Sorry, you need to enable JavaScript to visit this website.
Skip to main content

Symfony Station Communiqué - 9 September 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Illustration of the surface of an alien planet

Welcome to this week's Symfony Station Communiqué. It's your review of the essential news in the Symfony and PHP development communities. We also cover the cybersecurity world in detail. Symfony was a prolific publisher this week. And we always like to see that.

Take your time and enjoy the items most relevant and valuable to you.

As always, thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

My opinions will be in bold.


Many of the items we curate are on Medium. I recommend investing in membership as you can access everything you want to read. It’s a small investment in boosting your career. As you may have noticed, non-members can only access a limited number of articles per month.

Become a member here! The compensation we receive from your use of this link helps pay for our weekly communiqué.


Symfony

As always, we will start with the official news from Symfony.

Highlight -> “This week, development activity mainly focused on fixing bugs and polishing existing features. The upcoming Symfony 6.2 version improved lazy services by generating lazy-loading virtual proxies for non-ghostable lazy services. Lastly, we published an article about revisiting lazy-loading proxies in PHP to explain the latest Symfony changes around lazy-loading objects.“

A Week of Symfony #818 (29 August - 4 September 2022)

Symfony announced:

Schedule | SymfonyCon Disneyland Paris 2022

It includes these sessions:

SymfonyCon Disneyland Paris 2022: Transactional vs. Analytical Processing

SymfonyCon Disneyland Paris 2022: Climate change and IT, scaling sustainably

SymfonyCon Disneyland Paris 2022: Have you ever experienced the feeling of impostor syndrome?

SymfonyCon Disneyland Paris 2022: Symfony & Hotwire: an efficient combo to quickly develop complex applications

SymfonyCon Disneyland Paris 2022: A self-training journey to the Symfony Certification - and beyond

SymfonyCon Disneyland Paris 2022: 7 lessons you can learn from Disney movies

SymfonyCon Disneyland Paris 2022: Painless authentication with Access Tokens

SymfonyCon Disneyland Paris 2022: Decoupling an application with Symfony Messenger

SymfonyCon Disneyland Paris 2022: Mutating a Symfony project

SymfonyCon Disneyland Paris 2022: Modernizing with Symfony

They also published.

Come celebrate the release of API Platform 3 in two weeks at the API Platform Conference!

Revisiting Lazy-Loading Proxies in PHP

Solving the modern applications dilemma with Symfony UX

Hurray Vue component.

SymfonyCasts continues its Doctrine course with new chapters.

This week on SymfonyCasts


Featured Item

Featured Item graphic

We end our Symfony UX trilogy with an article on their implementation of Turbo. The companion article to Discover Symfony UX’s Twig Components and Discover Symfony UX. UI with Stimulus examines the SPA-like speed Turbo brings to your application’s UI.

Discover Symfony UX. Turbo lets you put SPAs in the Rearview Mirror.


This Week

Strangebuzz explores:

Using PHP 8.1 enumerations in a Symfony project

.com continues his series on serving images:

#8 Caching requests

WPWeb Infotech demonstrates:

How To Develop A CRUD App with Symfony 6 & React

Kévin Dunglas announces:

Mercure 0.14: Major Performance Improvement and New Features

eCommerce

Anup Sinha demonstrates:

Installing Magento 2 on WAMP/XAMPP Server in Windows

CMSs

Agile Drop shares:

DrupalCon Prague 2022 – which sessions to check out?

Drupal Easy asks:

Are cheatsheets still a thing for Drupal developers?

Smashing Mag details:

The Accessibility And Usability Journey Of Drupal’s Primary Navigation

Hashbang Code looks at:

Drupal 9: Generating Header Images For Pages Of Content Using PHP

Specbee shows us:

How to implement Algolia Search in Drupal 9 (Part 1)

Lullabot explores:

Progressive Decoupling in Drupal (and Beyond)

I am looking forward to viewing this.

Previous Weeks

Vipin Yadav shows us:

How to regenerate entity in symfony-6 using CLI

The Drop Times asks:

How to Overcome Gaming of the Issue Credit System?

PHP logo

PHP

This Week

Jetbrains announced:

PhpStorm 2022.2.2 Preview

PHP Architect shared:

Deploying Our Code With Deployer 7.0

Sofia Tarhonska has this fantastic tutorial:

PHP Email Contact Form

Laravel Tuts has:

PHP 8 Multiple File Upload using Ajax Example Tutorial

The Dev Drawer explores:

Dynamically Create A PDF Using PHP

Dennis Mwangi examines:

PHP implode and explode Functions

.com shows us how to:

How to Write Good Unit tests?

Matthias Noback explores:

A step-debugger for the PHP AST

.com has:

Circuit Breaker pattern in PHP

Geni Jaho examines:

Refactoring #8: What is dead may never run

Levid_ToPast shows us how to:

Dockerize your PHP and PHPMyAdmin app

Tinamodi shows us:

How PHP Frameworks Build Better Enterprise Software

And we all know Symfony is the best for enterprise applications.

Farhan Tanvir has another:

7 Useful PHP Libraries You Should Use in Your Next Project

Previous Weeks

Shawn Hooper examines:

Fixing a Legacy PHP Codebase: PHPStan's Baseline Generator

Code logo

Other

Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).

The cyber response to Russia’s War Crimes

Bloomberg reports:

Kremlin insiders are privately being warned the West’s sanctions could damage the Russian economy for the next decade

The Evil Empire Strikes Back

New Atlas reports:

Why Russia's cyber war in Ukraine hasn't played out as predicted

Decipher reports:

White House Plans 'Further Action' After Iranian Cyberattack on Albania

Ars Technica reports:

Hackers with Conti cybercrime group are repurposing tools for attacks on Ukraine

Tech Crunch reports:

North Korea’s Lazarus hackers are exploiting Log4j flaw to hack US energy companies

Cybersecurity/Privacy

ZDNet reports:

NSA to developers: We've got some software supply chain security tips for you

Rasbora shares:

I ran the world's largest DDoS-for-Hire empire, and CloudFlare helped

CNN reports:

US government warns ransomware attacks on schools may increase

More

Hillary Nyakundi has this authoritative article:

OOP Meaning – What is Object-Oriented Programming?

The Verge reports on:

How Cloudflare got Kiwi Farms wrong

Sam Phillips shows us how to:

Create Beautiful Banners and Other Graphics Easily Using HTML and CSS - Examples

This is a great article from Lullabot’s Andy Blum:

JavaScript and Events - The Fundamentals

Mickaël Andrieu explores:

Static and Dynamic Pivot in MySQL 8

Window Functions in MySQL 8: FIRST_VALUE() / LAST_VALUE()

Joshua Otwell examines:

MySQL Metadata Queries — Find all tables in a Schema

Tech Target shares this useful resource:

Agile, DevOps and software development methodologies definitions

That’s it for this week. Please share this communiqué.

Also, be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early).

If you don't already, follow us on Twitter at @symfonfystation.

And since it may be turning into a full-scale dumpster fire, we are now on Mastodon as well at @symfonystation@phpc.social. Consider joining the @phpc.social instance.

