Sorry, you need to enable JavaScript to visit this website.
Skip to main content

Symfony Station Communiqué - 2 September 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Illustration of the surface of an alien planet.

Welcome to this week's Symfony Station Communiqué. It's your review of the essential news in the Symfony and PHP development communities. We also cover the cybersecurity world in detail each week.

Take your time and enjoy the items most relevant and valuable to you.

As always, thanks to Javier Eguiluz and Symfony for sharing our last communiqué and Symfony UX article in their Week of Symfony.

My opinions will be in bold.


Many of the items we curate are on Medium. I recommend investing in membership as you can access everything you want to read. It’s a small investment in boosting your career. As you may have noticed, non-members can only access a limited number of articles per month.

Become a member here! The compensation we receive from your use of this link helps pay for our weekly communiqué.


Symfony

As always, we will start with the official news from Symfony.

Highlight -> “This week, Symfony 4.4.45, 5.4.12, 6.0.12 and 6.1.4 maintenance versions were released. In addition, the upcoming Symfony 6.2 version introduced a new ValueResolverInterface to replace and simplify the existing ArgumentValueResolverInterface.“

A Week of Symfony #817 (22-28 August 2022)

Symfony announced:

Zoom in on Getting the Most Out of PHPStan workshop at SymfonyCon Disneyland Paris 2022

SymfonyCon Disneyland Paris 2022: How to instantly upgrade your legacy Symfony in minutes?

SymfonyCon Disneyland Paris 2022: How to handle content editing in Symfony?

I’m looking forward to this one.

SymfonyCon Disneyland Paris 2022: Is Git a mistery for you?

Mostly, unfortunately. If mistery is a combination of mystery and misery.

SymfonyCasts continues their Doctrine course with new chapters.

This week on SymfonyCasts


Featured Item

Featured Item graphic

There was not a standout article for us this week. But Scapegoat Dev shares an enjoyable one.

Why I Love Still PHP and JavaScript After 20+ years


This Week

Andrew MacRobert shows us:

Build a Cheap Static Website with Symfony and AWS

Ibragim Abubakarov explores:

Tâches de fond avec Symfony et Docker

Thomas Bertrand shares:

Symfony ParamConverter: the best friend you don’t know yet

TechSumo shows us:

How to Use the Symfony Event Dispatcher for PHP

.com continues his series on serving images:

#4 GitHub actions continuous integration pipelines

#5 Serving thumbnails

#6 Preventing request forgery

#7 Talking to S3

And explores:

Designing Symfony Validator the TDD way

Vipin Yadav shows us:

How to regenerate entity in symfony-6 using CLI

Devscope shares how to:

Solve problem with bin commands and php versions

Andreas Möller examines:

Asserting the output of Symfony console commands

eCommerce

Centarro has:

Commerce Core 2.31 (and more!) features in review

CMSs

Mike Hercel is excited about:

New to Drupal core: Refactored Off-Canvas Dialog CSS!

New to Drupal: Improved Dumping of Twig Variables!

Evolving web asks:

Where’s Your Head? The Case For (and Against) Headless CMS

Pantheon shares:

Three UX Lessons At Decoupled Days 2022

Civic shows us how to do:

Responsive images in Drupal

Golems explores:

Tokens in Drupal: how they work and what they can give your website

PHP logo

PHP

This Week

The PHP Foundation released:

PHP Core Roundup #5

And this article:

Testing Randomness of PHP Random Number Functions

PHP Watch has:

PHP.Watch August 2022: New "ext-random" in PHP, and more

Max Zhuk has:

Design Patterns in PHP 8: Adapter

Wouter Carabain show us:

How to use actions to organize your logic in an amazing way

Julien Maury looks at:

Hacking Redis

Jack Wallen shows us:

How to create a Redis cluster for database failover

Jason Knight shares:

Fixing A Strange PHP Gzip Issue

Andrew Pogulailo explores:

Domain-Driven Design and Clean Architecture in PHP — Part 2 (Event Storming)

Chibuzo Miracle continues his MVC series:

Simple MVC Framework With PHP (Request Parsing)

Laravel News examines:

Working with OS process(es) in PHP

Geni Jaho looks at:

Upping the coding style game in PHP using Rector

Yannick Chenot is starting a new series of articles:

Building a PHP CLI tool using DDD and Event Sourcing. Introduction: why?

.com also has:

Start using “__invoke” in PHP

Edouard Courty want you to:

Write flawless code with PHPStan

Code logo

Other

Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).

The cyber response to Russia’s War Crimes

There are a lot of dumbfuck Russian criminals in Ukraine, but these take the cake.

Wired reports:

Their Photos Were Posted Online. Then They Were Bombed.

Wired reports:

The Telegram-Powered News Outlet Waging Guerrilla War on Russia

VentureBeat reports on:

How IT leaders in Ukraine continue to innovate despite the war

The Washington Post reports:

With NAFO, Ukraine turns the trolls on Russia

The Evil Empire Strikes Back

Decipher reports:

China-Based Group Uses ScanBox Framework in Espionage Attacks

Cybersecurity/Privacy

Concrete CMS shares:

7 Steps to Improve Your Site Security

This is why we can’t have nice things. Gizmodo reports:

Hackers Snuck Malware into an Image From the Webb Space Telescope

Ars Technica reports:

Chrome extensions with 1.4M installs covertly track visits and inject code

And why is this surprising?

In another example of JavaScript’s clusterfuckery, Dark Reading reports:

New ODGen Tool Unearths 180 Zero-Days in Node.js Libraries

Wired reports:

Careless Errors in Hundreds of Apps Could Expose Troves of Data

More

Marco Pfeiffer shares:

MySQL 5.7 Does Not Have an Official Docker Image on ARM/M1 Mac

Mickaël Andrieu explores:

Time Series Analysis with MySQL 8

Smashing Mag explores:

Databases For Front-End Developers: The Concepts Under The Hood (Part 2)

Great stuff here.

VentureBeat details:

XML vs HTML: Differences and similarities

Software may be eating the world, but low code could eat software

TechCrunch reports:

DhiWise takes the tedium out of programming

GitHub shows us:

Keep separate codebases in sync with GitHub Actions

For those who mistakenly think Tailwind is the greatest thing since sliced bread, Beau Carnes has:

Learn CSS in 11 Hours

And while you’re there take this as well:

Useful HTML5 Tags You Might Not Know

And read this:

Understand ES6 in 20 Minutes

And if you’ve already made the mistake of using Tailwind, there is this fortunate development:

The Three Laws of Utility Classes and Vanilla Breeze.

If you know me, you know which is better. But Arooj Khan asks:

React vs. Svelte: Which is Faster in 2022?

That’s it for this week. Please share this communiqué.

Also, be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early).

If you don't already, follow us on Twitter at @symfonfystation.

And since it may be turning into a full-scale dumpster fire, we are now on Mastodon as well at @symfonystation@phpc.social. Consider joining the @phpc.social instance.

Do you own or work for an organization that would be interested in our promotion opportunities? Or supporting our journalistic efforts?

If so, please get in touch with us. We’re in our infancy, so it’s extra economical. 😉

More importantly, if you are a Ukrainian company with coding-related products, we can offer free promotion on our Support Ukraine page. Or, if you know of one, get in touch.

Keep coding Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Symfony Station Communiqué - 22 July 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communiqué. It's your weekly review of the essential news in the Symfony and PHP development communities. We also cover the cybersecurity world in detail this week.

Take your time and enjoy the items most relevant and valuable to you.

As always, thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

My opinions will be in bold.


Many of the items we curate are on Medium. I recommend investing in membership as you can access everything you want to read. It’s a small investment in boosting your career. As may have noticed non-members can only access a limited number of articles per month.

Become a member here! The compensation we receive from your use of this link helps pay for our weekly communiqué.


Symfony

As always, we will start with the official news from Symfony.

Highlight -> “This week, we focused on finishing several new features for the upcoming Symfony 6.2 version: Console added support for multiple choice questions; we applied the SensitiveParameter PHP attribute to all the parameters that can contain sensitive values such as security tokens and passwords; and we enabled the use of lazy-loading ghost object proxies in Dependency Injection. Finally, we moved #[IsGranted()], #[Template()] and #[Cache()] attributes into Symfony components so we can get rid of the SensioFrameworkExtra bundle.“

A Week of Symfony #811 (11-17 July 2022)

Symfony announced:

Zoom in on knowing your state machines - Symfony Workflow workshop at SymfonyCon Disneyland Paris 2022

SymfonyCasts continues expanding their Symfony 6 Fundamentals Course.

This week on SymfonyCasts

Featured Item

Featured Item graphic

How in the hell did I miss this from one of my favorite writers, Jason Knight?

The primary point he makes is that Bootstrap, Burma, and Tailwind are horseshit and unnecessary. This is true.

Why Are Front-End Framework Makers Illiterate And Utterly Ignorant Of HTML And CSS?

