objects outside factory in PHP

 

This one is self-explanatory:

Open Swoole 4.11.0 released with HTTP2 improvements, PHP GRPC server, bug fixes, and more

 

Frank Prins writes “The last few months I’ve been working a lot on optimizing our Gitlab pipelines for a large private codebase to keep the runtime of them below 4 minutes. As there is not a lot of info about optimizing Gitlab pipelines for PHP projects in general, I decided it was time to change that. As there is a lot to unpack here, this will be the third in a multipart series.”

Optimizing Gitlab pipelines - PHPStan (3)

 

Pascal Landau says, “In the fourth part of this tutorial series on developing PHP on Docker we will revisit the previous tutorials and update some things to be up-to-date in 2022.”

Docker from scratch for PHP 8.1 Applications in 2022

 

Beau Beauchamp notes “Now you can add self-updating elegance to your downloadable applications using a WordPress-style update utility using JavaScript, PHP, Composer and GitHub.”

Add A WordPress-Style Update Utility To Any Application

Code logo

Other

 

Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).

 

The cyber response to Russia’s War Crimes

 

TechCrunch opines “Russia's current talent outflow might well be the last wave of its chronic brain drain stretching back decades.”

Tech talent flees Russia as Western sanctions bite

 

Venture Beat notes “Vera Chernysh is the СЕО and managing editor of the three largest technology and business news publications in Ukraine —  MC.today, ITC.UA,  and Highload. Chernysh and her husband, Timur Vorona, who run and manage the news outlets together, made the business decision to shift the operations of their entire business from covering the latest tech trends to war and survival reporting.”

Ukrainian tech publications pivot to cover the war and provide survival advice

 

FP reports “Russia’s communications systems are failing at higher-than-expected rates during the nearly monthlong war in Ukraine, U.S. and European officials and experts said, forcing invading troops in the field to rely on open systems that can be readily intercepted by Ukrainian forces.”

‘The Ukrainians Are Listening’: Russia’s Military Radios Are Getting Owned

 

In other communications news CNBC reports “SpaceX has sent “thousands” of Starlink satellite internet kits...which come with an antenna, a mounting tripod and a Wi-Fi router to Ukraine shortly after Russia invaded. Ukrainians can use the Starlink kits to connect directly to SpaceX’s network in orbit, with the company having launched about 2,000 satellites to date.”

Elon Musk's SpaceX sent thousands of Starlink satellite internet dishes to Ukraine, company's president says

 

WP Tavern reports “WordPress managed hosting company WP Engine has joined Acquia, Fastly, Gatsby, Netlify, and Pantheon to begin booting Russian companies off their platforms.”

WP Engine, Pantheon, and Others Drop Support for Russian Business Customers

 

Fast Company reports “The “Play for Ukraine” game, developed by IT pros in Lviv, crowdsources and gamifies DDOS attacks on Russian websites. It’s already racking up successes.”

This game crowdsources cyberattacks against Russian websites

 

Wired reports “The developer of a popular open-source package has been caught adding malicious code to it, leading to wiped files on computers located in Russia and Belarus. The move was part of a protest that has enraged many users and raised concerns about the safety of free and open-source software.”

A Developer Altered Open-Source Software to Wipe Files in Russia

This is the way not to do it. Indiscriminately. Not yet.

 

Politico quotes President Biden “The more Putin’s back is against the wall, the greater the severity of the tactics he may employ … one of the tools he’s most likely to use in our view, is cyber-attacks...The magnitude of Russia’s cyber capacity is fairly consequential and it’s coming.”

Biden warns Russian cyberattacks 'coming'

 

The Evil Empire Strikes Back

 

Laptop reports “As Russia deploys brute force to invade Ukraine, the US fears that the nation may have another tactic up its sleeves: cyber warfare. On Monday, President Joe Biden warned business leaders about the looming threat of cyber attacks that could cripple US infrastructure.

You may be wondering, "What does cyberwarfare look like and how can it affect me?" Let's take a look at what the experts have to say so that you can keep your data and devices protected in the event of a cyber-attack.”

A Russian cyber-attack may hit the US — how to protect your data and devices

 

Wired also reports “For years, Russia’s cybercrime groups have acted with relative impunity. The Kremlin and local law enforcement have largely turned a blind eye to disruptive ransomware attacks as long as they didn’t target Russian companies. Despite direct pressure on Vladimir Putin to tackle  ransomware groups, they’re still intimately tied to Russia’s interests. A recent leak from one of the most notorious such groups provides a glimpse into the nature of those ties.”

Leaked Ransomware Docs Show Conti Helping Putin From the Shadows

 

The Guardian reports “The US has unveiled criminal charges against four Russian government officials, saying they engaged in two major hacking campaigns between 2012 and 2018 that targeted the global energy sector and affected thousands of computers across 135 countries.”

US charges four Russian hackers over earlier cyber-attacks on global energy sector

 

The Next Web notes “the continued operation of cryptocurrency exchanges in Russia, such as Binance, Yobit, and Local Bitcoins, has been worrying US officials for some time. Even before Russia’s latest invasion of Ukraine, the US Treasury Department warned cryptocurrencies could undermine the sanctions already imposed on Russia over its 2014 annexation invasion of Crimea.”

Russians are using crypto to evade sanctions — but it’s not just the elite

 

So, where is this humanitarian disaster created by evil men leading us? My Master’s Degree is in International Relations, so this deep dive into where the world economy may go from here is quite interesting to me.

Putin and Xi Exposed the Great Illusion of Capitalism

 

Cybersecurity

 

Venture Beat writes “There are a lot of myths surrounding open-source software, but one that continues to permeate conversations is that open source is not as secure as proprietary offerings. At face value, this claim would seem to hold merit as how do you secure a supply chain for a product that is created in an environment where anyone can contribute to it?

But perceptions are changing, as open-source code is running many of the most sophisticated computational workloads known to mankind.”

