Symfony Station Communiqué — 03 February 2023.
A look at Symfony, Drupal, PHP, and Cybersecurity News!
This communiqué originally appeared on Symfony Station, your source for cutting-edge Symfony, PHP, and Cybersecurity news.
Welcome to this week's Symfony Station Communiqué. It's your review of the essential news in the Symfony and PHP development communities. We also cover the cybersecurity world and other programming items.
Please take your time and enjoy the items most relevant and valuable to you. While we have not expanded our curation, we have added a few sub-categories to improve scanability.
As always, thanks to Javier Eguiluz and Symfony for sharing our latest communiqué in their Week of Symfony.
My opinions will be in bold.
Many of the items we curate are on Medium. I recommend investing in a membership, as you can access everything you want to read. It’s a small investment in boosting your career. As you may have noticed, non-members can only access a limited number of articles per month.
Become a member here! The compensation we receive from your use of this link helps pay for our weekly communiqué.
Symfony
As always, we will start with the official news from Symfony.
Highlight -> “This week, Symfony 5.4.19, 6.0.19, 6.1.11, and 6.2.5 maintenance versions were released. The 6.0 and 6.1 branches will no longer receive any updates, so consider updating your projects to Symfony 6.2. Meanwhile, the upcoming Symfony 6.3 version marked DSNs as sensitive parameters and removed them from exception messages, added support for Redis Relay in cache, and updated the VarDumper component to display all invisible characters.“
A Week of Symfony #839 (23-29 January 2023)
Symfony announced:
SymfonyLive Paris 2023 - Getting ready for Symfony certification - and beyond
SymfonyLive Paris 2023 - Announcement of all pre-conference workshops
SymfonyLive Paris 2023 - From social to tech - a plea for atypical profiles
SymfonyLive Paris 2023 - Welcome to the wonderful world of distributed systems!
SymfonyLive Paris 2023 - Announcement of all pre-conference workshops
SymfonyLive Paris 2023 - Generics (in PHP)
SymfonyLive Paris 2023 - Reinventing the Symfony Console component
Sponsoring Program - Symfony 6.2 backers
SymfonyLive Paris 2023 - Designing your API for the future
SymfonyLive Paris 2023 - Once upon a time, the Workflow component
SymfonyCasts continued its course on the utterly excellent API Platform:
Featured Item
The Transnational Institute has an incredibly important interview with Cory Doctorow that's very relevant to us in the open-source community. It's also long, so here is a summary of its many points:
“So, our project needs to be not to snuff out technology but to figure out how to seize the means of computation, how to build a technological substrate that is responsive to people, that enables us to coordinate our will and our effort and our ethics to build a world that we want – including one with less carbon, and with less injustice, more labor rights and so on.”
Seizing the means of computation – how popular movements can topple Big Tech monopolies
This Week
Mislav Jantoljak shares:
Netgen Talk: Why We Love PHP for Building Next-Generation Websites
I am starting the SymfonyCast NetGen Layouts course, so I was happy to run across this.
Although it’s an obvious point, Ozan says that a framework isn’t perfect for every project:
Symfony is not the best framework.
Nacho Colomina Torregrosa explores:
Accessing Symfony security user on the background
eCommerce
Prestashop announces:
PrestaShop 8.1 is now in feature freeze
Henguelbert Loyo shows us:
How to Create a Magento 2 Admin Config & Access to it
CMSs
Drupal Partners asks:
What is the future scope of Drupal as a CMS technology in 2023 and beyond?
In addition to a look at the future, this is mostly a history of Drupal with some interesting graphs.
Agaric Coop shows us:
How to filter a view by content that references the current node in modern Drupal
Matt Glaman looks at the following:
The trinary states of Drupal access control: allowed, forbidden, neutral.
!#Code explores:
Drupal 10: Programmatically Injecting Context Into Blocks
The Drop Times reports:
Drupal Best Integrates WebGIS into a CMS
Martin Ricken shows us:
How to create a Views bulk operation
And the Aten Design Group shows us the following:
How to Use Cypress for Testing Drupal
Mike Herchel shares a case study.
Best Lawn Care Website on the Internet (built with Drupal)
I love case studies. Especially from Titans of Drupal like Mike.
