Sorry, you need to enable JavaScript to visit this website.
Skip to main content

Symfony Station Communiqué - 30 September 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communiqué. It's your review of the essential news in the Symfony and PHP development communities. We also cover the cybersecurity world in detail.

This edition was produced under duress due to Hurricane Ian, so it’s late.

Take your time and enjoy the items most relevant and valuable to you.

As always, thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

My opinions will be in bold.


Many of the items we curate are on Medium. I recommend investing in membership as you can access everything you want to read. It’s a small investment in boosting your career. As you may have noticed, non-members can only access a limited number of articles per month.

Become a member here! The compensation we receive from your use of this link helps pay for our weekly communiqué.


Symfony logo

Symfony

As always, we will start with the official news from Symfony.

Highlight -> “This week, Symfony development activity focused on finishing and polishing some new features for the upcoming Symfony 6.2 version, such as: updating codebase to use modern PHP features like null coalescing assignment and match statements; adding new config options for HttpCache; and updating some new panels in the Symfony Profiler.“

A Week of Symfony #821 (19-25 September 2022)

Symfony announced:

Twig security release: Possibility to load a template outside a configured directory when using the filesystem loader

SymfonyCon Disneyland Paris 2022: From monolith to decoupled…wait, why is that one getting bigger?!

SymfonyCon Disneyland Paris 2022: Calculating what we can’t see: carbon emissions in the cloud

SymfonyCon Disneyland Paris 2022: Voice of partner panel discussion: how Platform.sh agency partners drive innovation and growth

SymfonyCon Disneyland Paris 2022: Building a great product means designing for your users.

SymfonyCasts continues their Doctrine course:

This week on SymfonyCasts


Featured Item graphic

Featured Item

Joseph Udonsak shows us how to use two of our favorite things in:

Manage Your Twilio Message History Using Symfony, Svelte, and Webpack

There's more on Webpack below.


This Week

Dariusz Gafka explores:

Handling asynchronous errors in PHP with Laravel Queues, Symfony Messenger and Ecotone

Mert Simsek looks at the:

CQRS Principle with Symfony Messenger

Smaine Milianni examines:

Symfony Messenger pre and post-handle messages

And:

Marko Vušak presents Fun with feature flags

Alexandre Daubois says:

Emojis are new Symfony’s best friends!

Twilio has:

Integrate Twilio WhatsApp Business API with a Symfony Application

Paul Rijke examines:

Getting Doctrine's ChangeSet in a postUpdate event

CMSs

Xavier Mirabelli-Montan explores:

The future of the CMS in 2022

Concrete CMS shares:

WordPress And Concrete CMS A Philosophical Difference In Adding Features

Drupal updates:

What’s coming in Drupal 10

On a related note the Drupal Association shared:

DrupalCon Prague 2022 Driesnote

Dan Moriarty examines:

Cookie Compliance and Privacy

Esmeralda Tijhoff looks at:

The Need for Knowledge-Level Labelling for Sessions and Other Stuff: A Recap of DrupalCon Prague 2022

Hashbang Code has:

Drupal 9: Using Validation Constraints To Provide Custom Field Validations

Specbee opines:

What Search Engines want and why Drupal is better for SEO

Previous Weeks

Vishwa Chikate uses:

PHP Composer package to resolve Drupal Entities as simple Object/Array of fields

Peter Fox explores:

Automatically updating your projects’ dependencies in GitHub

PHP logo

PHP

This Week

Geni Jaho shows us how to:

Safely upgrade from PHP 7.4 to 8.1 using Rector

Simone Gentili looks at:

Test driven development: a php starter kit

.com explores:

Using Constructors The Right Way

Joe Steinbring shows us:

How to deploy a PHP app to Azure

Previous Weeks

Juampi explores:

Testing your SEO with PHP & Pest

Ramiz Kongulov examines:

PHP Exceptions: Try Catch for Error Handling

Vlad Reshetilo shares:

5 Things you might not know about PHP

Code logo

Other

Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).

The cyber response to Russia’s War Crimes

The Guardian reports:

Apple removes Russian Facebook competitor VK from App Store

PC Mag reports:

US Allows Tech Firms, SpaceX's Starlink To Expand Internet Services To Iran

The Evil Empire Strikes Back

The Washington Post reports:

The Russian men fleeing mobilization, and leaving everything behind

Axios reports:

Ukraine warns allies about Russian cyberattacks

Ars Technica reports:

Meta disrupted China-based propaganda machine before it reached many Americans

And a Russian one before it reached Europeans.

