Welcome to this week's Symfony Station Communiqué. It's your weekly review of the most essential news in the Symfony and PHP development communities.
This week, we again cover tech aspects of the war crimes going on in Ukraine and how you can help.
Take your time and enjoy the items most valuable for you.
Please note that links will open in a new browser window. My opinions will be in bold.
As always, we will start with the official news from Symfony.
Highlight -> “This week, Symfony development focused on fixing bugs and finishing new features for the upcoming Symfony 6.1 version. One of those new features is a button to copy requests as cURL commands in the Symfony Profiler. Meanwhile, the SymfonyLive Paris 2022 conference, which will take place in just 4 weeks, announced its complete workshop and talk schedule.
Early bird registration for SymfonyCon Disneyland Paris 2022 ends on March 31st
Unsurprisingly after the recent merger they announced:
Fabien Potencier asks “How can you get started with Symfony 6? What are the best resources to learn Symfony? How can I learn about the latest best practices? Those are legitimate questions I get from the community.”
SymfonyCast has started a new course on Symfony 6!
Elise Hamimi reports “As the creator of Symfony, SensioLabs strengthens its relationship with its long-time partner in the US: Unleashed Technologies. This strategic partnership is the result of successful joint projects with Unleashed Technologies. In 2022, SensioLabs and Unleashed Technologies are speeding up to better serve American users of Symfony.”
She also has:
Forbes writes Ukraine’s IT pros are “ fixing internet in bombed-out buildings, finding rogue operators providing Russians with mobile connections and thwarting hackers. The telecom companies of Ukraine and their employees are being hailed as heroes in the war.”
If these heroes can do this, we can do more ourselves to stand with Ukraine and protect democratic values.
Sergii Demianchuk writes “welcome to the second article devoted to the theme: “How to work with ElasticSearch using Symfony PHP framework”. Here we will prepare our local environment for further development. As you remember from Part 1 we have to create a web server, microservice application, and Elasticsearch as standalone docker containers.”
Michał Romańczuk notes “There are many tools for static PHP code analysis, but one of the most popular is PHPStan. It may be due to its ease of use, versatility and the possibility of using many extensions for example to Symfony, Doctrine, Elasticsearch, Monolog, Guzzle, etc.”
Fabien Lemoine show us “How to combine the power of the Symfony Mailer component with the features offered by an email provider.”
Mchojrin takes a look at how to handle exceptions in Rest APIs with Symfony. It’s in Spanish.
Webkul writes “PrestaShop employs various types of cache such as Smarty, assets (CSS/JS), XML cache, etc. It also provides ways to clear individual cache types from our module. So in this blog, we will discuss how we can clear PrestaShop cache in module code.”
They also have:
Sylius notes “Since the very beginning of Sylius’ existence, our philosophy was to focus on our domain and not reinvent the wheel. That’s why Sylius is entirely based on Symfony which gave us a solid foundation to build specific e-commerce bundles within the already existing and highly standardized framework.
Following the very same core idea, Sylius never intended to solve problems of other domains. There are wonderful tools in different categories, which allows us to focus on what we know best – the e-commerce domain.”
I agree that unless you have a small and simple application, best-of-breed is the way to go for your stack.
Joseph Ndedde Udonsak writes “Recently, I was working on a feature and needed to generate and mail a PDF document whenever a payment was made. I dispatched a Message and in the message handler, I used the KNP Snappy Bundle to generate a PDF from a twig template. It was pretty straightforward (or so I thought) until I saw the mayhem that had been let loose in my failed transport.
He also has:
The Drop Times has an interview with Drupal’s founder with some interesting takes on headless and low code.
And speaking of headless Drupal here’s an article and a solution taking a look.
Dries disagrees with the headless opinion and so do I. That applies to WordPress as well.
Ryan Szrama writes “We've long recommended Swift Mailer for formatting and sending HTML emails from Drupal Commerce. Symfony announced the project's deprecation late last year, recommending folks switch to using the 3-year-old Symfony Mailer instead after they brought it up to full feature parity with the Swift Mailer library.
Fortunately, there's a module for that!”
We published our third sponsored article on Symfony Station exploring how to Implement Code Execution Monitoring for your Symfony apps via Inspector. Like all our articles it is now available via audio.
All sponsored articles are for products we have vetted and stand behind. We either use them or would do so if they applied to the Symfony Station site.
Dariusz Gafka writes “We often need to schedule the execution of given business functionality in our applications. The timing depends on what we want to achieve. It may be monthly executed invoices or notifications sent after the user was registered on the website. And in this article, we will deep into different ways of scheduling execution in PHP.”
They also look at:
Digital Ocean shows us:
Gaurav Makhecha says, “Thanks to the PSR-4 autoloading, we can define the namespaces prefix and their corresponding base directories.”
Marcin Szydlowski writes “I have recently spotted an interesting vulnerability in a PHP application, which was in the scope of a private bug bounty program. This vulnerability has nothing to do with standard web app issues like SQLi, XSS, or IDOR, hence despite relatively small impact I decided to write about it.”
