DEV Community

Cover image for Symfony Station Communiqué — 26 April, 2024. A look at Symfony, Drupal, PHP, Cybersecurity, and Fediverse news!
Reuben Walker, Jr.
Reuben Walker, Jr.

Posted on • Originally published at symfonystation.mobileatom.net

Symfony Station Communiqué — 26 April, 2024. A look at Symfony, Drupal, PHP, Cybersecurity, and Fediverse news!

This communiqué originally appeared on Symfony Station.

Welcome to this week's Symfony Station communiqué. It's your review of the essential news in the Symfony and PHP development communities focusing on protecting democracy. That necessitates an opinionated Butlerian jihad against big tech as well as evangelizing for open-source and the Fediverse. We also cover the cybersecurity world.

There's good content in all of our categories, so please take your time and enjoy the items most relevant and valuable to you. This is why we publish on Fridays. So you can savor it over your weekend.

Or jump straight to your favorite section via our website.

Once again, thanks go out to Javier Eguiluz and Symfony for sharing our communiqué in their Week of Symfony.

My opinions will be in bold. And will often involve cursing. Because humans.


Symfony

As always, we will start with the official news from Symfony.

Highlight -> "This week, Symfony continued adding compatibility with the upcoming PHP 8.4 version and also focused on tweaking and polishing the new features of the upcoming Symfony 7.1 version. Meanwhile, we published more information about some of the talks that will be part of the SymfonyOnline June 2024 conference."

A Week of Symfony #903 (15-21 April 2024)

They also have:

SymfonyLive Berlin 2024: Using container's features to manage complexity

SymfonyOnline June 2024: Crafting Elegant Symfony Tests

SymfonyOnline June 2024: The big upgrade. All the way up to Symfony 7 and PHP 8.3

SymfonyOnline June 2024: LIVE (Component) Experience

Newsletter

SensioLabs has an announcement:

SensioLabs Germany Announces New Managing Director: Oskar Stark

Blackfire shares:

Blackfire, the opinionated do-it-for-me observability solution


Featured Item

This week I am featuring my latest article because I want you to help out SymfonyCasts' Ryan Weaver. I start with:

"Symfony is unbeatable when it comes to building complex and scalable web applications. Be they sites, services, an API, or Spotify. It's a fantastic weapon in your PHP programming skills arsenal. So, breakout you laptop and put your thinking helmet on. This is the way to learn modern Symfony and slay your PHP space demons."

Lucky like a 7 - Seven SymfonyCasts Courses to Master Symfony 7



Please read this and seriously consider my main call to action for Ryan and his family.


This Week

Lubna Altungi shares the:

Fast-Track to Become A Bad Symfony Developer

Clever.

David Garcia says:

It is best to embrace Design Patterns if you work with Symfony

Alibid lists the:

Top 15 Symfony Interview Questions and Answers

Question 3 would be a strange one. 😉

Sylvain Blondeau has a new Symfony newsletter:

Symfony Level Up

Unfortunately, it's on a rapidly enshitifying Substack. Sylvain, mon freré check out Ghost and Buttondown while you can.

Speaking of Ghost, I will share this out of its normal section below.

Ghost is federating over ActivityPub to become part of the world’s largest publishing network.

Serghei Pogor examines:

What PHP Symfony Migration Commands Do You Need to Know

Maico Orazio has:

Release Announcement: KeycloakClientBundle v2.0

Navid Hosseini looks at:

Running a Symfony application on AWS Lambda (Part 2)

Parthenon announces:

Parthenon Is Now Open Source

dr0bz is:

Building Objects in the API Lifecycle

CMSs

Sulu explores:

Mastering Structured Content: A Comprehensive Guide to Structured Content CMSs

TYPO3 has:

Where To? Building the Road to EU Policy Compliance

Open Source and Digital Sovereignty

TYPO3 v13.1—The Surfer’s Starterkit

Showcase Your Project: Explore Exciting New TYPO3 Award Categories and Deadline Updates

Joomla announces the:

The April Issue

Highlights include:

Tamper-Proof core updates for Joomla - TUF making it into 5.1

Drupal is also integrating it.