Cybersecurity/Privacy

Decipher reports:

The NSA is Here to Help

The New Stack explores:

5 Myths about CVEs

VentureBeat reports:

How zero-trust segmentation keeps cyberbreaches from spreading across the enterprise

PC Mag reports:

Cloudflare Turnstile Replaces CAPTCHA Tests With a Browser Challenge

Ars Technika reports:

Numerous orgs hacked after installing weaponized open source apps

More

GitHub opines:

Functional programming is finally going mainstream

Austin Gil shares:

VS Code Timeline Restores Lost Work That Git Can't

Stéphane Robert looks at GitLab’s official CLI tool:

Glab est devenue la cli officielle de gitlab

Postman has:

Understanding Asynchronous APIs

Michael Ogundipe has:

An Introduction to Design Patterns and Pattern Elements

Tech Republic shows us:

How to integrate GitHub and Jira

Kinsta has:

GraphQL vs REST: Everything You Need To Know

Michel Floyd explores:

GraphQL for SQL Developers - Part 1 - The Schema

Percona looks at:

Scaling MySQL – A Good Problem to Have

Ramandeep Kaur examines:

What, Why and How of Webpack...

Lullabot shares:

CSS Features We’re Thankful For and CSS Features We Need

The Conversation reports:

'Protestware' is on the rise, with programmers self-sabotaging their own code. Should we be worried?

That’s it for this week. Please share this communiqué.

Also, be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early).

If you don't already, follow us on Twitter at @symfonfystation.

And since it may be turning into a full-scale dumpster fire, we are now on Mastodon as well at @symfonystation@phpc.social. Consider joining the @phpc.social instance.

Do you own or work for an organization that would be interested in our promotion opportunities? Or supporting our journalistic efforts?

If so, please get in touch with us. We’re in our infancy, so it’s extra economical. 😉

More importantly, if you are a Ukrainian company with coding-related products, we can offer free promotion on our Support Ukraine page. Or, if you know of one, get in touch.

Keep coding Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Symfony Station Communique - 3 December 2021

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communique. It's your weekly review of the most valuable and essential news in the Symfony and PHP development communities. This week it's extensive again, so take your time and enjoy its most valuable items.

 

Thanks to Javier Eguiluz and Symfony for sharing our last communique in their Week of Symfony.

 

*Please note that links will open in a new browser window. My opinions, if I present any, will be in bold.

 

Symfony 

 

As always, we will start with the official news from Symfony.

 

Highlight -> "This week, Symfony 4.4.35 and 5.3.12 releases were published to address some potential security vulnerabilities. In addition, Symfony 5.4.0-RC1 and 6.0.0-RC1 were published in preparation for their imminent stable release. Lastly, Symfony announced the last days of its Black Friday 2021 deals which end on November 29."

A Week of Symfony #778 (22-28 November 2021)

 

Javier continues a series of posts on what's new in Symfony 5.4.

 

 

It's finally here. Symfony 6 is available!

Symfony 6.0.0 released

 

Symfony 5.4 as well.

Symfony 5.4.0 released

 

SymfonyWorld conference starts in just a week: 10 workshops, 25 talks and hundreds of community members to meet. Don't miss it!

A week left before SymfonyWorld Online 2021 Winter Edition, book your ticket now!

 

SensioLabs has this for us: "To mark the release of Symfony 6, SensioLabs has interviewed Nicolas Grekas, one of the most active members of the Symfony core team. Grekas described the main new features of this latest major version of Symfony and how to start preparing for the upgrade."

Deep dive into Symfony 6: the interview with Nicolas Grekas

 

SymfonyInsight is the official Symfony platform to monitor and maintain high quality projects over long periods of time. It also helps you reduce business risks and upgrade your application dependencies.

PHP 8.1 is the latest version of PHP, released on November 25th. We’re thrilled to announce SymfonyInsight support of PHP 8.1 and all its features (enums, readonly properties, etc)!

SymfonyInsight now supports PHP 8.1!
 

 

Featured Item graphic

 

Featured Item

We continue to highlight the most significant post of the week.

 

Stitcher.io has this for us.

PHP 8.1 was released on November 25, 2021. This post will go through all features, performance improvements, changes, and deprecations one by one.

 

What's new in PHP 8.1

 

This week

 

Speaking of Symfony 6, Alex Daubois has this interesting post.