Brent Roose & Freek Van der Herte are starting a series of posts with tips for writing clean PHP. They’re from a course the duo offers.
Joshua Otwell says, “I'm sharing my 5 favorite Programming/Developer newsletters that I think you should read too.”
There are good SQL and PHP choices on the list.
Meet Simseck states “I’d like to talk about Swoole in this article but it won’t be covering the cumbersome processes such as installing, configuring, using, and so on. I’d like to cover the philosophy behind it. Why do we need it in the PHP world? Which scenarios are the best to use this kind of external package/extension?”
Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).
The cyber response to Russia’s War Crimes
MarketWatch writes “One reason that some military analysts and Russia experts believe may have contributed to Putin miscalculating his chances of a quick victory, or his ability to outlast the Ukrainians, is that he underestimated the efficacy of Western sanctions in sapping Russia’s power to wage war, specifically by denying it access to critical technologies.”
The Hill notes “With the assistance of the West, Ukraine has become more resilient since the initial cyberattacks, especially given that it is uniquely vulnerable to Russian attacks since most of its infrastructure was built by Moscow during the Soviet era.”
Reface, a synthetic media app that’s developed out of Ukraine has added push notifications informing its ~200 million-strong global user-base about Russia’s invasion of the country — urging people to #StandWithUkraine, including by watermarking face-swapped videos created with the app.
Wired writes, “Within three days of the first missiles falling on Kyiv, Mykhailo Fedorov and his staff launched a public campaign to pressure US tech giants to cut off Russia, began accepting cryptocurrency donations to support Ukraine’s military, secured access to Elon Musk’s Starlink satellite internet service, and began recruiting a volunteer “IT Army” to hack Russian targets. More recent projects include a chatbot for citizens to submit images or videos of Russian troop movements.”
The Guardian reports “about 300,000 people have signed up to a group on the chat app Telegram called “IT Army of Ukraine”, through which participants are assigned tasks designed to take the fight to Vladimir Putin. In so doing, they are trying to level the playing field between one of the world’s (so-called) superpowers and Ukraine as it faces bombardment and invasion.
Anonymous continue their efforts.
They also hit the German subsidiary of Russian energy giant Rosneft with a cyberattackRosneft withal Office for Information Security (BSI) says.
Fast Company reports on how “A group of techies-turned-hackers called the Cyber Partisans are targeting railways carrying Russian troops and exposing a brutal Belarusian regime.”
Rest of World asks:
The Wall Street Journal notes “People around the world are using a new website to circumvent the Kremlin’s propaganda machine by sending individual messages about the war in Ukraine to random people in Russia.”
The Guardian also notes “Experts say both sides may understand that large-scale cyber-attacks will result in ‘mutually assured destruction of systems’.”
I thought this would have been a no-brainer but:
VentureBeat reports “Cloudflare unveiled a new tool in its suite of security offerings, the Cloudflare API Gateway, which seeks to simplify the protection of increasingly prevalent application programming interfaces (APIs). The solution also aims to feature a significantly lower price point than many of the other API security products now on the market, which could go a long way toward “democratizing” API security for the market.
On the Public API Network, Postman gathers some of the best APIs to ramp up productivity including Notion (just released to GA!), Peruse Code, and Machine Learning Tools for Developer Professionals.
This was from a while back but is worth another look. Via Github:
C.S. Rhymes says, “GitHub offers a dependabot service that can let you know of any potential security issues with your dependencies and automatically create a Pull Request for you. This works great without any configuration if you have a repo that contains npm, composer, or gem dependencies, but you may need additional configuration if your lock files aren’t in the root directory, or in separate directories in the case of a monorepo.”
GitHub also has a video exploring “ some of the shortcomings of legacy application security solutions, and share a developer-first approach that can help your organization overcome challenges with an end-to-end security process and improved collaboration.”
If you are having trouble getting cybersecurity buy-in with your CEO or CFO, share this with them. Plus, it’s a good review for anyone.
Core DNA writes “We take a close look at the evolution of the CMS platform, specifically, how the management of content has changed and how platforms have been designed to cater for the changing browsers, new channels, and client needs.”
Postman asks us to “Explore the World of APIs. Browse the largest network of APIs, workspaces, and collections by developers across the planet.”
Ben Gurney shares an effective way to approach improving the web accessibility of your apps.
What many people don’t know is that the best way to manage JSON is with a seemingly ancient tool: the SQL language. Let’s look at why that is and five examples of how to do it.”
That's it for this week. Thanks for making it to the end of another extended edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.
Please share this post. :) Be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early). And follow us on Twitter at @symfonfystation.
Do you own or work for an organization that would be interested in our promotion opportunities? If so, please contact us. We’re in our infancy so it’s extra economical. ;)
More importantly, if you are a Ukrainian company with coding-related products, we can provide you with free promotion on our Support Ukraine page. Or if you know of one, get in touch.
Keep going Symfonistas!