Welcome to this week's Symfony Station Communiqué. It's your weekly review of the most essential news in the Symfony and PHP development communities.
We again cover the tech aspects of the war crimes going on in Ukraine and how you can help. Symfony news was light this week, so we’ve added extra Drupal and cybersecurity coverage.
Take your time and enjoy the items most valuable for you.
Please note that links will open in a new browser window. My opinions will be in bold.
As always, we will start with the official news from Symfony.
Highlight -> “This week, Symfony announced the merging of SymfonyCloud into Platform.sh. In addition, SymfonyCasts published the new (and free) Symfony 6 video tutorials. Finally, SymfonyCon Disneyland Paris 2022 conference announced the end of its early bird registration period.”
They also announced there’s:
SymfonyCasts continues their free look at Symfony 6 and the Easy Admin paid courses.
It’s long past time to make your Symfony applications as secure as possible.
As should be obvious to anyone not living under a rock, cybersecurity is critical. This has always been the case, but it’s even more important now thanks to the Russian war crimes in Ukraine.
The potential for a cyber-war has never been higher. As Russia struggles with illegally occupying Ukraine it may lash out with cyber-attacks against anyone supporting the Ukrainian nation.
Russia’s fellow rogue state allies, Belarus, Iran, North Korea, and China, could increase their current efforts. Plus, many cyber-criminal gangs are based in these countries.
This is the most important, original content Symfony Station has created to date so please be sure to read it.
Jolicode writes “Once upon a time, a developer was asked to move a form from one application to another. The source application was a Symfony app. The target application was WordPress, the CMS that runs the Web.
Follow us in that journey that will take you to the edge of what is possible and what should not be done, but most importantly it will show you how to use the full power of Symfony Form inside the WordPress CMS.”
Prestaconcept shows us “how to cut out your code that has become too complex with the decorator pattern, using Symfony.”
Rajesh Bhimani says, “Drupal 10 is coming soon. Are you ready for this new version? Are wondering since Drupal 9 is quite new, why is Drupal 10 being released? There are a few practical reasons for Drupal 10 early release, which we will discuss in this article. But before it arrives, we have to get prepared for it.”
Hint - It’s tightly tied to Symfony 6.
Evolving Web “Drupal's API-enabled architecture opens up infinite possibilities for a decoupled Drupal, separating its back-end CMS from its front-end theming system and giving us the tools to use our Drupal installation as a content hub for various technologies and applications.”
This two-part series should apply to straight Symfony in general.
Vishwa Chikate shows us “how to mock the global Drupal object when writing unit test cases for the custom code.”
He also has:
Jacob Rockowitz notes “Recently, I shared a guide for auditing, reviewing, and improving a Drupal module. I suggested that developers experiment with the
drush generate command, which uses the Drupal Code Generator to help gain an overall understanding of the potential architecture of a Drupal module. Here I put my recommendation to the test by generating an example module using the Drupal Code Generator library."
Nicolas Pennec says, “Drupal is an open-source content management platform powering millions of websites and applications. Here we will see how you can easily deploy a simple Drupal website on Docker to the cloud with ScaleDynamics.”
We published our third sponsored article on Symfony Station exploring how to Implement Code Execution Monitoring for your Symfony apps via Inspector. Like all our articles it is now available via audio.
All sponsored articles are for products we have vetted and stand behind. We either use them or would do so if they applied to the Symfony Station site.
Nabila Khansa writes “Clean code plays a major role in the understandability of a code, along with its readability, changeability, extensibility, and maintainability. It is vital for building a successful and maintainable product, especially when you are part of a developer team. You should always think about the next person who will maintain your code.”
Victor Todoran notes “Ever since the release of PHP 8.0 all I’ve been hearing is constructor property promotion. It’s a neat little trick and I like it, though it wasn’t of much help when I started work on PHP 8 compatibility. This article is a high-level overview meant to show you some of the things you need to look into before you can upgrade to PHP 8 and to encourage you to research the topic on your own.”