Evolving Web shows us how to:
How To Install Drupal WxT 4 for Canadian Government Websites
I am going to check the theme out.
Platforms
WP Tavern takes:
A Look Under the Hood at Engine Awesome, a Laravel-based SaaS App Using Gutenberg
Previous Weeks
CivicUK shows us how to:
Build a grid section creating a new Drupal Media type
Nick Schäferhoff shares the:
8 Best Gutenberg Blocks (And How to Use Them)
Kinsta shows us:
How To Add Meta Boxes and Custom Fields To Posts in Gutenberg
Colorfield examines:
The state of GraphQL with Drupal 10 (part 1)
Sabatino Masala looks at:
Implementing an aggressive Redis caching strategy
PHP
This Week
Ollie recommends:
Start Programming in PHP OOP Now to Harness its Power
Andrei Birta explores:
Understanding the Single Responsibility Principle
Functional Flexibility with PHP Callbacks
JetBrains announces:
PhpStorm 2022.3.2 is now available
The PHP Foundation has:
Stitcher shares:
My top-10 favorite functions in PHP
Matus Stafura looks at:
php[architect] explores:
Creating a PHP Library With Packagist
Geni Jaho examines:
Marcus Brune asks:
What are TDD and BDD, and why do we need to know about them?
William P continues his testing series:
30 Days of Automated Testing:Using PHPUnit【D14】
30 Days of Automated Testing:Using PHPUnit【D15】
Claudio Ribeiro has the a:
Quick Tip: How to Manage Timezones in PHP
Nikola Stojiljkovic explores:
Mock nested PHP default functions in PHPUnit tests
[PHP Guidelines series] Final classes as a warning sign
Nacho Colomina Torregrosa looks at:
David Senate examines:
CSRF Prevention for PHP and jQuery
Tomas Votruba says:
I will agree with him but only for 5-10% of the websites on the internet. It's overkill for the other 90%.
Ayesh Karunaratne shares:
How to extend lifetime of legacy PHP applications
Mahdad Kiyani has some:
Some Tips for Optimizing PHP Code to Improve Performance
Michael Etokakpan demonstrates:
Configuring PHP for debugging using Xdebug and VScode
Mr. Tuto asks:
Comment installer plusieurs version de PHP avec Homebrew ?
Previous Weeks
Ramiz Kongulov explores:
Mastering the Strategy Design Pattern in PHP
Viktor Progger shares:
An example of setting up xDebug in Docker
Mitul Patel lists:
11 Horrible Mistakes You’re Making With PHP Website Development
Other
Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually).
The cyber response to Russia’s War Crimes and other douchebaggery
The Hill reports:
Russia-Ukraine war has improved US cyber cooperation, says key official
The Register reports:
Uncle Sam slaps $10m bounty on Hive while Russia ban-hammers FBI, CIA
The Lawfare blog reports:
Project Texas: The Details of TikTok’s Plan to Remain Operational in the United States
The Markup reports:
Members of Congress Call for IRS to Investigate Tax Companies Sharing Data with Facebook
The Evil Empire Strikes Back
The New York Times reports:
Bias Played Part in F.B.I.’s Jan. 6 Failure, Documents Suggest
This is no surprise as the FBI has been more of a threat to democracy than a help from day one.
Delaware Online reports:
ChristianaCare website down, as pro-Russia 'hacktivist' group takes credit on social media
The Hacker News reports:
Ukraine Hit with New Golang-based 'SwiftSlicer' Wiper Malware in Latest Cyber Attack
New Russian-Backed Gamaredon's Spyware Variants Targeting Ukrainian Authorities
North Korean Hackers Exploit Unpatched Zimbra Devices in 'No Pineapple' Campaign
Microsoft reports:
Iran responsible for Charlie Hebdo attacks
PC Gamer reports:
Belarusian KGB adds World of Tanks stand udio boss to terrorist list
Fortunately, the company had enough sense to leave Putin’s puppet state when the war crimes kicked off in Ukraine.
Cyberscoop reports:
Chinese influence operations may lack critical element: influence
How surprising, authoritarian states are incompetent at everything except oppression and cybercrime.