The risk of undermanaged open-source software

 

The Next Web reports “the communications between thousands of SaaS platforms are also an emerging threat to corporate cybersecurity. Most existing cybersecurity solutions still do not offer adequate protection or a convenient way to monitor the communications between these apps and platforms, leaving companies vulnerable to cyberattacks and unable to effectively know or control which parties have access to sensitive corporate or personal data.

The next big cybersecurity threat is connected SaaS platforms

 

Digital Ocean says, “IaaS, PaaS, and SaaS are all different options for cloud delivery models. They each have their own pros and cons, and the difference between them is the level of abstraction they offer the end-user.”

IaaS vs. PaaS vs. SaaS: What’s the Difference?

 

ZNet opines “A combination of resourcing, government initiatives, and innovation will mean some organizations are able to handle cyber threats in real-time -- and then there is everyone else.”

We are headed for an ecosystem of cyber haves and cyber nots

 

More

 

The New Stack reports “HTML over-the-wire has been picking up steam as a more straightforward way to create web applications, without needing to use as much JavaScript. It works by sending HTML, and not JSON, “over the wire.” Now a new “unobtrusive JavaScript framework” called Unpoly has emerged as a contender to Basecamp’s HTML over-the-wire framework, Hotwire. Unpoly promises “fast and flexible frontends for server-rendered HTML views.”

JavaScript Framework Unpoly and the HTML Over-the-Wire Trend

This is comparable to Symfony’s StimulusUX which is based on Hotwire.

 

StoryLab exclaims “All the coding has been completed and it’s (almost) perfect. So, now what? - How do we make sure it stays (almost) perfect? - Is linting ok? - Are all tests passing? - Do we have all builds (versions) archives? - And… all above for all our 19 (nineteen, in words) GitHub repositories!”

3, 2, 1 and Action - Github Action

 

Time reports “as crypto has soared in value and volume, Vitalik Buterin has watched the world he created evolve with a mixture of pride and dread. Ethereum has made a handful of white men unfathomably rich, pumped pollutants into the air, and emerged as a vehicle for tax evasion, money laundering, and mind-boggling scams. “Crypto itself has a lot of dystopian potential if implemented wrong,” the Russian-born Canadian explains.”

The Man Behind Ethereum Is Worried About Crypto's Future

 

TechCrunch reports “In a formalization of an earlier Twitter-led push to try to exert influence over fast-forming European digital regulations, the social media firm has used its Twitter Spaces platform to host the official kick-off of a policy advocacy lobby group that’s being branded the Open Internet Alliance (OIA). Alongside Twitter, video streaming platform Vimeo; Automattic, the company behind WordPress.com, WooCommerce and Tumblr; the Czech and Slovak-focused search engine company, Seznam; and Jodel, a Berlin-based (profile-less) social network, are named as founding members.”

Twitter leads call for EU lawmakers to 'think beyond Big Tech'

 

That's it for this week. Thanks for making it to the end of another edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.

 

Please share this post. :) Be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early). And follow us on Twitter at @symfonfystation.

 

Do you own or work for an organization that would be interested in our promotion opportunities? If so, please contact us. We’re in our infancy so it’s extra economical. ;)

 

More importantly, if you are a Ukrainian company with coding-related products, we can provide you with free promotion on our Support Ukraine page. Or if you know of one, get in touch.

 

Keep going Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Symfony Station Communiqué - 18 March 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communiqué. It's your weekly review of the most essential news in the Symfony and PHP development communities.

This week, we again cover tech aspects of the war crimes going on in Ukraine and how you can help.

Take your time and enjoy the items most valuable for you.

Thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

Please note that links will open in a new browser window. My opinions will be in bold.

 

Symfony

 

As always, we will start with the official news from Symfony.

Highlight -> “This week, Symfony development focused on fixing bugs and finishing new features for the upcoming Symfony 6.1 version. One of those new features is a button to copy requests as cURL commands in the Symfony Profiler. Meanwhile, the SymfonyLive Paris 2022 conference, which will take place in just 4 weeks, announced its complete workshop and talk schedule.

A Week of Symfony #793 (7-13 March 2022) (Symfony Blog)

 

Early bird registration for SymfonyCon Disneyland Paris 2022 ends on March 31st

 

Unsurprisingly after the recent merger they announced:

Symfony in the Cloud: Platform.sh becomes the official Symfony PaaS

 

Fabien Potencier asks “How can you get started with Symfony 6? What are the best resources to learn Symfony? How can I learn about the latest best practices? Those are legitimate questions I get from the community.”

Get started with Symfony 6

 

SymfonyCast has started a new course on Symfony 6!

This week on SymfonyCasts

 

Elise Hamimi reports “As the creator of Symfony, SensioLabs strengthens its relationship with its long-time partner in the US: Unleashed Technologies. This strategic partnership is the result of successful joint projects with Unleashed Technologies. In 2022, SensioLabs and Unleashed Technologies are speeding up to better serve American users of Symfony.

SensioLabs strengthens its partnership with Unleashed Technologies

She also has:

Learn how to migrate to the PHP framework Symfony

 

Featured Item

 

Featured Item Graphic

 

Forbes writes Ukraine’s IT pros are “ fixing internet in bombed-out buildings, finding rogue operators providing Russians with mobile connections and thwarting hackers. The telecom companies of Ukraine and their employees are being hailed as heroes in the war.”

Bombs And Hackers Are Battering Ukraine’s Internet Providers. ‘Hidden Heroes’ Risk Their Lives To Keep Their Country Online

 

If these heroes can do this, we can do more ourselves to stand with Ukraine and protect democratic values.

 

This Week

 

Sergii Demianchuk writes “welcome to the second article devoted to the theme:  “How to work with ElasticSearch using Symfony PHP framework”. Here we will prepare our local environment for further development. As you remember from Part 1 we have to create a web server, microservice application, and Elasticsearch as standalone docker containers.”

Symfony, Elasticsearch, and Docker environment

 

Michał Romańczuk notes “There are many tools for static PHP code analysis, but one of the most popular is PHPStan. It may be due to its ease of use, versatility and the possibility of using many extensions for example to Symfony, Doctrine, Elasticsearch, Monolog, Guzzle, etc.”