What's this upcoming "Encryption" component of Symfony 6.1?

 

Kiratas provides this advice: "SensioLabs has presented versions 5.4 and 6.0 of the popular PHP framework Symfony. The two versions are identical regarding the innovations, but Symfony 6 cuts off old braids and removes all content marked as outdated (deprecated). Therefore, developers who want to switch to the new main version should first switch to 5.4 and remove all deprecations."

PHP framework: Symfony 6.0 appears at the same time as version 5.4

 

Via SymfonyCasts: "We're heading into Twig and inside a service to fetch the currently-authenticated user. While we're there, we'll add some custom methods to our User class to make it smarter!" They continue their look at Symfony security with:

This week on SymfonyCasts

 

Mattia Toselli shows us how to develop a simple app with Symfony 5 on our local machine. Then we will deploy this app using a service of DigitalOcean called App Platform.

How to create an automated pipeline for deploy with Symfony 5 and DigitalOcean App Platform.

 

Why invest in AWS CDK today? Using a simple example with a basic web application built with the Symfony framework, this article will show you how to industrialize any application with Infrastructure as Code (IaC) methodology on AWS.

Build and Deploy a Symfony Application on AWS using CDK, ECS, and RDS

 

I know that there seems to be one of these comparison posts every week. But, if they have something new in them, even one sentence, we'll continue to feature them.

Laravel vs. Symfony: Which PHP Framework to Choose for Enterprise-grade Web Applications?

By the way, the answer for Enterprise-grade is Symfony.

 

Prestaconcepts brings us this post in French.

What Symfony 5.4 Brings

 

Doctrine has a new release.

New Release: Doctrine DBAL 3.2.0

 

Gábor Hojtsy writes: "As you may know, we are planning to release Drupal 10 in 2022 (as early as June) because Drupal 9's Symfony 4 and CKEditor 4 are both at the end of life the year after, around the end of 2023. So we plan to give enough time for people to update to Drupal 10 before Drupal 9 goes end of life. A similar situation happened with Drupal 8 to 9 driven by Symfony 3 to 4. However, moving Drupal 10 from Symfony 4 to 5 would again only give us a couple of years to move on to Symfony 6 next, so the current plan is to move to Symfony 6 straight away."

The big Symfony 4 to 6 jump plan in Drupal 10 and potential benefits down the line for future versions

 

Websites developed on the Symfony framework were vulnerable to web cache poisoning attacks due to misuse of HTTP headers, according to CyberIntelMag.

Symfony PHP Framework Had Cache Poisoning Vulnerability

 

Last Week

 

Hantsy has the following min-tutorial.

Building Restful APIs with Symfony 5 and PHP 8

 

Timeless

 

The idea behind Inspector is to create a monitoring environment specifically designed for software developers avoiding any server or infrastructure configuration that many developers hate dealing with. It works with a lightweight software library that you can install in your application like any other dependencies. In the case of Symfony, you can use our official Symfony Bundle. 

Code Execution Monitoring for Symfony applications using Inspector

 

When it comes to open source ecommerce platforms, there are quite a few solutions to choose from. You may have heard about Magento or PrestaShop. But have you ever seen something about Sylius?

What is Sylius and how to use it?

 

As you may know, I ran across Akashic Seer's blog last month, which boasts Symfony-related posts. Here are a few more from his archive delivered with his unique approach.

How to add CSRF protection to Symfony 5+ forms

How to access Doctrine in Symfony 5+ services

 

PHP logo

 

PHP

 

This week

 

To paraphrase Cloudways, PHP is the backbone for almost every website, and its security shouldn't be negligible. PHP developers are responsible for avoiding common threats like cross-site request forgery, SQL injections, and data tampering. And PHP has built-in security features that make it easier for developers to protect their websites.

Ultimate PHP Security Best Practices

 

This week, the latest PHP RFC, Deprecate Dynamic Properties, passed 2:1. It barely met the 2/3 vote threshold for passing, which of course, can and has been spun in various pro-and-con ways. The prominent argument people had against it was that it involves triggering deprecation warnings, which is kind of the point. That's what it does mostly.

Evolving PHP safely

 

Here's more on security as Matthieu Robin asks: "You've been using PHP for years, and it seems to work just fine, but have you ever wondered what more you could be doing to keep your scripts secure?" 