There are many PHP 8 articles, but this one directly compares code examples from 7 and ones refactored with 8.
Tomasz Dobrowolski says, “Functions are fundamental to writing code, making it vital that you write them well. Well-written functions make your code efficient, easy to read and reduce the chance of errors. Here is a list of advice on writing good functions with PHP examples.”
Brent is back and writes “Collections; they are probably the easiest way to explain what generics are about, but they also are the example that everyone talks about when discussing generics. It’s not uncommon for people to think that “generics” and “collections with a type” are the same thing. That’s definitely not the case.”
This tutorial shows us how to work with files in PHP.
Italo Baeza Cabrera notes “If you want a free and simple route to host a private package in Github and download it to your project, there is one.”
Vitalii Marenkov says, “Domain-driven design advises to create aggregates and other complicated objects in factories. In PHP we can define constructor as private or protected and then the object can be created only in a factory method in the class itself. But it violates the single-responsibility principle. Is there another way?”
This one is self-explanatory:
Frank Prins writes “The last few months I’ve been working a lot on optimizing our Gitlab pipelines for a large private codebase to keep the runtime of them below 4 minutes. As there is not a lot of info about optimizing Gitlab pipelines for PHP projects in general, I decided it was time to change that. As there is a lot to unpack here, this will be the third in a multipart series.”
Pascal Landau says, “In the fourth part of this tutorial series on developing PHP on Docker we will revisit the previous tutorials and update some things to be up-to-date in 2022.”
Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).
The cyber response to Russia’s War Crimes
TechCrunch opines “Russia's current talent outflow might well be the last wave of its chronic brain drain stretching back decades.”
Venture Beat notes “Vera Chernysh is the СЕО and managing editor of the three largest technology and business news publications in Ukraine — MC.today, ITC.UA, and Highload. Chernysh and her husband, Timur Vorona, who run and manage the news outlets together, made the business decision to shift the operations of their entire business from covering the latest tech trends to war and survival reporting.”
FP reports “Russia’s communications systems are failing at higher-than-expected rates during the nearly monthlong war in Ukraine, U.S. and European officials and experts said, forcing invading troops in the field to rely on open systems that can be readily intercepted by Ukrainian forces.”
In other communications news CNBC reports “SpaceX has sent “thousands” of Starlink satellite internet kits...which come with an antenna, a mounting tripod and a Wi-Fi router to Ukraine shortly after Russia invaded. Ukrainians can use the Starlink kits to connect directly to SpaceX’s network in orbit, with the company having launched about 2,000 satellites to date.”
WP Tavern reports “WordPress managed hosting company WP Engine has joined Acquia, Fastly, Gatsby, Netlify, and Pantheon to begin booting Russian companies off their platforms.”
Fast Company reports “The “Play for Ukraine” game, developed by IT pros in Lviv, crowdsources and gamifies DDOS attacks on Russian websites. It’s already racking up successes.”
Wired reports “The developer of a popular open-source package has been caught adding malicious code to it, leading to wiped files on computers located in Russia and Belarus. The move was part of a protest that has enraged many users and raised concerns about the safety of free and open-source software.”
This is the way not to do it. Indiscriminately. Not yet.
Politico quotes President Biden “The more Putin’s back is against the wall, the greater the severity of the tactics he may employ … one of the tools he’s most likely to use in our view, is cyber-attacks...The magnitude of Russia’s cyber capacity is fairly consequential and it’s coming.”
The Evil Empire Strikes Back
Laptop reports “As Russia deploys brute force to invade Ukraine, the US fears that the nation may have another tactic up its sleeves: cyber warfare. On Monday, President Joe Biden warned business leaders about the looming threat of cyber attacks that could cripple US infrastructure.
You may be wondering, "What does cyberwarfare look like and how can it affect me?" Let's take a look at what the experts have to say so that you can keep your data and devices protected in the event of a cyber-attack.”