If you need all the details to be convinced here they are:

This Week

Dariel Vicedo continues his new series:

Creating a Symfony project from zero to success in 52 weeks (week 2)

Eduard Melnikov shares:

How to deploy a PHP application to AWS using AWS CodeDeploy and Github actions for beginners

Edouard Courty shows how to:

Make your PHP 8 apps twice as fast (OPCache & JIT)

Gerard Rico Botella demonstrates:

How to setup docker-compose for Symfony projects

Saeid Raei explains:

Why you can’t have a solid application using Laravel but can with Symfony.

eCommerce

Kinsta reveals its:

Top 10 Best Open Source Ecommerce Platforms

Most of these are built with Symfony Components.

Kuldeep Singh gives his:

Reasons why you should Choose Shopware for your eCommerce?

WebMeridian has:

Magento 2.3 End of Life | When Is It, And What Should You Expect?

CMSs

In an interesting post, Concrete CMS shows us:

How to make U.S Government PIV/CAC authentication work

LakeDrops shows us how to:

Control Drupal's page cache with cookies

DinoTechno looks at Drupal search optimization.

Significantly Improve The Search Speed Of Drupal 9 & 10

Prometsource explores:

Open Source vs Proprietary for Government Websites

Droptica covers using Gutenberg in Drupal.

Module for Creating and Editing Content in Drupal – Gutenberg

We use it on Symfony Station and it’s awesome.

Previous Weeks

Drupal has this:

Twig in Drupal Cheat Sheet

PHP logo

PHP

This Week

Stitcher.io explores:

What's new in PHP 8.2

Uncertainty, doubt, and static analysis

Farhan Tanvir shares:

7 Useful PHP Libraries You Should Use in Your Next Project

Good stuff from Daan here:

Tackling 7 Common PHP Problems With Elegant Solutions

Richard Dobroň demonstrates:

Localizing PHP application with FBT instead of standard i18n

Ali explains:

How to use Mockery in PHP

Nuno Maduro demonstrates:

How to install PHP 8.2 RC on Mac

Joshua Otwell shares:

7 PHP String Functions You Should Know and How To Use Them

Burhan Shah looks at:

Named Arguments in PHP

Hayden James explores:

PHP Performance: Additional CPU cores vs Faster CPU cores

Dino Cajic continues his extensive tutorial series.

PHP — P70: Sub Namespaces

Code logo

Other

Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).

The cyber response to Russia’s War Crimes

Vice looks at the heroes:

Inside Ukraine’s Decentralized Cyber Army

This is not cyber related per se but The Atlantic reports:

Russia’s Invasion Is Making Ukraine More Democratic

TechCrunch says:

Look out Putin — Ukrainian woman invents 'solar for balconies' to wean Europe off Russian gas

The Evil Empire Strikes Back

Forbes looks:

Inside The Russian Cybergang Thought To Be Attacking Ukraine—The Trickbot Leaks

TechCrunch reports:

State-sponsored cyberespionage campaigns continue targeting journalists and media

TikTok's chief security officer steps down amid increased scrutiny from U.S. officials

Axios reports on:

Russian state hackers’ new battleground: the cloud

Ars Technica reports:

Pro-Russia hack campaigns are running rampant in Ukraine

The Guardian reports:

A year on from the Pegasus project, governments still have access to surveillance technology

Decipher reports:

U.S. Journalists Targeted in ‘Sustained Effort’ By APTs

In related news Forbes says:

Cybersecurity Firm: What US Journalists Need To Know About The The Foreign Hackers Targeting Them

Cybersecurity/Privacy

And:

North Korean Threat Actors Target Small Businesses With Ransomware

In completely unsurprising news, The Next Web reports:

Homeland Security is tracking US citizens using phone location data

And:

The EU’s Digital Market Act takes aim at Big Tech’s monopoly

Ars Technica reports:

Hackers are targeting industrial systems with malware

There’s a lot out of VentureBeat this week including:

The difference between pseudonymity and anonymity: When zero is more

White House launches new Cybersecurity Apprenticeship Sprint to bridge the cyber skills gap

The MIT Technology Review reports:

The US military wants to understand the most important software on Earth

More

We have curated and written about new approaches to SSR in the past as an alternative to SPAs. Jonathan has:

Why Your Next Web App Frontend Might be The Backend

In a related post, Smashing Mag has:

A New Pattern For The Jamstack: Segmented Rendering

HTMX asks:

How Did REST Come To Mean The Opposite of REST?

TechCrunch reports:

After two years in development, Salesforce launches its web-based IDE in beta

Dissecting Microsoft's proposed policy to ban commercial open-source apps

The New Stack reports:

HTTP/3 Is Now a Standard: Why Use It and How to Get Started

VentureBeat says:

Software architecture could determine the winners as businesses digitize

And reports:

You.com launches open search platform for developers

Web Pro News reports:

Why You Should Consider Using Software Composition Analysis (SCA) for Open-Source Software

The Next Web reports:

Scathing study exposes Google’s harmful approach to AI development

Richard Rembert has:

An Introduction to the DOM Tutorial

That’s it for this week. Please share this communiqué.

Also, be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early).

If you don't already follow us on Twitter at @symfonfystation.

And since it may be turning into a full-scale dumpster fire, we are now on Mastodon as well at @symfonystation@phpc.social. Consider joining the @phpc.social instance.

Do you own or work for an organization that would be interested in our promotion opportunities? If so, please get in touch with us. We’re in our infancy, so it’s extra economical. 😉

More importantly, if you are a Ukrainian company with coding-related products, we can offer free promotion on our Support Ukraine page. Or, if you know of one, get in touch.

Keep coding Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Symfony Station Communiqué - 1 April 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communiqué. It's your weekly review of the most essential news in the Symfony and PHP development communities.

Again, we cover tech aspects of the war crimes going on in Ukraine and how you can help.

Take your time and enjoy the items most valuable to you.

Thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

Please note that links will open in a new browser window. My opinions will be in bold.

 

Symfony

 

As always, we will start with the official news from Symfony.

Highlight -> “This week, Symfony development activity focused on fixing bugs, especially on the HttpClient component, and polishing the new features of the upcoming Symfony 6.1 version, such as the new local switcher. Meanwhile, SymfonyLive Paris 2022 conference is coming in just two weeks and SymfonyCon Disneyland Paris 2022 conference announced the last days of its early-bird discounts.

A Week of Symfony #795 (21-27 March 2022)

 

They also say:

See you next week at SymfonyLive Paris 2022 conference

 

SymfonyCasts continues their free look at Symfony 6 and the Easy Admin paid courses.

This week on SymfonyCasts

 

Platform.sh announced:

We’re changing the way development environment URLs are generated

 

Featured Item

 

Feature Item graphic

 

Thoughtworks notes a lack of thought by some. “We don't see teams making that trade-off analysis, blindly accepting the complexity of SPAs by default even when the business needs don't justify it. Indeed, we've started to notice that many newer developers aren't even aware of an alternative approach, as they've spent their entire career in a framework like React. We believe that many websites will benefit from the simplicity of server-side logic, and we're encouraged by techniques like Hotwire that help close the gap on user experience.”

 

SPA by default

 

Symfony and StimulusUX people.

 

This Week

 

I know I’ve shared many of these, but this one is in Spanish.

Laravel vs Symfony, ¿cuál elegir?

 

Les-Tilleuls.coop says in French, “we're fond of DDD tactical patterns! In this structural approach, we must divide and prioritize our code into three main layers: Infrastructure, Domain & Application. However, the same idea can be expressed and defined in several areas, for example, if I design a forum module as well as a real-time discussion module. In both domains, I will have a public template whose class is named 'Message', each using its own namespace: 'App\Domain\Forum\Model\Message' and 'App\Domain\Chat\Model\Message'.”

How do I make resources with the same name coexist from two different domains with API Platform?

 

Bernard NG thinks “it is preferable to use XML mapping when doing DDD.”

DDD With Symfony : How to configure Doctrine XML Mapping

 

Matthias Noback had a different take back in May of 2020.

DDD and your database

 

Michał Romańczuk has a very detailed case study of converting a nightmare legacy project to Symfony by using the Strangler Pattern.

Strangler Pattern in practice

 

Hatem Ben Yacoub has a review of a TYPO3 handbook.

The TYPO3 Guidebook reviewed. Understand and Use TYPO3 CMS.

 

You can learn more about Symfony-based CMSs like TYPO3 and Drupal here.

 

Specbee writes “Data. Files. They’re what make up your website. And how you store and serve them can make all the difference for user experience. Obviously, cloud storage has changed the way we look at and manage data. Today, we’re going to walk through one of the more popular options for Drupal websites. S3 (Simple Storage Service) is the cloud storage service provided by AWS (Amazon Web Services) and it has been providing durable, secure, and scalable cloud storage for many industries.”