10 Ways to Improve Your PHP Security

 

Vedran Mihočinec too has a question. What is the easiest way to dockerize PHP applications?

The Easiest Way to Dockerize PHP Applications

 

In past communiques, we examined Anders Björkland posts on Bolt CMS. Here he takes a look at Silver Stripe CMS in two posts.

A CMS with a new take - SilverStripe first impression

Adding registration to SilverStripe and controlling privileges

 

On an unrelated note, he also posted.

Overview - The C in PHP stands for Christmas 🤶🎅. Follow this daily in December.

 

Speaking of PHP CMSs.

Composer and Contao for the Rest of the World

 

Ibrahim Alausa has written a comprehensive guide on writing cleaner, shorter class constructors.

PHP 8: Constructor Property Promotion

 

Jetbrains has another announcement, although it's quite as big as last week's.

JetBrains Remote Development: The ultimate coding experience for a remote world

 

They also announced that PhpStorm 2021.3 is now available. This major release introduces full support for PHP 8.1, better handling of generics in PHP, remote development, improvements to deployment, an HTTP client, refactorings, and much more.

PhpStorm 2021.3: PHP 8.1, Generics, Remote Development, Refactorings, and More

 

Olotin Temitope shows us how to configure Xdebug with PHPStorm and Docker to debug like a pro.

How to debug like a pro using Xdebug, PHPStorm, and Docker.

 

PHP Architect interviews feature contributor Vinícius Campitelli about his article Cryptography with Libsodium.

Interview with Vinícius Campitelli

 

As of today, when you update dependencies in a pull request, Private Packagist comments with all composer.lock changes displayed in a clear and easy to scan table.

Introducing: Update Review

 

Last Week

 

In this episode of the PHP Internals News podcast, they're looking back at all the RFCs that were discussed on the podcast for PHP 8.1. In their own words, the RFC authors explain these features, with your host interjecting his comments on the state of affairs. Please give it a listen.

PHP Internals News: Episode 95: PHP 8.1 Celebrations

 

In this video, BeachCasts shows us how to:

Measure PHP Code Quality With Static Analysis Using PHPStan

 

James Seconde has more on PHPStan.

Scrub Up! Cleaning Your PHP Application With PHPStan

 

If you use Drupal, its PHPStan solution gets an update.

Better static analysis with entity type storage in phpstan-drupal 1.10

 

And there's another one of these. Sigh.

Is PHP a Dying Language?

And as long as most of us will be alive, the answer is no. But the author still makes some interesting points about why that is.

 

Code logo

 

Other

 

How will future AI systems make the most ethical choices for all of us?

Worried about AI ethics? Worry about developers' ethics first

 

To continue on that line.

AI can translate standard written text to code

 

And regarding other so-called threats to the careers of developers.

Low code will help but don't expect a revolution

 

Here are five handy MySQL string functions you can add to your toolkit.

5 MySQL String Functions You Should Know

 

This type of CSS review is always helpful.

Flexbox vs. CSS Grid: What are the differences between the two, and when should you use them?

 

Postman says: "Before promoting an API direction, all parties must understand where we are and what destinations are possible. A map helps simplify an overwhelming number of technologies, techniques, and ideologies into something approachable and with a clear way forward. Ultimately, maps provide key insights so that having a conversation about an ecosystem's strengths and weaknesses can occur." 

How to Improve an API Ecosystem with Mapping

 

GitHub had some problems this week, but they were able to post this about Actions.

GitHub Actions: reusable workflows are generally available

 

Here's an in-depth look at Docker, which is always helpful.

Dock Life: Using Docker for All The Things!

 

And here's a look at the vital topic of user experience.

The State of UX in 2022

 

Like most articles in the New Yorker, this is a long one. But, it's worth grabbing your favorite beverage and reading it at your leisure.

Lina Khan's Battle to Rein in Big Tech

 

 

Have you published or seen something related to Symfony or PHP that we missed? If so, please contact us.

 

 

That's it for this week. Thanks for making it to the end of another extended edition. I look forward to sharing next week's Symfony and PHP news with you on Friday. 

 

Please share this post. :) Be sure to join our newsletter list, so you get each week's communique directly in your inbox (a day early). And follow us on Twitter at @symfonfystation.

 

Happy coding Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Subscribe to REST API

 

 

Follow Symfony Station on Mastodon Mastodon Icon Twitter Twitter Icon Flipboard Flipboard Icon or Our Newsletter Newsletter Icon