Using PHPStan with Symfony - static analysis for better PHP code quality

 

Fabien Lemoine show us “How to combine the power of the Symfony Mailer component with the features offered by an email provider.”

Envoyer des e-mails transactionnels avec un service tiers sous Symfony

 

Mchojrin takes a look at how to handle exceptions in Rest APIs with Symfony. It’s in Spanish.

Cómo manejar las excepciones en API Rest con Symfony

 

Webkul writes “PrestaShop employs various types of cache such as Smarty, assets (CSS/JS), XML cache, etc. It also provides ways to clear individual cache types from our module. So in this blog, we will discuss how we can clear PrestaShop cache in module code.”

Clear PrestaShop Cache in module

They also have:

Custom Events and Event Subscribers in Symfony

 

Sylius notes “Since the very beginning of Sylius’ existence, our philosophy was to focus on our domain and not reinvent the wheel. That’s why Sylius is entirely based on Symfony which gave us a solid foundation to build specific e-commerce bundles within the already existing and highly standardized framework.

Following the very same core idea, Sylius never intended to solve problems of other domains. There are wonderful tools in different categories, which allows us to focus on what we know best – the e-commerce domain.”

Why best-of-breed is the best thing that can happen to your mid-market e-commerce?

I agree that unless you have a small and simple application, best-of-breed is the way to go for your stack.

 

Joseph Ndedde Udonsak writes “Recently, I was working on a feature and needed to generate and mail a PDF document whenever a payment was made. I dispatched a Message and in the message handler, I used the KNP Snappy Bundle to generate a PDF from a twig template. It was pretty straightforward (or so I thought) until I saw the mayhem that had been let loose in my failed transport.

Today I Learned — Twig and Services

He also has:

How to inject multiple instances of an interface in a service

 

The Drop Times has an interview with Drupal’s founder with some interesting takes on headless and low code.

Dries Buytaert: Low Code No Code Adoption Good for Drupal

 

And speaking of headless Drupal here’s an article and a solution taking a look.

Five basic things I’ve learned using GraphQL in Drupal

 

The future of Drupal is headless

Dries disagrees with the headless opinion and so do I. That applies to WordPress as well.

 

Ryan Szrama writes “We've long recommended Swift Mailer for formatting and sending HTML emails from Drupal Commerce. Symfony announced the project's deprecation late last year, recommending folks switch to using the 3-year-old Symfony Mailer instead after they brought it up to full feature parity with the Swift Mailer library.

Fortunately, there's a module for that!”

Replace Swift Mailer with Symfony Mailer for HTML email

 

Timeless

Inspector Logo

Sponsored Article

 

We published our third sponsored article on Symfony Station exploring how to Implement Code Execution Monitoring for your Symfony apps via Inspector. Like all our articles it is now available via audio.

 

How to Implement Code Execution Monitoring for your Symfony apps via Inspector

 

All sponsored articles are for products we have vetted and stand behind. We either use them or would do so if they applied to the Symfony Station site.

PHP logo

PHP

 

This week

 

Dariusz Gafka writes “We often need to schedule the execution of given business functionality in our applications. The timing depends on what we want to achieve. It may be monthly executed invoices or notifications sent after the user was registered on the website. And in this article, we will deep into different ways of scheduling execution in PHP.”

Scheduling Execution in PHP

 

PHPStan asks:

What's Up With @template-covariant?

They also look at:

Generics By Examples

 

Digital Ocean shows us:

How To Use Functions in PHP

 

Gaurav Makhecha says, “Thanks to the PSR-4 autoloading, we can define the namespaces prefix and their corresponding base directories.”

PHP Namespaces are not the same as the Directory Structure

 

Marcin Szydlowski writes “I have recently spotted an interesting vulnerability in a PHP application, which was in the scope of a private bug bounty program. This vulnerability has nothing to do with standard web app issues like SQLi, XSS, or IDOR, hence despite relatively small impact I decided to write about it.”

Insecure comparison in PHP — Business Logic Bypass vulnerability

 

Brent Roose & Freek Van der Herte are starting a series of posts with tips for writing clean PHP. They’re from a course the duo offers.

Code that breathes

 

Joshua Otwell says, “I'm sharing my 5 favorite Programming/Developer newsletters that I think you should read too.”

5 Developer/Programming Newsletters You Should Be Reading

There are good SQL and PHP choices on the list.

 

Meet Simseck states “I’d like to talk about Swoole in this article but it won’t be covering the cumbersome processes such as installing, configuring, using, and so on. I’d like to cover the philosophy behind it. Why do we need it in the PHP world? Which scenarios are the best to use this kind of external package/extension?”

Let’s Tackle PHP Swoole Solemnly

Code Logo

Other

 

Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).

 

The cyber response to Russia’s War Crimes

 

MarketWatch writes “One reason that some military analysts and Russia experts believe may have contributed to Putin miscalculating his chances of a quick victory, or his ability to outlast the Ukrainians, is that he underestimated the efficacy of Western sanctions in sapping Russia’s power to wage war, specifically by denying it access to critical technologies.”

Putin tried to create a homegrown tech industry. His failure could be key to a Russian defeat, experts say

 

The Hill notes “With the assistance of the West, Ukraine has become more resilient since the initial cyberattacks, especially given that it is uniquely vulnerable to Russian attacks since most of its infrastructure was built by Moscow during the Soviet era.”

US and EU cyber investments in Ukraine pay off amid war

 

Reface, a synthetic media app that’s developed out of Ukraine has added push notifications informing its ~200 million-strong global user-base about Russia’s invasion of the country — urging people to #StandWithUkraine, including by watermarking face-swapped videos created with the app.

Reface, a viral face-swap app from Ukraine adds anti-war push notifications

 

Wired writes, “Within three days of the first missiles falling on Kyiv, Mykhailo Fedorov and his staff launched a public campaign to pressure US tech giants to cut off Russia, began accepting cryptocurrency donations to support Ukraine’s military, secured access to Elon Musk’s Starlink satellite internet service, and began recruiting a volunteer “IT Army” to hack Russian targets. More recent projects include a chatbot for citizens to submit images or videos of Russian troop movements.”