How to store and serve files from Amazon S3 on your Drupal website

 

Louis Nagtegaal shows us how to handle:

Drupal Migrations in ddev

 

Timeless

Inspector logo

Sponsored Article

 

We published our third sponsored article on Symfony Station exploring how to Implement Code Execution Monitoring for your Symfony apps via Inspector. Like all our articles it is now available via audio.

 

How to Implement Code Execution Monitoring for your Symfony apps via Inspector

 

All sponsored articles are for products we have vetted and stand behind. We either use them or would do so if they applied to the Symfony Station site.

 

PHP logo

PHP

 

This week

 

The PHP Foundation published its March Newsletter.

PHP Foundation Newsletter

 

And PHP Architect published its April Issue.

php[architect] April 2022

 

Jonathan Bossenger writes “Ever since I discovered how to configure PhpStorm with Xdebug for debugging, it’s been my go-to solution for hunting down difficult to reproduce bugs. What I didn’t know until very recently was that it’s also possible to debug JavaScript using the same setup, which blew my mind!”

Debugging React, JavaScript, and PHP at the Same Time With PhpStorm

 

Bobby Jack notes “Bitmasks are as old as computing itself and, admittedly, were more useful in the days of memory scarcity and low-level programming. But there’s nothing to stop you from using them today, when appropriate. PHP makes use of bitmasks in many of its built-in functions.”

How to use bitmasks in PHP

 

Amplitudo asks:

Why are we using sessions in PHP?

 

Italo Baeza Cabrera writes “PHPUnit is a very complete testing suite, and with Mockery is even better. Most of the assertions are covered: data in arrays, strings inside strings, classes instances, and so on. Even so, PHPUnit is not perfect, and for your project, you may need a “custom” assertion. For example, I just stumbled upon the need to create a simple assertion to check if a class extending other contains a given variable set of methods.”

PHPUnit: Making your own assertion

 

Thomas Dutrion says, “Things in computing science are sometimes complex… And I consider myself a fervent proponent of self-descriptive code to limit complexity. I won’t get back on why you should unit test at least some of your code, nor will I spend time teaching how to write unit tests in this article. I will consider that all of you are ok with these concepts and implementations. Examples will be based on a PHPUnit implementation.”

Unit tests and data providers, the readable way

 

Code and Deploy shows us how to:

Sanitize Input using PHP

 

Hicham Ben Kachoud has a quick look at the S in SOLID programming.

SRP: Single Responsibility Principle

He also examines the L.

LSP: Liskov Substitution Principle

 

And regarding SOLID’s D, Guy Erez explains:

Dependency Inversion vs. Dependency Injection

This is very useful.

 

Joseph Bielawski has “A short explanation of the Bus Factor and how to hold its score at safe levels.”

What happens if your development team is hit by a bus?

 

Last Week

 

Dimitrios Lytras says, “While I wasn't paying attention, PHP got quite good.”

Modern PHP

 

Brent writes “Generics in PHP. I know I’d want them. And I know a lot of developers who agree. On the other hand, there is a group of PHP programmers, maybe even larger, that say they don’t know what generics are, or why they should care. I’m going to do a series on this blog about generics and PHP. We’ll start from the beginning, but quickly work our way to the more complex topics. We’ll talk about what generics are, why PHP doesn’t support them, and what’s possible in the future.”

Generics in PHP: The basics

 

Golems notes “What does $this mean in PHP and similar questions are increasingly appearing on the Internet. StackOverflow is also bombarded with questions about this variable. Let's find out everything related to dynamic PHP access object property with $this and break it down with examples.”

Dynamically Access PHP Object Properties with $This

 

If you ever need an extensive PHP explainer article to share, Visualwebz has you covered.

A Bit About PHP

Code logo

Other

 

Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).

 

The cyber response to Russia’s War Crimes

 

The Next Web reports “For weeks, Russia’s military assault on Ukraine has been complemented by full-fledged information warfare. The Kremlin has propagandized Russian state media, and is trying to control the narrative online too. We’ve seen a bombardment of “imposter content” circulating – including fake news reports and deep-fake videos – while Ukrainians and the rest of the world have scrambled to find ways to tell the real story of the invasion. The instant messaging app Telegram has surfaced as one of the most important channels through which to do so. But what is it about Telegram that has millions flocking to it amid the chaos?”

Why Ukrainians are turning to Telegram during the war

 

The New Zealand Herald reports “Ukraine has claimed to have uncovered the identities of more than 600 Russian spies in what has been described as a significant blow to President Vladimir Putin's espionage efforts. Officials in the war-torn country allege the unmasked individuals were carrying out "criminal" activity across Europe. The Main Intelligence Directorate of Ukraine released a slew of personal details of hundreds of alleged agents working for the FSB.”

600 Russian spies busted in huge blow to Moscow's espionage war

 

Daniel Johnson reveals:

The real reason Ukraine's information war is so successful

 

This was long overdue.

Kaspersky Named First Russian Company on Security Risk List

 

The Washington Post writes “As the U.S.-funded broadcaster is forced to shut most of its Russian operations, its Web traffic indicates that Russian people are eagerly consuming its stories.”

The Kremlin tries to stifle Radio Free Europe — and its audience surges

 

Lawfare.org reports “Companies like Meta, Google, Apple, Microsoft, Twitter and even TikTok increasingly recognize that they cannot afford to sit geopolitical crises out. The war in Ukraine is the most dramatic instance yet of platforms’ geopolitical turn—their growing engagement with security and geopolitical challenges incidental to their business operations. Platforms came a lot more prepared for the war in Ukraine compared to previous major geopolitical inflection points. They have coordinated their actions with Western governments and other international actors leading the charge against Russia.”

Platforms at War

 

The Evil Empire Strikes Back

 

Russian hackers appear to be more competent than their generals and soldiers.

Russian military reportedly hacked into European satellites at start of Ukraine war

 

ZDNet reports that:

Multiple hacking groups are using the war in Ukraine as a lure in phishing attempts

 

The Intercept reports “Internal chat logs leaked from the notorious Russian ransomware gang Conti reveal unfiltered conversations between ultranationalist hackers in which they repeat Russian President Vladimir Putin’s conspiratorial lies about Ukraine, discuss the impact of early Western sanctions against their country, and make antisemitic comments about Ukraine’s Jewish president.”

Leaked Chats Show Russian Ransomware Gang Discussing Putin’s Invasion of Ukraine

 

Cybersecurity

 

Richard Forno writes “I and other researchers at the University of Maryland, Baltimore County have studied the cybersecurity preparedness of the United States over 90,000 local government entities. As part of our analysis, working with the International City/County Management Association, we polled local government chief security officers about their cybersecurity preparedness. The results are both expected and alarming.”

Hackers are targeting US local governments — and it’s time to fight back

 

Michael Usiagwu shares “The recent increase in the severity and sophistication of cyberattacks in recent years may just signal an essential, albeit overdue, turning point in cybersecurity. The clamor by security practitioners concerning the securing of cloud technology by use of technology like Zero Trust by enterprises and organizations has never been louder, and it’s not hard to see why.”

Zero Trust — The Silver Lining to Cloud Cyber Attacks

 

GitHub notes “Securing your projects is no easy task, but end-to-end supply chain security is more top of mind than ever. We’ve seen bad actors expand their focus to taking over user accounts, commonly used dependencies, and also build systems. Defending against these attacks is hard because there’s no one thing you can do to protect your project end-to-end.

To help you defend against these attacks, we created new guides in our Docs that cover how to get started securing your end-to-end supply chain.”

How to secure your end-to-end supply chain on GitHub

 

More

 

Rachel Lawson @rachel_norfolk says on Twitter, “If you are mining bitcoin in Europe then you are using up energy that could otherwise be heating people’s homes. You are directly helping Putin’s invasion of Ukraine by making it harder to apply sanctions on energy coming from Russia.”

 

On a related note, The Guardian reports a “campaign, called Change the Code Not the Climate and coordinated by Environmental Working Group is calling on bitcoin to change the way bitcoins are mined in order to tackle its outsized carbon footprint. The software code that bitcoin uses – known as “proof of work” – requires the use of massive computer arrays to validate and secure transactions. Rival cryptocurrency Etherium is shifting to another system – “proof of stake” – that it believes will reduce its energy use by 99%.

Climate groups say a change in coding can reduce bitcoin energy consumption by 99%

 

Wired opines “A string of “sabotage” incidents in open source software is reigniting discussions of how to safeguard projects that underpin digital platforms and networks around the world. Many of the recent incidents have been dubbed “protestware” because they relate to open source developers making code changes to express support for Ukraine amidst Russia's invasion and ongoing attack of the country.”

The Fragile Open Source Ecosystem Isn’t Ready for ‘Protestware’

 

Docker announced Extensions.

Docker Extensions Preview

 

GitHub shows us how to:

Save time with partial re-runs in GitHub Actions

 

They also announced CoPilot Labs. A VS Code extension for experimental applications of Copilot.

