Symfony Station Communiqué — 07 June 2024: A look at Symfony, Drupal, PHP, Cybersec, and Fediverse News!
Reuben Walker, Jr.
Posted on June 8, 2024
This communiqué originally appeared on Symfony Station.
Welcome to this week's Symfony Station communiqué. It's your review of the essential news in the Symfony and PHP development communities focusing on protecting democracy. That necessitates an opinionated Butlerian jihad against big tech as well as evangelizing for open-source and the Fediverse. We also cover the cybersecurity world. You can't be free without safety and privacy.
There's good content in all of our categories, so please take your time and enjoy the items most relevant and valuable to you. This is why we publish on Fridays. So you can savor it over your weekend.
Or jump straight to your favorite section via our website.
Once again, thanks go out to Javier Eguiluz and Symfony for sharing our communiqué in their Week of Symfony.
My opinions will be in bold. And will often involve cursing. Because humans.
Symfony
As always, we will start with the official news from Symfony.
Highlight -> "This week, Symfony 7.1.0 was released. We also upgraded the official Symfony book to Symfony 6.4. Meanwhile, we published more details about the SymfonyOnline June 2024 conference that will take place next week and about the accommodation for the next SymfonyCon Vienna 2024."
A Week of Symfony #909 (27 May - 2 June 2024)
Blackfire has:
Understanding continuous profiling: part 2
SensioLabs has an:
Interview with 3 SensioLabs speakers at SymfonyLive Paris 2024
Featured Item
We are calling our own number this week.
I won't beat a dead rocket launcher. Many people have written good reviews about Drupal's Starshot announcement. If you read our communiqués you have seen plenty of them in recent weeks and there will be more to come. In fact, the leadership team was announced today.
Instead after a quick introduction to Starshot this article shares my vision of what it should become.
This should be Drupal Starshot's Destination
This Week
Fernando Castillo shows us how to:
Extend your Symfony Console app with events and attributes
David Garcia says:
Cyril Pereira has:
Platforms
eCommerce
Shopware announces the:
Release notes Shopware 6.6.3.0
Sylius shares the:
PrestaShop invites you to:
Meet the new API Platform-based API in PrestaShop 9
CMSs
Concrete CMS has:
This is a good follow up to my article, Exploring the 17 Content Management Systems of Symfony.
TYPO3 has:
Budget 2024 Ideas for Quarter 3/2024 Published — Vote Now!
New Certification Pricing and Enhanced Silver Membership Discounts – Effective July 2024
TYPO3 Visits AFUP Day 2024 in Poitiers
Wolfgang Wagner asks:
TYPO3 nutzen und die Community ignorieren? Ein schwerer Fehler!
Drupal has:
2024 Aaron Winborn Award Winner: Mike Anello
Congratulations to my fellow Florida Drupaler. Well deserved.
Dries Buyaert is:
Announcing the Drupal Starshot leadership team
The Drop Times reports:
First Drupal Starshot Session Engages Over 200 Participants; Outlines Vision and Next Steps
John Picozzi looks at:
Drupal Starshot: Delivering on a promise to Ambitious Site Builders
Orion shares:
Starshot, the easy-to-install official version of Drupal CMS
One of two official versions. Eventually.
Lullabot asks:
Will Drupal Starshot Help Drupal Compete?
Sebastian Hagens has:
Drupal’s new Starshot initiative & POSSE
Drush sql:sync Error at line 1: Unknown command '-'
On a related note, Wim Leers has the latest on Experience Builder:
Brainsum recommends using the:
Wordpress (Gutenberg) page editor in Drupal
So do I.
Mario Hernandez examines:
Automating your Drupal Front-end with ViteJS
Jay Callicott is:
Introducing DrupalX: A Powerful Starter for Enterprise Developers
A new distribution that unfortunately uses Bootcrap. But it does have Storybook integration which is a plus.
