This communiqué originally appeared on Symfony Station.
Welcome to this week's Symfony Station communiqué. It's your review of the essential news in the Symfony and PHP development communities focusing on protecting democracy. That necessitates an opinionated Butlerian jihad against big tech as well as evangelizing for open-source and the Fediverse. We also cover the cybersecurity world.
There's good content in all of our categories, so please take your time and enjoy the items most relevant and valuable to you. This is why we publish on Fridays. So you can savor it over your weekend.
Or jump straight to your favorite section via our website.
Once again, thanks go out to Javier Eguiluz and Symfony for sharing our communiqué in their Week of Symfony.
My opinions will be in bold. And will often involve cursing. Because humans.
Symfony
As always, we will start with the official news from Symfony.
Highlight -> "This week, Symfony continued adding compatibility with the upcoming PHP 8.4 version and also focused on tweaking and polishing the new features of the upcoming Symfony 7.1 version. Meanwhile, we published more information about some of the talks that will be part of the SymfonyOnline June 2024 conference."
A Week of Symfony #903 (15-21 April 2024)
They also have:
SymfonyLive Berlin 2024: Using container's features to manage complexity
SymfonyOnline June 2024: Crafting Elegant Symfony Tests
SymfonyOnline June 2024: The big upgrade. All the way up to Symfony 7 and PHP 8.3
SymfonyOnline June 2024: LIVE (Component) Experience
SensioLabs has an announcement:
SensioLabs Germany Announces New Managing Director: Oskar Stark
Blackfire shares:
Blackfire, the opinionated do-it-for-me observability solution
Featured Item
This week I am featuring my latest article because I want you to help out SymfonyCasts' Ryan Weaver. I start with:
"Symfony is unbeatable when it comes to building complex and scalable web applications. Be they sites, services, an API, or Spotify. It's a fantastic weapon in your PHP programming skills arsenal. So, breakout you laptop and put your thinking helmet on. This is the way to learn modern Symfony and slay your PHP space demons."
Lucky like a 7 - Seven SymfonyCasts Courses to Master Symfony 7
Please read this and seriously consider my main call to action for Ryan and his family.
This Week
Lubna Altungi shares the:
Fast-Track to Become A Bad Symfony Developer
Clever.
David Garcia says:
It is best to embrace Design Patterns if you work with Symfony
Alibid lists the:
Top 15 Symfony Interview Questions and Answers
Question 3 would be a strange one. 😉
Sylvain Blondeau has a new Symfony newsletter:
Unfortunately, it's on a rapidly enshitifying Substack. Sylvain, mon freré check out Ghost and Buttondown while you can.
Speaking of Ghost, I will share this out of its normal section below.
Ghost is federating over ActivityPub to become part of the world’s largest publishing network.
Serghei Pogor examines:
What PHP Symfony Migration Commands Do You Need to Know
Maico Orazio has:
Release Announcement: KeycloakClientBundle v2.0
Navid Hosseini looks at:
Running a Symfony application on AWS Lambda (Part 2)
Parthenon announces:
dr0bz is:
Building Objects in the API Lifecycle
CMSs
Sulu explores:
Mastering Structured Content: A Comprehensive Guide to Structured Content CMSs
TYPO3 has:
Where To? Building the Road to EU Policy Compliance
Open Source and Digital Sovereignty
TYPO3 v13.1—The Surfer’s Starterkit
Showcase Your Project: Explore Exciting New TYPO3 Award Categories and Deadline Updates
Joomla announces the:
Highlights include:
Tamper-Proof core updates for Joomla - TUF making it into 5.1
Drupal is also integrating it.
Drupal has an announcement:
Drupal 11.0.0-alpha 1 will be released on the week of April 29, 2024
Cool. This should mean we get 11 and automatic fucking updates this summer rather than at the end of the year.
Dries Buyaert announces:
Evolving Drupal's Layout Builder to an Experience Builder
Looks like Dries decided to save Paragraphs from Gutenberg.
Drupal the details:
Working toward an Experience Builder
This better explains the decision which favors site builders over content creators. And Gutenberg may be integrated/compatible later. In any event this will take years to come to fruition.
The Drop Times has:
A Conversation with Dominique de Cooman on Drupal, Mautic, Open DXP and Dropsolid
Interesting projects.
Streamlining Local Development with DDEV, Docker, and NGROK
Smile Launches Sobki: A New No-Code Drupal Profile at Drupalcamp Rennes 2024
Drupal's Innovation & Future: 2024 and Beyond—Part 2 | Industry Experts' Perspective
Carlos and Oscar have it right in this one.
And here's my perspective, Does Drupal Have a Path to Growth?.
LN Webworks shows us:
How To Use Cron Jobs For Task Automation In Drupal
Specbee explores:
Improving Drupal SEO: How to Fix Duplicate Content with the Global Redirect Module
Drupal Easy examines:
cspell and drupalorg CLI: two useful tools for Drupal contrib module maintainers
Drupalize.Me shares:
Learning Drupal with the Help of an AI Tutor
Uh, no. Maybe it three to four years. Definitely in the future. For now subscribe to DrupalizeMe instead.