Do you own or work for an organization that would be interested in our promotion opportunities? Or supporting our journalistic efforts?

If so, please get in touch with us. We’re in our infancy, so it’s extra economical. 😉

More importantly, if you are a Ukrainian company with coding-related products, we can offer free promotion on our Support Ukraine page. Or, if you know of one, get in touch.

Keep coding Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Symfony Station Communiqué - 12 August 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Illustration of the surface of an alien planet.

Welcome to this week's Symfony Station Communiqué. It's your review of the essential news in the Symfony and PHP development communities. We also cover the cybersecurity world in detail each week.

Take your time and enjoy the items most relevant and valuable to you.

As always, thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

My opinions will be in bold.


Many of the items we curate are on Medium. I recommend investing in membership as you can access everything you want to read. It’s a small investment in boosting your career. As may have noticed non-members can only access a limited number of articles per month.

Become a member here! The compensation we receive from your use of this link helps pay for our weekly communiqué.


Symfony

As always, we will start with the official news from Symfony.

Highlight -> “This week, the upcoming Symfony 6.2 version added features such as allowing to extend the #[When] attribute, adding conditional types to conditional configuration builders, introduced a new messenger:count command that lists the pending messages per transport and improved the #IsGranted attribute to allow using expressions.“

A Week of Symfony #814 (1-7 August 2022)

Symfony announced:

Zoom in on Advanced Security with Symfony workshop at SymfonyCon Disneyland Paris 2022

SymfonyCasts finishes their Symfony 6 Fundamentals Course and announce a new one.

This week on SymfonyCasts

Featured Item

Featured Item graphic

While not the most important post of the week, we think our latest article on local PHP development tools is useful. Please read:

Dream Universal, Develop Local: A look at PHP Local Development Tools.

This Week

Wordsys Technology shares:

5 Reasons Why You Should Use Symfony Framework for Projects

Saeid Raei explores:

Symfony Testing: using Repository pattern without connecting to database

Dariel Vicedo continues his series:

Creating a Symfony project from zero to success in 52 weeks (week 5)

In Francais Yann Dardot examines:

Enum php 8.1, et les librairie symfony. (Doctrine, graphql-php, api platform)

Big Data Analytics News looks at:

How Symfony Hosting Works Better With Cloudways Managed Hosting

Randy Fay needs your help testing a DDEV and Platform.sh integration.

GitHub - platformsh/ddev-platformsh: Add integration with Platform.sh hosting service

CMSs

bitExpert explores:

Sulu Headless exposing form config

Drupal made:

CSS and JavaScript aggregation performance improvements

Matt Glaman looks at:

ReactPHP for Drupal deployments and workers

Acquia is:

Evaluating Drupal Community Modules

Jacob Rockowitz is:

Defining the goals of the Schema.org Blueprints module

php[architect] has:

Drupal Dab: Creating Content Types in Drupal 9 Subscription required.

Ani Mahant shares:

A Step-by-Step Tutorial to Customize Drupal SearchAPI Facets without AJAX

James Oakley has some Drupal advice for:

Keeping track of upstream security issues

Previous Weeks

specbee shares:

Setting up Responsive Images in Drupal 9 - A Step-by-Step Guide

Promet Source examines:

How to Fix Common Web Accessibility Barriers in Drupal

PHP logo

PHP

This Week

stitcher.io documents:

Deprecated dynamic properties in PHP 8.2

Igieborelvis continues his SOLID PHP series:

SOLID : Fundamental Principles of Software Development using PHP (4)

Derick Rethans has the:

Xdebug Update: July 2022

Bentil Shadrack has a good reminder:

Cross-site Scripting (XSS) and ways to prevent it in PHP applications

Richard Dobroň shows us how to:

How to create your first composer package? 🐘

In Francais Karim Pinchon explores:

PHP - Rector

Matthias Noback looks at:

Simple Solutions 1 - Active Record versus Data Mapper

Andrew Schmelyun details:

The difference between Traits, Interfaces, and Abstract Classes in PHP

The esteemed Kévin Dunglas shows us how to:

Securely Access Private Git Repositories and Composer Packages in Docker Builds

Farhan Tanvir shares yet another:

7 Useful PHP Libraries You Should Use in Your Next ProjectーPart- 4

.com software shares:

Circuit Breaker pattern in PHP

Clean code tricks in PHP everyone should follow

Code logo

Other

Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).

The cyber response to Russia’s War Crimes

Protocol reports:

Meta has banned a pro-Russia troll group that organized on Telegram

Rolling Stone reports:

Pro-Putin Trolls Supporting the Ukraine Invasion Can't Stop Screwing Up

The Hill reports:

Putin’s war is economic suicide

The Evil Empire Strikes Back

PCMag reports:

Researchers Look Inside Russian Malware Targeting Ukrainian Power Grid

Useful idiots Amnesty International have criticized Ukraine for housing troops in abandoned schools and daring to shell Russian aircraft in occupied Crimea.

Useful idiots Amnesty International have criticized Ukraine for housing troops in abandoned schools and daring to shell Russian aircraft in occupied Crimea.

The Guardian reports:

Zelenskiy rebukes Amnesty for accusing Ukraine of endangering civilians

Russia’s private military contractor Wagner comes out of the shadows in Ukraine war

Wired reports:

An Attack on Albanian Government Suggests New Iranian Aggression

The US Offers a $10 Million Bounty for Intel on the Conti Ransomware Gang

Cybersecurity/Privacy

PC Mag reports:

US Sanctions 'Tornado Cash' for Laundering Crypto Funds for North Korea

Decipher reports:

After Log4j, Efforts to ‘Uplift’ Open Source Ecosystem Continue

TechCrunch reports:

Twitter fixes security bug that exposed at least 5.4 million accounts

Twilio hacked by phishing campaign targeting internet companies

Protocol reports:

The SEC's cyberattack reporting rules are seeing fierce opposition. CISA is poised to do better.

ZDNet reports:

Cloudflare was the target of a sophisticated phishing attack. Here's why it didn't work

Computer Weekly reports:

GitHub targets vulnerable open source components

secure.software reports:

NVD Analysis 2022: Why you need to modernize your software security approach

Tech Republic reports:

Cisco reveals cyberattack on its corporate network

More

infoworld shares:

Visual Studio vs. Visual Studio Code: How to choose

The Register reports:

GitLab U-turns on deleting dormant projects after backlash

Nevin Katz reveals:

My Git Analogy Moment

As a Git-challenged person, I can say it’s a good one.

In Francais Karim Pinchon shares advice for students:

Conseils aux étudiants en développement logiciel

Utkarsh Mathur has a great history piece on the:

Rise of Open Source.

Venture Beat shares:

3 ways every company can get started with an open-source software strategy

Ethan Marcotte looks at the source of truth in design systems.

Truthish.

Accessibility and Frontend Illuminati Jason Knight looks at:

Creating Custom Icon Webfonts

And in douchebag news:

Molly White tried to tell you Web3 was not going great before the crypto crash

Dev Class reports:

‘The best thing we can do today to JavaScript is to retire it,’ says JSON creator Douglas Crockford

Amen, brother.