What's new in Joomla 5.1?

Drupal has an announcement:

Drupal 11.0.0-alpha 1 will be released on the week of April 29, 2024

Cool. This should mean we get 11 and automatic fucking updates this summer rather than at the end of the year.

Dries Buyaert announces:

Evolving Drupal's Layout Builder to an Experience Builder

Looks like Dries decided to save Paragraphs from Gutenberg.

Drupal the details:

Working toward an Experience Builder

This better explains the decision which favors site builders over content creators. And Gutenberg may be integrated/compatible later. In any event this will take years to come to fruition.

The Drop Times has:

A Conversation with Dominique de Cooman on Drupal, Mautic, Open DXP and Dropsolid

Interesting projects.

Streamlining Local Development with DDEV, Docker, and NGROK

Smile Launches Sobki: A New No-Code Drupal Profile at Drupalcamp Rennes 2024

Drupal's Innovation & Future: 2024 and Beyond—Part 2 | Industry Experts' Perspective

Carlos and Oscar have it right in this one.

And here's my perspective, Does Drupal Have a Path to Growth?.

LN Webworks shows us:

How To Use Cron Jobs For Task Automation In Drupal

Specbee explores:

Improving Drupal SEO: How to Fix Duplicate Content with the Global Redirect Module

Drupal Easy examines:

cspell and drupalorg CLI: two useful tools for Drupal contrib module maintainers

Drupalize.Me shares:

Learning Drupal with the Help of an AI Tutor

Uh, no. Maybe it three to four years. Definitely in the future. For now subscribe to DrupalizeMe instead.

Capellic looks at:

Frontend performance optimization for Drupal websites: Part 1

Gábor Hojtsy says:

This is how I update my Drupal modules to Drupal 11 with only GitLab and drupal.org in my browser!

Alex Moreno reports:

Open-source CMS like Drupal and WordPress dominate Fortune 500

Tag 1 continues a series:

Migrating Your Data from Drupal 7 to Drupal 10: Source Site Audit - A High Level Overview

Balint Pekker advocates:

Simplifying Drupal Documentation

Yes. Any and everything to do with Drupal needs to be simplified.

Previous Weeks

Tag1 starts a series:

Migrating Your Data from Drupal 7 to Drupal 10: Getting to Know Your Migration

DrupalizeMe explains:

Tuning Drupalize.Me Search Results with Solr Query Re-Ranking and Search API

ImageX Media shows us how to:

Augment Your Drupal Content Management Workflows with the Augmentor AI Module

Listberg has this snippet:

Symfony Decorators in Drupal: An Example

Lubna Altungi explores:

Uploading Images in Symfony: A Developer’s Journey


PHP

This Week

William Martins examines:

Property Hooks no PHP 8.4

Terence Eden asks:

Where you can (and can't) use Emoji in PHP?😈

David Duymelinck looks at:

PHP features: Attributes

StrangeBuzz shares a snippet:

Transforming an array into a traversable object with PHP

Davide De Sio explores:

Superpower REST API DX with Serverless ⚡ and DevOps Best Practices on AWS (PHP Version)

Filipe Pires shows us:

How to use PHP inside a Docker Container using an IDE like VS Code (without installing PHP locally)

Interesting.

Alex compares:

Abstract Classes VS Interfaces

Roberto Butti examines:

Machine Learning with PHP

Roman Ushakov looks at:

PHP: Implementing proxy for keepalive connections using Nginx

Jochelle Mendonca moves:

From Old Habits to Modern Best Practices: Introducing Enums

Omandi Jeff explores:

Unlocking PHP Configuration within Docker Containers

Shalini Baskaran lists her:

Top 10 PHP Testing Frameworks for 2024

PHP.net has a:

Statement on glibc/iconv Vulnerability

Free Code Camp has an extensive handbook:

How to Implement JSON Web Tokens (JWTs) in PHP – PHP Authentication Handbook

Doğan Uçar is back with another gem:

