Welcome to this week's Symfony Station Communiqué. It's your weekly review of the most essential news in the Symfony and PHP development communities.
Again, we cover the tech aspects of the war crimes going on in Ukraine and how you can help.
Take your time and enjoy the items most valuable to you.
Please note that links will open in a new browser window. My opinions will be in bold.
As always, we will start with the official news from Symfony.
Highlight -> “This week, Symfony 4.4.40, 5.4.7, and 6.0.7 maintenance versions were released. Meanwhile, the upcoming Symfony 6.1 version added new features such as a Serializer profiler panel and a simpler bundle/extension configuration. Lastly, the SymfonyLive Paris 2022 conference will take place next week.”
Javier Eguiluz previews an upcoming feature of the 6.1 update.
SymfonyCasts continues their free look at Symfony 6 and Easy Admin paid courses.
Platform. sh announced “We’re excited to announce that Platform.sh now offers OpenSearch as a service available and included on all plans. OpenSearch is a distributed RESTful search and analytics engine you can use for log analytics, a search backend, clickstream analytics, and more.
With the recent move by ElasticSearch to switch to a licensing model, it was important for us to propose a strong open-source alternative. And OpenSearch is completely open-source, so you could run and manage it on your own. But if you add it to a Platform.sh project as a service, all of the infrastructure is taken care of. All you have to take care of is your data: indexing it and retrieving it.”
We missed this last week. Blackfire Monitoring now integrates with API-Platform.
Democracies are far from perfect. However, while sometimes chaotic and prone to taking one step back for every two forward, they are the best governments in the world. Currently, they are in a growing battle with autocracies ranging from tyrannical to criminal for the future of mankind.
The Copenhagen Pledge puts forward a vision for the digital age, based on democratic values and human rights. It serves as the overall value framework for the Tech for Democracy initiative.
Its Action Coalitions target specific issues at the intersection of tech, democracy, and human rights. Coalition partners engage in concrete activities and deliver concrete solutions in line with the Copenhagen Pledge.
The Action Programme contains recommendations ****on how to transform the Copenhagen Pledge into action and charts a path for various areas, such as how to truly improve digital responsibility and mobilization.
Find the full Action Programme and civil society´s 8 recommendations here.
Please get involved today. You have to have open societies to have open-source.
WeLoveDevs says, “Ce questionnaire, d'environ 10 minutes, est proposé par Smaïne Miliani ainsi que la communauté WeLoveDevs.com (entreprises, experts, formateurs, indépendants) pour aider les développeurs à auto-évaluer leurs connaissances.” If you are fluent in French, take this test.
Mohamad Eldhemy explores:
Sriram webnexs asks:
tangled net writes “Grav CMS allows developers to give third parties the ability to manage their (structured) content in a very elegant and flexible way. At the same time, there are few restrictions on how this content ends up displayed on the website — as long as the developer knows what he is doing.”
Unearthed says, “we use the AWS service Cognito to issue JWTs to clients during authentication. From there, the JWT is exchanged with whichever services the user is interacting with in order to validate their identity. This is helpful when building out a service graph, since each JWT can describe an authenticated users session without any direct dependency on a user service.
It's worth mentioning, if you are using Symfony, there is a Symfony Bundle which will make some of the factories and services used in this blog post available from the container. In our application we decided instantiating these dependencies directly was preferable.”
#! Code has this very useful article for us:
Droptica notes “In this article, we’ll present what standards are used to create Drupal projects. We will show you the basic aspects that are worth paying attention to and the tools that make work easier.”
Arslan Ijaz looks at:
Matt Robinson shares:
Christian Kolb has two articles for us:
The April edition of php[architect] is out.
Tomasz Dobrowolski shows us:
Study Section notes “A session is a way to continue information across different web pages to recognize users as they traverse a site or app. There is absolutely no way a server could remember a specific user between multiple requests, which is why we call the HTTP protocol a stateless protocol.”