That’s it for this week. Please share this communiqué.

Also, be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early).

If you don't already follow us on Twitter at @symfonfystation.

And since it may be turning into a full-scale dumpster fire, we are now on Mastodon as well at @symfonystation@phpc.social. Consider joining the @phpc.social instance.

Do you own or work for an organization that would be interested in our promotion opportunities? If so, please get in touch with us. We’re in our infancy, so it’s extra economical. 😉

More importantly, if you are a Ukrainian company with coding-related products, we can offer free promotion on our Support Ukraine page. Or, if you know of one, get in touch.

Keep coding Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Symfony Station Communiqué - 8 April 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communiqué. It's your weekly review of the most essential news in the Symfony and PHP development communities.

Again, we cover the tech aspects of the war crimes going on in Ukraine and how you can help.

Take your time and enjoy the items most valuable to you.

Thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

Please note that links will open in a new browser window. My opinions will be in bold.

 

Symfony

 

As always, we will start with the official news from Symfony.

Highlight -> “This week, Symfony 4.4.40, 5.4.7, and 6.0.7 maintenance versions were released. Meanwhile, the upcoming Symfony 6.1 version added new features such as a Serializer profiler panel and a simpler bundle/extension configuration. Lastly, the SymfonyLive Paris 2022 conference will take place next week.”

A Week of Symfony #796 (28 March - 3 April 2022)

 

Javier Eguiluz previews an upcoming feature of the 6.1 update.

New in Symfony 6.1: HtmlSanitizer Component

 

SymfonyCasts continues their free look at Symfony 6 and Easy Admin paid courses.

This week on SymfonyCasts

 

Platform. sh announced “We’re excited to announce that Platform.sh now offers OpenSearch as a service available and included on all plans. OpenSearch is a distributed RESTful search and analytics engine you can use for log analytics, a search backend, clickstream analytics, and more.

With the recent move by ElasticSearch to switch to a licensing model, it was important for us to propose a strong open-source alternative. And OpenSearch is completely open-source, so you could run and manage it on your own. But if you add it to a Platform.sh project as a service, all of the infrastructure is taken care of. All you have to take care of is your data: indexing it and retrieving it.”

OpenSearch is here

 

We missed this last week. Blackfire Monitoring now integrates with API-Platform.

API-Platform Support

 

Featured Item

 

https://symfonystation.com/sites/default/files/inline-images/Featured-Item_1_0.png

 

Democracies are far from perfect. However, while sometimes chaotic and prone to taking one step back for every two forward, they are the best governments in the world. Currently, they are in a growing battle with autocracies ranging from tyrannical to criminal for the future of mankind.

The Copenhagen Pledge puts forward a vision for the digital age, based on democratic values and human rights. It serves as the overall value framework for the Tech for Democracy initiative.

Take and sign the pledge

 

Its Action Coalitions target specific issues at the intersection of tech, democracy, and human rights. Coalition partners engage in concrete activities and deliver concrete solutions in line with the Copenhagen Pledge.

Action Coalitions

 

The Action Programme contains recommendations ****on how to transform the Copenhagen Pledge into action and charts a path for various areas, such as how to truly improve digital responsibility and mobilization.

Action Programme

 

Find the full Action Programme and civil society´s 8 recommendations here.

 

Please get involved today. You have to have open societies to have open-source.

 

This Week

 

WeLoveDevs says, “Ce questionnaire, d'environ 10 minutes, est proposé par Smaïne Miliani ainsi que la communauté WeLoveDevs.com (entreprises, experts, formateurs, indépendants) pour aider les développeurs à auto-évaluer leurs connaissances.” If you are fluent in French, take this test.

Test Symfony 6

 

Mohamad Eldhemy explores:

The What-Why-How Guide of PHP code quality tools

 

Sriram webnexs asks:

What Is the Magento Marketplace Extension and How Does It Work?

 

tangled net writes “Grav CMS allows developers to give third parties the ability to manage their (structured) content in a very elegant and flexible way. At the same time, there are few restrictions on how this content ends up displayed on the website — as long as the developer knows what he is doing.”

Grav CMS — A way to pass URL parameters in a frontend form

 

Unearthed says, “we use the AWS service Cognito to issue JWTs to clients during authentication. From there, the JWT is exchanged with whichever services the user is interacting with in order to validate their identity. This is helpful when building out a service graph, since each JWT can describe an authenticated users session without any direct dependency on a user service.

It's worth mentioning, if you are using Symfony, there is a Symfony Bundle which will make some of the factories and services used in this blog post available from the container. In our application we decided instantiating these dependencies directly was preferable.”

Decoding and validating AWS Cognito JWTs with PHP

 

#! Code has this very useful article for us:

Drupal 9: Getting A Good Score In Google PageSpeed Insights

 

Droptica notes “In this article, we’ll present what standards are used to create Drupal projects. We will show you the basic aspects that are worth paying attention to and the tools that make work easier.”

What are Drupal Coding Standards, and How to Use Them in Your Daily Work?

 

Arslan Ijaz looks at:

Amazing UX design using Drupal

 

Last Month

Matt Robinson shares:

What to Do With Your Drupal 7 Website

 

Christian Kolb has two articles for us:

Using CQRS in Symfony

Using id value objects for better readability and type safety

 

PHP logo

PHP

 

This week

 

The April edition of php[architect] is out.

php[architect]

 

Tomasz Dobrowolski shows us:

Why You Should Limit Your Use of Comments to Make Cleaner Code as a Developer

 

Study Section notes “A session is a way to continue information across different web pages to recognize users as they traverse a site or app. There is absolutely no way a server could remember a specific user between multiple requests, which is why we call the HTTP protocol a stateless protocol.”

Explaining this pattern with example in PHP — Server Session State

 

Farhan Tanvir shares “Here are 7 VSCode extensions which will help you to make the best use of VScode if you are a PHP developer.”

7 useful VSCode extensions for a PHP developer

 

Yacine Touati discusses:

Setting up Dockerized cron jobs: For example, using PHP and MySQL

 

The one and only Brent is back with “You've probably used the strategy pattern before: a behavioral pattern that enables selecting an algorithm at runtime.

Let's consider a classic example: the user provides some input either in the form of XML, JSON or an array; and we want that input to be parsed to a pretty JSON string.”

Dynamic Strategies

 

Jordi Bassaganas shares his:

Titanic Truth About JavaScript, TypeScript, and PHP

 

Hicham Ben Kachoud continues his SOLID series with the I:

Interface Segregation Principle

 

Jarek writes “Generic types are templates which allow us to write code without specifying a particular type of data on which it will work. Thanks to them, we avoid redundancy and the objects operate on the previously declared types. A good example is collections of various types. If we want to be sure that a collection consists of a given data type, we can either create a separate class to store each type, use various types of assertions, or just use generic types.”

How To Start Using Generic Types In PHP

 

Last Month

 

Andreas Moller notes “The chances are that you are already aware of the concept of named constructors. If not, take a look at Matthias Verraes' excellent article Named Constructors in PHP.

When it comes to consistently naming constructors, I currently apply the following rules for different types of objects.