Ukraine’s Digital Ministry Is a Formidable War Machine

 

The Guardian reports “about 300,000 people have signed up to a group on the chat app Telegram called “IT Army of Ukraine”, through which participants are assigned tasks designed to take the fight to Vladimir Putin. In so doing, they are trying to level the playing field between one of the world’s (so-called) superpowers and Ukraine as it faces bombardment and invasion.

‘It’s the right thing to do’: the 300,000 volunteer hackers coming together to fight Russia

 

Anonymous continue their efforts.

Anonymous releases 364,000 files about Russia's censorship of invasion

 

They also hit the German subsidiary of Russian energy giant Rosneft with a cyberattackRosneft withal Office for Information Security (BSI) says.

Hackers target German branch of Russian oil giant Rosneft

 

Fast Company reports on how “A group of techies-turned-hackers called the Cyber Partisans are targeting railways carrying Russian troops and exposing a brutal Belarusian regime.”

How hackers in Belarus are complicating Putin’s Ukraine invasion

 

Rest of World asks:

In Ukraine’s cyber-war with Russia, who is a civilian, and what is a war crime?

 

The Wall Street Journal notes “People around the world are using a new website to circumvent the Kremlin’s propaganda machine by sending individual messages about the war in Ukraine to random people in Russia.”

Using a New Cyber Tool, Westerners Have Been Texting Russians About the War in Ukraine

 

The Guardian also notes “Experts say both sides may understand that large-scale cyber-attacks will result in ‘mutually assured destruction of systems’.”

‘Catastrophic’ cyberwar between Ukraine and Russia hasn’t happened (yet), experts say

 

Cybersecurity

 

I thought this would have been a no-brainer but:

Germany warns against using Kaspersky software citing 'considerable' cyber risk after Russia's invasion

 

VentureBeat reports “Cloudflare unveiled a new tool in its suite of security offerings, the Cloudflare API Gateway, which seeks to simplify the protection of increasingly prevalent application programming interfaces (APIs). The solution also aims to feature a significantly lower price point than many of the other API security products now on the market, which could go a long way toward “democratizing” API security for the market.

Cloudflare aims to boost API security with a new gateway

 

On the Public API Network, Postman gathers some of the best APIs to ramp up productivity including Notion (just released to GA!), Peruse Code, and Machine Learning Tools for Developer Professionals.

Build Software Faster with These Productivity APIs

 

This was from a while back but is worth another look. Via Github:

The Open Source Software Security Summit: securing the world’s code together

 

C.S. Rhymes says, “GitHub offers a dependabot service that can let you know of any potential security issues with your dependencies and automatically create a Pull Request for you. This works great without any configuration if you have a repo that contains npm, composer, or gem dependencies, but you may need additional configuration if your lock files aren’t in the root directory, or in separate directories in the case of a monorepo.”

Using GitHub Dependabot with a Monorepo

 

GitHub also has a video exploring “ some of the shortcomings of legacy application security solutions, and share a developer-first approach that can help your organization overcome challenges with an end-to-end security process and improved collaboration.”

Developer-first security: The next step for AppSec

 

If you are having trouble getting cybersecurity buy-in with your CEO or CFO, share this with them. Plus, it’s a good review for anyone.

Cybersecurity: What Every CEO and CFO Should Know

 

More

 

Core DNA writes “We take a close look at the evolution of the CMS platform, specifically, how the management of content has changed and how platforms have been designed to cater for the changing browsers, new channels, and client needs.”

Custom CMS & Backend Frameworks Be Damned

 

Postman asks us to “Explore the World of APIs. Browse the largest network of APIs, workspaces, and collections by developers across the planet.”

Postman API Network

 

Ben Gurney shares an effective way to approach improving the web accessibility of your apps.

My secret to better web accessibility

 

Chris Saxon notes “We all know that many modern apps rely on REST APIs to talk to other services, especially in the cloud. We all know those APIs usually send and receive data using a recent innovation: JavaScript Object Notation (JSON) documents. And we know there are a lot of methods for storing, managing and sharing these documents in your applications.

What many people don’t know is that the best way to manage JSON is with a seemingly ancient tool: the SQL language. Let’s look at why that is and five examples of how to do it.”

Why (and How) You Should Manage JSON with SQL

 

That's it for this week. Thanks for making it to the end of another extended edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.

 

Please share this post. :) Be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early). And follow us on Twitter at @symfonfystation.

 

Do you own or work for an organization that would be interested in our promotion opportunities? If so, please contact us. We’re in our infancy so it’s extra economical. ;)

 

More importantly, if you are a Ukrainian company with coding-related products, we can provide you with free promotion on our Support Ukraine page. Or if you know of one, get in touch.

 

Keep going Symfonistas!

 

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Symfony Station Communiqué - 11 March 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communiqué. It's your weekly review of the most essential news in the Symfony and PHP development communities.

This week, we continue our coverage of the war crimes going on in Ukraine and how you can help. That sparks some cybersecurity coverage as well. There was not much Symfony news so I’m adding in extra Drupal coverage that overlaps with Symfony development.

Take your time and enjoy the items most valuable for you.

 

Thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

 

Please note that links will open in a new browser window. My opinions will be in bold.

 

As always, we will start with the official news from Symfony.

Highlight -> “This week, Symfony 4.4.39, 5.4.6, and 6.0.6 maintenance versions were released. In addition, the entire schedule of the SymfonyLive Paris 2022 conference was published. Finally, Symfony expressed its solidarity with Ukrainian people.”

A Week of Symfony #792 (28 February - 6 March 2022)

 

They also remind us that “the French SymfonyLive conference organized in Paris will be soon here! Join us on April 7th and 8th for 2 days of Symfony talks. Regular pricing ends on March 14th!”

Only 4 weeks left before SymfonyLive Paris 2022

 

SymfonyCasts continues its exploration of EasyAdmin.