Tag1 Consulting continues its series:
Migrating Your Data from Drupal 7 to Drupal 10: Example repository setup and Drupal 7 site audit
Geonovation shows us:
How to deploy a Drupal Website on Linux with Nginx and Docker
CKEditor is:
Introducing CKEditor 5 Plugin Pack module for Drupal
Chapter Three shows us:
How To Load Test a Decoupled Drupal Site
Specbee shares:
A quick guide to integrating CiviCRM with Drupal
Brian Perry explores:
Matching Drupal’s GitLab CI ESLint Configuration in a Contrib Module
ImageX Media details:
The Drush Firewall Module: Increase Your Drupal Website Security by Preventing Unwanted Changes
Previous Weeks
PHP
This Week
php[architect] has its May edition:
And JetBrains has:
Korben examines:
FrankenPHP – Le serveur PHP surpuissant écrit en Go
DDEV shares its:
Great news about Joomla and Sulu.
Servbay announces:
ServBay 1.3.5 Official Release: Significant Updates and Enhancements
Mohasin Hossain has a:
Coding Challenge — Building wc in PHP
Nagvekar has:
Top 10 PHP Vulnerabilities You Need to Know: Beyond SQL Injection, XSS, and CSRF - Part 1
Top 10 PHP Vulnerabilities You Need to Know: Beyond SQL Injection, XSS, and CSRF - Part 2
Grant Horwood looks at:
PHP: doing recursion with recursive iterator(iterator)s
Backpack has these tips:
Laravel Advanced: Lesser-Known, Yet Useful Composer Commands
Gizra explores:
Private Composer Repos Using DDEV
Shishir Kumar show us how to:
Develop Your First Web App with Lando — Beginner Guide
spO0q examines:
Charles Sprayberry has:
Bruno Oliveira looks at:
foreach
vs array_map
no PHP: Objetivos, Quando Usar e Exemplos
Rizky Ikbal explores:
Decorator-like function as in typescript on PHP
More Programming
Ahmad Shadeed looks at CSS's:
Smashing Magazine shares some:
Useful CSS Tips And Techniques
Fontend Masters has:
Live Demos of Stand Alone Web Components
Here’s What We Learned From the First State of HTML Survey
Marc van Neerven shares:
The PURE Manifesto — for Web Standards based Design Systems
The Wall Street Journal reports:
The AI Revolution Is Already Losing Steam
Let's hope it blows the rest of its valves and throws a rod.
TechCrunch reports:
Greptile raises $4M to build an AI-fueled code base expert
Fighting for Democracy
Please visit our Support Ukraine pageto learn how you can help
kick Russia out of Ukraine (eventually, like ending apartheid in South Africa).
The cyber response to Russia’s War Crimes and other douchebaggery
404 Media reports on:
An AirTags Stalking Sting Operation
He was a Russian human smuggler so what can you expect. Plus Apple doesn't really care about security unless it just barely helps them beat their mofo competitors.
DarkReading reports:
'Sticky Werewolf' APT Stalks Aviation Sector
TechCrunch repoerts:
LinkedIn to limit targeted ads in EU after complaint over sensitive data use
The New York Times reports:
U.S. Clears Way for Antitrust Inquiries of Nvidia, Microsoft and OpenAI
noyb announces:
noyb urges 11 DPAs to immediately stop Meta's abuse of personal data for AI
The Next Web reports:
Mandatory ID for social media would solve some problems — but create a lot more
Euronews reports:
EU countries beef up anti-disinformation efforts ahead of European elections
The Evil Empire Strikes Back
And:
Russiagate to Portal Kombat: The foreign misinformation campaigns shifting the European elections
The Kyiv Post reports:
Russian Foundation Front for Kremlin Intel Ops in Europe, Investigations Say
The Register reports:
Russia takes gold for disinformation as Olympics approach
Microsoft accused of tracking kids with education software
With their recent Recall fiasco this is no surprise.