Farhan Tanvir shares “Here are 7 VSCode extensions which will help you to make the best use of VScode if you are a PHP developer.”
Yacine Touati discusses:
The one and only Brent is back with “You've probably used the strategy pattern before: a behavioral pattern that enables selecting an algorithm at runtime.
Let's consider a classic example: the user provides some input either in the form of XML, JSON or an array; and we want that input to be parsed to a pretty JSON string.”
Jordi Bassaganas shares his:
Hicham Ben Kachoud continues his SOLID series with the I:
Jarek writes “Generic types are templates which allow us to write code without specifying a particular type of data on which it will work. Thanks to them, we avoid redundancy and the objects operate on the previously declared types. A good example is collections of various types. If we want to be sure that a collection consists of a given data type, we can either create a separate class to store each type, use various types of assertions, or just use generic types.”
Andreas Moller notes “The chances are that you are already aware of the concept of named constructors. If not, take a look at Matthias Verraes' excellent article Named Constructors in PHP.
When it comes to consistently naming constructors, I currently apply the following rules for different types of objects.
- value objects”
Incredibly there were two articles on this last month.
Stefan Priebsch writes “Despite a greatly improved type system in versions 7 and 8, PHP does not support constructor overloading. If an object has to be created in different ways, so-called named constructors are used. Are there any best practices for naming them?”
Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).
The cyber response to Russia’s War Crimes
CNBC reports “Alex Iskold, a tech entrepreneur and start-up investor, revived the 1K Project to provide direct relief to Ukrainian families impacted by the war.”
Fortune reports “Hacker collective Anonymous announced on Twitter that it successfully breached and leaked the personal data of 120,000 Russian soldiers.
"All soldiers participating in the invasion of Ukraine should be subjected to a war crime tribunal," Anonymous said in the message.
The leak included personal information like dates of birth, addresses, passport numbers, and unit affiliation.
After what we have seen this week, IMHO these soldiers are legitimate targets for hacktivism.
NBC reports “Distributed Denial of Secrets, is best known for curating, publishing, and promoting giant caches of files from a variety of sources, including U.S. police departments, the conservative social media platform Gab and the far-right Oathkeepers, a prominent group involved in the Jan. 6 riot.
But since Russia invaded Ukraine, Best and her colleagues have been inundated with files that hacktivists say they’ve stolen from Russian banks, energy companies, government agencies, and media companies. For weeks, the group has scrambled to translate, verify, format, and upload files that they can assess are legitimate and new, with the caveat that they usually haven’t gone through every single file to assess if it hasn’t been altered or planted with malicious software.”
The AP reports “The Biden administration has charged a Russian oligarch linked to the Kremlin with violating U.S. government sanctions, and disrupted a cybercrime operation that was launched by a Russian military intelligence agency, officials said Wednesday.”
The New York Times reports that the:
Politico reports that “The firms that helped document the Russian invasion of Ukraine are now finding imagery of atrocities.”
Cloudflare writes “Following Russia’s unjustified and tragic invasion of Ukraine in late February, the world has watched closely as Russian troops attempted to advance across Ukraine, only to be resisted and repelled by the Ukrainian people. Similarly, we’ve seen a significant amount of cyber attack activity in the region. We continue to work to protect an increasing number of Ukrainian government, media, financial, and nonprofit websites, and we protected the Ukrainian top-level domain (.ua) to help keep Ukraine’s presence on the Internet operational.
At the same time, we’ve closely watched the significant and unprecedented activity on the Internet in Russia. The Russian government has taken steps to tighten its control over both the technical components and the content of the Russian Internet. For their part, the people in Russia are doing something very different. They have been adopting tools to maintain access to the global Internet, and they have been seeking out non-Russian media sources. This blog post outlines what we’ve observed.”
On a related note, NPR asks “What do Russians know about what's happening in Ukraine? Well, it depends in large part on what independent media they're able to access - access the Russian government has been forcefully trying to restrict. So many Russians have been relying on VPNs - virtual private networks - that obscure their identity online and allow them to access blocked websites.”
