Need help with Drupal or Grav admin, site building, design, or content? Contact us!
Help Defend Democracy! → Join Battalion today.
Exploring the Symfony universe!
Welcome to this week's Symfony Station communiqué. It's your review of the essential news in the Symfony and PHP development communities focusing on protecting democracy. Because open-source equals open societies, peeps. We also cover the cybersecurity world and the Fediverse (more open-source).
We cover a spam attack on the Mastodon community this week. And there is good content in all of our categories, so please take your time and enjoy the items most relevant and valuable to you. This is why we publish on Fridays. So you can savor it over your weekend. 😉
Or jump straight to your favorite section.
Once again, thanks go out to Javier Eguiluz and Symfony for sharing our communiqué in their Week of Symfony.
My opinions will be in bold. And will often involve cursing. Because humans.
Cory Doctorow writes:
The problem, in other words, isn’t intermediation — it’s power. The thing that distinguishes a useful intermediary from an enshittified bully is power. Intermediaries gain power when our governments stop enforcing competition law.
This lets intermediaries buy each other up and corner markets. Once they’ve formed cozy cartels, they can capture their regulators and commit rampant labor, privacy and consumer violations with impunity. That capture also lets them harness governments to punish smaller players that want to free workers, creators, audiences and customers from walled gardens.
It also hands them a whip-hand over their workers, so that any worker who refuses to aid in these nefarious plans can be easily fired.
As always, we will start with the official news from Symfony.
Highlight -> "This week, development activity focused on fixing bugs, such as adding compatibility with the new yielding feature introduced in Twig 3.9. In addition, we published more details about the talks of the upcoming SymfonyLive Paris 2024 conference."
A Week of Symfony #894 (12-18 February 2024)
SymfonyCasts has:
Dariusz Gafka explores:
Symfony Multi-Tenant Applications with Ecotone
Brian Thiely examines the:
Rector shows us:
What to expect when you plan to Migrate Away from CakePHP 2
Eternal Learner shows us how to:
Use State Processors and Providers on API Platform 3
Makina Corpus looks at:
ItéraÂtions vers le DDD et la clean archiÂtecÂture avec Symfony (2/2)
Part 1 is below in the previous weeks section.
Nikolay Nikolov explores:
Unveiling the Power of Dependency Injection in Symfony
Decoupling Logic Through Custom Events in Symfony
Jose Clemente GarcÃa RodrÃguez shares:
Symfony — Azure Provider for OAuth 2.0 Client bundle
Cristiano Pacheco says:
Good-bye Docker, Hello Nix: Configuring a Magento 2 Development Environment with Rooter
Stefan Koopmanschap reports on a meetup:
Magento, Shopware, Sylius, and Spryker all use Symfony components.
Pitangent Analytics & Technology Solutions asks:
Crafting Dynamic E-commerce Apps with Symfony, Possible or Not?
The Drop Times has:
Essential Modules that Help you Create a Retail Website in Drupal
Fronkom examines a new reg impacting PIMs:
Who needs to comply with Digital Product Passport?
TYPO3 has:
Report From the EMPAMOS Barcamp and Networking Event in Nuremberg 2023
Unleashing the Power of Connectivity
And a case study:
Scaling Up Global Websites with TYPO3
TYPO3 Developer Days says:
The TYPO3 Developer Days 2024 need your insights!
Use TYPO3 looks at:
Joomla publishes:
Highlights include:
Cassiopeia, Joomla’s powerful built-in template: how to use css classes for your category blog
Your Joomla Administrator Panel: make it yours!
Bleeping Computer reports:
Joomla fixes XSS flaws that could expose sites to RCE attacks
Drupal has:
Drupal means innovation: Introducing the innovation hub
Here's the hub:
There's some good stuff here that is (very) slowly improving Drupal.
Talking Drupal has:
Talking Drupal #438 - CKEditor 4 End of Life
DrupalizeMe examines:
PHP Attributes for Drupal Plugins
Acquia looks at:
Automated Bot Traffic - Strategies to Handle and Manage It
Tag1 explores:
Gander: The Sustainability Impact of Automating Performance Testing
Image X examines:
Mastering Content Structure with Ease Thanks to Drupal’s Revamped Field UI
Great stuff.
The Lullabot Podcast looks at:
Navigating the Waters of Drupal Development with Tugboat
QTA Tech shares:
Effortless Drupal Development: Single Directory Components Demystified
The Drop Times has an interview:
FLDC Featured Speaker Aubrey Sambor on CSS Color Innovations
I am looking forward to her presentation.
Ryan Robinson explains his:
Balint Pekkar shares:
The Drupal Prep Manual: Recipes!
Great stuff and a follow on to our article, Cooking Up Convenience - Symfony Flex's Recipes and the Drupal Recipes Initiative.
DrupalizeMe explores:
PHP Attributes for Drupal Plugins
QED42 Tech has:
The Guide to Single Directory Components (SDC) in Drupal 10
Single Directory Components (SDC) Block module in Drupal 10
A Guide to SDC Variations with Paragraphs in Drupal 10
Great, great stuff. I don't know how I missed this last week. It's the way to do Drupal frontend.
LunaLoom asks:
Why Next.js + Drupal Simplifies Frontend Development with Headless CMS Integration
This is not.
Makina Corpos has:
ItéraÂtions vers le DDD et la clean archiÂtecÂture avec Symfony (1/2)
Processus de traitement d'une requête HTTP par Symfony
Stéphan Kochen shares:
Using Nix flake inputs with PHP Composer
Dan Leech shares:
Dragan Rapić explores:
Parthipan Natkunam explains:
6 Configs to Secure Server-to-Server Communications using cURL in PHP
There is a part 1 you will want to read as well.