  • services
  • exceptions
  • entities
  • value objects”

Naming constructors

 

Incredibly there were two articles on this last month.

 

Stefan Priebsch writes “Despite a greatly improved type system in versions 7 and 8, PHP does not support constructor overloading. If an object has to be created in different ways, so-called named constructors are used. Are there any best practices for naming them?”

How do you name constructors?

Code logo

Other

 

Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).

 

The cyber response to Russia’s War Crimes

 

CNBC reports “Alex Iskold, a tech entrepreneur and start-up investor, revived the 1K Project to provide direct relief to Ukrainian families impacted by the war.”

A Ukrainian Techie Combined ‘Code and People' to Raise $3.5 Million So Far for Families Back Home

 

TechCrunch reports:

Twitter limits reach for Russian government accounts and bans most POW imagery

 

Fortune reports “Hacker collective Anonymous announced on Twitter that it successfully breached and leaked the personal data of 120,000 Russian soldiers.

"All soldiers participating in the invasion of Ukraine should be subjected to a war crime tribunal," Anonymous said in the message.

The leak included personal information like dates of birth, addresses, passport numbers, and unit affiliation.

Anonymous takes revenge on Putin’s brutal Ukraine invasion by leaking the personal data of 120,000 Russian soldiers

After what we have seen this week, IMHO these soldiers are legitimate targets for hacktivism.

 

NBC reports “Distributed Denial of Secrets, is best known for curating, publishing, and promoting giant caches of files from a variety of sources, including U.S. police departments, the conservative social media platform Gab and the far-right Oathkeepers, a prominent group involved in the Jan. 6 riot.

But since Russia invaded Ukraine, Best and her colleagues have been inundated with files that hacktivists say they’ve stolen from Russian banks, energy companies, government agencies, and media companies. For weeks, the group has scrambled to translate, verify, format, and upload files that they can assess are legitimate and new, with the caveat that they usually haven’t gone through every single file to assess if it hasn’t been altered or planted with malicious software.”

Hackers flood the internet with what they say are Russian companies' files

 

The AP reports “The Biden administration has charged a Russian oligarch linked to the Kremlin with violating U.S. government sanctions, and disrupted a cybercrime operation that was launched by a Russian military intelligence agency, officials said Wednesday.”

US charges Russian oligarch, dismantles cybercrime operation

 

The New York Times reports that the:

U.S. Says It Secretly Removed Malware Worldwide, Pre-empting Russian Cyberattacks

 

Politico reports that “The firms that helped document the Russian invasion of Ukraine are now finding imagery of atrocities.”

Satellite companies join the hunt for Russian war crimes

 

Cloudflare writes “Following Russia’s unjustified and tragic invasion of Ukraine in late February, the world has watched closely as Russian troops attempted to advance across Ukraine, only to be resisted and repelled by the Ukrainian people. Similarly, we’ve seen a significant amount of cyber attack activity in the region. We continue to work to protect an increasing number of Ukrainian government, media, financial, and nonprofit websites, and we protected the Ukrainian top-level domain (.ua) to help keep Ukraine’s presence on the Internet operational.

At the same time, we’ve closely watched the significant and unprecedented activity on the Internet in Russia. The Russian government has taken steps to tighten its control over both the technical components and the content of the Russian Internet. For their part, the people in Russia are doing something very different. They have been adopting tools to maintain access to the global Internet, and they have been seeking out non-Russian media sources. This blog post outlines what we’ve observed.”

What Cloudflare is doing to keep the Open Internet flowing into Russia and keep attacks from getting out

 

On a related note, NPR asks “What do Russians know about what's happening in Ukraine? Well, it depends in large part on what independent media they're able to access - access the Russian government has been forcefully trying to restrict. So many Russians have been relying on VPNs - virtual private networks - that obscure their identity online and allow them to access blocked websites.”

Some Russians are skirting website restrictions through VPNs. What are they?

 

Radio Free Europe reports “Western governments imposed crushing sanctions on Russia for its unprovoked attack and foreign companies began pulling out of the country, setting its economy reeling and making investments in the technology sector unattractive. Three days later, Krupnik froze his project, and on March 9 he fled to Turkey, seeing a bleak future back home.”

'A Nail In The Coffin': Tech Workers Are Fleeing Russia and The Impact Will Last For Years

 

The Evil Empire Strikes Back

 

TechCrunch reports “The mass exodus of IT specialists has been met with hostility from Moscow.”

Tech workers describe detentions and interrogations as they flee Russia

If you are in Russian IT and want to escape the new Iron Curtain, we suggest you get the fuck out now. If not enjoy the Gulag.

 

CBS reports “A group of hackers with ties to the Belarusian government broke into the Facebook accounts of Ukrainian military officials and posted videos calling on the Ukrainian army to surrender.

Meta's head of security policy, Nathaniel Gliecher, said the videos posted on the accounts of Ukrainian military officials were not seen by users and were taken down by the platform before it could be shared with others.”

Russian-backed hackers broke into Facebook accounts of Ukrainian military officials

 

The Jerusalem Post reports “China launched a massive cyber operation against the Ukrainian military and its nuclear facilities before Russia began its invasion, according to UK intelligence reports obtained by The Times.

The British reports were backed up by Ukraine's national security service, the SBU, which claimed China coordinated thousands of cyberattacks and hacking attempts on official Ukrainian government sites.”

China carried out massive cyberattack operation on Ukraine - report

 

The New York Times notes:

Bristling against the West, China rallies domestic sympathy for Russia

 

The Guardian reports “Putin may be ‘playing a long game’ on the cyber front, with attacks underway but not fully understood.”

Russia’s slow cyberwar in Ukraine begins to escalate, experts say

 

The Associated Press reports “Though Russia is the country that invaded its neighbor Ukraine, the Kremlin’s version relentlessly warns social media users across Latin America that the U.S. is the bigger problem. “Never forget who is the real threat to the world,” reads a headline, translated here from Spanish. The article, originally posted in late February on Twitter by RT en Español, is intended for an audience half a world away from the fighting in Kyiv and Mariupol.”

Russia aims Ukraine disinformation at Spanish speakers

 

Cybersecurity

 

ZDNet reports “The US Federal Government's latest attempt to create a centralized office for cybersecurity within a major agency will also be tasked with exploring economic and policy concerns within cyberspace.”

US Bureau of Cyberspace and Digital Policy officially commences operations

 

TechRepublic has this discouraging bit of news:

Developers do not view application security as a top priority, study finds

 

They also have:

5 tools to make encryption key management easier

 

GitHub shows us:

How Dependabot empowers you to keep your projects secure

They also have:

Prevent the introduction of known vulnerabilities into your code

 

More

 

The NewStack shares this from Caleb Porzion “It was at this point that he came up with the idea for Alpine.js, the minimalist framework that puts JavaScript behavior directly in your markup, which would offer some of the interactivity of Vue.js without any of the complexity.

“Alpine is the modern jQuery, that’s my vision for it,” Porzio explained in an interview. “When I started in web development, jQuery was what you did to sprinkle in stuff on your front end. Your whole front end wasn’t driven by a frontend framework, it was driven by something like Rails. I still like to write web apps that way. I’ve come full circle, I did the whole SPA thing and there’s nothing wrong with it, per se, but for a lot of use cases it’s just way too much complexity.”