This week on SymfonyCasts

 

Featured Item

 

Featured Item graphic

 

A recent Forbes article notes “over one-quarter of U.S. consumers have not taken any steps to protect their digital/online privacy - and that means it is more important than ever for organizations to ensure their software and applications are as bulletproof as possible against bad actors. However, the rapid shift to digital and the fast-paced nature of business in today’s post-pandemic world, coupled with the growing and sophisticated threat landscape, continues to challenge even the most advanced security teams.

Something needs to change, and one company is arguing that the industry requires a new approach to security centered on developers. After all, developers have become the lifeblood of an organization's digital transformation journey - but the faster developers move to bring new applications to market, the greater the chances for flaws or security issues within their code.”

Why the Future of Cybersecurity Rests in Developers’ Hands

 

I wholeheartedly agree with this.

 

This Week

 

Alexandre DuBois asks "is Symfony using some sort of magic to validate inputs?"

Symfony Internals #2: Data Validation

 

Dans français Guillaume Ponty explores 3rd-party authentication with Symfony.

Symfony 6: S’authentifier Avec Google, Facebook, GitHub, …

 

Heddi Nabbisen has this interesting tutorial for us:

EasyAdmin 4 for admin panel based on PHP 8 and Symfony 6: Install and create a sample

 

Andy Blum writes “Following Drupal 8’s ambitious overhaul to “get off the island,” the recommended way to create a new Drupal site is to use composer to manage all PHP dependencies. By now, most Drupal developers will have had a chance to install a new module or update existing modules using composer’s require or update commands, but did you know that you can also use composer to run scripts to interact with your code?”

Add a Composer Script to Your Module or Theme

 

Griffin Polonus writes “PHP 8 includes improvements that show a clear desire to modernize, as well as capabilities of other popular languages that developers will appreciate. Thanks to PHP 8, Drupal 10 can now use tools that will enable continued growth and enhanced performance. Upgrading to PHP 8 will be beneficial to any site running on PHP–however, as a Drupal developer, I’m particularly excited about how this will impact Drupal 10. I’ll highlight some of the benefits that apply to many sites, but especially how it may apply to Drupal.

PHP 7 to 8: Entering the Modern Era of Programming Languages

 

Golems states, “Drush (the Drupal Shell) is one of the most convenient and functional assistants for all Drupal developers. Read on if you're interested in learning how Drupal 9 and Drush work together, what benefits it has, and how easy it is to sanitize data with Drush.”

Drupal 9: Sanitizing Data With Drush

 

Last Month

 

Manish Saharan says, “In this article, we’re going to discuss two such Drupal 8/9 utility tools that have massively simplified and improved the way you work with Drupal code, modules, and installations - Drupal Console (leveraging Symfony Console) and Drush.”

Accelerating Drupal Development with Drupal Console and Drush

 

Timeless

 

As we noted in How Symfony Station was built: an adventurous exploration of layout solutions, the default Drupal admin theme is an eye-destroying abomination. We wrote “Gin is beautiful in comparison. It's clean, cool, and collected with some customization options.” It was built on the foundation of Claro from one of the lead designers of the Claro & Drupal Design System.

Clayton Dewey expounds upon this with, “I’ve seen, time and again, the difference a clean and modern website editing interface can have on both the quantity and quality of site content. When a website’s back-end is frustrating and unappealing to work with, it dissuades the author from posting.” In a multi-post series, he explores the wonders of Gin.

There are a lot of design lessons to pick up in the series. And if you’re a new Drupal user, lessons on how to use it. It’s perfect for larger publishers.

Enhance Your Drupal Website’s Authoring Experience Part 1 - Modernize the Admin Theme with Gin

 

Enhance Your Drupal Website's Authoring Experience Part 2 - Declutter the User Interface

 

Enhance Your Drupal Website’s Authoring Experience Part 3 - Improve the Field User Interface

 

Enhance Your Drupal Website’s Authoring Experience Part 4 - Fine Tune Admin Pages

 

Enhance Your Drupal Website's Authoring Experience Part 5 - Accessibility Tools and Conclusion

 

Note: Drupal is addressing their usability problem with a version of Claro that will be non-experimental for core in v. 10.

 

Inspector logo

Sponsored Article

We published our third sponsored article on Symfony Station exploring how to Implement Code Execution Monitoring for your Symfony apps via Inspector. Like all our articles it is now available via audio.

 

How to Implement Code Execution Monitoring for your Symfony apps via Inspector

 

All sponsored articles are for products we have vetted and stand behind. We either use them or would do so if they were applicable to the Symfony Station site.

 

PHP logo

PHP

 

This week

 

Rafael Bernard Araujo explores Domain-Driven Design in and value object:

Introducing value objects in PHP

 

Tomasz Dobrowolski covers dependency injection and writes, “while it sounds complex, it’s not as scary as it sounds on the surface. And if used correctly, it can transform your code to be cleaner and easier to work with.”

What Is Dependency Injection in PHP and How You Can Use It to Write Better Code

 

Marco Aurélio Deleu says, “I have been working on a new Runtime for Bref for a while now and it has been my biggest open source journey so far. It has been incredibly challenging and a great learning experience. In this post, I want to run through some key aspects that I faced while working on this.”

3 things I learned working on a Bref Runtime

 

Frank de Jonge shows us how to:

Use a message envelope

 

Andreas Heigl takes a look at PHP attributes.

Attributes are awesome

 

Harpreet Kaur notes “Memcache is object storing mechanism which is used to store the results of database queries helping websites to serve pages faster. Memcaching process stores data as key-value pairs in memory so that it can be accessed later. It will be useful in those applications which rely heavily on database queries. Memcaching is going to improve the performance of the application significantly.”

What is Memcache & How to use it in PHP?

 

Ten7 looks at Memcache in Drupal.

Memcache Testing and Proxying

 

Gene Wilburn needed to build a lightweight search functionality. He writes “As I thought about a solution for this small site, I thought of grep, the open-source search utility with a long Unix heritage that can rip through text files to search for words or phrases and show them in context.”

Greppy: A Lightweight Perl/PHP Website Search Engine Based on Grep

 

Jakub Misek says, “Have you heard about the Visual Studio Code for the Web? It's the code editor running in your browser, allowing you to work with your local files, files on your GitHub repositories, or files on Azure. Anywhere.