GitHub Copilot Labs

 

Jonas Ulrich writes “We're still wasting massive amounts of valuable development cycles in the frontend world by working in silos, or by to at least some extent reinventing the wheel for every project. Results suffer in the process, impacting real-world results for users and content creators alike. How did we get here, and what could a way forward look like? How we've already come a long way, and why still (so far) even Jamstack hasn't been the sole answer, either...”

Unlocking the frontend - a call for standardizing component APIs pt.1

 

UX Tools notes “The term “user error” implies that it’s the user’s fault when they do something wrong. But in the vast majority of cases, the fault actually rests with the designer for having created an interface that is confusing or makes it too easy for the user to make a mistake. The solution to user errors is not to blame the user or try to train the mistakes out of them. The solution is to redesign the product in such a way that it prevents errors from occurring in the first place.’

How Designers Can Prevent User Errors

 

Louis Lazarus says, “there is a whole bunch of lesser-used attributes that I was sure I’d forgotten about, and probably a whole bunch of attributes I didn’t even know existed. This post is the result of my research, and I hope you’ll find some of these useful to you, as you build HTML pages in the coming months.”

Those HTML Attributes You Never Use

 

That's it for this week. Thanks for making it to the end of another edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.

Please share this post. :) Also, be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early). And follow us on Twitter at @symfonfystation.

Do you own or work for an organization that would be interested in our promotion opportunities? If so, please contact us. We’re in our infancy so it’s extra economical. ;)

More importantly, if you are a Ukrainian company with coding-related products, we can provide you with free promotion on our Support Ukraine page. Or if you know of one, get in touch.

Keep going Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Symfony Station Communiqué - 11 March 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communiqué. It's your weekly review of the most essential news in the Symfony and PHP development communities.

This week, we continue our coverage of the war crimes going on in Ukraine and how you can help. That sparks some cybersecurity coverage as well. There was not much Symfony news so I’m adding in extra Drupal coverage that overlaps with Symfony development.

Take your time and enjoy the items most valuable for you.

 

Thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

 

Please note that links will open in a new browser window. My opinions will be in bold.

 

As always, we will start with the official news from Symfony.

Highlight -> “This week, Symfony 4.4.39, 5.4.6, and 6.0.6 maintenance versions were released. In addition, the entire schedule of the SymfonyLive Paris 2022 conference was published. Finally, Symfony expressed its solidarity with Ukrainian people.”

A Week of Symfony #792 (28 February - 6 March 2022)

 

They also remind us that “the French SymfonyLive conference organized in Paris will be soon here! Join us on April 7th and 8th for 2 days of Symfony talks. Regular pricing ends on March 14th!”

Only 4 weeks left before SymfonyLive Paris 2022

 

SymfonyCasts continues its exploration of EasyAdmin.

This week on SymfonyCasts

 

Featured Item

 

Featured Item graphic

 

A recent Forbes article notes “over one-quarter of U.S. consumers have not taken any steps to protect their digital/online privacy - and that means it is more important than ever for organizations to ensure their software and applications are as bulletproof as possible against bad actors. However, the rapid shift to digital and the fast-paced nature of business in today’s post-pandemic world, coupled with the growing and sophisticated threat landscape, continues to challenge even the most advanced security teams.

Something needs to change, and one company is arguing that the industry requires a new approach to security centered on developers. After all, developers have become the lifeblood of an organization's digital transformation journey - but the faster developers move to bring new applications to market, the greater the chances for flaws or security issues within their code.”

Why the Future of Cybersecurity Rests in Developers’ Hands

 

I wholeheartedly agree with this.

 

This Week

 

Alexandre DuBois asks "is Symfony using some sort of magic to validate inputs?"

Symfony Internals #2: Data Validation

 

Dans français Guillaume Ponty explores 3rd-party authentication with Symfony.

Symfony 6: S’authentifier Avec Google, Facebook, GitHub, …

 

Heddi Nabbisen has this interesting tutorial for us:

EasyAdmin 4 for admin panel based on PHP 8 and Symfony 6: Install and create a sample

 

Andy Blum writes “Following Drupal 8’s ambitious overhaul to “get off the island,” the recommended way to create a new Drupal site is to use composer to manage all PHP dependencies. By now, most Drupal developers will have had a chance to install a new module or update existing modules using composer’s require or update commands, but did you know that you can also use composer to run scripts to interact with your code?”

Add a Composer Script to Your Module or Theme

 

Griffin Polonus writes “PHP 8 includes improvements that show a clear desire to modernize, as well as capabilities of other popular languages that developers will appreciate. Thanks to PHP 8, Drupal 10 can now use tools that will enable continued growth and enhanced performance. Upgrading to PHP 8 will be beneficial to any site running on PHP–however, as a Drupal developer, I’m particularly excited about how this will impact Drupal 10. I’ll highlight some of the benefits that apply to many sites, but especially how it may apply to Drupal.

PHP 7 to 8: Entering the Modern Era of Programming Languages

 

Golems states, “Drush (the Drupal Shell) is one of the most convenient and functional assistants for all Drupal developers. Read on if you're interested in learning how Drupal 9 and Drush work together, what benefits it has, and how easy it is to sanitize data with Drush.”

Drupal 9: Sanitizing Data With Drush

 

Last Month

 

Manish Saharan says, “In this article, we’re going to discuss two such Drupal 8/9 utility tools that have massively simplified and improved the way you work with Drupal code, modules, and installations - Drupal Console (leveraging Symfony Console) and Drush.”

Accelerating Drupal Development with Drupal Console and Drush

 

Timeless

 

As we noted in How Symfony Station was built: an adventurous exploration of layout solutions, the default Drupal admin theme is an eye-destroying abomination. We wrote “Gin is beautiful in comparison. It's clean, cool, and collected with some customization options.” It was built on the foundation of Claro from one of the lead designers of the Claro & Drupal Design System.

Clayton Dewey expounds upon this with, “I’ve seen, time and again, the difference a clean and modern website editing interface can have on both the quantity and quality of site content. When a website’s back-end is frustrating and unappealing to work with, it dissuades the author from posting.” In a multi-post series, he explores the wonders of Gin.

There are a lot of design lessons to pick up in the series. And if you’re a new Drupal user, lessons on how to use it. It’s perfect for larger publishers.

Enhance Your Drupal Website’s Authoring Experience Part 1 - Modernize the Admin Theme with Gin

 

Enhance Your Drupal Website's Authoring Experience Part 2 - Declutter the User Interface

 

Enhance Your Drupal Website’s Authoring Experience Part 3 - Improve the Field User Interface

 

Enhance Your Drupal Website’s Authoring Experience Part 4 - Fine Tune Admin Pages

 

Enhance Your Drupal Website's Authoring Experience Part 5 - Accessibility Tools and Conclusion

 

Note: Drupal is addressing their usability problem with a version of Claro that will be non-experimental for core in v. 10.

 

Inspector logo

Sponsored Article

We published our third sponsored article on Symfony Station exploring how to Implement Code Execution Monitoring for your Symfony apps via Inspector. Like all our articles it is now available via audio.

 

How to Implement Code Execution Monitoring for your Symfony apps via Inspector

 

All sponsored articles are for products we have vetted and stand behind. We either use them or would do so if they were applicable to the Symfony Station site.

 

PHP logo

PHP

 

This week

 

Rafael Bernard Araujo explores Domain-Driven Design in and value object:

Introducing value objects in PHP

 

Tomasz Dobrowolski covers dependency injection and writes, “while it sounds complex, it’s not as scary as it sounds on the surface. And if used correctly, it can transform your code to be cleaner and easier to work with.”

What Is Dependency Injection in PHP and How You Can Use It to Write Better Code

 

Marco Aurélio Deleu says, “I have been working on a new Runtime for Bref for a while now and it has been my biggest open source journey so far. It has been incredibly challenging and a great learning experience. In this post, I want to run through some key aspects that I faced while working on this.”

3 things I learned working on a Bref Runtime

 

Frank de Jonge shows us how to:

Use a message envelope

 

Andreas Heigl takes a look at PHP attributes.

Attributes are awesome

 

Harpreet Kaur notes “Memcache is object storing mechanism which is used to store the results of database queries helping websites to serve pages faster. Memcaching process stores data as key-value pairs in memory so that it can be accessed later. It will be useful in those applications which rely heavily on database queries. Memcaching is going to improve the performance of the application significantly.”

What is Memcache & How to use it in PHP?

 

Ten7 looks at Memcache in Drupal.

Memcache Testing and Proxying

 

Gene Wilburn needed to build a lightweight search functionality. He writes “As I thought about a solution for this small site, I thought of grep, the open-source search utility with a long Unix heritage that can rip through text files to search for words or phrases and show them in context.”

Greppy: A Lightweight Perl/PHP Website Search Engine Based on Grep

 

Jakub Misek says, “Have you heard about the Visual Studio Code for the Web? It's the code editor running in your browser, allowing you to work with your local files, files on your GitHub repositories, or files on Azure. Anywhere.