Alpine.js Brings JavaScript Interactivity without Complexity to HTML

 

Infoworld notes “SQLite is embedded everywhere. Will Postgres follow suit?”

Postgres everywhere

 

Docker discusses:

Getting Started with Docker Desktop

They also have:

CTO Chat: Overcoming the Developer Experience Gap (feat. RedMonk & Flow.io)

 

VSCode writes ”The Visual Studio Code team has used this insight as the heart of their research over the years: if we can reduce time spent on overhead, like reading about environment setup, then we can increase productivity time. We have a vision where developers don't have to keep fighting the same battles over and over again. This means a consistent development setup that can handle the never-ending churn of version upgrades, configuration changes, and hardware refreshes.

But what does the path look like to get us there? Let's examine the journey to increase developer productivity that has led us from local development to container-based development, to the cloud.”

Using Containers to move from Local to Remote Development

 

TechCrunch reports “At its Team ’22 conference, Atlassian announced the launch of Atlas, a new service for cross-functional team updates it previously offered as a beta under the name “Team Central.” The service is meant to be a central repository for what teams are working on — with those updates limited to a Twitter-like 280 characters.”

Atlassian launches Atlas to improve team alignment

 

Sule-Balogun Olanrewaju Ganiu says, “This article will teach you an alternative approach to testing client APIs using Thunder Client, an open-source extension available on  VS Code marketplace.”

Thunder Client – An Alternative Way to Test Restful APIs

 

That's it for this week. Thanks for making it to the end of another edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.

 

Please share this post. :) Also, be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early). And follow us on Twitter at @symfonfystation.

 

Do you own or work for an organization that would be interested in our promotion opportunities? If so, please contact us. We’re in our infancy so it’s extra economical. ;)

 

More importantly, if you are a Ukrainian company with coding-related products, we can provide you with free promotion on our Support Ukraine page. Or if you know of one, get in touch.

 

Keep going Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Symfony Station Communiqué - 18 March 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communiqué. It's your weekly review of the most essential news in the Symfony and PHP development communities.

This week, we again cover tech aspects of the war crimes going on in Ukraine and how you can help.

Take your time and enjoy the items most valuable for you.

Thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

Please note that links will open in a new browser window. My opinions will be in bold.

 

Symfony

 

As always, we will start with the official news from Symfony.

Highlight -> “This week, Symfony development focused on fixing bugs and finishing new features for the upcoming Symfony 6.1 version. One of those new features is a button to copy requests as cURL commands in the Symfony Profiler. Meanwhile, the SymfonyLive Paris 2022 conference, which will take place in just 4 weeks, announced its complete workshop and talk schedule.

A Week of Symfony #793 (7-13 March 2022) (Symfony Blog)

 

Early bird registration for SymfonyCon Disneyland Paris 2022 ends on March 31st

 

Unsurprisingly after the recent merger they announced:

Symfony in the Cloud: Platform.sh becomes the official Symfony PaaS

 

Fabien Potencier asks “How can you get started with Symfony 6? What are the best resources to learn Symfony? How can I learn about the latest best practices? Those are legitimate questions I get from the community.”

Get started with Symfony 6

 

SymfonyCast has started a new course on Symfony 6!

This week on SymfonyCasts

 

Elise Hamimi reports “As the creator of Symfony, SensioLabs strengthens its relationship with its long-time partner in the US: Unleashed Technologies. This strategic partnership is the result of successful joint projects with Unleashed Technologies. In 2022, SensioLabs and Unleashed Technologies are speeding up to better serve American users of Symfony.

SensioLabs strengthens its partnership with Unleashed Technologies

She also has:

Learn how to migrate to the PHP framework Symfony

 

Featured Item

 

Featured Item Graphic

 

Forbes writes Ukraine’s IT pros are “ fixing internet in bombed-out buildings, finding rogue operators providing Russians with mobile connections and thwarting hackers. The telecom companies of Ukraine and their employees are being hailed as heroes in the war.”

Bombs And Hackers Are Battering Ukraine’s Internet Providers. ‘Hidden Heroes’ Risk Their Lives To Keep Their Country Online

 

If these heroes can do this, we can do more ourselves to stand with Ukraine and protect democratic values.

 

This Week

 

Sergii Demianchuk writes “welcome to the second article devoted to the theme:  “How to work with ElasticSearch using Symfony PHP framework”. Here we will prepare our local environment for further development. As you remember from Part 1 we have to create a web server, microservice application, and Elasticsearch as standalone docker containers.”

Symfony, Elasticsearch, and Docker environment

 

Michał Romańczuk notes “There are many tools for static PHP code analysis, but one of the most popular is PHPStan. It may be due to its ease of use, versatility and the possibility of using many extensions for example to Symfony, Doctrine, Elasticsearch, Monolog, Guzzle, etc.”

Using PHPStan with Symfony - static analysis for better PHP code quality

 

Fabien Lemoine show us “How to combine the power of the Symfony Mailer component with the features offered by an email provider.”

Envoyer des e-mails transactionnels avec un service tiers sous Symfony

 

Mchojrin takes a look at how to handle exceptions in Rest APIs with Symfony. It’s in Spanish.

Cómo manejar las excepciones en API Rest con Symfony

 

Webkul writes “PrestaShop employs various types of cache such as Smarty, assets (CSS/JS), XML cache, etc. It also provides ways to clear individual cache types from our module. So in this blog, we will discuss how we can clear PrestaShop cache in module code.”

Clear PrestaShop Cache in module

They also have:

Custom Events and Event Subscribers in Symfony

 

Sylius notes “Since the very beginning of Sylius’ existence, our philosophy was to focus on our domain and not reinvent the wheel. That’s why Sylius is entirely based on Symfony which gave us a solid foundation to build specific e-commerce bundles within the already existing and highly standardized framework.

Following the very same core idea, Sylius never intended to solve problems of other domains. There are wonderful tools in different categories, which allows us to focus on what we know best – the e-commerce domain.”

Why best-of-breed is the best thing that can happen to your mid-market e-commerce?

I agree that unless you have a small and simple application, best-of-breed is the way to go for your stack.

 

Joseph Ndedde Udonsak writes “Recently, I was working on a feature and needed to generate and mail a PDF document whenever a payment was made. I dispatched a Message and in the message handler, I used the KNP Snappy Bundle to generate a PDF from a twig template. It was pretty straightforward (or so I thought) until I saw the mayhem that had been let loose in my failed transport.

Today I Learned — Twig and Services

He also has:

How to inject multiple instances of an interface in a service

 

The Drop Times has an interview with Drupal’s founder with some interesting takes on headless and low code.

Dries Buytaert: Low Code No Code Adoption Good for Drupal

 

And speaking of headless Drupal here’s an article and a solution taking a look.

Five basic things I’ve learned using GraphQL in Drupal

 

The future of Drupal is headless

Dries disagrees with the headless opinion and so do I. That applies to WordPress as well.