In the case of the PHP language, it is only suitable for quick edits on small projects, due to its limitations. However, PHP Tools for Visual Studio Code is newly available for VS Code for the Web. All the editor features can now be used in this browser-based development environment.”

PHP IntelliSense on the Web

 

Last Month

 

Alessandro Castellano has a new tutorial and says, “you are going to see how class constructors work in PHP, what happens with class inheritance, and a new PHP 8 feature called “argument promotion”.”

PHP Constructors Explained

 

WPGraphQL notes “Setting up End to End tests for WordPress plugins can be done in several ways (Codeception, Cypress, Ghost Inspector, etc), but lately, the easiest way I’ve found to do this is to use the @wordpress/env and @wordpress/scripts packages, distributed by the team working on the WordPress Block Editor (a.k.a. Gutenberg), along with GitHub Actions.”

Adding End 2 End Tests to WordPress plugins using wp-env and wp-scripts

 

Frank Pins explores Gitlab pipelines in a series of articles.

Optimizing Gitlab pipelines - Basics (1)

 

Optimizing Gitlab pipelines - PHPUnit (2)

Code logo

Other

 

Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).

I think we should all stop doing business with Russian companies. However, many think internet access is an exception. At this point, I am not sure. But Cloudflare is.

Cloudflare won’t cut off Russia, says it “needs more Internet access, not less”

 

It seems that Twitter itself agrees as it has created an onion site for Tor browsers.

Learn more in this Tweet thread

 

And Lumen does not.

Breaking Russia's internet backbone

 

Venture Beat has a report on the Ukrainian IT Army’s offensive.

Ukraine’s IT army is doing well, hitting Russia with ‘cost and chaos’

 

Anonymous continues its assault on Putin’s minions and lackeys.

Anonymous claims it hacked into Russian TVs and showed the true devastation of Putin’s Ukraine invasion

 

Cyber Scoop reports “NATO nations voted unanimously last Friday to admit Ukraine to their Cooperative Cyber Defence Centre of Excellence (CCDCOE), a development which experts said will help Ukraine fight off mounting cyber threats from Russia.”

Ukraine, looking to fortify itself against Russian attacks, admitted to NATO cyber center

 

The free world also needs to kick up its defensive game. Three companies are aiding the effort.

Cloudflare, CrowdStrike, and Ping Identity launch the Critical Infrastructure Defense Project

 

What won’t work is the Ostrich approach.

It's time to stop hoping that cybersecurity problems will just go away

 

One way to defend your site is to block access to it by country. If you don’t have an audience in Russia, you should do so. We do so we aren’t.

How to block access to your website and related services in Russia, PHP 8, and client-side alternatives

 

Tawhid has this security advice for us:

11 Security tips to protect your website

 

As an example of an attack, Nevulo explains XSS. “Cross-site scripting is an attack performed on websites, where an attacker can inject some malicious code or scripts that get executed to modify the behavior of that website.”

What is cross-site scripting (XSS) and how does it work?

 

Harvard Business Review’s Stuart Madnick takes a peek at where this might all lead.

What Russia’s Ongoing Cyberattacks in Ukraine Suggest About the Future of Cyber Warfare

 

Via Fast Company “MacPaw’s Julia Petryk talks about sheltering in an underground parking garage, enduring Russian propaganda, and confronting the emotional toll of the war.” MacPaw is a Ukrainian company we urge you to support.

 

What it’s like to work at a Ukraine tech company during Russia’s invasion

 

Speaking of tech companies:

It took a war for Big Tech to take a side

 

Here are a few articles examining why Putin’s war of terror is not going so well (aside from the fact that most thugs are corrupt, dumb, and incompetent).

Putin Underestimated the Connective Tissue of Capitalism

 

The Strategy That Can Defeat Putin

 

The Spectacular Collapse of Putin’s Disinformation Machinery

 

And now in more encouraging news, here’s a look at the impressive things coming to CSS. Michelle Barker writes “It’s fair to say that we’re in a booming era for CSS right now. As I write this, I notice that many of these new features have some things in common. Yes, they often help us write better, cleaner, and more efficient code.”

New CSS Features In 2022

 

Icons are always useful for UI, UX, and web design. Here’s how to use Font Awesome no matter your dev/design stack.

Now You Can Stop Shoehorning Solutions to Get Icons Working with Your Tech — Font Awesome Matches Your Tool Stack

 

Microsoft made an announcement that will make JavaScript developers happy.

A Proposal for Type Syntax in JavaScript

 

Writing for Forbes, Amir Husain says:

Decentralization Is the Future of Software

 

That's it for this week. Thanks for making it to the end of another extended edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.

 

Please share this post. :) Be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early). And follow us on Twitter at @symfonfystation.

 

Do you own or work for an organization that would be interested in our promotion opportunities? If so, please contact us. We’re in our infancy so it’s extra economical. ;)

 

More importantly, if you are a Ukrainian company with coding-related products, we can provide you with free promotion on our Support Ukraine page. Or if you know of one, get in touch.

 

Keep going Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Symfony Station Communiqué - 4 March 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communiqué. It's your weekly review of the most essential news in the Symfony and PHP development communities. And this week, we also cover the war crimes going on in Ukraine and how you can help. Take your time and enjoy the items most valuable for you.

 

Thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

 

Please note that links will open in a new browser window. My opinions and there are plenty of them, will be in bold.

 

As always, we will start with the official news from Symfony.

Highlight ->“This week, Symfony announced that Symfony 6.1 will require PHP 8.1. This is needed to fix some issues related to PHP preloading. We also decided to extend Symfony 6.0 maintenance by an additional 6 months to give you more time to prepare the migration to PHP 8.1. Finally, Symfony announced the last talks and speakers for the SymfonyLive Paris 2022 conference.”

A Week of Symfony #791 (21-27 February 2022)

 

Several updates were released.

Symfony 6.0.5 released

 

SymfonyCasts has new EasyAdmin tutorials and a link for how to help Ukraine.