Capellic looks at:
Frontend performance optimization for Drupal websites: Part 1
Gábor Hojtsy says:
This is how I update my Drupal modules to Drupal 11 with only GitLab and drupal.org in my browser!
Alex Moreno reports:
Open-source CMS like Drupal and WordPress dominate Fortune 500
Tag 1 continues a series:
Migrating Your Data from Drupal 7 to Drupal 10: Source Site Audit - A High Level Overview
Balint Pekker advocates:
Simplifying Drupal Documentation
Yes. Any and everything to do with Drupal needs to be simplified.
Previous Weeks
Tag1 starts a series:
Migrating Your Data from Drupal 7 to Drupal 10: Getting to Know Your Migration
DrupalizeMe explains:
Tuning Drupalize.Me Search Results with Solr Query Re-Ranking and Search API
ImageX Media shows us how to:
Augment Your Drupal Content Management Workflows with the Augmentor AI Module
Listberg has this snippet:
Symfony Decorators in Drupal: An Example
Lubna Altungi explores:
Uploading Images in Symfony: A Developer’s Journey
PHP
This Week
William Martins examines:
Terence Eden asks:
Where you can (and can't) use Emoji in PHP?😈
David Duymelinck looks at:
StrangeBuzz shares a snippet:
Transforming an array into a traversable object with PHP
Davide De Sio explores:
Superpower REST API DX with Serverless ⚡ and DevOps Best Practices on AWS (PHP Version)
Filipe Pires shows us:
How to use PHP inside a Docker Container using an IDE like VS Code (without installing PHP locally)
Interesting.
Alex compares:
Abstract Classes VS Interfaces
Roberto Butti examines:
Roman Ushakov looks at:
PHP: Implementing proxy for keepalive connections using Nginx
Jochelle Mendonca moves:
From Old Habits to Modern Best Practices: Introducing Enums
Omandi Jeff explores:
Unlocking PHP Configuration within Docker Containers
Shalini Baskaran lists her:
Top 10 PHP Testing Frameworks for 2024
PHP.net has a:
Statement on glibc/iconv Vulnerability
Free Code Camp has an extensive handbook:
How to Implement JSON Web Tokens (JWTs) in PHP – PHP Authentication Handbook
Doğan Uçar is back with another gem:
Property Hooks RFC for PHP 8.4
Garrett Mills examines:
Mitigating the iconv Vulnerability for PHP (CVE-2024-2961)
Erland Muchasaj looks at:
PHP: Dynamic method calling — Part 2
Peter Knowles shows us how to:
Sarven Dev explores:
Rethinking Mocking: DIY Approach vs. Frameworks on examples in PHP and Typescript
Phoronix reports:
Sovereign Tech Fund Makes New Investments Into GNOME & PHP, Bug Bounty For systemd
200,000 euros for PHP! Very generous.
Camilo Herrera examines:
Detection of web vulnerability scanning with PHP and Apache mod_status
Previous Weeks
Inspector shows us:
How to Manage a Software Delivery Cycle
More Programming
Grant Horwood looks at:
Alex Efimenko explores:
If you use it, update it. Otherwise, avoid it.
Jason Knight continues with a new idea:
Building A Better JavaScript DOM Builder : Part 2 Extending System Objects
Better JS DOM Building With DOM-JON — Part 3 : The State Object
Smashing Magazine examines:
Converting Plain Text To Encoded HTML With Vanilla JavaScript
F-Shape Pattern And How Users Read
Go Make Things offers advice on:
Lullabot asks:
Audrey knows her stuff.
Sitepoint has:
Creating Fluid Typography with the CSS clamp() Function
WebKit pleads:
Help us invent CSS Grid Level 3, aka “Masonry” layout
GitPod shares:
A Platform Team’s pocket guide to Cloud Development Environments
DrupalPod is what its name implies and is fantastic.
Jake Archibald compares:
HTML attributes vs DOM properties
Five rates the:
**I wonder why Five is number 1. 🧐
Fighting for Democracy
Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually, like ending apartheid in South Africa).
The cyber response to Russia’s War Crimes and other douchebaggery
The Register reports:
Watchdog tells Dutch govt: 'Do not use Facebook if there is uncertainty about privacy'
US charges Iranians with cyber snooping on government, companies
The Guardian reports:
Netanyahu vows to fight US sanctions on IDF unit accused of violations in West Bank
Better later than never and something rather than nothing. And fuck Netanyahu with a broken baseball bat.
BleepingComputer reports:
US imposes visa bans on 13 spyware makers and their families
EuroNews reports:
Japan's antitrust body orders Google to fix ad search limits affecting Yahoo
TikTok subject to second DSA investigation over Lite app, faces suspension
TechCrunch reports:
TikTok pulls feature from Lite app in EU over addiction concerns
Further proof than when you regulate something you can mitigate its evils.
The Verge reports:
Biden signs TikTok ‘ban’ bill into law, starting the clock for ByteDance to divest it
I am sure he knows this will likely be thrown out by the courts (it singles out TikTok vs. being a privacy bill). The administration may not even defend it in the courts. He did so to get the c^nts in the House to pass aid for Ukraine. And unfortunately, Israel.