In the case of the PHP language, it is only suitable for quick edits on small projects, due to its limitations. However, PHP Tools for Visual Studio Code is newly available for VS Code for the Web. All the editor features can now be used in this browser-based development environment.”

PHP IntelliSense on the Web

 

Last Month

 

Alessandro Castellano has a new tutorial and says, “you are going to see how class constructors work in PHP, what happens with class inheritance, and a new PHP 8 feature called “argument promotion”.”

PHP Constructors Explained

 

WPGraphQL notes “Setting up End to End tests for WordPress plugins can be done in several ways (Codeception, Cypress, Ghost Inspector, etc), but lately, the easiest way I’ve found to do this is to use the @wordpress/env and @wordpress/scripts packages, distributed by the team working on the WordPress Block Editor (a.k.a. Gutenberg), along with GitHub Actions.”

Adding End 2 End Tests to WordPress plugins using wp-env and wp-scripts

 

Frank Pins explores Gitlab pipelines in a series of articles.

Optimizing Gitlab pipelines - Basics (1)

 

Optimizing Gitlab pipelines - PHPUnit (2)

Code logo

Other

 

Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).

I think we should all stop doing business with Russian companies. However, many think internet access is an exception. At this point, I am not sure. But Cloudflare is.

Cloudflare won’t cut off Russia, says it “needs more Internet access, not less”

 

It seems that Twitter itself agrees as it has created an onion site for Tor browsers.

Learn more in this Tweet thread

 

And Lumen does not.

Breaking Russia's internet backbone

 

Venture Beat has a report on the Ukrainian IT Army’s offensive.

Ukraine’s IT army is doing well, hitting Russia with ‘cost and chaos’

 

Anonymous continues its assault on Putin’s minions and lackeys.

Anonymous claims it hacked into Russian TVs and showed the true devastation of Putin’s Ukraine invasion

 

Cyber Scoop reports “NATO nations voted unanimously last Friday to admit Ukraine to their Cooperative Cyber Defence Centre of Excellence (CCDCOE), a development which experts said will help Ukraine fight off mounting cyber threats from Russia.”

Ukraine, looking to fortify itself against Russian attacks, admitted to NATO cyber center

 

The free world also needs to kick up its defensive game. Three companies are aiding the effort.

Cloudflare, CrowdStrike, and Ping Identity launch the Critical Infrastructure Defense Project

 

What won’t work is the Ostrich approach.

It's time to stop hoping that cybersecurity problems will just go away

 

One way to defend your site is to block access to it by country. If you don’t have an audience in Russia, you should do so. We do so we aren’t.

How to block access to your website and related services in Russia, PHP 8, and client-side alternatives

 

Tawhid has this security advice for us:

11 Security tips to protect your website

 

As an example of an attack, Nevulo explains XSS. “Cross-site scripting is an attack performed on websites, where an attacker can inject some malicious code or scripts that get executed to modify the behavior of that website.”

What is cross-site scripting (XSS) and how does it work?

 

Harvard Business Review’s Stuart Madnick takes a peek at where this might all lead.

What Russia’s Ongoing Cyberattacks in Ukraine Suggest About the Future of Cyber Warfare

 

Via Fast Company “MacPaw’s Julia Petryk talks about sheltering in an underground parking garage, enduring Russian propaganda, and confronting the emotional toll of the war.” MacPaw is a Ukrainian company we urge you to support.

 

What it’s like to work at a Ukraine tech company during Russia’s invasion

 

Speaking of tech companies:

It took a war for Big Tech to take a side

 

Here are a few articles examining why Putin’s war of terror is not going so well (aside from the fact that most thugs are corrupt, dumb, and incompetent).

Putin Underestimated the Connective Tissue of Capitalism

 

The Strategy That Can Defeat Putin

 

The Spectacular Collapse of Putin’s Disinformation Machinery

 

And now in more encouraging news, here’s a look at the impressive things coming to CSS. Michelle Barker writes “It’s fair to say that we’re in a booming era for CSS right now. As I write this, I notice that many of these new features have some things in common. Yes, they often help us write better, cleaner, and more efficient code.”

New CSS Features In 2022

 

Icons are always useful for UI, UX, and web design. Here’s how to use Font Awesome no matter your dev/design stack.

Now You Can Stop Shoehorning Solutions to Get Icons Working with Your Tech — Font Awesome Matches Your Tool Stack

 

Microsoft made an announcement that will make JavaScript developers happy.

A Proposal for Type Syntax in JavaScript

 

Writing for Forbes, Amir Husain says:

Decentralization Is the Future of Software

 

That's it for this week. Thanks for making it to the end of another extended edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.

 

Please share this post. :) Be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early). And follow us on Twitter at @symfonfystation.

 

Do you own or work for an organization that would be interested in our promotion opportunities? If so, please contact us. We’re in our infancy so it’s extra economical. ;)

 

More importantly, if you are a Ukrainian company with coding-related products, we can provide you with free promotion on our Support Ukraine page. Or if you know of one, get in touch.

 

Keep going Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Symfony Station Communiqué - 11 February 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communiqué. It's your weekly review of the most essential news in the Symfony and PHP development communities. Take your time and enjoy the items most valuable for you.

 

Thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

 

Please note that links will open in a new browser window. My opinions, if I present any, will be in bold.

 

SYMFONY

 

As always, we will start with the official news from Symfony.

Highlight -> "This week, the upcoming Symfony 6.1 version added context builders to simplify the creation of serialization contexts. In addition, SymfonyCon announced that it's coming back as a physical conference at Disneyland Paris later this year (November 15-18, 2022)."

A Week of Symfony #788 (31 January - 6 February 2022)

 

Currently, the Call for Papers for SymfonyWorld Online 2022 Summer Edition and SymfonyCon Disneyland Paris 2022 are both open. You can submit your talk and workshop proposals in English for both conferences. Those for the Summer Edition end on February 14th.

Call for Papers open for SymfonyWorld Online 2022 Summer Edition and SymfonyCon Disneyland Paris 2022

 

And they announced the first set of speakers and talks for SymfonyCon. (en francais)

First selected talks at SymfonyLive Paris 2022

 

Featured Item Graphic

 

FEATURED ITEM

 

MIT Tech Review notes “Something has changed for the tech giants. Even as they continue to hold tremendous influence in our daily lives, a growing accountability movement has begun to check their power. Led in large part by tech workers themselves, a movement seeking reform of how these companies do business, treat their employees, and conduct themselves as global citizens has taken on unprecedented momentum, particularly in the past year.”

Why the balance of power in tech is shifting toward workers

 

This Week

 

I know I just shared one of these last week, but this one has details, statistics, and illustrations.

Laravel vs Symfony: the Key Differences in 2022

 

Coding CEO writes “People use to say Laravel apps do not scale well, but after working with Laravel for some time are reviewing a lot of projects, I think is not totally Laravel's fault. Indeed, you can do great apps with Laravel the same as with Symfony, but is easier to succeed with Symfony than using Laravel. The problem? Laravel “magic”.”

Why Laravel apps don’t scale well (I)

 

Martin Schindler says, “During a project cycle, there are always situations that feel like deadlocks or circular dependencies… only seen on an organizational level.” He shares:

Decoupling frontend and backend development — The easy way!

 

Benjamin Ellis shows us how to generate a nice and human-readable changelog with API Platform (2.6).

Managing a changelog with API Platform & OpenAPI

 

Zumata has this for us” “As of version 6, the Symfony routing package supports Attributes. If there is one place where metadata is interesting to use, it is routing. In previous versions of PHP, this could be solved using comments (annotations). With attributes, the dependency on doctrine/annotations is not needed anymore.”

Symfony Routing with Attributes

 

Alen Pokos writes “If you either love AWS services already or are looking for a good option to use with your multiplatform products, AWS Cognito seems to be a good candidate to adopt into your technical stack.”

Fastest Symfony authentication - AWS Cognito integration

 

Yannic Chenot asks “PHP doesn’t have to be web-only — how about you start creating your own CLI tools?”

How to Build and Distribute Beautiful Command-Line Applications with Symfony, PHP, and Composer

 

Drupal revealed how they will handle PHP requirements for the upcoming Drupal 10 release.

Drupal 10 PHP requirements will be announced at least five months before Drupal 10.0.0

 

Devin Katz shares nine tasks awaiting you at the end of a Drupal migration.

9 Tasks at the End of Your Drupal Migration

 

We shared some Lando items last week and in this article Specbee looks at:

Getting Started with Lando and Drupal 9

 

Last week I shared a short tutorial from Lindevs. They have many of them. So, instead of selecting one each week, here they all are.

Lindev Symfony Content

 

In this post, Kinsta looks a WordPress-based WooCommerce and Symfony-based Magento.

Magento vs WooCommerce: Which One Is Better?