 

Ryan Szrama writes “We've long recommended Swift Mailer for formatting and sending HTML emails from Drupal Commerce. Symfony announced the project's deprecation late last year, recommending folks switch to using the 3-year-old Symfony Mailer instead after they brought it up to full feature parity with the Swift Mailer library.

Fortunately, there's a module for that!”

Replace Swift Mailer with Symfony Mailer for HTML email

 

Timeless

Inspector Logo

Sponsored Article

 

We published our third sponsored article on Symfony Station exploring how to Implement Code Execution Monitoring for your Symfony apps via Inspector. Like all our articles it is now available via audio.

 

How to Implement Code Execution Monitoring for your Symfony apps via Inspector

 

All sponsored articles are for products we have vetted and stand behind. We either use them or would do so if they applied to the Symfony Station site.

PHP logo

PHP

 

This week

 

Dariusz Gafka writes “We often need to schedule the execution of given business functionality in our applications. The timing depends on what we want to achieve. It may be monthly executed invoices or notifications sent after the user was registered on the website. And in this article, we will deep into different ways of scheduling execution in PHP.”

Scheduling Execution in PHP

 

PHPStan asks:

What's Up With @template-covariant?

They also look at:

Generics By Examples

 

Digital Ocean shows us:

How To Use Functions in PHP

 

Gaurav Makhecha says, “Thanks to the PSR-4 autoloading, we can define the namespaces prefix and their corresponding base directories.”

PHP Namespaces are not the same as the Directory Structure

 

Marcin Szydlowski writes “I have recently spotted an interesting vulnerability in a PHP application, which was in the scope of a private bug bounty program. This vulnerability has nothing to do with standard web app issues like SQLi, XSS, or IDOR, hence despite relatively small impact I decided to write about it.”

Insecure comparison in PHP — Business Logic Bypass vulnerability

 

Brent Roose & Freek Van der Herte are starting a series of posts with tips for writing clean PHP. They’re from a course the duo offers.

Code that breathes

 

Joshua Otwell says, “I'm sharing my 5 favorite Programming/Developer newsletters that I think you should read too.”

5 Developer/Programming Newsletters You Should Be Reading

There are good SQL and PHP choices on the list.

 

Meet Simseck states “I’d like to talk about Swoole in this article but it won’t be covering the cumbersome processes such as installing, configuring, using, and so on. I’d like to cover the philosophy behind it. Why do we need it in the PHP world? Which scenarios are the best to use this kind of external package/extension?”

Let’s Tackle PHP Swoole Solemnly

Code Logo

Other

 

Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).

 

The cyber response to Russia’s War Crimes

 

MarketWatch writes “One reason that some military analysts and Russia experts believe may have contributed to Putin miscalculating his chances of a quick victory, or his ability to outlast the Ukrainians, is that he underestimated the efficacy of Western sanctions in sapping Russia’s power to wage war, specifically by denying it access to critical technologies.”

Putin tried to create a homegrown tech industry. His failure could be key to a Russian defeat, experts say

 

The Hill notes “With the assistance of the West, Ukraine has become more resilient since the initial cyberattacks, especially given that it is uniquely vulnerable to Russian attacks since most of its infrastructure was built by Moscow during the Soviet era.”

US and EU cyber investments in Ukraine pay off amid war

 

Reface, a synthetic media app that’s developed out of Ukraine has added push notifications informing its ~200 million-strong global user-base about Russia’s invasion of the country — urging people to #StandWithUkraine, including by watermarking face-swapped videos created with the app.

Reface, a viral face-swap app from Ukraine adds anti-war push notifications

 

Wired writes, “Within three days of the first missiles falling on Kyiv, Mykhailo Fedorov and his staff launched a public campaign to pressure US tech giants to cut off Russia, began accepting cryptocurrency donations to support Ukraine’s military, secured access to Elon Musk’s Starlink satellite internet service, and began recruiting a volunteer “IT Army” to hack Russian targets. More recent projects include a chatbot for citizens to submit images or videos of Russian troop movements.”

Ukraine’s Digital Ministry Is a Formidable War Machine

 

The Guardian reports “about 300,000 people have signed up to a group on the chat app Telegram called “IT Army of Ukraine”, through which participants are assigned tasks designed to take the fight to Vladimir Putin. In so doing, they are trying to level the playing field between one of the world’s (so-called) superpowers and Ukraine as it faces bombardment and invasion.

‘It’s the right thing to do’: the 300,000 volunteer hackers coming together to fight Russia

 

Anonymous continue their efforts.

Anonymous releases 364,000 files about Russia's censorship of invasion

 

They also hit the German subsidiary of Russian energy giant Rosneft with a cyberattackRosneft withal Office for Information Security (BSI) says.

Hackers target German branch of Russian oil giant Rosneft

 

Fast Company reports on how “A group of techies-turned-hackers called the Cyber Partisans are targeting railways carrying Russian troops and exposing a brutal Belarusian regime.”

How hackers in Belarus are complicating Putin’s Ukraine invasion

 

Rest of World asks:

In Ukraine’s cyber-war with Russia, who is a civilian, and what is a war crime?

 

The Wall Street Journal notes “People around the world are using a new website to circumvent the Kremlin’s propaganda machine by sending individual messages about the war in Ukraine to random people in Russia.”

Using a New Cyber Tool, Westerners Have Been Texting Russians About the War in Ukraine

 

The Guardian also notes “Experts say both sides may understand that large-scale cyber-attacks will result in ‘mutually assured destruction of systems’.”

‘Catastrophic’ cyberwar between Ukraine and Russia hasn’t happened (yet), experts say

 

Cybersecurity

 

I thought this would have been a no-brainer but:

Germany warns against using Kaspersky software citing 'considerable' cyber risk after Russia's invasion

 

VentureBeat reports “Cloudflare unveiled a new tool in its suite of security offerings, the Cloudflare API Gateway, which seeks to simplify the protection of increasingly prevalent application programming interfaces (APIs). The solution also aims to feature a significantly lower price point than many of the other API security products now on the market, which could go a long way toward “democratizing” API security for the market.

Cloudflare aims to boost API security with a new gateway

 

On the Public API Network, Postman gathers some of the best APIs to ramp up productivity including Notion (just released to GA!), Peruse Code, and Machine Learning Tools for Developer Professionals.

Build Software Faster with These Productivity APIs

 

This was from a while back but is worth another look. Via Github:

The Open Source Software Security Summit: securing the world’s code together

 

C.S. Rhymes says, “GitHub offers a dependabot service that can let you know of any potential security issues with your dependencies and automatically create a Pull Request for you. This works great without any configuration if you have a repo that contains npm, composer, or gem dependencies, but you may need additional configuration if your lock files aren’t in the root directory, or in separate directories in the case of a monorepo.”

Using GitHub Dependabot with a Monorepo

 

GitHub also has a video exploring “ some of the shortcomings of legacy application security solutions, and share a developer-first approach that can help your organization overcome challenges with an end-to-end security process and improved collaboration.”

Developer-first security: The next step for AppSec

 

If you are having trouble getting cybersecurity buy-in with your CEO or CFO, share this with them. Plus, it’s a good review for anyone.