Property Hooks RFC for PHP 8.4

Garrett Mills examines:

Mitigating the iconv Vulnerability for PHP (CVE-2024-2961)

Erland Muchasaj looks at:

PHP: Dynamic method calling — Part 2

Peter Knowles shows us how to:

Optimize PHP-FPM

Sarven Dev explores:

Rethinking Mocking: DIY Approach vs. Frameworks on examples in PHP and Typescript

Phoronix reports:

Sovereign Tech Fund Makes New Investments Into GNOME & PHP, Bug Bounty For systemd

200,000 euros for PHP! Very generous.

Camilo Herrera examines:

Detection of web vulnerability scanning with PHP and Apache mod_status

Previous Weeks

Inspector shows us:

How to Manage a Software Delivery Cycle


More Programming

Grant Horwood looks at:

Uploading to s3 with bash

Alex Efimenko explores:

jQuery 4: A New Era

If you use it, update it. Otherwise, avoid it.

Jason Knight continues with a new idea:

Building A Better JavaScript DOM Builder : Part 2 Extending System Objects

Better JS DOM Building With DOM-JON — Part 3 : The State Object

Smashing Magazine examines:

Converting Plain Text To Encoded HTML With Vanilla JavaScript

F-Shape Pattern And How Users Read

Go Make Things offers advice on:

Your first Web Component

Lullabot asks:

Do You Still Need Sass?

Audrey knows her stuff.

Sitepoint has:

Creating Fluid Typography with the CSS clamp() Function

WebKit pleads:

Help us invent CSS Grid Level 3, aka “Masonry” layout

GitPod shares:

A Platform Team’s pocket guide to Cloud Development Environments

DrupalPod is what its name implies and is fantastic.

Jake Archibald compares:

HTML attributes vs DOM properties

Five rates the:

5 Best SQL IDEs

**I wonder why Five is number 1. 🧐


Fighting for Democracy

Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually, like ending apartheid in South Africa).

The cyber response to Russia’s War Crimes and other douchebaggery

The Register reports:

Watchdog tells Dutch govt: 'Do not use Facebook if there is uncertainty about privacy'

US charges Iranians with cyber snooping on government, companies

The Guardian reports:

Netanyahu vows to fight US sanctions on IDF unit accused of violations in West Bank

Better later than never and something rather than nothing. And fuck Netanyahu with a broken baseball bat.

BleepingComputer reports:

US imposes visa bans on 13 spyware makers and their families

EuroNews reports:

Japan's antitrust body orders Google to fix ad search limits affecting Yahoo

TikTok subject to second DSA investigation over Lite app, faces suspension

TechCrunch reports:

TikTok pulls feature from Lite app in EU over addiction concerns

Further proof than when you regulate something you can mitigate its evils.

The Verge reports:

Biden signs TikTok ‘ban’ bill into law, starting the clock for ByteDance to divest it

I am sure he knows this will likely be thrown out by the courts (it singles out TikTok vs. being a privacy bill). The administration may not even defend it in the courts. He did so to get the c^nts in the House to pass aid for Ukraine. And unfortunately, Israel.

Reuters reports:

Russian programmers play 'cat and mouse' game to outsmart censors

Just a reminder that every Russian is not a c^nt.

The Evil Empire Strikes Back

Ars Technica reports:

North Korea is evading sanctions by animating Max and Amazon shows

Windows vulnerability reported by the NSA exploited to install Russian malware

The Register reports:

Microsoft is a national security threat, says ex-White House cyber policy director

It's business and cloud products sure as fuck are.

Bleeping Computer reports:

Russian Sandworm hackers targeted 20 critical orgs in Ukraine

The Register reports:

Russia, Iran pose most aggressive threat to 2024 elections, say infosec pros

The Next Web reports:

Cyberattacks on Poland surged after election of pro-Ukraine government, NetScout says

Wired reports:

The Destruction of Gaza’s Internet Is Complete

The Guardian reports:

Aipac: the pro-Israel group planning to spend millions in US elections

To undermine U.S. democracy like they always have. These fucks are up there with the NRA and Big Oil.