 

Speaking of Symfony-based e-commerce platforms, Aimeos announced “Since 2022.01 beta, the Aimeos core is using Upscheme for updating the database schema and migrating data between new releases. Upscheme is composer package for schema management based on Doctrine DBAL which offers an easy-to-use API. You can also integrate Upscheme it in your own application easily and this article explains the differences and how you can write migrations with only a few lines of code”

Aimeos 2022 news

 

And contrary to the title, here is a a quick overview of Prestashop.

Ultimate Guide to PrestaShop: Everything You Need To Know!

 

 

Last Week

 

Suzanne Dergacheva writes “I believe any Drupal developer can use this advice: everyone who contributes to building a website also contributes to UX. When we all incorporate UX design thinking into our work, the quality of our output can only get better.

In this article, we'll discuss the goals of UX design, how users evaluate it, and, specifically, how developers can do their part to build a better user experience.”

Making Better UX Choices: Advice for Drupal Developers

 

Nathaniel Catchpole discusses long-term Drupal support and how it ties in with Symfony’s release cycle.

Long(er)-Term Support for Drupal 10

 

Somehow, I missed this one last week from Jolicode.

(Re)discover XPath selectors

 

Timeless

Inspector logo

Sponsored Article

We published our second sponsored article on Symfony Station exploring how code-driven monitoring helps you deliver successful Symfony products. Like all our articles it is now available via audio.

How code-driven monitoring helps you deliver successful Symfony products

All sponsored articles are for products we have vetted and stand behind. We either use them or would do so if they were applicable to the Symfony Station site.

 

PHP logo

PHP

 

Tomas Votruba presents “Software engineering principles, from Robert C. Martin's book Clean Code, adapted for PHP. This is not a style guide. It's a guide to producing readable, reusable, and refactorable software in PHP.

Not every principle herein has to be strictly followed, and even fewer will be universally agreed upon. These are guidelines and nothing more, but they are ones codified over many years of collective experience by the authors of Clean Code.

Inspired from clean-code-javascript.”

“Clean Code” concepts adapted for PHP

 

Backend Developer takes a look at:

SOLID Principles in PHP

 

Zvonimir Spajic writes “If you follow Michael Feathers’ definition of legacy code (every code not covered with tests) then the first line of business in dealing with some legacy code that needs updating is to put it in a test harness (write a test for it). But this is often easier said than done. It can be surprisingly hard just to instantiate a (legacy) class in a test, due to the way it handles its dependencies.”

Testing Legacy Troubles

 

The February edition of PHP Architect is out.

February Edition

 

Matt Glaman “recently did a deep dive into command authoring with Drush, which is where I discovered two amazing new features: auto-discovery of commands via autoloading and the addition of attributes for defining your commands.

What are attributes? Attributes were added in PHP 8, and the overview on the PHP website is a great resource. So, if you are new to PHP 8 and have been living on PHP 7.4, still, or haven't tried out PHP 8's coolest feature, this blog will be a great introduction!”

Writing Drush commands with PHP attributes

 

PHP Monitor, the native Mac app for managing PHP, has released version 5.

PHP Monitor

 

Dariusz Gafka shows us how to:

Implement an Event Sourcing PHP Application in 15 minutes

 

William Donizetti writes (in Spanish) “If you deal with databases in your day-to-day life you may have already noticed how data is often exposed, in such a structured and easy-to-exploit way. However, this is not always interesting and through encryption we can minimize some of this data exposure and provide greater security for our applications.”

AES e PHP: criptografia de dados.

Code logo

OTHER

 

Let’s start this section with a good reminder piece.

What is the htaccess file?

 

Smashing Mag (a fantastic design resource) writes “Statoscope is an instrument that analyses your webpack-bundles. Created by Sergey Melukov, it started out as an experimental version in late 2016, which has now become a full-fledged toolkit for viewing, analyzing, and validating webpack-bundles.”

Statoscope: A Course Of Intensive Therapy For Your Webpack Bundle

 

The ReadMe Project shares “The client-side made a comeback over the past decade as developers built “single-page applications” (SPAs) with JavaScript. But a new crop of tools is sending the pendulum swinging back towards the server.”

Obviously, for Symfony this would be implemented with Turbo, Mercure, and Stimulus. And we are particularly excited about Viewi.

Move over JavaScript: Back-end languages are coming to the front-end

 

Speaking of the backend, Kinsta notes “Most applications and programs in the modern era need somewhere to store data. For web apps, a database is a crucial cog in the wheel. An open-source database is your best bet for many reasons.”

The Best in Open-Source Database Software: Top 10 Picks

 

Last week I shared some Web3 content. Here’s some more worth checking out if you haven’t made up your mind.

Fast Company writes “the Web3 wave has a long way to go before proving it can produce technology with the functionality, reliability, security, and scale needed to disrupt the internet we have now. O’Reilly is one of a handful of influencers who have begun to raise doubts about its chances of doing that. After all, he’s seen this movie before—twice.”

Tim O’Reilly helped bring us Web 1.0 and 2.0. Here’s why he’s a Web3 skeptic.

 

The global managing partner of Flourish Ventures, Tilman Ehrbeck, shares his perspective on a digital future that could expand economic opportunity—if innovators and society can harness its potential.

I’m an advocate for inclusive capitalism. Here’s why I’m intrigued by Web3

 

The Atlantic writes “Web3 is making some people very rich. It’s making other people very angry.”

The Crypto Backlash Is Booming

 

Docker says, “They’re excited to announce the release of Docker Desktop 4.5 which includes enhancements we’re excited for you to try out.”

New Docker Menu & Improved Release Highlights with Docker Desktop 4.5

 

Have you published or seen something related to Symfony or PHP that we missed? If so, please get in touch.

 

That's it for this week. Thanks for making it to the end of another extended edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.

 

Please share this post. :) Be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early). And follow us on Twitter at @symfonfystation.

 

Do you own or work for an organization that would be interested in our promotion opportunities? If so, please contact us. We’re in our infancy so it’s extra economical. ;)

 

Happy Coding Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Symfony Station Communiqué - 28 January 2022

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communiqué. It's your weekly review of the most essential news in the Symfony and PHP development communities. Take your time and enjoy the items most valuable for you.

Thanks to Javier Eguiluz and Symfony for sharing our last communiqué in their Week of Symfony.

Please note that links will open in a new browser window. My opinions, if I present any, will be in bold.

 

SYMFONY

 

As always, we will start with the official news from Symfony.

Highlight -> "This was a very intense week for Symfony: first we introduced the new Symfony 6 certification exam, then we announced a new and better way to start Symfony projects and finally, we updated Symfony Flex to provide fast, smart Flex recipe upgrades which will simplify a lot upgrading to newer Symfony versions."

A Week of Symfony #786 (17-23 January 2022)

 

Ever wondered which Symfony components make Laravel work?

Here they are.

 

Featured Item graphic

 

FEATURED ITEM

 

It’s safe to say almost every one of us uses Composer and owes a debt of thanks to it.

In this article Yanick Witschi says “I’ve been working on making Composer faster and more memory-efficient for years and without this blog post, somehow this journey would not have felt like it was complete.”

 

The long journey of making PHP’s Composer memory-efficient and fast

 

This Week

 

This discovery almost made our Featured Item. I was very excited to find Viewi this week, especially after a frustrating bout with Gatsby.

It’s a powerful tool for creating reactive applications using only PHP and HTML. In essence, it’s a server-side template engine + frontend framework. You describe all components and logic in PHP and then the tool transpiles them into native JS.

The project website viewi.net details the mechanism of operation and has code examples. And it’s quite fast.

You can also follow a step-by-step tutorial and check out the Symfony integration. Great stuff.

 

Anka Bajurin Stiskalov writes “You can create console command-line commands using the Symfony Console component. I needed one for a WordPress plugin skeleton to build a WordPress plugin maker for my team.” She shows us how to:

Use Symfony Components to Build a WordPress Plugin Maker for CLI - Part 1

 

Abid Ahmad writes “Today I’ll explain how I found multiple vulnerabilities on a web application that used the Symfony Web Framework where Symfony profiler/debug mode was enabled.” Tip → only use profiler in dev environments.

How I was able to find multiple vulnerabilities of a Symfony Web Framework web application

 

Merlin Carter and Zoltan Kincses write “Just over a year ago, we published a tutorial titled “ Serializing data in PHP: A simple primer on the JMS Serializer and FoS Rest”. We heard from a few people who found it helpful, so we decided to publish a follow-up.”

Serializing data in PHP II: A simple primer on database interactions

 

Yegor Shytikov shows us how to set up Magento eCommerce Multi-Region AWS infrastructure with auto-scaling using AWS Cloud, Terraform, and Terragrunt.

Magento Global Reference Architecture Terraform Infrastructure as Code (IaC) on AWS Cloud

 

There is lots of Drupal news this week, including its being a digital experience platform rather than just a CMS. In fact, this is one reason we use it for Symfony Station.

 

We begin with this self-explanatory post.