Cybersecurity: What Every CEO and CFO Should Know

 

More

 

Core DNA writes “We take a close look at the evolution of the CMS platform, specifically, how the management of content has changed and how platforms have been designed to cater for the changing browsers, new channels, and client needs.”

Custom CMS & Backend Frameworks Be Damned

 

Postman asks us to “Explore the World of APIs. Browse the largest network of APIs, workspaces, and collections by developers across the planet.”

Postman API Network

 

Ben Gurney shares an effective way to approach improving the web accessibility of your apps.

My secret to better web accessibility

 

Chris Saxon notes “We all know that many modern apps rely on REST APIs to talk to other services, especially in the cloud. We all know those APIs usually send and receive data using a recent innovation: JavaScript Object Notation (JSON) documents. And we know there are a lot of methods for storing, managing and sharing these documents in your applications.

What many people don’t know is that the best way to manage JSON is with a seemingly ancient tool: the SQL language. Let’s look at why that is and five examples of how to do it.”

Why (and How) You Should Manage JSON with SQL

 

That's it for this week. Thanks for making it to the end of another extended edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.

 

Please share this post. :) Be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early). And follow us on Twitter at @symfonfystation.

 

Do you own or work for an organization that would be interested in our promotion opportunities? If so, please contact us. We’re in our infancy so it’s extra economical. ;)

 

More importantly, if you are a Ukrainian company with coding-related products, we can provide you with free promotion on our Support Ukraine page. Or if you know of one, get in touch.

 

Keep going Symfonistas!

 

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Symfony Station Communiqué - 11 March 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communiqué. It's your weekly review of the most essential news in the Symfony and PHP development communities.

This week, we continue our coverage of the war crimes going on in Ukraine and how you can help. That sparks some cybersecurity coverage as well. There was not much Symfony news so I’m adding in extra Drupal coverage that overlaps with Symfony development.

Take your time and enjoy the items most valuable for you.

 

Thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

 

Please note that links will open in a new browser window. My opinions will be in bold.

 

As always, we will start with the official news from Symfony.

Highlight -> “This week, Symfony 4.4.39, 5.4.6, and 6.0.6 maintenance versions were released. In addition, the entire schedule of the SymfonyLive Paris 2022 conference was published. Finally, Symfony expressed its solidarity with Ukrainian people.”

A Week of Symfony #792 (28 February - 6 March 2022)

 

They also remind us that “the French SymfonyLive conference organized in Paris will be soon here! Join us on April 7th and 8th for 2 days of Symfony talks. Regular pricing ends on March 14th!”

Only 4 weeks left before SymfonyLive Paris 2022

 

SymfonyCasts continues its exploration of EasyAdmin.

This week on SymfonyCasts

 

Featured Item

 

Featured Item graphic

 

A recent Forbes article notes “over one-quarter of U.S. consumers have not taken any steps to protect their digital/online privacy - and that means it is more important than ever for organizations to ensure their software and applications are as bulletproof as possible against bad actors. However, the rapid shift to digital and the fast-paced nature of business in today’s post-pandemic world, coupled with the growing and sophisticated threat landscape, continues to challenge even the most advanced security teams.

Something needs to change, and one company is arguing that the industry requires a new approach to security centered on developers. After all, developers have become the lifeblood of an organization's digital transformation journey - but the faster developers move to bring new applications to market, the greater the chances for flaws or security issues within their code.”

Why the Future of Cybersecurity Rests in Developers’ Hands

 

I wholeheartedly agree with this.

 

This Week

 

Alexandre DuBois asks "is Symfony using some sort of magic to validate inputs?"

Symfony Internals #2: Data Validation

 

Dans français Guillaume Ponty explores 3rd-party authentication with Symfony.

Symfony 6: S’authentifier Avec Google, Facebook, GitHub, …

 

Heddi Nabbisen has this interesting tutorial for us:

EasyAdmin 4 for admin panel based on PHP 8 and Symfony 6: Install and create a sample

 

Andy Blum writes “Following Drupal 8’s ambitious overhaul to “get off the island,” the recommended way to create a new Drupal site is to use composer to manage all PHP dependencies. By now, most Drupal developers will have had a chance to install a new module or update existing modules using composer’s require or update commands, but did you know that you can also use composer to run scripts to interact with your code?”

Add a Composer Script to Your Module or Theme

 

Griffin Polonus writes “PHP 8 includes improvements that show a clear desire to modernize, as well as capabilities of other popular languages that developers will appreciate. Thanks to PHP 8, Drupal 10 can now use tools that will enable continued growth and enhanced performance. Upgrading to PHP 8 will be beneficial to any site running on PHP–however, as a Drupal developer, I’m particularly excited about how this will impact Drupal 10. I’ll highlight some of the benefits that apply to many sites, but especially how it may apply to Drupal.

PHP 7 to 8: Entering the Modern Era of Programming Languages

 

Golems states, “Drush (the Drupal Shell) is one of the most convenient and functional assistants for all Drupal developers. Read on if you're interested in learning how Drupal 9 and Drush work together, what benefits it has, and how easy it is to sanitize data with Drush.”

Drupal 9: Sanitizing Data With Drush

 

Last Month

 

Manish Saharan says, “In this article, we’re going to discuss two such Drupal 8/9 utility tools that have massively simplified and improved the way you work with Drupal code, modules, and installations - Drupal Console (leveraging Symfony Console) and Drush.”

Accelerating Drupal Development with Drupal Console and Drush

 

Timeless

 

As we noted in How Symfony Station was built: an adventurous exploration of layout solutions, the default Drupal admin theme is an eye-destroying abomination. We wrote “Gin is beautiful in comparison. It's clean, cool, and collected with some customization options.” It was built on the foundation of Claro from one of the lead designers of the Claro & Drupal Design System.

Clayton Dewey expounds upon this with, “I’ve seen, time and again, the difference a clean and modern website editing interface can have on both the quantity and quality of site content. When a website’s back-end is frustrating and unappealing to work with, it dissuades the author from posting.” In a multi-post series, he explores the wonders of Gin.

There are a lot of design lessons to pick up in the series. And if you’re a new Drupal user, lessons on how to use it. It’s perfect for larger publishers.

Enhance Your Drupal Website’s Authoring Experience Part 1 - Modernize the Admin Theme with Gin

 

Enhance Your Drupal Website's Authoring Experience Part 2 - Declutter the User Interface

 

Enhance Your Drupal Website’s Authoring Experience Part 3 - Improve the Field User Interface

 

Enhance Your Drupal Website’s Authoring Experience Part 4 - Fine Tune Admin Pages

 

Enhance Your Drupal Website's Authoring Experience Part 5 - Accessibility Tools and Conclusion

 

Note: Drupal is addressing their usability problem with a version of Claro that will be non-experimental for core in v. 10.

 

Inspector logo

Sponsored Article

We published our third sponsored article on Symfony Station exploring how to Implement Code Execution Monitoring for your Symfony apps via Inspector. Like all our articles it is now available via audio.