Fortune reports:

Some ex-TikTok employees say the social media service worked closely with its China-based parent despite claims of independence

DarkReading reports:

North Korea APT Triumvirate Spied on South Korean Defense Industry For Years

From the former director for civic integrity at Twitter:

Why I'm Leaving Twitter: A Reflection on Elon Musk's Takeover and Anti-Democratic Values

404 Media reports:

Instagram's Nudify Ads

AI Is Poisoning Reddit

TechCrunch reports:

India’s election overshadowed by the rise of online misinformation

In a follow up to an article we shared last week The Markup reports:

Online Censorship in Schools Leaves Teachers in the Lurch, Too

Cory Doctorow writes:

Paying for it doesn't make it a market

Even when you pay for Big Tech, it's enshitified. And designed to fuck you over.

Cybersecurity/Privacy

Bleeping Computer reports:

GitHub comments abused to push malware via Microsoft repo URLs

GitLab affected by GitHub-style CDN flaw allowing malware hosting

Dark Reading reports on:

Where Hackers Find Your Weak Spots

SolarWinds 2024: Where Do Cyber Disclosures Go From Here?

TechCrunch has:

US government says security flaw in Chirp Systems’ app lets anyone remotely control smart home locks

Which is why you should have locks with manual codes or a physical key.

UnitedHealth says Change hackers stole health data on ‘substantial proportion of people in America’

The Hacker News reports:

CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers

NGI Commons asks:

Responding to XZ utils: Can a digital commons approach reinforce OSS security?


Fediverse

The Fediverse Report has:

Last Week in Fediverse – ep 65

The Nexus of Privacy shares:

Eight tips about consent for Fediverse developers

Read this tech bros.

We Distribute reports on:

ActivityPods: Federated Solid Pods

This is important.

Decentered S1E8: WordPress-ActivityPub with Matthias Pfefferle

The Verge reports:

Newsletter platform Ghost adopts ActivityPub to ‘bring back the open web’

Threads wants to let you wipe your old posts away

Speaking of the Verge, Digiday reports:

As TikTok ban threatens stability in social media ecosystem, some brands settle into the Fediverse
TechCrunch reports on:

Why Meta is looking to the Fediverse as the future for social media

The New Stack has:

One Login: Towards a Single Fediverse Identity on ActivityPub

This would be awesome.

Luca Hammer explores:

Mastodon Advanced Search Guide and Operators

The European Data Protection Supervisor reports:

EDPS decentralised social media pilot: the end of a successful story

Hopefully, all the test users will migrate to other instances.

The Dabbler advocates:

The Slow Fedi Movement: Toward a Green, Independent, and Equitable Fediverse

Evan Boehs says:

You Have Power: Making Truth Social Comply With The AGPL

Evan Prodromou has:

Cross-server Interactions in ActivityPub

I am looking forward to getting his book if physical copies become available.

Bytedance: Add ActivityPub to Tiktok Notes

Then we could all block it.

Other federated social media

The Pragmatic Engineer shares a long article:

Building Bluesky: a Distributed Social Network (Real-World Engineering Challenges)

TechCrunch reports:

Bluesky backs a project that would let Mastodon apps, like Ivory, work with its network

Wow $800. Real generous there Bluesky.

Blacksky is:

Building the Black social layer for the decentralized web

$1000! Even more generous. 🙃


CTAs (aka show us some free love)

Do you own or work for an organization that would be interested in our promotion opportunities? Or supporting our journalistic efforts? If so, please get in touch with us. We’re in our toddler stage, so it’s extra economical. 😉

More importantly, if you are a Ukrainian company with coding-related products, we can offer free promotion on our Support Ukraine page. Or, if you know of one, get in touch.

You can find a vast array of curated evergreen content on our [communiqués page]((https://symfonystation.mobileatom.net/communiques). 

Author

Reuben Walker headshot

Reuben Walker

Founder
Symfony Station

Top comments (0)