25
loading...
Symfony Station Communique - 17 December 2021. A Look at Symfony and PHP news.
This post originally appeared on Symfony Station.
Welcome to this week's Symfony Station Communique. It's your weekly review of the most valuable and essential news in the Symfony and PHP development communities.
Thanks to Javier Eguiluz and Symfony for sharing our last communique in their Week of Symfony.
*Please note that links will open in a new browser window. My opinions, if I present any, will be in bold.
As always, we will start with the official news from Symfony.
Highlight -> "This week, Symfony 5.4.1 and 6.0.1 maintenance versions were released. In addition, the SymfonyWorld 2021 Winter edition conference too place with great success. During the conference, Symfony UX 2.0 was released to add Stimulus 3 support and we introduced an automated way to create and manage Docker containers in Symfony applications. Lastly, the Symfony Demo application released its new version compatible with Symfony 6.0."
A Week of Symfony #780 (6-12 December 2021)
https://symfony.com/blog/a-week-of-symfony-780-6-12-december-2021
https://symfony.com/blog/a-week-of-symfony-780-6-12-december-2021
SymfonyWorld Winter 2021 featured some great presentations including an overview of Symfony 6.
The new version is the culmination of 2 years of hard work by the community. It embeds all the new features added during the development of Symfony 5, but also removes all the features deprecated during the same period.
With PHP 8.0 as the minimum supported version, Symfony 6 is also an opportunity to embrace new language features.
If you attended SymfonyWorld Winter 2021 you can watch the presentation replay by logging into Symfony Connect and using the link below.
Everything about Symfony 6 Presentation from SymfonyWorld.
https://live.symfony.com/connect/start
https://live.symfony.com/connect/start
Launched in 2018, SymfonyCorp is a company aiming at promoting the Symfony Open-Source framework by creating commercial products around it to ensure its sustainability. The SymfonyCorp team manages symfony.com, the Symfony conferences, the Symfony certification, SymfonyCloud, SymfonyInsight, SymfonyConnect, ...
Symfony announced that SymfonyCorp is hiring remote Symfony developers to work on its internal products and projects.
SymfonyCorp is hiring!
https://symfony.com/blog/symfonycorp-is-hiring
https://symfony.com/blog/symfonycorp-is-hiring
In news I’m excited about Symfony had this announcement.
“Over the years, Docker has become the de facto standard for building, shipping and running server applications. Docker allows you to store all the instructions needed to build the environment that will host your software next to the code, in the repository of the project.
After 6 years of teamwork, Symfony and API Platform now include an industry-first set of tools designed to automatically create, manage and run the Docker containers needed for your applications.
Introducing Docker support
https://symfony.com/blog/introducing-docker-support
https://symfony.com/blog/introducing-docker-support
The Symfony Demo application was introduced in 2015 as a reference application to show how to develop Symfony applications following the recommended best practices. This demo application is useful to:
It’s been updated for Symfony 6.
Symfony Demo 2.0 Introduces Support for Symfony 6.0
https://symfony.com/blog/symfony-demo-2-0-introduces-support-for-symfony-6-0
https://symfony.com/blog/symfony-demo-2-0-introduces-support-for-symfony-6-0
Symfony Live is back for you French speakers.
The SymfonyLive is back in Paris on April 7 and 8, 2022! We have the great pleasure to meet you physically at SymfonyLive Paris 2022! After a year of online conferences, we are delighted to be able to once again find the French-speaking community of Symfony at the Cité Internationale Universitaire in Paris.
SymfonyLive Paris 2022: le retour!
https://symfony.com/blog/symfonylive-paris-2022-le-retour
https://symfony.com/blog/symfonylive-paris-2022-le-retour
And they also announced the SymfonyWorld 2022 Summer Edition.
SymfonyWorld Online 2022 Summer Edition conference is announced!
https://symfony.com/blog/symfonyworld-online-2022-summer-edition-conference-is-announced
https://symfony.com/blog/symfonyworld-online-2022-summer-edition-conference-is-announced
Symfony also reviewed all the SymfonyWorld and Symfony Live conferences.
Online SymfonyTour 2021 was a blast!
https://symfony.com/blog/online-symfonytour-2021-was-a-blast
https://symfony.com/blog/online-symfonytour-2021-was-a-blast
PHP.Watch wrote this heartfelt post and I’m sure most of us share its sentiments.
PHP powers over 75% of the web, and its success is attributed to thousands of PHP contributors, framework authors, PHP tooling developers, IDE and other tooling developers, and the rest of the PHP community.