Cybersecurity/Privacy
The Markup reports:
The FTC Is Taking on Telehealth’s Data Sharing Problem—Starting with GoodRx
CSO Online reports on:
How passkeys are changing authentication
Decipher reports:
GitHub Says Attacker Stole Encrypted Code-Signing Certificates for Desktop, Atom
Cyberscoop asks:
Reality check: Is ChatGPT really the next big cybersecurity threat?
And reports:
The Hacker News reports:
Experts Uncover the Identity of Mastermind Behind Golden Chickens Malware Service
New Threat: Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers
Atlassian's Jira Software Found Vulnerable to Critical Authentication Vulnerability
In great news for SEO practitioners everywhere, Ars Technica reports:
Massive Yandex code leak reveals Russian search engine’s ranking factors
More
MIT announces:
World Wide Web Consortium is now a public-interest nonprofit organization
The Harvard business review looks at:
Cultivating the Four Kinds of Creativity
I am definitely in the figure-ground reversal camp.
The Los Angeles Times opines:
The real aim of big tech’s layoffs: bringing workers to heel
Unfortunately, it’s the goddamned truth and not an opinion.
Isaac Lyman asks:
Yes.
TechCrunch reports:
Big changes coming for GDPR enforcement on Big Tech in Europe?
Better late than never.
The Verge reports:
White House goes after app store ‘gatekeepers’ Apple and Google
Unfortunately, this is about ten years overdue and likely to result in nothing.
Mozilla looks at the efforts for browser interoperability:
Addy Osmani shares:
Norio Okawa looks at:
The 4 Essential Skills of the Software Developers
Ahmad Shadeed provides an excellent:
Guide To Responsive Design In 2023 and Beyond -
My kindred spirtit, Jason Knight explores:
Understanding CSS Position: Sticky
HTML Empty / Void / “Self Closing” Tags. We’re All Idiots.
Noble Okafor shows us:
How to Use CSS Variables Like a Pro
Chris Coyier says that, like ReactJS:
Hex Colors Aren't Great At Anything Except Being Popular
Shinichi Okada shares:
Two Easy Ways to Put a Svelte Project on GitHub Pages
The Fediverse
Glenn Fleishman asks:
Is Your Future Distributed? Welcome to the Fediverse!
Hilda Bastian examines:
Social Media Regeneration and Divisiveness
Kev Quirk explores:
Buffer announces:
Make Your Mark in the Fediverse with Buffer’s Mastodon Scheduler
I am thrilled with this announcement.
Engadget reports:
Like users, app developers are fleeing Twitter for Mastodon
Lifewire opines:
Twitter May Soon Be Irrelevant, Thanks to a Mastodon Version of Tweetbot
If only. Unfortunately, only Space Karen driving Twitter into bankruptcy has a chance at this.
Speaking of which, TechCrunch reports:
Twitter to end free access to its API in Elon Musk’s latest monetization push
So Shitter’s CuntEO makes this move several weeks after fucking over the businesses most likely to pay for this. A very stable genius.
And here’s what really boils my piss about it. Movetodon is/was a service that lets you find your Twitter followers who are also on Mastodon so you can follow them there.
Matthew Sheffield (@mattsheffield@mastodon.social)
Take login by Twitter off your apps peeps unless you want to pay through the nose. And if you make Twitter apps or bots, I hope you have diversified.
CTAs (aka Show Us Some Free Love)
That’s it for this week. Please share this communiqué.
Also, be sure to join our newsletter list at the bottom of our site’s pages. Joining gets you each week's communiqué in your inbox (a day early).
Follow us on Flipboard or at @symfonystation@phpc.social on Mastodon for daily coverage. Consider joining the @phpc.social instance. If this communique is a little overwhelming, you can get a condensed, weekly news highlight post on Friendica.
Visit our Communiqué Library. You can find a vast array of curated evergreen content.
Do you own or work for an organization that would be interested in our promotion opportunities? Or supporting our journalistic efforts? If so, please get in touch with us. We’re in our infancy, so it’s extra economical. 😉
More importantly, if you are a Ukrainian company with coding-related products, we can offer free promotion on our Support Ukraine page. Or, if you know of one, get in touch.
Keep coding Symfonistas!
Author
###Reuben Walker
Founder Symfony Station