Drupal 10 was updated to Symfony 5.4 as a stepping stone to Symfony 6

 

I’ve shared content from Vishwa Chikate before and this is another good one. He says “In this article we will cover how to integrate Drupal 8/9 website with Auth0 Single Sign-On (SSO) platform.”

Integrating Drupal with auth0

 

Stavros Kounis shows us how to:

Apply Drupal 9 patches with Composer

 

Webwash notes “The Webform Mailchimp module allows you to send Webform submissions to your Mailchimp list whilst also allowing you to map the Drupal webform fields to MailChimp form fields.”

Send Webform Submissions to Mailchimp in Drupal

 

Last Week

 

As mentioned above:

More Than a CMS: Drupal in the Age of Digital Experience Platforms

 

Timeless

Inspector logo

Sponsored Article

We published our first sponsored article on Symfony Station exploring how Code Execution Monitoring helps you identify bugs and bottlenecks in your Symfony app before your customers do. Like all our articles it is now available via audio.

Why You Should Use Code Execution Monitoring with Symfony

All sponsored articles are for products we have vetted and stand behind. We either use them or would do so if they were applicable to the Symfony Station site.

 

PHP logo

PHP

 

This Week

 

Mauro Chojrin reviews modern tools for PHP developers.

Modern Tools for PHP Developers

 

Alexandre Daubois demystifies one of the most powerful PHP tools you’ll encounter. I learned a lot from this one.

Master PHP Iterators

 

This is a fantastic article on PHP fibers from Robert Landers.

Thoughts On PHP Fibers

 

Here’s a yearly review from the team behind FrameworkX and ReactPHP.

2021 – A Year In Review

 

Anders Björkland writes “Being me, I like to explore new subjects and see how far I can go with my current proficiency. I come from a background where all I've ever done has almost exclusively been "object-oriented", but now being left without Doctrine (a popular PHP ORM) I saw an opportunity to build similar (but way more simplistic) functionality on my own.”

How I stumbled onto the Reflection API

 

Erik the Coder continues his Modern PHP Crash Course with conditionals, loops, and functions.

PHP crash course : Conditionals, Loops and Functions

 

Hugo Demont says “During different searches on the internet, I found that little information is on the subject of reading information from a JSON file.”

Data management with JSON files and PHP

 

Andrew Schmelyun writes "If you've worked in a PHP project, chances are you've dealt with the Composer package manager. As a full-stack developer, I think it's one of the better ones that I use on a regular basis, consistently improving while remaining relatively simple.

One of the more difficult things to do with it though is adding a local package for use in a larger PHP project. Whether you've downloaded a private source, or are developing a package locally, this method will work to get your package into Composer.”

Installing a Local Composer Package in Your PHP Project

 

This one is self-explanatory.

VSCode PHP Debug Release January 2022

 

Open Swoole v4.10.0 is a major release with new Coroutine Selector API co::select(), HTTP2 SSE and bug fixes, sleep/usleep data type fixes, and enhancements.

Open Swoole 4.10.0 Released

 

Jordi Bassaganas notes “Sometimes when working in a team of multiple web developers on a brand-new PHP project, each of them using a different OS, you may come across a problem when running composer install.” He shows us how to fix it.

Installing Multiple Alternative Versions of PHP on Ubuntu

 

And Anton Röhm shows us how to:

Deploy your PHP Codebase with Ansible and GitHub Actions

 

This Month

 

Doctrine ORM released an update.

Doctrine 2.11

Code logo

OTHER

 

If you know a plugin developer, give them a shoutout.

Today is Plugin Developers Appreciation Day.

 

GitHub’s ReadMe project takes a look at:

The good, the bad, and the ugly of making decisions in open-source

 

Postman says “A well-defined API lifecycle is essential for taking full advantage of operating on an API platform and being able to effectively govern hundreds or thousands of APIs across many different teams. Having a shared understanding of what the API lifecycle is across your org, and possessing a common vocabulary for describing it, will help your teams get on the same page when developing APIs with greater productivity, quality, and governance needed to drive your enterprise into the future.”

The 8-Point API Lifecycle Blueprint

 

If you would like to review API endpoints, Kinsta has this for you.

What Is an API Endpoint?

 

Stephen Turner writes “One of the topics users of Docker Desktop often ask us about is file sharing. How do I see my source code inside my container? What’s the difference between a volume and a bind mount? Why is file sharing slower than on Linux, and how can I speed it up? In this blog post, I’ll cover the options you have, some tips and tricks, and finish with a sneak preview of what we’re currently working on.”

File Sharing with Docker Desktop

 

David Scott notes “Modern applications make extensive use of networks. At build time it’s common to apt-get/dnf/yum/apk install a package from a Linux distribution’s package repository. At runtime an application may wish to connect() to an internal postgres or mysql database to persist some state, while also calling listen() and accept() to expose APIs and UIs over TCP and UDP ports. Meanwhile developers need to be able to work from anywhere, whether in an office or at home or on mobile or on a VPN. Docker Desktop is designed to ensure that networking “just works” for all of these use-cases in all of these scenarios. This post describes the tools and techniques we use to make this happen, starting with everyone’s favorite protocol suite: TCP/IP.”

How Docker Desktop Networking Works Under the Hood

 

I ran across an interesting tool this week, Spin. they say “Stop wasting time fixing production issues you've already solved. Spin is a bash utility that improves the user experience for teams using Docker. Replicate any environment on any machine, regardless of whether they are running macOS, Windows, or Linux. Centralize your infrastructure from a single configuration file using Docker.”

Spin

 

Git 2.35 was released.

Highlights from Git 2.35

 

Daniel Diaz tells us “As a web developer, it’s extremely important to know how to use Git for web development properly. We’re not just talking about “git add”, “git commit”, and “git push”. You should know the whole workflow of creating a web project with Git.”

Git for Web Development

 

We’ll end with a MySQL tip. Joshua Otwell reminds us “If we aren’t mindful, NULLs have the potential to wreck our query results. Learning how to correctly filter for NULL in the WHERE clause using either IS NULL or IS NOT NULL according to the business logic context at hand, is but one part of learning to handle NULLs.”

Transform NULL values with the MySQL COALESCE function

 

Have you published or seen something related to Symfony or PHP that we missed? If so, please get in touch.

 

That's it for this week. Thanks for making it to the end of another extended edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.

 

Please share this post. :) Be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early). And follow us on Twitter at @symfonfystation.

 

Do you own or work for an organization that would be interested in our promotion opportunities? If so, please contact us. We’re in our infancy so it’s extra economical. ;)

 

Happy Coding Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Symfony Station Communique - 3 December 2021

A white paragraph.

 


 

Symfony Station Logo

symfony logo

 

 


 

Welcome to this week's Symfony Station Communique. It's your weekly review of the most valuable and essential news in the Symfony and PHP development communities. This week it's extensive again, so take your time and enjoy its most valuable items.

 

Thanks to Javier Eguiluz and Symfony for sharing our last communique in their Week of Symfony.

 

*Please note that links will open in a new browser window. My opinions, if I present any, will be in bold.

 

Symfony 

 

As always, we will start with the official news from Symfony.

 

Highlight -> "This week, Symfony 4.4.35 and 5.3.12 releases were published to address some potential security vulnerabilities. In addition, Symfony 5.4.0-RC1 and 6.0.0-RC1 were published in preparation for their imminent stable release. Lastly, Symfony announced the last days of its Black Friday 2021 deals which end on November 29."

A Week of Symfony #778 (22-28 November 2021)

 

Javier continues a series of posts on what's new in Symfony 5.4.

 

 

It's finally here. Symfony 6 is available!

Symfony 6.0.0 released

 

Symfony 5.4 as well.

Symfony 5.4.0 released

 

SymfonyWorld conference starts in just a week: 10 workshops, 25 talks and hundreds of community members to meet. Don't miss it!

A week left before SymfonyWorld Online 2021 Winter Edition, book your ticket now!

 

SensioLabs has this for us: "To mark the release of Symfony 6, SensioLabs has interviewed Nicolas Grekas, one of the most active members of the Symfony core team. Grekas described the main new features of this latest major version of Symfony and how to start preparing for the upgrade."

Deep dive into Symfony 6: the interview with Nicolas Grekas

 

SymfonyInsight is the official Symfony platform to monitor and maintain high quality projects over long periods of time. It also helps you reduce business risks and upgrade your application dependencies.

PHP 8.1 is the latest version of PHP, released on November 25th. We’re thrilled to announce SymfonyInsight support of PHP 8.1 and all its features (enums, readonly properties, etc)!

SymfonyInsight now supports PHP 8.1!
 

 

Featured Item graphic

 

Featured Item

We continue to highlight the most significant post of the week.

 

Stitcher.io has this for us.

PHP 8.1 was released on November 25, 2021. This post will go through all features, performance improvements, changes, and deprecations one by one.

