Welcome to this week's Symfony Station Communique. It's your weekly review of the most valuable and essential news in the Symfony and PHP development communities. This week it's extensive again, so take your time and enjoy its most valuable items.
Thanks to Javier Eguiluz and Symfony for sharing our last communique in their Week of Symfony.
*Please note that links will open in a new browser window. My opinions, if I present any, will be in bold.
As always, we will start with the official news from Symfony.
Highlight -> "This week, Symfony 4.4.35 and 5.3.12 releases were published to address some potential security vulnerabilities. In addition, Symfony 5.4.0-RC1 and 6.0.0-RC1 were published in preparation for their imminent stable release. Lastly, Symfony announced the last days of its Black Friday 2021 deals which end on November 29."
A Week of Symfony #778 (22-28 November 2021)
Javier continues a series of posts on what's new in Symfony 5.4.
It's finally here. Symfony 6 is available!
Symfony 6.0.0 released
Symfony 5.4 as well.
Symfony 5.4.0 released
SymfonyWorld conference starts in just a week: 10 workshops, 25 talks and hundreds of community members to meet. Don't miss it!
A week left before SymfonyWorld Online 2021 Winter Edition, book your ticket now!
SensioLabs has this for us: "To mark the release of Symfony 6, SensioLabs has interviewed Nicolas Grekas, one of the most active members of the Symfony core team. Grekas described the main new features of this latest major version of Symfony and how to start preparing for the upgrade."
Deep dive into Symfony 6: the interview with Nicolas Grekas
SymfonyInsight is the official Symfony platform to monitor and maintain high quality projects over long periods of time. It also helps you reduce business risks and upgrade your application dependencies.
PHP 8.1 is the latest version of PHP, released on November 25th. We’re thrilled to announce SymfonyInsight support of PHP 8.1 and all its features (enums, readonly properties, etc)!
SymfonyInsight now supports PHP 8.1!
We continue to highlight the most significant post of the week.
Stitcher.io has this for us.
PHP 8.1 was released on November 25, 2021. This post will go through all features, performance improvements, changes, and deprecations one by one.
What's new in PHP 8.1
Speaking of Symfony 6, Alex Daubois has this interesting post.
What's this upcoming "Encryption" component of Symfony 6.1?
Kiratas provides this advice: "SensioLabs has presented versions 5.4 and 6.0 of the popular PHP framework Symfony. The two versions are identical regarding the innovations, but Symfony 6 cuts off old braids and removes all content marked as outdated (deprecated). Therefore, developers who want to switch to the new main version should first switch to 5.4 and remove all deprecations."
PHP framework: Symfony 6.0 appears at the same time as version 5.4
Via SymfonyCasts: "We're heading into Twig and inside a service to fetch the currently-authenticated user. While we're there, we'll add some custom methods to our User class to make it smarter!" They continue their look at Symfony security with:
This week on SymfonyCasts
Mattia Toselli shows us how to develop a simple app with Symfony 5 on our local machine. Then we will deploy this app using a service of DigitalOcean called App Platform.
How to create an automated pipeline for deploy with Symfony 5 and DigitalOcean App Platform.
Why invest in AWS CDK today? Using a simple example with a basic web application built with the Symfony framework, this article will show you how to industrialize any application with Infrastructure as Code (IaC) methodology on AWS.
Build and Deploy a Symfony Application on AWS using CDK, ECS, and RDS
I know that there seems to be one of these comparison posts every week. But, if they have something new in them, even one sentence, we'll continue to feature them.
Laravel vs. Symfony: Which PHP Framework to Choose for Enterprise-grade Web Applications?
By the way, the answer for Enterprise-grade is Symfony.
Prestaconcepts brings us this post in French.
What Symfony 5.4 Brings
Doctrine has a new release.
New Release: Doctrine DBAL 3.2.0
Gábor Hojtsy writes: "As you may know, we are planning to release Drupal 10 in 2022 (as early as June) because Drupal 9's Symfony 4 and CKEditor 4 are both at the end of life the year after, around the end of 2023. So we plan to give enough time for people to update to Drupal 10 before Drupal 9 goes end of life. A similar situation happened with Drupal 8 to 9 driven by Symfony 3 to 4. However, moving Drupal 10 from Symfony 4 to 5 would again only give us a couple of years to move on to Symfony 6 next, so the current plan is to move to Symfony 6 straight away."
The big Symfony 4 to 6 jump plan in Drupal 10 and potential benefits down the line for future versions
Websites developed on the Symfony framework were vulnerable to web cache poisoning attacks due to misuse of HTTP headers, according to CyberIntelMag.
Symfony PHP Framework Had Cache Poisoning Vulnerability
Hantsy has the following min-tutorial.
Building Restful APIs with Symfony 5 and PHP 8
The idea behind Inspector is to create a monitoring environment specifically designed for software developers avoiding any server or infrastructure configuration that many developers hate dealing with. It works with a lightweight software library that you can install in your application like any other dependencies. In the case of Symfony, you can use our official Symfony Bundle.
Code Execution Monitoring for Symfony applications using Inspector
When it comes to open source ecommerce platforms, there are quite a few solutions to choose from. You may have heard about Magento or PrestaShop. But have you ever seen something about Sylius?