Wired also reports “For years, Russia’s cybercrime groups have acted with relative impunity. The Kremlin and local law enforcement have largely turned a blind eye to disruptive ransomware attacks as long as they didn’t target Russian companies. Despite direct pressure on Vladimir Putin to tackle ransomware groups, they’re still intimately tied to Russia’s interests. A recent leak from one of the most notorious such groups provides a glimpse into the nature of those ties.”
The Guardian reports “The US has unveiled criminal charges against four Russian government officials, saying they engaged in two major hacking campaigns between 2012 and 2018 that targeted the global energy sector and affected thousands of computers across 135 countries.”
The Next Web notes “the continued operation of cryptocurrency exchanges in Russia, such as Binance, Yobit, and Local Bitcoins, has been worrying US officials for some time. Even before Russia’s latest invasion of Ukraine, the US Treasury Department warned cryptocurrencies could undermine the sanctions already imposed on Russia over its 2014 annexation invasion of Crimea.”
So, where is this humanitarian disaster created by evil men leading us? My Master’s Degree is in International Relations, so this deep dive into where the world economy may go from here is quite interesting to me.
Venture Beat writes “There are a lot of myths surrounding open-source software, but one that continues to permeate conversations is that open source is not as secure as proprietary offerings. At face value, this claim would seem to hold merit as how do you secure a supply chain for a product that is created in an environment where anyone can contribute to it?
But perceptions are changing, as open-source code is running many of the most sophisticated computational workloads known to mankind.”
The Next Web reports “the communications between thousands of SaaS platforms are also an emerging threat to corporate cybersecurity. Most existing cybersecurity solutions still do not offer adequate protection or a convenient way to monitor the communications between these apps and platforms, leaving companies vulnerable to cyberattacks and unable to effectively know or control which parties have access to sensitive corporate or personal data.
Digital Ocean says, “IaaS, PaaS, and SaaS are all different options for cloud delivery models. They each have their own pros and cons, and the difference between them is the level of abstraction they offer the end-user.”
ZNet opines “A combination of resourcing, government initiatives, and innovation will mean some organizations are able to handle cyber threats in real-time -- and then there is everyone else.”
This is comparable to Symfony’s StimulusUX which is based on Hotwire.
StoryLab exclaims “All the coding has been completed and it’s (almost) perfect. So, now what? - How do we make sure it stays (almost) perfect? - Is linting ok? - Are all tests passing? - Do we have all builds (versions) archives? - And… all above for all our 19 (nineteen, in words) GitHub repositories!”
Time reports “as crypto has soared in value and volume, Vitalik Buterin has watched the world he created evolve with a mixture of pride and dread. Ethereum has made a handful of white men unfathomably rich, pumped pollutants into the air, and emerged as a vehicle for tax evasion, money laundering, and mind-boggling scams. “Crypto itself has a lot of dystopian potential if implemented wrong,” the Russian-born Canadian explains.”
TechCrunch reports “In a formalization of an earlier Twitter-led push to try to exert influence over fast-forming European digital regulations, the social media firm has used its Twitter Spaces platform to host the official kick-off of a policy advocacy lobby group that’s being branded the Open Internet Alliance (OIA). Alongside Twitter, video streaming platform Vimeo; Automattic, the company behind WordPress.com, WooCommerce and Tumblr; the Czech and Slovak-focused search engine company, Seznam; and Jodel, a Berlin-based (profile-less) social network, are named as founding members.”
That's it for this week. Thanks for making it to the end of another edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.
Please share this post. :) Be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early). And follow us on Twitter at @symfonfystation.
Do you own or work for an organization that would be interested in our promotion opportunities? If so, please contact us. We’re in our infancy so it’s extra economical. ;)
More importantly, if you are a Ukrainian company with coding-related products, we can provide you with free promotion on our Support Ukraine page. Or if you know of one, get in touch.
Keep going Symfonistas!