 

What's new in PHP 8.1

 

This week

 

Speaking of Symfony 6, Alex Daubois has this interesting post.

What's this upcoming "Encryption" component of Symfony 6.1?

 

Kiratas provides this advice: "SensioLabs has presented versions 5.4 and 6.0 of the popular PHP framework Symfony. The two versions are identical regarding the innovations, but Symfony 6 cuts off old braids and removes all content marked as outdated (deprecated). Therefore, developers who want to switch to the new main version should first switch to 5.4 and remove all deprecations."

PHP framework: Symfony 6.0 appears at the same time as version 5.4

 

Via SymfonyCasts: "We're heading into Twig and inside a service to fetch the currently-authenticated user. While we're there, we'll add some custom methods to our User class to make it smarter!" They continue their look at Symfony security with:

This week on SymfonyCasts

 

Mattia Toselli shows us how to develop a simple app with Symfony 5 on our local machine. Then we will deploy this app using a service of DigitalOcean called App Platform.

How to create an automated pipeline for deploy with Symfony 5 and DigitalOcean App Platform.

 

Why invest in AWS CDK today? Using a simple example with a basic web application built with the Symfony framework, this article will show you how to industrialize any application with Infrastructure as Code (IaC) methodology on AWS.

Build and Deploy a Symfony Application on AWS using CDK, ECS, and RDS

 

I know that there seems to be one of these comparison posts every week. But, if they have something new in them, even one sentence, we'll continue to feature them.

Laravel vs. Symfony: Which PHP Framework to Choose for Enterprise-grade Web Applications?

By the way, the answer for Enterprise-grade is Symfony.

 

Prestaconcepts brings us this post in French.

What Symfony 5.4 Brings

 

Doctrine has a new release.

New Release: Doctrine DBAL 3.2.0

 

Gábor Hojtsy writes: "As you may know, we are planning to release Drupal 10 in 2022 (as early as June) because Drupal 9's Symfony 4 and CKEditor 4 are both at the end of life the year after, around the end of 2023. So we plan to give enough time for people to update to Drupal 10 before Drupal 9 goes end of life. A similar situation happened with Drupal 8 to 9 driven by Symfony 3 to 4. However, moving Drupal 10 from Symfony 4 to 5 would again only give us a couple of years to move on to Symfony 6 next, so the current plan is to move to Symfony 6 straight away."

The big Symfony 4 to 6 jump plan in Drupal 10 and potential benefits down the line for future versions

 

Websites developed on the Symfony framework were vulnerable to web cache poisoning attacks due to misuse of HTTP headers, according to CyberIntelMag.

Symfony PHP Framework Had Cache Poisoning Vulnerability

 

Last Week

 

Hantsy has the following min-tutorial.

Building Restful APIs with Symfony 5 and PHP 8

 

Timeless

 

The idea behind Inspector is to create a monitoring environment specifically designed for software developers avoiding any server or infrastructure configuration that many developers hate dealing with. It works with a lightweight software library that you can install in your application like any other dependencies. In the case of Symfony, you can use our official Symfony Bundle. 

Code Execution Monitoring for Symfony applications using Inspector

 

When it comes to open source ecommerce platforms, there are quite a few solutions to choose from. You may have heard about Magento or PrestaShop. But have you ever seen something about Sylius?

What is Sylius and how to use it?

 

As you may know, I ran across Akashic Seer's blog last month, which boasts Symfony-related posts. Here are a few more from his archive delivered with his unique approach.

How to add CSRF protection to Symfony 5+ forms

How to access Doctrine in Symfony 5+ services

 

PHP logo

 

PHP

 

This week

 

To paraphrase Cloudways, PHP is the backbone for almost every website, and its security shouldn't be negligible. PHP developers are responsible for avoiding common threats like cross-site request forgery, SQL injections, and data tampering. And PHP has built-in security features that make it easier for developers to protect their websites.

Ultimate PHP Security Best Practices

 

This week, the latest PHP RFC, Deprecate Dynamic Properties, passed 2:1. It barely met the 2/3 vote threshold for passing, which of course, can and has been spun in various pro-and-con ways. The prominent argument people had against it was that it involves triggering deprecation warnings, which is kind of the point. That's what it does mostly.

Evolving PHP safely

 

Here's more on security as Matthieu Robin asks: "You've been using PHP for years, and it seems to work just fine, but have you ever wondered what more you could be doing to keep your scripts secure?" 

10 Ways to Improve Your PHP Security

 

Vedran Mihočinec too has a question. What is the easiest way to dockerize PHP applications?

The Easiest Way to Dockerize PHP Applications

 

In past communiques, we examined Anders Björkland posts on Bolt CMS. Here he takes a look at Silver Stripe CMS in two posts.

A CMS with a new take - SilverStripe first impression

Adding registration to SilverStripe and controlling privileges

 

On an unrelated note, he also posted.

Overview - The C in PHP stands for Christmas 🤶🎅. Follow this daily in December.

 

Speaking of PHP CMSs.

Composer and Contao for the Rest of the World

 

Ibrahim Alausa has written a comprehensive guide on writing cleaner, shorter class constructors.

PHP 8: Constructor Property Promotion

 

Jetbrains has another announcement, although it's quite as big as last week's.

JetBrains Remote Development: The ultimate coding experience for a remote world

 

They also announced that PhpStorm 2021.3 is now available. This major release introduces full support for PHP 8.1, better handling of generics in PHP, remote development, improvements to deployment, an HTTP client, refactorings, and much more.

PhpStorm 2021.3: PHP 8.1, Generics, Remote Development, Refactorings, and More

 

Olotin Temitope shows us how to configure Xdebug with PHPStorm and Docker to debug like a pro.

How to debug like a pro using Xdebug, PHPStorm, and Docker.

 

PHP Architect interviews feature contributor Vinícius Campitelli about his article Cryptography with Libsodium.

Interview with Vinícius Campitelli

 

As of today, when you update dependencies in a pull request, Private Packagist comments with all composer.lock changes displayed in a clear and easy to scan table.

Introducing: Update Review

 

Last Week

 

In this episode of the PHP Internals News podcast, they're looking back at all the RFCs that were discussed on the podcast for PHP 8.1. In their own words, the RFC authors explain these features, with your host interjecting his comments on the state of affairs. Please give it a listen.

PHP Internals News: Episode 95: PHP 8.1 Celebrations

 

In this video, BeachCasts shows us how to:

Measure PHP Code Quality With Static Analysis Using PHPStan

 

James Seconde has more on PHPStan.

Scrub Up! Cleaning Your PHP Application With PHPStan

 

If you use Drupal, its PHPStan solution gets an update.

Better static analysis with entity type storage in phpstan-drupal 1.10

 

And there's another one of these. Sigh.

Is PHP a Dying Language?

And as long as most of us will be alive, the answer is no. But the author still makes some interesting points about why that is.

 

Code logo

 

Other

 

How will future AI systems make the most ethical choices for all of us?

Worried about AI ethics? Worry about developers' ethics first

 

To continue on that line.

AI can translate standard written text to code

 

And regarding other so-called threats to the careers of developers.

Low code will help but don't expect a revolution

 

Here are five handy MySQL string functions you can add to your toolkit.

5 MySQL String Functions You Should Know

 

This type of CSS review is always helpful.

Flexbox vs. CSS Grid: What are the differences between the two, and when should you use them?

 

Postman says: "Before promoting an API direction, all parties must understand where we are and what destinations are possible. A map helps simplify an overwhelming number of technologies, techniques, and ideologies into something approachable and with a clear way forward. Ultimately, maps provide key insights so that having a conversation about an ecosystem's strengths and weaknesses can occur." 

How to Improve an API Ecosystem with Mapping

 

GitHub had some problems this week, but they were able to post this about Actions.

GitHub Actions: reusable workflows are generally available

 

Here's an in-depth look at Docker, which is always helpful.

Dock Life: Using Docker for All The Things!

 

And here's a look at the vital topic of user experience.

The State of UX in 2022

 

Like most articles in the New Yorker, this is a long one. But, it's worth grabbing your favorite beverage and reading it at your leisure.

Lina Khan's Battle to Rein in Big Tech

 

 

Have you published or seen something related to Symfony or PHP that we missed? If so, please contact us.

 

 

That's it for this week. Thanks for making it to the end of another extended edition. I look forward to sharing next week's Symfony and PHP news with you on Friday. 

 

Please share this post. :) Be sure to join our newsletter list, so you get each week's communique directly in your inbox (a day early). And follow us on Twitter at @symfonfystation.

 

Happy coding Symfonistas!

 

Visit our Communiqué Library

You can find a vast array of curated evergreen content.

 

Author

Reuben Walker photo

 

Reuben Walker

Founder
Symfony Station

 

 

 


 

Subscribe to AWS

 

 

Follow Symfony Station on Mastodon Mastodon Icon Twitter Twitter Icon Flipboard Flipboard Icon or Our Newsletter Newsletter Icon