One of the most impactful contributors to PHP is Nikita Popov. Over the 25 years of PHP's history, there has never been more acceleration in new features, language clean-up, and up-keep than the past few years, and Nikita was behind most of the important changes in PHP before he recently stepped back from the project.
Thank you, Nikita!
https://php.watch/news/2021/11/nikic
https://php.watch/news/2021/11/nikic
Alex Daubois continues his impressive output. This week he looks at HTTP in Symfony.
The love story between Symfony and HTTP
https://alex-daubois.medium.com/the-love-story-between-symfony-and-http-587416e54646
https://alex-daubois.medium.com/the-love-story-between-symfony-and-http-587416e54646
Via SymfonyCasts: “Today marks 10 years of SymfonyCasts (formerly KnpUniversity)! How that is possible, I have no idea! But, I am quite certain it has something to do with all of you awesome devs - thank you for making this such a fun project to work on!” They continue to explore Symfony security.
Hanane Kacemi looks at Symfony, Docker, and Doctrine ORM.
Symfony and Database
https://dev.to/hananekacemi/symfony-and-database-11j5
https://dev.to/hananekacemi/symfony-and-database-11j5
Symfony & Database-Part 2
https://dev.to/hananekacemi/symfony-database-part-2-9b6
https://dev.to/hananekacemi/symfony-database-part-2-9b6
Anthony Gilbert also had two posts on Symfony and Docker.
Setting up a Symfony application using Docker.
https://dev.to/anthonygilbertt/setting-up-a-symfony-application-using-docker-4jl3
https://dev.to/anthonygilbertt/setting-up-a-symfony-application-using-docker-4jl3
How to set up Symfony & then Dockerize it.
https://dev.to/anthonygilbertt/how-to-set-up-symfony-then-dockerize-it-59k1
https://dev.to/anthonygilbertt/how-to-set-up-symfony-then-dockerize-it-59k1
Drupal announced that:
Various type hints have been added for Symfony subclasses
https://www.drupal.org/node/3254142
https://www.drupal.org/node/3254142
Speaking of Drupal, specbee notes that “Twig tweak module is a huge time saver for Drupal developers working with advanced twig templates. It offers several useful functions and filters that can ease the developer’s job. Developers can also write well formatted code which is more comprehensible.”
Functions and filters to get you started with Twig Tweak in Drupal 9 (with examples)
https://www.specbee.com/blogs/twig-tweak-in-drupal-9-functions-and-filters
https://www.specbee.com/blogs/twig-tweak-in-drupal-9-functions-and-filters
Christian Kolb wrote “Login throttling is possible with Symfony out of the box since 5.2. But the default configuration doesn't work as soon as you have multiple server instances.
Why? Because it stores the relevant data on the local filesystem.
So all we need to do is to exchange the storage layer with a shared one. How to do this?”
So all we need to do is to exchange the storage layer with a shared one. How to do this?”
Login throttling with Symfony and multiple server instances
https://blog.digital-craftsman.de/login-throttling-with-symfony-and-multiple-server-instances/
https://blog.digital-craftsman.de/login-throttling-with-symfony-and-multiple-server-instances/
As you by now, I discover Akashic Seer's blog last month, which has Symfony-related posts. Here are a few more.
Symfony 5+ Twig templates don’t forget to call the parent
https://akashicseer.com/web-development/symfony-5-twig-templates-dont-forget-to-call-the-parent/
https://akashicseer.com/web-development/symfony-5-twig-templates-dont-forget-to-call-the-parent/
How to secure individual Symfony AJAX API routes without using API Platform
https://akashicseer.com/web-security/how-to-secure-individual-symfony-ajax-api-routes-without-using-api-platform/
https://akashicseer.com/web-security/how-to-secure-individual-symfony-ajax-api-routes-without-using-api-platform/
We also continue to share the treasure trove of Symfony posts on Twilio’s blog.
Create One-Time Passwords in PHP with Symfony and Twilio's Verify API
https://www.twilio.com/blog/create-one-time-password-in-php-with-symfony-twilio-verification-api
https://www.twilio.com/blog/create-one-time-password-in-php-with-symfony-twilio-verification-api
Envoyer des rappels SMS en PHP depuis votre app Symfony
https://www.twilio.com/blog/envoyer-rappel-sms-php-symfony
https://www.twilio.com/blog/envoyer-rappel-sms-php-symfony
Open Swoole IDE Helper for v4.8.1 are released with enhanced type hinting. Developers can do code autocompletion within the IDE like VScode or PHPStorm.
