DEV Community

Cover image for Symfony Station Communiqué — 23 February 2024. A look at Symfony, Drupal, PHP, Cybersec, and Fediverse News!
Reuben Walker, Jr.
Reuben Walker, Jr.

Posted on • Originally published at symfonystation.mobileatom.net

Symfony Station Communiqué — 23 February 2024. A look at Symfony, Drupal, PHP, Cybersec, and Fediverse News!

This communiqué originally appeared on Symfony Station.

Welcome to this week's Symfony Station communiqué. It's your review of the essential news in the Symfony and PHP development communities focusing on protecting democracy. Because open-source equals open societies, peeps. We also cover the cybersecurity world and the Fediverse (more open-source).

We cover a spam attack on the Mastodon community this week. And there is good content in all of our categories, so please take your time and enjoy the items most relevant and valuable to you. This is why we publish on Fridays. So you can savor it over your weekend. 😉

Or jump straight to your favorite section.

Once again, thanks go out to Javier Eguiluz and Symfony for sharing our communiqué in their Week of Symfony.

My opinions will be in bold. And will often involve cursing. Because humans.


Symfony

As always, we will start with the official news from Symfony.

Highlight -> "This week, development activity focused on fixing bugs, such as adding compatibility with the new yielding feature introduced in Twig 3.9. In addition, we published more details about the talks of the upcoming SymfonyLive Paris 2024 conference."

A Week of Symfony #894 (12-18 February 2024)

SymfonyCasts has:

This week on SymfonyCasts!


Featured Item

Cory Doctorow writes:

The problem, in other words, isn’t intermediation — it’s power. The thing that distinguishes a useful intermediary from an enshittified bully is power. Intermediaries gain power when our governments stop enforcing competition law.

This lets intermediaries buy each other up and corner markets. Once they’ve formed cozy cartels, they can capture their regulators and commit rampant labor, privacy and consumer violations with impunity. That capture also lets them harness governments to punish smaller players that want to free workers, creators, audiences and customers from walled gardens.

It also hands them a whip-hand over their workers, so that any worker who refuses to aid in these nefarious plans can be easily fired.

Middlemen without enshittification


This Week

Dariusz Gafka explores:

Symfony Multi-Tenant Applications with Ecotone

Brian Thiely examines the:

Request Lifecycle in Symfony

Rector shows us:

What to expect when you plan to Migrate Away from CakePHP 2

Eternal Learner shows us how to:

Use State Processors and Providers on API Platform 3

Makina Corpus looks at:

Itéra­tions vers le DDD et la clean archi­tec­ture avec Symfony (2/2)

Part 1 is below in the previous weeks section.

Nikolay Nikolov explores:

Unveiling the Power of Dependency Injection in Symfony

Decoupling Logic Through Custom Events in Symfony

Jose Clemente García Rodríguez shares:

Symfony — Azure Provider for OAuth 2.0 Client bundle

eCommerce

Cristiano Pacheco says:

Good-bye Docker, Hello Nix: Configuring a Magento 2 Development Environment with Rooter

Stefan Koopmanschap reports on a meetup:

PHP and e-commerce

Magento, Shopware, Sylius, and Spryker all use Symfony components.

PIM

Fronkom examines a new reg impacting PIMs:

Who needs to comply with Digital Product Passport?

CMSs

TYPO3 has:

Report From the EMPAMOS Barcamp and Networking Event in Nuremberg 2023

Unleashing the Power of Connectivity

And a case study:

Scaling Up Global Websites with TYPO3

TYPO3 Developer Days says:

The TYPO3 Developer Days 2024 need your insights!

Use TYPO3 looks at:

PHP Attributes in TYPO3

Joomla publishes:

The February Issue

Highlights include:

Cassiopeia, Joomla’s powerful built-in template: how to use css classes for your category blog

Your Joomla Administrator Panel: make it yours!

Bleeping Computer reports:

Joomla fixes XSS flaws that could expose sites to RCE attacks

Drupal has:

Drupal means innovation: Introducing the innovation hub

Here's the hub:

Drupal Innovation

There's some good stuff here that is (very) slowly improving Drupal.

Early Bird Registration for DrupalCon Portland 2024 is here, and you can now view the full detailed schedule!

Talking Drupal has:

Talking Drupal #438 - CKEditor 4 End of Life

DrupalizeMe examines:

PHP Attributes for Drupal Plugins

Symfony for Drupal Developers

Acquia looks at:

Automated Bot Traffic - Strategies to Handle and Manage It

Tag1 explores:

Gander: The Sustainability Impact of Automating Performance Testing

Image X examines:

Mastering Content Structure with Ease Thanks to Drupal’s Revamped Field UI

Great stuff.

The Lullabot Podcast looks at:

Navigating the Waters of Drupal Development with Tugboat

QTA Tech shares:

Effortless Drupal Development: Single Directory Components Demystified

The Drop Times has an interview:

FLDC Featured Speaker Aubrey Sambor on CSS Color Innovations

I am looking forward to her presentation.

Ryan Robinson explains his:

Drupal Open Menu

Previous Weeks

DrupalizeMe explores:

PHP Attributes for Drupal Plugins

QED42 Tech has:

The Guide to Single Directory Components (SDC) in Drupal 10

Single Directory Components (SDC) Block module in Drupal 10

A Guide to SDC Variations with Paragraphs in Drupal 10

Great, great stuff. I don't know how I missed this last week. It's the way to do Drupal frontend.

LunaLoom asks:

Why Next.js + Drupal Simplifies Frontend Development with Headless CMS Integration

This is not.