 

How to Implement Code Execution Monitoring for your Symfony apps via Inspector

 

All sponsored articles are for products we have vetted and stand behind. We either use them or would do so if they were applicable to the Symfony Station site.

 

PHP logo

PHP

 

This week

 

Rafael Bernard Araujo explores Domain-Driven Design in and value object:

Introducing value objects in PHP

 

Tomasz Dobrowolski covers dependency injection and writes, “while it sounds complex, it’s not as scary as it sounds on the surface. And if used correctly, it can transform your code to be cleaner and easier to work with.”

What Is Dependency Injection in PHP and How You Can Use It to Write Better Code

 

Marco Aurélio Deleu says, “I have been working on a new Runtime for Bref for a while now and it has been my biggest open source journey so far. It has been incredibly challenging and a great learning experience. In this post, I want to run through some key aspects that I faced while working on this.”

3 things I learned working on a Bref Runtime

 

Frank de Jonge shows us how to:

Use a message envelope

 

Andreas Heigl takes a look at PHP attributes.

Attributes are awesome

 

Harpreet Kaur notes “Memcache is object storing mechanism which is used to store the results of database queries helping websites to serve pages faster. Memcaching process stores data as key-value pairs in memory so that it can be accessed later. It will be useful in those applications which rely heavily on database queries. Memcaching is going to improve the performance of the application significantly.”

What is Memcache & How to use it in PHP?

 

Ten7 looks at Memcache in Drupal.

Memcache Testing and Proxying

 

Gene Wilburn needed to build a lightweight search functionality. He writes “As I thought about a solution for this small site, I thought of grep, the open-source search utility with a long Unix heritage that can rip through text files to search for words or phrases and show them in context.”

Greppy: A Lightweight Perl/PHP Website Search Engine Based on Grep

 

Jakub Misek says, “Have you heard about the Visual Studio Code for the Web? It's the code editor running in your browser, allowing you to work with your local files, files on your GitHub repositories, or files on Azure. Anywhere.

In the case of the PHP language, it is only suitable for quick edits on small projects, due to its limitations. However, PHP Tools for Visual Studio Code is newly available for VS Code for the Web. All the editor features can now be used in this browser-based development environment.”

PHP IntelliSense on the Web

 

Last Month

 

Alessandro Castellano has a new tutorial and says, “you are going to see how class constructors work in PHP, what happens with class inheritance, and a new PHP 8 feature called “argument promotion”.”

PHP Constructors Explained

 

WPGraphQL notes “Setting up End to End tests for WordPress plugins can be done in several ways (Codeception, Cypress, Ghost Inspector, etc), but lately, the easiest way I’ve found to do this is to use the @wordpress/env and @wordpress/scripts packages, distributed by the team working on the WordPress Block Editor (a.k.a. Gutenberg), along with GitHub Actions.”

Adding End 2 End Tests to WordPress plugins using wp-env and wp-scripts

 

Frank Pins explores Gitlab pipelines in a series of articles.

Optimizing Gitlab pipelines - Basics (1)

 

Optimizing Gitlab pipelines - PHPUnit (2)

Code logo

Other

 

Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).

I think we should all stop doing business with Russian companies. However, many think internet access is an exception. At this point, I am not sure. But Cloudflare is.

Cloudflare won’t cut off Russia, says it “needs more Internet access, not less”

 

It seems that Twitter itself agrees as it has created an onion site for Tor browsers.

Learn more in this Tweet thread

 

And Lumen does not.

Breaking Russia's internet backbone

 

Venture Beat has a report on the Ukrainian IT Army’s offensive.

Ukraine’s IT army is doing well, hitting Russia with ‘cost and chaos’

 

Anonymous continues its assault on Putin’s minions and lackeys.

Anonymous claims it hacked into Russian TVs and showed the true devastation of Putin’s Ukraine invasion

 

Cyber Scoop reports “NATO nations voted unanimously last Friday to admit Ukraine to their Cooperative Cyber Defence Centre of Excellence (CCDCOE), a development which experts said will help Ukraine fight off mounting cyber threats from Russia.”

Ukraine, looking to fortify itself against Russian attacks, admitted to NATO cyber center

 

The free world also needs to kick up its defensive game. Three companies are aiding the effort.

Cloudflare, CrowdStrike, and Ping Identity launch the Critical Infrastructure Defense Project

 

What won’t work is the Ostrich approach.

It's time to stop hoping that cybersecurity problems will just go away

 

One way to defend your site is to block access to it by country. If you don’t have an audience in Russia, you should do so. We do so we aren’t.

How to block access to your website and related services in Russia, PHP 8, and client-side alternatives

 

Tawhid has this security advice for us:

11 Security tips to protect your website

 

As an example of an attack, Nevulo explains XSS. “Cross-site scripting is an attack performed on websites, where an attacker can inject some malicious code or scripts that get executed to modify the behavior of that website.”

What is cross-site scripting (XSS) and how does it work?

 

Harvard Business Review’s Stuart Madnick takes a peek at where this might all lead.

What Russia’s Ongoing Cyberattacks in Ukraine Suggest About the Future of Cyber Warfare

 

Via Fast Company “MacPaw’s Julia Petryk talks about sheltering in an underground parking garage, enduring Russian propaganda, and confronting the emotional toll of the war.” MacPaw is a Ukrainian company we urge you to support.

 

What it’s like to work at a Ukraine tech company during Russia’s invasion

 

Speaking of tech companies:

It took a war for Big Tech to take a side

 

Here are a few articles examining why Putin’s war of terror is not going so well (aside from the fact that most thugs are corrupt, dumb, and incompetent).

Putin Underestimated the Connective Tissue of Capitalism

 

The Strategy That Can Defeat Putin

 

The Spectacular Collapse of Putin’s Disinformation Machinery

 

And now in more encouraging news, here’s a look at the impressive things coming to CSS. Michelle Barker writes “It’s fair to say that we’re in a booming era for CSS right now. As I write this, I notice that many of these new features have some things in common. Yes, they often help us write better, cleaner, and more efficient code.”

New CSS Features In 2022

 

Icons are always useful for UI, UX, and web design. Here’s how to use Font Awesome no matter your dev/design stack.

Now You Can Stop Shoehorning Solutions to Get Icons Working with Your Tech — Font Awesome Matches Your Tool Stack

 

Microsoft made an announcement that will make JavaScript developers happy.

A Proposal for Type Syntax in JavaScript

 

Writing for Forbes, Amir Husain says:

Decentralization Is the Future of Software

 

That's it for this week. Thanks for making it to the end of another extended edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.

 

Please share this post. :) Be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early). And follow us on Twitter at @symfonfystation.

 

Do you own or work for an organization that would be interested in our promotion opportunities? If so, please contact us. We’re in our infancy so it’s extra economical. ;)

 

More importantly, if you are a Ukrainian company with coding-related products, we can provide you with free promotion on our Support Ukraine page. Or if you know of one, get in touch.

 

Keep going Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Subscribe to Cloudflare

 

 

Follow Symfony Station on Mastodon Mastodon Icon Twitter Twitter Icon Flipboard Flipboard Icon or Our Newsletter Newsletter Icon