Reuters reports:
Russian programmers play 'cat and mouse' game to outsmart censors
Just a reminder that every Russian is not a c^nt.
The Evil Empire Strikes Back
Ars Technica reports:
North Korea is evading sanctions by animating Max and Amazon shows
Windows vulnerability reported by the NSA exploited to install Russian malware
The Register reports:
Microsoft is a national security threat, says ex-White House cyber policy director
It's business and cloud products sure as fuck are.
Bleeping Computer reports:
Russian Sandworm hackers targeted 20 critical orgs in Ukraine
The Register reports:
Russia, Iran pose most aggressive threat to 2024 elections, say infosec pros
The Next Web reports:
Cyberattacks on Poland surged after election of pro-Ukraine government, NetScout says
Wired reports:
The Destruction of Gaza’s Internet Is Complete
The Guardian reports:
Aipac: the pro-Israel group planning to spend millions in US elections
To undermine U.S. democracy like they always have. These fucks are up there with the NRA and Big Oil.
Fortune reports:
DarkReading reports:
North Korea APT Triumvirate Spied on South Korean Defense Industry For Years
From the former director for civic integrity at Twitter:
Why I'm Leaving Twitter: A Reflection on Elon Musk's Takeover and Anti-Democratic Values
404 Media reports:
TechCrunch reports:
India’s election overshadowed by the rise of online misinformation
In a follow up to an article we shared last week The Markup reports:
Online Censorship in Schools Leaves Teachers in the Lurch, Too
Cory Doctorow writes:
Paying for it doesn't make it a market
Even when you pay for Big Tech, it's enshitified. And designed to fuck you over.
Cybersecurity/Privacy
Bleeping Computer reports:
GitHub comments abused to push malware via Microsoft repo URLs
GitLab affected by GitHub-style CDN flaw allowing malware hosting
Dark Reading reports on:
Where Hackers Find Your Weak Spots
SolarWinds 2024: Where Do Cyber Disclosures Go From Here?
TechCrunch has:
US government says security flaw in Chirp Systems’ app lets anyone remotely control smart home locks
Which is why you should have locks with manual codes or a physical key.
UnitedHealth says Change hackers stole health data on ‘substantial proportion of people in America’
The Hacker News reports:
CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers
NGI Commons asks:
Responding to XZ utils: Can a digital commons approach reinforce OSS security?
Fediverse
The Fediverse Report has:
Last Week in Fediverse – ep 65
The Nexus of Privacy shares:
Eight tips about consent for Fediverse developers
Read this tech bros.
We Distribute reports on:
ActivityPods: Federated Solid Pods
This is important.
Decentered S1E8: WordPress-ActivityPub with Matthias Pfefferle
The Verge reports:
Newsletter platform Ghost adopts ActivityPub to ‘bring back the open web’
Threads wants to let you wipe your old posts away
Speaking of the Verge, Digiday reports:
As TikTok ban threatens stability in social media ecosystem, some brands settle into the Fediverse
TechCrunch reports on:
Why Meta is looking to the Fediverse as the future for social media
The New Stack has:
One Login: Towards a Single Fediverse Identity on ActivityPub
This would be awesome.
Luca Hammer explores:
Mastodon Advanced Search Guide and Operators
The European Data Protection Supervisor reports:
EDPS decentralised social media pilot: the end of a successful story
Hopefully, all the test users will migrate to other instances.
The Dabbler advocates:
The Slow Fedi Movement: Toward a Green, Independent, and Equitable Fediverse
Evan Boehs says:
You Have Power: Making Truth Social Comply With The AGPL
Evan Prodromou has:
Cross-server Interactions in ActivityPub
I am looking forward to getting his book if physical copies become available.
Bytedance: Add ActivityPub to Tiktok Notes
Then we could all block it.
Other federated social media
The Pragmatic Engineer shares a long article:
Building Bluesky: a Distributed Social Network (Real-World Engineering Challenges)
TechCrunch reports:
Bluesky backs a project that would let Mastodon apps, like Ivory, work with its network
Wow $800. Real generous there Bluesky.
Blacksky is:
Building the Black social layer for the decentralized web
$1000! Even more generous. 🙃
CTAs (aka show us some free love)
- That’s it for this week. Please share this communiqué.
- Also, please join our newsletter list for The Payload. Joining gets you each week's communiqué in your inbox (a day early).
- Follow us on Flipboard or at @symfonystation@drupal.community on Mastodon for daily coverage.
- Do you like Reddit? Why? Instead, follow us on kbin for a better Fediverse and Symfony-based experience. We have a Symfony Magazine and Collection there.
Do you own or work for an organization that would be interested in our promotion opportunities? Or supporting our journalistic efforts? If so, please get in touch with us. We’re in our toddler stage, so it’s extra economical. 😉
More importantly, if you are a Ukrainian company with coding-related products, we can offer free promotion on our Support Ukraine page. Or, if you know of one, get in touch.
You can find a vast array of curated evergreen content on our [communiqués page]((https://symfonystation.mobileatom.net/communiques).
Author
Reuben Walker
Founder
Symfony Station
Top comments (0)