Radio Free Europe reports “Western governments imposed crushing sanctions on Russia for its unprovoked attack and foreign companies began pulling out of the country, setting its economy reeling and making investments in the technology sector unattractive. Three days later, Krupnik froze his project, and on March 9 he fled to Turkey, seeing a bleak future back home.”
The Evil Empire Strikes Back
TechCrunch reports “The mass exodus of IT specialists has been met with hostility from Moscow.”
If you are in Russian IT and want to escape the new Iron Curtain, we suggest you get the fuck out now. If not enjoy the Gulag.
CBS reports “A group of hackers with ties to the Belarusian government broke into the Facebook accounts of Ukrainian military officials and posted videos calling on the Ukrainian army to surrender.
Meta's head of security policy, Nathaniel Gliecher, said the videos posted on the accounts of Ukrainian military officials were not seen by users and were taken down by the platform before it could be shared with others.”
The Jerusalem Post reports “China launched a massive cyber operation against the Ukrainian military and its nuclear facilities before Russia began its invasion, according to UK intelligence reports obtained by The Times.
The British reports were backed up by Ukraine's national security service, the SBU, which claimed China coordinated thousands of cyberattacks and hacking attempts on official Ukrainian government sites.”
The New York Times notes:
The Guardian reports “Putin may be ‘playing a long game’ on the cyber front, with attacks underway but not fully understood.”
The Associated Press reports “Though Russia is the country that invaded its neighbor Ukraine, the Kremlin’s version relentlessly warns social media users across Latin America that the U.S. is the bigger problem. “Never forget who is the real threat to the world,” reads a headline, translated here from Spanish. The article, originally posted in late February on Twitter by RT en Español, is intended for an audience half a world away from the fighting in Kyiv and Mariupol.”
ZDNet reports “The US Federal Government's latest attempt to create a centralized office for cybersecurity within a major agency will also be tasked with exploring economic and policy concerns within cyberspace.”
TechRepublic has this discouraging bit of news:
They also have:
GitHub shows us:
They also have:
“Alpine is the modern jQuery, that’s my vision for it,” Porzio explained in an interview. “When I started in web development, jQuery was what you did to sprinkle in stuff on your front end. Your whole front end wasn’t driven by a frontend framework, it was driven by something like Rails. I still like to write web apps that way. I’ve come full circle, I did the whole SPA thing and there’s nothing wrong with it, per se, but for a lot of use cases it’s just way too much complexity.”
Infoworld notes “SQLite is embedded everywhere. Will Postgres follow suit?”
They also have:
VSCode writes ”The Visual Studio Code team has used this insight as the heart of their research over the years: if we can reduce time spent on overhead, like reading about environment setup, then we can increase productivity time. We have a vision where developers don't have to keep fighting the same battles over and over again. This means a consistent development setup that can handle the never-ending churn of version upgrades, configuration changes, and hardware refreshes.
But what does the path look like to get us there? Let's examine the journey to increase developer productivity that has led us from local development to container-based development, to the cloud.”
TechCrunch reports “At its Team ’22 conference, Atlassian announced the launch of Atlas, a new service for cross-functional team updates it previously offered as a beta under the name “Team Central.” The service is meant to be a central repository for what teams are working on — with those updates limited to a Twitter-like 280 characters.”
Sule-Balogun Olanrewaju Ganiu says, “This article will teach you an alternative approach to testing client APIs using Thunder Client, an open-source extension available on VS Code marketplace.”
That's it for this week. Thanks for making it to the end of another edition. I look forward to sharing next week's Symfony and PHP news with you on Friday.
Please share this post. :) Also, be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early). And follow us on Twitter at @symfonfystation.
Do you own or work for an organization that would be interested in our promotion opportunities? If so, please contact us. We’re in our infancy so it’s extra economical. ;)
More importantly, if you are a Ukrainian company with coding-related products, we can provide you with free promotion on our Support Ukraine page. Or if you know of one, get in touch.
Keep going Symfonistas!