Oliver Davies asks:
Which PHPStan level is right for you?
JetBrains announces:
The New Terminal (Beta) Is Now in JetBrains IDEs
AI for PHP: How to Tweak AI Prompts to Improve PHP Tests
Muhammad Raza Bangi looks at:
Interface Segregation Principle (ISP) By Using PHP : SOLID Principle
Alejandro Celaya explores;
Capturing remote code coverage in E2E tests with PHPUnit
NueJS explains:
Tailwind marketing and misinformation engine
Or why Failwind is shit.
EuroNews asks:
Open source vs closed source AI: What’s the difference and why does it matter?
GitHub shares:
Free Code Camp shows us:
How to Use the :has() Selector in CSS
Marc van Neerven announces:
PurePWA — A Radical U-Turn in Web Development
Now this is cool. No React shit, Bootcrap, or Failwind.
Docker shares:
5 Benefits of a Container-First Approach to Software Development
Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).
Bleeping Computer reports:
FBI disrupts Russian Moobot botnet infecting Ubiquiti routers
The Next Web opines:
How antitrust cases against tech giants could reshape the digital advertising landscape
Ars Technica reports:
EU accuses TikTok of failing to stop kids pretending to be adults
The Verge reports:
Apple will reportedly face a $539 million fine over Spotify’s antitrust complaint
FTC cracks down on H&R Block for deleting tax data when users want to downgrade
404 Media reports:
FTC Fines Avast $16.5 Million For Selling Browsing Data Harvested by Antivirus
VentureBeat reports:
The FTC warned about ‘quiet’ TOS changes for AI training. Here’s why it might not be enough.
My boys are on a roll.
TechSpot reports:
Major tech companies sign agreement to combat AI's use in election interference
Ha.
NPR reports:
As Congress lags, California lawmakers take on AI regulations
The Hacker News reports:
Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices
Meta tries to do something good.
PBS reports:
Biden signs executive order to boost cybersecurity at American ports
The Kyiv Post reports:
Ukraine Defense Ministry Builds New Community to Facilitate Military Tech Development
And:
Kremlin Propaganda Aims to Destabilize Ukraine From Within
404 Media reports:
Fake Funeral Live Stream Scams Are All Over Facebook
Then Meta allows this mofoery.
The Hacker News reports:
Russian-Linked Hackers Target 80+ Organizations via Roundcube Flaws
The Next Web reports:
New Russian PSYOPs mix disinformation, spam, and Navalny
DarkReading reports:
Russian APT 'Winter Vivern' Targets European Government, Military
Iranian APTs Dress Up as Hacktivists for Disruption, Influence Ops
Krebs on Security reports:
New Leak Shows Business Side of China’s APT Menace
Bleeping Computer reports:
UnitedHealth confirms Optum hack behind US healthcare billing outage
Open Web Advocacy reports:
It’s Official, Apple Kills Web Apps in the EU
On a related note, Ars Technica reports:
Big Tech is extremely unimpressed by Apple’s EU App Store changes
And:
DuckDuckGo browser gets end-to-end encrypted sync feature
CNN reports:
US cracks down on hacking network with thousands of customers
Amazee has a case study:
A Large Credential Stuffing Attack - How We Respond and Mitigate
If you use cloud hosting for a decoupled and composable Drupal site, you should check out Amazee.
The Verge reports:
Microsoft and OpenAI say hackers are using ChatGPT to improve cyberattacks
DarkReading reports:
Orgs Face Major SEC Penalties for Failing to Disclose Breaches
Like Seat Belts and Airbags, 2FA Must Be Mandatory ASAP
It's sad that it's coming to this. Right?
The Markup asks:
What Happens to Your Sensitive Data When a Data Broker Goes Bankrupt?
The Fediverse Report has:
Last Week in Fediverse – ep 56
The BBC announces:
Extending our Mastodon social media trial
Mastodon had a spam fiasco last weekend because of some teenage jackassery in Japan and its own lax security and privacy decisions. Plus Discord's shitassery.
Tedium reports:
Jan Wildeboer examines the laxness:
The 2024-02 Spam Wave on the Fediverse and what we can learn (unfinished)
Cats on a Keyboard has the nitty-gritty:
Cyberbullying Gone Global: Fediverse Spam and Operation Beleaguer
TechCrunch reports:
Discord took no action against server that coordinated costly Mastodon spam attacks
Everyone knows TOS are for platforms to fuck over their users. Not to prevent their users from fucking over other users. Right SubStack?
Meta tests cross-posting from Facebook to its Twitter/X competitor, Threads
Great news. Those on the Fediverse who want to interact with the Threads dummies get the Facebook old dummies as a bonus. At least it will be via ActivityPub.
Mike McCue previews:
Federating Flipboard Magazines
We will let you know when ours are turned on.
Forgejo announces:
Forgejo forks its own path forward
Funkwhale announces:
The path to Funkwhale 2.0: a new API
So their idea of "federation" is use Bluesky or set up your own personal "instance".
Do you own or work for an organization that would be interested in our promotion opportunities? Or supporting our journalistic efforts? If so, please get in touch with us. We’re in our infancy, so it’s extra economical. 😉
More importantly, if you are a Ukrainian company with coding-related products, we can offer free promotion on our Support Ukraine page. Or, if you know of one, get in touch.
You can find a vast array of curated evergreen content on our communiques page.
Founder
Symfony Station
Symfony Station covers the essential news in the Symfony, PHP, and Fediverse development communities with a focus on protecting democracy. Please use the button above to make a small donation to help cover our out-of-pocket costs. Our labor is provided free of charge to support the communities we write about.
Subscribe to The Payload, our weekly newsletter exploring the Symfony Universe.