This week on SymfonyCasts

 

Discover all the talks, keynotes, and speakers scheduled at the French SymfonyLive conference in Paris on April 7-8 2022.

The entire conference schedule for SymfonyLive Paris 2022 is out

 

Alexandre DuBois and SensioLabs have started a blog series on Medium named Symfony Internals.

Symfony Internals #1: Inside the Framework Configuration

 

And hotel rooms are available for SymfonyCon 2022 in Paris.

Book your hotel room at Disneyland Paris during SymfonyCon Disneyland Paris 2022

 

Featured Item graphic

 

Featured Post

 

This week’s was a no-brainer. Symfony has this on the war crimes in Ukraine:

“I like to say that an Open-Source project is nothing without a user community. You can have the best technical product ever, if nobody is using it, if nobody maintains it, if nobody spreads the word about it, it's useless. It's merely a proprietary project with an Open-Source license attached to it.

Symfony is first and foremost a community.

Today, the Symfony community is under attack.

Ukraine is in the top 10 countries in terms of visitors on this website (about 100.000 unique users during the last year alone). And we can see the traffic drop since last week :(

We have more than 2,000 registered SymfonyConnect users in Ukraine.

The Symfony book is already available in Ukrainian for both Symfony 5.4 and 6.0. It was one of the very first translations available thanks to the hard work of wonderful Ukrainian developers. The PDF book in Ukrainian on Leanpub is now free and it will stay free forever.

If you enjoy watching Symfony videos on SymfonyCasts, you can thank Ryan and Leanna from the US, but also Victor from Ukraine.”

Get the rest with this link.

 

Symfony stands with Ukraine 💙💛

 

I provide my pissed-off take in the Other section below.

 

This week

 

Since Russia has more than its fair share of bad actors and criminals, it’s time to beef up your Symfony Security.

 

Here at Symfony Station, we published a new article reviewing the eCommerce solutions using Symfony.

Exploring the 12 eCommerce Platforms of Symfony

 

Stefan Alletti shows us an “Example of a Symfony application using Domain-Driven Design (DDD) and Command Query Responsibility Segregation (CQRS) principles while keeping the code as simple as possible.”

DDD, Hexagonal Architecture & CQRS with Symfony and Doctrine

 

Akashic Seer is back with this entertaining post.

Symfony Messenger vs EventDispatcher learn more

 

Wooter Carabain tells us “Testing your code is very important as a software developer. It not only helps you prevent bugs when you’re adding or changing features, but a good test suite also gives you and your customers a lot of confidence in the stability of the product.

Testing in Symfony is fairly easy using the Symfony/PHPUnit-bridge package. You’ll write classes containing your tests and run them, no problem. But creating the classes adds a lot of boilerplate code. What if I told you it’s possible to get rid of a lot of boilerplate code and have a nice and elegant way of writing your tests as if you’re writing an English sentence? This is where Pest comes in!”

Using the Pest testing framework in Symfony

 

Hantsy writes “PHP 8.1 introduces the official Enum support. Doctrine brought Enum type support in its ORM framework, and Symfony added serialization and deserialization support of an Enum type.” He explores:

Using Enum in Symfony

 

Guillaume continues his series we have been featuring with:

CMS en Symfony : le routing

 

Mateo Fuzul shows us “why it’s important to translate your application and how you can do it using the Symfony translation package.”

Nuts & bolts of internationalization and localization with Symfony

 

Jakob Perry makes:

The case for Drupal >=9

 

Kevin Wenger shows us how to:

How to Migrate content into Drupal Paragraphs

 

And Josh Estep demonstrates:

How to Ensure Images are Optimized in Drupal

 

We promised to share the Florida DrupalCamp presentations when they became available.

Here they are.

The slides can be found on individual session pages.

 

Last Week

 

Jacob Rockowitz says, “There are plenty of resources in the Drupal community for learning how to build a module. This article is not about building a custom module. My goal is to provide a guide for auditing and reviewing a Drupal module. In doing so, I'm aiming to help you achieve your goal to understand, document, clean up, and hopefully improve a Drupal module.”

A guide to auditing, reviewing, and improving a Drupal module

 

Joseph Udonsak finishes a series on Test Driven Design with “In this, the third and final part in the series, you'll implement the last feature of the application using TDD, transaction history. In addition to that, you'll learn about the concept of test coverage and how it impacts application reliability.”

A Beginner's Guide to Test-Driven Development with Symfony and Codeception - Part 3

 

Last Month

 

Strangebuzz has this for us “In this post, we see a simple solution to mock API calls with the Symfony HTTP client, declare a scoped HTTP client, and test it with or without mock. Let's go!”

Simple API mocking with the Symfony HTTP client

 

Timeless

Inspector logo

Sponsored Article

We published our third sponsored article on Symfony Station exploring how to Implement Code Execution Monitoring for your Symfony apps via Inspector. Like all our articles it is now available via audio.

How to Implement Code Execution Monitoring for your Symfony apps via Inspector

All sponsored articles are for products we have vetted and stand behind. We either use them or would do so if they were applicable to the Symfony Station site.

PHP logo

PHP

 

This Week

 

Michał Romańczuk writes “SOLID, this acronym was coined by Michael Feathers, it represents the five basic principles of object-oriented programming developed by Uncle Bob.

Most programmers probably know this acronym. But it seems to me that a minority can decode it.”

Solid PHP - SOLID principles in PHP

 

Moath Omarsa has a good review of PSR.

Intro To PSR (PHP standards recommendations)

 

Italo Baeza Cabrera says, “testing doesn’t have to be a 1,000 line per-test odyssey.”

PHP: 10 tips to use for Mockery

He also expands on the “PHP is dying” misconception.

Two years from PHP “dying”: There are other tools

Always use the best tool for the job. Sometimes it’s PHP. At other times it isn’t.

 

The March issue of PHP Architect is out.

March Issue

 

Zend details “Dockerfile, showing how you can use the same file to create different custom PHP Docker images, and demonstrates some additional techniques you can use.”