Open Swoole IDE Helper released with enhanced type hinting for IDE
https://www.swoole.co.uk/article/openswoole-ide-helper-4.8.1-released
https://www.swoole.co.uk/article/openswoole-ide-helper-4.8.1-released
The Duckly blog recommends its best plugins for JetBrains’ PhpStorm IDE.
23 Best PhpStorm plugins for 2022
https://duckly.com/blog/best-plugins-for-phpstorm-2022/
https://duckly.com/blog/best-plugins-for-phpstorm-2022/
Sequally shows us how to create an PHP 8.1, NGINX and MySQL development environment with Docker.
Docker with PHP 8.1, NGINX, and MySQL
https://medium.com/@Sequally/docker-with-php-8-1-nginx-and-mysql-ca7fdd39bb28
https://medium.com/@Sequally/docker-with-php-8-1-nginx-and-mysql-ca7fdd39bb28
Speaking of NGINX, we recently ran across the following via DeliciousBrain’s newsletter.
“DigitalOcean has a great online tool called NGINXConfig. It comes with a bunch of presets, from standard PHP applications to content management systems like WordPress and Joomla, as well as other popular web frameworks, including Django and Node.js. You can also configure practically everything you might need.”
Quick & Easy Nginx Configuration
https://www.digitalocean.com/community/tools/nginx
https://www.digitalocean.com/community/tools/nginx
Cees-Jan Kiewiet writes “PHP 8.1 is out and the hip new feature for non-blocking and asynchronous programming in PHP are fibers. In this post we're going to explore them and see how we at ReactPHP will start with them at the edge.”
async & await at the edge with ReactPHP
https://blog.wyrihaximus.net/2021/12/async-and-await-at-the-edge-with-reactphp/
https://blog.wyrihaximus.net/2021/12/async-and-await-at-the-edge-with-reactphp/
The latest edition of PHP Architect magazine is out. Get yours today.
The Zen of Mindful Programming
https://www.phparch.com/magazine/2021/12/the-zen-of-mindful-programming/
https://www.phparch.com/magazine/2021/12/the-zen-of-mindful-programming/
One Java developer came back to PHP after seven years. He was quite surprised.
Trying out PHP after 7 years
https://www.kode-krunch.com/2021/12/trying-out-php-after-7-years.html
https://www.kode-krunch.com/2021/12/trying-out-php-after-7-years.html
The Guardian reports “The flaw, dubbed “Log4Shell”, may be the worst computer vulnerability discovered in years. It was uncovered in an open-source logging tool, Log4j, that is ubiquitous in cloud servers and enterprise software used across the industry and the government. Unless it is fixed, it grants criminals, spies and programming novices alike, easy access to internal networks where they can loot valuable data, plant malware, erase crucial information and much more.”
Recently uncovered software flaw ‘most critical vulnerability of the last decade’
https://www.theguardian.com/technology/2021/dec/10/software-flaw-most-critical-vulnerability-log-4-shell
https://www.theguardian.com/technology/2021/dec/10/software-flaw-most-critical-vulnerability-log-4-shell
NPR reports “When programmers write code, they often rely on some extremely common and freely available bits of software — like using building blocks — to do common tasks. In this case, the vulnerable piece of software was something called Log4j, which is used in the programming language Java and essentially creates a log of activity on a device, copying down everything that happens as programs run.”
Companies scramble to defend against newly discovered 'Log4j' digital flaw
https://www.npr.org/2021/12/14/1064123144/companies-scramble-to-defend-against-newly-discovered-log4j-digital-flaw
https://www.npr.org/2021/12/14/1064123144/companies-scramble-to-defend-against-newly-discovered-log4j-digital-flaw
David Crawshaw writes “there is more than enough written on the mechanics of and mitigations for the recent severe RCE in log4j. On prevention, this is the most interesting widely-reshared insight I have seen:
This is making the rounds because highly-profitable companies are using infrastructure they do not pay for.
It is the second statement in this tweet that is worthy of attention: the maintainers of log4j would have loved to remove this bad feature long ago, but could not because of the backwards compatibility promises they are held to.”
log4j: between a rock and a hard place
https://crawshaw.io/blog/log4j
https://crawshaw.io/blog/log4j
Have you published or seen something related to Symfony or PHP that we missed? If so, please contact us.
That's it for this week. Thanks for making it to the end of another extended edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.
Please share this post. :) Be sure to join our newsletter list, so you get each week's communique directly in your inbox (a day early). And follow us on Twitter at @symfonfystation.
Happy coding Symfonistas!
Reuben Walker
Founder Symfony Station
Ringmaster Mobile Atom Media and Mobile Atom Code.
25