SymfonyCon, Amsterdam 2019

SymfonyCon is organized in Amsterdam this year.

Borislav Lazendic and me are attending the conference between 19th to November 23rd of November. If you are at the conference or in #Amsterdam at that time, let us know. We can have a coffe/beer at or after the conference.

Thanks to TimeTac for sending us to this conference and special thanks to Michael Hermann for helping us organize everything. We really appreciate it!

Without further small-talks, here is a quick review of conference and some things that I found interesting.

The first experience – Checkin process

Checkout process was really good. We did a registration within 15 minutes.

Very well organized, lots of people involved and very good coordinated.

Venue itself

Good venue for up to 2000 people.

More then enough food, coffee (WeAreDevelopers crew I am looking at you… ;), tables to stand, jacket placeholdersz security and stuff in general…

Keynote by Fabien Potencier

Fabian does live release of Symfony 5.0

Very interesting and unusual keynote. I won’t be describing it in details, but I will give couple of teasers and headlights:

  • Fabians Talk… “50% of the coding time is Backward Compatibility work”
  • Live release of Symfony 5.0
  • Rebasing fork, automated release with script
  • Zero Fucks Given release (Mark Manson)
  • Bot that “reads a book”.. “Automate the book”
  • BDD (Book Driven Development) approach.. lol. 🙂

How to contribute to Symfony by Valentin Udaltsov

Motivation for contributing to open source. Merged PR, get a part of blog post. Becoming an in-demand (git hub green graph)

glue code (dont reinvent the wheel)

Diverse community (optimistic talk and good experiences in contributing)

Valentin talked about common questions related to contributing. What am I supposed to do? What should I contribute to.

  • Firstly, you can become a “bug hunter”. But do this in a smart way. Check the documentation, google for solutions. Then ask collegues, then google it again. 🙂 Furthermore, check th support in #slack. If all of these steps fail, make a reproducable example and submit a bug.
  • Secondly, involve yourself trough reading of blog and existing pull requests. This goes for every open source project I would say.
  • Furthermore, sign up for latest releases. Check new issues and PRs.
  • Afterwards, filter open issues with label #good to find a good issues. Also, doublecheck if that issue is “reserved” by someone.
  • Bonus tip: Search issues for #recent issue, which might be easier to solve.

Finally, there was a detailed explanation on how to contribute, but I won’t be writing about it. These steps are available on Symfony web site.

Semantic versioning and backward compatibility.

As a final note, always check coding standards and write unit tests for functionalities that you introduced. Then again, this should apply to any coding project we are working on.

How Doctrine caching can skyrocket your application by Jachim Coudenys

Three, two, one… Room is slowly filling in… Lecturer makes a quick tweet about current state in room… And, we are starting….

Image of Jachim, taken by us
Image of us taken by us, because why not 🙂

Doctrine definition (ORM)

Terminology , Entity and Mapping

Demo application, bug tracker, many to many relation. Bug, BugRepository, Product

unit or work and flush (persisting into database). We communicate only with Entity Manager. Unit of work uses transactional write-behind, meaning it delays execution of queries (optimized in short transaction).

Identity map ensures that eaxh object gets loaded only once. If several queries load object to memory, identitycmao ensures that there is only one object in memory at time.

Entity states (new, managed, detached, removed). These states are important because they hint entity manager on which entities should be handled.

Hidration is something like serialization, turning object to array and vice versa.

Proxy objects is used for lazy loading. An object that doesn’t contain all the data but knows where ro get it.

There was a quick notice of Read Only objects. Extra-lazy loading collections are good for counting (contains, count, etc.).

Finally, there was talk about Doctrine Caching and metadata caching (optimize parsing efforts).

Some topics to check: repository decorator, custom caching, Hidration and PHP7, second level caching, association cache, regions, modes, query cache, delete and update caching (entities that are cached will not be invalidated), hint() or evict…().

Thank you all for joining my talk (the biggest audience I’ve ever spoken to) at #SymfonyCon.

Slides are available at https://t.co/tMiG2GLExc and the code is on https://t.co/84uGFQEUjv

For more information check out Jachim Coudenys (@coudenysj): https://twitter.com/coudenysj?s=09

Crawling the web with the new Symfony components by Adiel Cristo

This is a lecture about crawlers, spiders, bots and how to build them.

Crawler is used to get content from web (this is how Google started). Scrapers is API or tool used to get the data when we already have a content (use case for that data).

Crawler download content and scraper extracts data from downloaded content.

Php tools for making this happen are cURL, Guzzle and HttpClient.

Guzzle uses PSR-7 interfaces for requests, responses and streams.

This lecture had several interesting examples on how to get data from some web pages using Symfony components.

Explanation of messaging concept

Finally, to avoid doing overload of requests, there was the explanation of messanger (integration concept of queue and workers). Essentially this is a way to define order and speed of execution of your tasks, jobs or API calls.

PHP, Symfony and Security by Diana Ungaro Amos

Dev, Security, Music and Kung Fu 🙂

One great lecture about PHP security and how to secure our own products better. Firstly, PHP is good language and PHP is not dying. Secondly, PHP is still very much alive and actually increasing. (WordPress, Symfony, Laravel).

Php is popular, but…

However, PHP is in the Top 5 of the most dreaded languages. For example, there are memes like “PHP Best practices: use something else”.

Therefore, this lecture pinpointed main reasons why this is a case, and what could be done to make this better.

Common issues with PHP versions:

  • Huge percentage of PHP 5.x sites
  • Big percentage of PHP 7.0
  • 79% of web is using PHP, but 42% is 7x.
  • 33% of the web is running PHP 7
  • 47% of 33% is 7.0 or 7.1
  • Leaving us with only 17% of PHP Web applications are running updated and safe versions of PHP.

Several security research tips:

  • Firstly checkout CVE Details (Common Vurneravilities and Exposures).
  • Seconsly checkout exploit database, try search with PHP 7.0
  • Finally, tip: Mitre – automatic tool for exploits

At the end of the lecture there was a list of quick wins on how to improve security on some specific cases:

  • Filtered unserialize() considerations
  • Mcrypt removed from PHP core. It is not supported any more in PHP 7.2
  • Password_argon2
  • Libsodium as core extension for credentials handling
  • “MAX_DEPTH” option for unserialize() in PHP 7.4
  • Proc_open() changes in PHP 7.4

Diana, thank you for a great and valuable information and insights.

Finally, one fantastic lecture and I would highly recommend to check it out if and when available online.

Configuring Symfony – from localhost to High Availability by Nicolas Grekas

This lecture gave introduction to configuring Symfony app, core characteristics, components, handling secrets.

The core of the Symfony application is dependency injection of already existing components.

Furthermore, what are parameters and how to use them (Facebook App Id, Google Analytics id etc.). Also, there was a notice of PHP constants for rarely changed values. Finally, usage of environment variables is explained.

There was an explanation of services.yaml configuration file. If I would try to describe this lecture in details it would lose it’s value, because of large amount of small details.

Takeaways

Having that in mind, I would advise in checking out this lecture if and when available online.

Further reading?

You want to learn programming in PHP? If you are interested in some PHP projects with complete source code check out this link.

Leave a Comment