PHP Docker Images Tips and Tricks

 

Vincy shows us how to build a:

PHP Login Form with MySQL database and form validation

 

Rias has this for us:

Running PHPUnit tests in parallel using GitHub actions

 

This Year

 

Anand Rajendran writes “Object-oriented programming is about creating objects that contain both data and functions.” This article is a good review of OOP.

PHP — Object-Oriented Programming

Code logo

Other

 

It’s time for everyone in the free world to start attacking the Russian government and its cadre of war criminals, thugs, and all-around dipshits. It’s the way the outside world helped end apartheid and it’s what will work here eventually. We need to keep it up until the Russian people depose their latest tyrants or the Russian military disposes of Putin and withdraws from Ukraine.

I am doing what I can to help:

By the way, I am opposed to all fascists and communists be they in Russia, North Korea, China, Europe, the Middle East, Asia, Africa, or the Americas.

 

The Tech Policy Press writes “Imagine it is September 1939. Germany has invaded Poland on the false premise that Poland has joined with Britain and France in a bid to attack it.

But add a tweak to the timeline- imagine there is a set of major publishers based in the United States who channel Hitler’s propaganda campaign across the globe, including to a substantial American audience. Imagine Hitler has built an incredible capacity to manipulate media, use out of context images and film, create the impression of support by inventing false personas, and engage in a variety of other tactics that have been observed to advance his aims, taking advantage of the capabilities these publishers provide and the lax enforcement of their standards. Imagine that every official and government entity loyal to Hitler also has a deal with these publishers, and their means to easily reach a global audience instantly.

Would you demand those publishers pull the plug on Hitler, or would you defend the German state’s right to some confused notion of “free speech,” even as Hitler sets out to destroy the lives of millions?

That is the situation Google, Facebook, Twitter, and other U.S. tech firms are faced with right now, as they host, distribute, amplify, and in some cases help monetize Vladimir Putin’s propaganda outlets – including Russian state media that are already registered as foreign agents, as well as the official accounts of Putin’s government and its officials.

Silicon Valley Must Pull the Plug on the Kremlin

 

Rest of World has an overview of Big Tech’s tepid actions to date. Most of them have been taken because they are legally required.

Here’s a list of all the tech companies taking action against Russia

 

Venture Beat writes “Mykhailo Fedorov, the country’s vice prime minister, announced on Twitter, “We are creating an IT army.” “We need digital talents,” wrote Fedorov, who also holds the title of minister of digital transformation — sharing a link to a Telegram channel where he said operational tasks will be distributed. “We continue to fight on the cyber front.”

Going on offense: Ukraine forms an ‘IT army,’ Nvidia hacks back

If you have hacking skills, fucking join this.

 

The State notes “Anonymous, a renowned international hacker group, has declared a cyberwar against Russia, which is accused of its cyberattacks against Ukraine. President Biden has also reportedly been given options for “massive cyberattacks” to target Russia and complicate its invasion.”

Anonymous declares cyber war against Putin amid Ukraine invasion. What does that mean?

 

And it did not take them long to achieve results.

Anonymous leaks Russian Ministry of Defense database in major victory during a cyberwar

 

As mentioned above in addition to going on the offensive, the non-thug world needs to up its defensive game.

API security methods developers should use

 

A New York Times opinion piece explores America’s vulnerability to cyber-attacks.

I’ve Dealt With Foreign Cyberattacks. America Isn’t Ready for What’s Coming.

 

The Washington Post reports that fortunately:

The dire predictions about a Russian cyber onslaught haven’t come true in Ukraine. At least not yet.

 

Also, fortunately, Platformer reports:

The internet is a force multiplier for Ukraine

 

In less depressing news, Florian Jaton sheds light on the human side of algorithms.

Here’s how algorithms are made

 

Marc Andrews writes “When creating efficient, accessible, and beautiful UIs, it takes only the smallest tweaks to improve your designs.

In this follow-up article, I’ve brought you another selection of easy to put into practice UI & UX micro-tips.

Tips that can, with little effort, help improve both your designs and the user experience.”

UI & UX Micro-Tips: Best of 2021

 

CSSUI, a library that replaces some JS functionality with CSS, looks like a great tool. At least to me, a JS critic.

2022 - Product Roadmap

 

Damir Kotorić pontificates on:

The Future of User Interface Design: Next-generation UI Tools

 

Mozilla and others announced “Interop 2022 is a cross-browser initiative to find and address the most important interoperability pain points on the web platform. The end result is a public metric that will assess progress toward fixing these interoperability issues.”

Announcing Interop 2022

 

C.S. Rhymes writes “GitHub offers a dependabot service that can let you know of any potential security issues with your dependencies and automatically create a Pull Request for you. This works great without any configuration if you have a repo that contains npm, composer, or gem dependencies, but you may need additional configuration if your lock files aren’t in the root directory, or in separate directories in the case of a monorepo.

This article will guide you through the basics of creating your configuration for dependabot so it can correctly analyze your dependencies and automatically create Pull Requests for you.”

Using GitHub Dependabot with a Monorepo

 

To wrap up, Joshua Otwell has this for us:

Quick SQL Snippets in MySQL Workbench

 

That's it for this week. Thanks for making it to the end of another extended edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.

 

Please share this post. :) Be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early). And follow us on Twitter at @symfonfystation.

 

Do you own or work for an organization that would be interested in our promotion opportunities? If so, please contact us. We’re in our infancy so it’s extra economical. ;)

 

More importantly, if you are a Ukrainian company with coding-related products, we can provide you with free promotion. Even though it's for the WordPress ecosystem, we're starting with Crocoblock. They make booking and eCommerce blocks.

 

Crocoblock screenshot

 

And within the Symfony ecosystem Codeception, which “collects and shares best practices and solutions for testing PHP web applications. With a flexible set of included modules tests are easy to write, easy to use, and easy to maintain.”

 

codeception screenshot

 

Keep going Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Subscribe to Stop Russia

 

 

Follow Symfony Station on Mastodon Mastodon Icon Twitter Twitter Icon Flipboard Flipboard Icon or Our Newsletter Newsletter Icon