What is Sylius and how to use it?
As you may know, I ran across Akashic Seer's blog last month, which boasts Symfony-related posts. Here are a few more from his archive delivered with his unique approach.
How to add CSRF protection to Symfony 5+ forms
How to access Doctrine in Symfony 5+ services
To paraphrase Cloudways, PHP is the backbone for almost every website, and its security shouldn't be negligible. PHP developers are responsible for avoiding common threats like cross-site request forgery, SQL injections, and data tampering. And PHP has built-in security features that make it easier for developers to protect their websites.
Ultimate PHP Security Best Practices
This week, the latest PHP RFC, Deprecate Dynamic Properties, passed 2:1. It barely met the 2/3 vote threshold for passing, which of course, can and has been spun in various pro-and-con ways. The prominent argument people had against it was that it involves triggering deprecation warnings, which is kind of the point. That's what it does mostly.
Evolving PHP safely
Here's more on security as Matthieu Robin asks: "You've been using PHP for years, and it seems to work just fine, but have you ever wondered what more you could be doing to keep your scripts secure?"
10 Ways to Improve Your PHP Security
Vedran Mihočinec too has a question. What is the easiest way to dockerize PHP applications?
The Easiest Way to Dockerize PHP Applications
In past communiques, we examined Anders Björkland posts on Bolt CMS. Here he takes a look at Silver Stripe CMS in two posts.
A CMS with a new take - SilverStripe first impression
Adding registration to SilverStripe and controlling privileges
On an unrelated note, he also posted.
Overview - The C in PHP stands for Christmas 🤶🎅. Follow this daily in December.
Speaking of PHP CMSs.
Composer and Contao for the Rest of the World
Ibrahim Alausa has written a comprehensive guide on writing cleaner, shorter class constructors.
PHP 8: Constructor Property Promotion
Jetbrains has another announcement, although it's quite as big as last week's.
JetBrains Remote Development: The ultimate coding experience for a remote world
They also announced that PhpStorm 2021.3 is now available. This major release introduces full support for PHP 8.1, better handling of generics in PHP, remote development, improvements to deployment, an HTTP client, refactorings, and much more.
PhpStorm 2021.3: PHP 8.1, Generics, Remote Development, Refactorings, and More
Olotin Temitope shows us how to configure Xdebug with PHPStorm and Docker to debug like a pro.
How to debug like a pro using Xdebug, PHPStorm, and Docker.
PHP Architect interviews feature contributor Vinícius Campitelli about his article Cryptography with Libsodium.
Interview with Vinícius Campitelli
As of today, when you update dependencies in a pull request, Private Packagist comments with all composer.lock changes displayed in a clear and easy to scan table.
Introducing: Update Review
In this episode of the PHP Internals News podcast, they're looking back at all the RFCs that were discussed on the podcast for PHP 8.1. In their own words, the RFC authors explain these features, with your host interjecting his comments on the state of affairs. Please give it a listen.
PHP Internals News: Episode 95: PHP 8.1 Celebrations
In this video, BeachCasts shows us how to:
Measure PHP Code Quality With Static Analysis Using PHPStan
James Seconde has more on PHPStan.
Scrub Up! Cleaning Your PHP Application With PHPStan
If you use Drupal, its PHPStan solution gets an update.
Better static analysis with entity type storage in phpstan-drupal 1.10
And there's another one of these. Sigh.
Is PHP a Dying Language?
And as long as most of us will be alive, the answer is no. But the author still makes some interesting points about why that is.
How will future AI systems make the most ethical choices for all of us?
Worried about AI ethics? Worry about developers' ethics first
To continue on that line.
AI can translate standard written text to code
And regarding other so-called threats to the careers of developers.
Low code will help but don't expect a revolution
Here are five handy MySQL string functions you can add to your toolkit.
5 MySQL String Functions You Should Know
This type of CSS review is always helpful.
Flexbox vs. CSS Grid: What are the differences between the two, and when should you use them?
Postman says: "Before promoting an API direction, all parties must understand where we are and what destinations are possible. A map helps simplify an overwhelming number of technologies, techniques, and ideologies into something approachable and with a clear way forward. Ultimately, maps provide key insights so that having a conversation about an ecosystem's strengths and weaknesses can occur."
How to Improve an API Ecosystem with Mapping
GitHub had some problems this week, but they were able to post this about Actions.
GitHub Actions: reusable workflows are generally available
Here's an in-depth look at Docker, which is always helpful.
Dock Life: Using Docker for All The Things!
And here's a look at the vital topic of user experience.
The State of UX in 2022
Like most articles in the New Yorker, this is a long one. But, it's worth grabbing your favorite beverage and reading it at your leisure.
Lina Khan's Battle to Rein in Big Tech
Have you published or seen something related to Symfony or PHP that we missed? If so, please contact us.
That's it for this week. Thanks for making it to the end of another extended edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.
Please share this post. :) Be sure to join our newsletter list, so you get each week's communique directly in your inbox (a day early). And follow us on Twitter at @symfonfystation.
Happy coding Symfonistas!