The Washington Post reports:
News site editor’s ties to Iran, Russia show misinformation’s complexity
Euronews reports:
Pro-Russia group claims responsibility for cyber-attacks on first day of EU elections
The New York Times reports:
Israel Secretly Targets U.S. Lawmakers With Influence Campaign on Gaza War
Bleeping Computer reports:
Ukraine says hackers abuse SyncThing data sync tool to steal data
Chinese hacking groups team up in cyber espionage campaign
Hackers exploit 2018 ThinkPHP flaws to install ‘Dama’ web shells
The Hacker News reports:
Andariel Hackers Target South Korean Institutes with New Dora RAT Malware
NBC News reports:
Trump Convict Don joins TikTok years after trying to ban the app
The Guardian reports:
Revenge: analysis of Trump Orange Jailbird posts shows relentless focus on punishing enemies
404 Media reports:
Google Leak Reveals Thousands of Privacy Incidents
Facebook’s Taylor Swift Fan Pages Taken Over by Animal Abuse, Porn, and Scams
Jesus.
PC World reports:
Google is working on a Recall-like feature for Chromebooks, too
Windows Central reports:
It's hard to believe how fucking stupid the top management is at these big tech companies. Looks like my next laptop is going to have to be a custom Framework with Linux installed.
Venture Beat reports:
More OpenAI researchers slam company on safety, call for ‘right to warn’ to avert ‘human extinction’
Cybersecurity/Privacy
Dark Reading reports:
CISA's Secure by Design Initiative at 1: A Report Card
Developing a Plan to Respond to Critical CVEs in Open Source Software
BleepingComputer reports:
PHP fixes critical RCE flaw impacting all versions for Windows
The Hacker News reports:
The Next Generation of RBI (Remote Browser Isolation)
Trip Wire reports:
Hit by LockBit? The FBI is waiting to help you with over 7,000 decryption keys
Ars Technica reports:
FCC pushes ISPs to fix security flaws in Internet routing
Fediverse
The Fediverse Report has:
Last Week in Fediverse – ep 71
Michael Foster opines:
We need to finish building the Fediverse
And he is right.
We Distribute reports:
IFTAS Launches Moderator Resource Portal
NotizBlog provides an update:
These Yaks Ain't Gonna Shave Themselves (great blog name) explores:
Getting A Local Mastodon Setup In Docker
NewsMast is:
Darnell Day looks at:
Tumblr Alternative Loforo: Most Active Fediverse Blog Option After WordPress?
Evan Prodromou announces:
I turned in my Activity Pub manuscript!
Ghost has an Activity Pub update:
I think you'll find it's a little more complicated than that
Friendica announces:
Friendica 2024.06 Release Candidate available
Soatok has this interesting bit:
Towards Federated Key Transparency
Darnell Day reports:
Threads Muting Pixelfed And Other Fediverse Instances Over One Simple Rule
Other Federated Social Media
We Distribute has:
How to Set Up a Verified Nostr Address
Why would you? Again, Nostr is federated social media for Crypto Bros, AI Authoritarians (who think they're libertarians), and other Silicon Valley c^nts like Jack Dorsey. But, at least they are leaving Shitter.
TIDAL Embraces Nostr, CashApp May Follow
TechCrunch reports:
Bluesky and Mastodon users can now talk to each other with Bridgy Fed
CTAs (aka show us some free love)
- That’s it for this week. Please share this communiqué.
- Also, please join our newsletter list for The Payload. Joining gets you each week's communiqué in your inbox (a day early).
- Follow us on Flipboardor at @symfonystation@drupal.communityon Mastodon for daily coverage.
- Do you like Reddit? Why? Instead, follow us on kbinfor a better Fediverse and Symfony-based experience. We have a Symfony Magazineand Collectionthere.
Do you own or work for an organization that would be interested in our promotion opportunities? Or supporting our journalistic efforts? If so, please get in touch with us. We’re in our toddler stage, so it’s extra economical. 😉
More importantly, if you are a Ukrainian company with coding-related products, we can offer free promotion on our Support Ukraine page. Or, if you know of one, get in touch.
You can find a vast array of curated evergreen content on our communiqués page.
Author
Reuben Walker
Founder
Symfony Station
Posted on June 8, 2024
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.