Makina Corpos has:

Itéra­tions vers le DDD et la clean archi­tec­ture avec Symfony (1/2)

Découvrez le DbToolsBundle

Processus de traitement d'une requête HTTP par Symfony


PHP

This Week

Stéphan Kochen shares:

Using Nix flake inputs with PHP Composer

Dan Leech shares:

My PHP Problems

Dragan Rapić explores:

Mastering a PHP Debugging

Parthipan Natkunam explains:

6 Configs to Secure Server-to-Server Communications using cURL in PHP

There is a part 1 you will want to read as well.

Oliver Davies asks:

Which PHPStan level is right for you?

JetBrains announces:

The New Terminal (Beta) Is Now in JetBrains IDEs

AI for PHP: How to Tweak AI Prompts to Improve PHP Tests

Muhammad Raza Bangi looks at:

Interface Segregation Principle (ISP) By Using PHP : SOLID Principle


More Programming

NueJS explains:

Tailwind marketing and misinformation engine

Or why Failwind is shit.

EuroNews asks:

Open source vs closed source AI: What’s the difference and why does it matter?

GitHub shares:

How AI code generation works

Free Code Camp shows us:

How to Use the :has() Selector in CSS

Marc van Neerven announces:

PurePWA — A Radical U-Turn in Web Development

Now this is cool. No React shit, Bootcrap, or Failwind.

Docker shares:

5 Benefits of a Container-First Approach to Software Development


Fighting for Democracy

Please visit our Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually, like ending apartheid in South Africa).

The cyber response to Russia’s War Crimes and other douchebaggery

Bleeping Computer reports:

FBI disrupts Russian Moobot botnet infecting Ubiquiti routers

The Next Web opines:

How antitrust cases against tech giants could reshape the digital advertising landscape

Ars Technica reports:

EU accuses TikTok of failing to stop kids pretending to be adults

The Verge reports:

Apple will reportedly face a $539 million fine over Spotify’s antitrust complaint

404 Media reports:

FTC Fines Avast $16.5 Million For Selling Browsing Data Harvested by Antivirus

VentureBeat reports:

The FTC warned about ‘quiet’ TOS changes for AI training. Here’s why it might not be enough.

TechSpot reports:

Major tech companies sign agreement to combat AI's use in election interference

Ha.

NPR reports:

As Congress lags, California lawmakers take on AI regulations

The Hacker News reports:

Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices

Meta tries to do something good.

PBS reports:

Biden signs executive order to boost cybersecurity at American ports

The Kyiv Post reports:

Ukraine Defense Ministry Builds New Community to Facilitate Military Tech Development

The Evil Empire Strikes Back

And:

Kremlin Propaganda Aims to Destabilize Ukraine From Within

404 Media reports:

Fake Funeral Live Stream Scams Are All Over Facebook

Then Meta allows this mofoery.

The Hacker News reports:

Russian-Linked Hackers Target 80+ Organizations via Roundcube Flaws

The Next Web reports:

New Russian PSYOPs mix disinformation, spam, and Navalny

DarkReading reports:

Russian APT 'Winter Vivern' Targets European Government, Military

Iranian APTs Dress Up as Hacktivists for Disruption, Influence Ops

Krebs on Security reports:

New Leak Shows Business Side of China’s APT Menace

Bleeping Computer reports:

UnitedHealth confirms Optum hack behind US healthcare billing outage

Open Web Advocacy reports:

It’s Official, Apple Kills Web Apps in the EU

On a related note, Ars Technica reports:

Big Tech is extremely unimpressed by Apple’s EU App Store changes

Cybersecurity/Privacy

Ars Technica reports:

Google gets its way, bakes a user-tracking ad platform directly into Chrome

TechCrunch reports:

Google DeepMind forms a new org focused on AI safety

This probably safety-washing from Google but hopefully not.

VentureBeat reports:

The five most alarming cyber threats from CrowdStrike’s 2024 Global Threat Report

The Register reports:

Election security threats in 2024 range from AI to … anthrax?

Bleeping Computer reports:

LockBit ransomware disrupted by global police operation


Fediverse

The Fediverse Report has:

Last Week in Fediverse – ep 56

The BBC announces:

Extending our Mastodon social media trial

Mastodon had a spam fiasco last weekend because of some teenage jackassery in Japan and its own lax security and privacy decisions. Plus Discord's shitassery.

Tedium reports:

Spammy Saturday

Jan Wildeboer examines the laxness:

The 2024-02 Spam Wave on the Fediverse and what we can learn (unfinished)

Cats on a Keyboard has the nitty-gritty:

Cyberbullying Gone Global: Fediverse Spam and Operation Beleaguer

TechCrunch reports:

Discord took no action against server that coordinated costly Mastodon spam attacks

Everyone knows TOS are for platforms to fuck over their users. Not to prevent their users from fucking over other users. Right SubStack?

Meta tests cross-posting from Facebook to its Twitter/X competitor, Threads

Great news. Those on the Fediverse who want to interact with the Threads dummies get the Facebook old dummies as a bonus. At least it will be via ActivityPub.

Mike McCue previews:

Federating Flipboard Magazines

We will let you know when ours are turned on.

Forgejo announces:

Forgejo forks its own path forward

Funkwhale announces:

The path to Funkwhale 2.0: a new API

Other federated social media

Bluesky: An Open Social Web

So their idea of "federation" is use Bluesky or set up your own personal "instance".


CTAs (aka show us some free love)

Do you own or work for an organization that would be interested in our promotion opportunities? Or supporting our journalistic efforts? If so, please get in touch with us. We’re in our toddler stage, so it’s extra economical. 😉

More importantly, if you are a Ukrainian company with coding-related products, we can offer free promotion on our Support Ukraine page. Or, if you know of one, get in touch.

You can find a vast array of curated evergreen content on our [communiqués page]((https://symfonystation.mobileatom.net/communiques). 

Author

Reuben Walker headshot

Reuben Walker

Founder
Symfony Station

Top comments (0)