Welcome to this week's Symfony Station Communique. It's your weekly review of the most valuable and essential news in the Symfony and PHP development communities. This week it's extensive again, so take your time and enjoy its most valuable items.
*Please note that links will open in a new browser window. My opinions, if I present any, will be in bold.
As always, we will start with the official news from Symfony.
Highlight -> "This week, Symfony 4.4.35 and 5.3.12 releases were published to address some potential security vulnerabilities. In addition, Symfony 5.4.0-RC1 and 6.0.0-RC1 were published in preparation for their imminent stable release. Lastly, Symfony announced the last days of its Black Friday 2021 deals which end on November 29."
Javier continues a series of posts on what's new in Symfony 5.4.
- New in Symfony 5.4: Misc. features (part 3)
- New in Symfony 5.4: Misc. features (part 2)
- New in Symfony 5.4: Misc. features (part 1)
- New in Symfony 5.4: Serializer improvements
- New in Symfony 5.4: Notifier integrations
It's finally here. Symfony 6 is available!
Symfony 5.4 as well.
SymfonyWorld conference starts in just a week: 10 workshops, 25 talks and hundreds of community members to meet. Don't miss it!
SensioLabs has this for us: "To mark the release of Symfony 6, SensioLabs has interviewed Nicolas Grekas, one of the most active members of the Symfony core team. Grekas described the main new features of this latest major version of Symfony and how to start preparing for the upgrade."
SymfonyInsight is the official Symfony platform to monitor and maintain high quality projects over long periods of time. It also helps you reduce business risks and upgrade your application dependencies.
PHP 8.1 is the latest version of PHP, released on November 25th. We’re thrilled to announce SymfonyInsight support of PHP 8.1 and all its features (enums, readonly properties, etc)!
We continue to highlight the most significant post of the week.
Stitcher.io has this for us.
PHP 8.1 was released on November 25, 2021. This post will go through all features, performance improvements, changes, and deprecations one by one.
Speaking of Symfony 6, Alex Daubois has this interesting post.
Kiratas provides this advice: "SensioLabs has presented versions 5.4 and 6.0 of the popular PHP framework Symfony. The two versions are identical regarding the innovations, but Symfony 6 cuts off old braids and removes all content marked as outdated (deprecated). Therefore, developers who want to switch to the new main version should first switch to 5.4 and remove all deprecations."
Via SymfonyCasts: "We're heading into Twig and inside a service to fetch the currently-authenticated user. While we're there, we'll add some custom methods to our User class to make it smarter!" They continue their look at Symfony security with:
Mattia Toselli shows us how to develop a simple app with Symfony 5 on our local machine. Then we will deploy this app using a service of DigitalOcean called App Platform.
Why invest in AWS CDK today? Using a simple example with a basic web application built with the Symfony framework, this article will show you how to industrialize any application with Infrastructure as Code (IaC) methodology on AWS.
I know that there seems to be one of these comparison posts every week. But, if they have something new in them, even one sentence, we'll continue to feature them.
By the way, the answer for Enterprise-grade is Symfony.
Prestaconcepts brings us this post in French.
Doctrine has a new release.
Gábor Hojtsy writes: "As you may know, we are planning to release Drupal 10 in 2022 (as early as June) because Drupal 9's Symfony 4 and CKEditor 4 are both at the end of life the year after, around the end of 2023. So we plan to give enough time for people to update to Drupal 10 before Drupal 9 goes end of life. A similar situation happened with Drupal 8 to 9 driven by Symfony 3 to 4. However, moving Drupal 10 from Symfony 4 to 5 would again only give us a couple of years to move on to Symfony 6 next, so the current plan is to move to Symfony 6 straight away."
Websites developed on the Symfony framework were vulnerable to web cache poisoning attacks due to misuse of HTTP headers, according to CyberIntelMag.
Hantsy has the following min-tutorial.
The idea behind Inspector is to create a monitoring environment specifically designed for software developers avoiding any server or infrastructure configuration that many developers hate dealing with. It works with a lightweight software library that you can install in your application like any other dependencies. In the case of Symfony, you can use our official Symfony Bundle.
When it comes to open source ecommerce platforms, there are quite a few solutions to choose from. You may have heard about Magento or PrestaShop. But have you ever seen something about Sylius?
As you may know, I ran across Akashic Seer's blog last month, which boasts Symfony-related posts. Here are a few more from his archive delivered with his unique approach.
To paraphrase Cloudways, PHP is the backbone for almost every website, and its security shouldn't be negligible. PHP developers are responsible for avoiding common threats like cross-site request forgery, SQL injections, and data tampering. And PHP has built-in security features that make it easier for developers to protect their websites.
This week, the latest PHP RFC, Deprecate Dynamic Properties, passed 2:1. It barely met the 2/3 vote threshold for passing, which of course, can and has been spun in various pro-and-con ways. The prominent argument people had against it was that it involves triggering deprecation warnings, which is kind of the point. That's what it does mostly.
Here's more on security as Matthieu Robin asks: "You've been using PHP for years, and it seems to work just fine, but have you ever wondered what more you could be doing to keep your scripts secure?"
Vedran Mihočinec too has a question. What is the easiest way to dockerize PHP applications?
In past communiques, we examined Anders Björkland posts on Bolt CMS. Here he takes a look at Silver Stripe CMS in two posts.
On an unrelated note, he also posted.
Speaking of PHP CMSs.
Ibrahim Alausa has written a comprehensive guide on writing cleaner, shorter class constructors.
Jetbrains has another announcement, although it's quite as big as last week's.
They also announced that PhpStorm 2021.3 is now available. This major release introduces full support for PHP 8.1, better handling of generics in PHP, remote development, improvements to deployment, an HTTP client, refactorings, and much more.
Olotin Temitope shows us how to configure Xdebug with PHPStorm and Docker to debug like a pro.
PHP Architect interviews feature contributor Vinícius Campitelli about his article Cryptography with Libsodium.
As of today, when you update dependencies in a pull request, Private Packagist comments with all composer.lock changes displayed in a clear and easy to scan table.
Introducing: Update Review
In this episode of the PHP Internals News podcast, they're looking back at all the RFCs that were discussed on the podcast for PHP 8.1. In their own words, the RFC authors explain these features, with your host interjecting his comments on the state of affairs. Please give it a listen.
In this video, BeachCasts shows us how to:
James Seconde has more on PHPStan.
If you use Drupal, its PHPStan solution gets an update.
And there's another one of these. Sigh.
And as long as most of us will be alive, the answer is no. But the author still makes some interesting points about why that is.
How will future AI systems make the most ethical choices for all of us?
To continue on that line.
And regarding other so-called threats to the careers of developers.
Here are five handy MySQL string functions you can add to your toolkit.
This type of CSS review is always helpful.
Postman says: "Before promoting an API direction, all parties must understand where we are and what destinations are possible. A map helps simplify an overwhelming number of technologies, techniques, and ideologies into something approachable and with a clear way forward. Ultimately, maps provide key insights so that having a conversation about an ecosystem's strengths and weaknesses can occur."
GitHub had some problems this week, but they were able to post this about Actions.
Here's an in-depth look at Docker, which is always helpful.
And here's a look at the vital topic of user experience.
Like most articles in the New Yorker, this is a long one. But, it's worth grabbing your favorite beverage and reading it at your leisure.
Have you published or seen something related to Symfony or PHP that we missed? If so, please contact us.
That's it for this week. Thanks for making it to the end of another extended edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.
Please share this post. :) Be sure to join our newsletter list, so you get each week's communique directly in your inbox (a day early). And follow us on Twitter at @symfonfystation.
Happy coding Symfonistas!