Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Master Zend Framework:
How To Automate Projects Using Composer Scripts
Dec 06, 2016 @ 12:08:01

The Master Zend Framework site has posted a new tutorial showing you how to automate your projects with Composer, making use of the "scripts" section to add commands that can be automatically executed via a "composer" command line call.

Here, in the second part of the series, we’ll look at the scripts section of composer.json. If you’ve never heard of this section, it provides a way to automate tasks in your project.

Perhaps you think that this is unnecessary, as there is already such a wealth of tools available; including Make, Ant, Phing, and so on. But I see a place for having automation in Composer — though at first I didn’t.

Why? Because you can bring everything that much closer together. Because you can keep everything in a very tidy, organized, and well-structured way.

He starts with a brief overview of how the "scripts" section of the composer.json configuration works. He also shows examples of setting up scripts for code sniffing, running tests and generating test coverage reports. He also shows how to run these commands via the Composer command line and an the use of event handlers (like "post-install-cmd") to execute things at a certain point in the install/update process. He finishes off the post with an example from Zend Expressive calling an "Automation" to clear out the contents of the caches.

tagged: automate composer project scripts configuration tutorial event

Link: http://www.masterzendframework.com/series/tooling/composer/automation-scripts/

DaedTech Blog:
Avoid these Things When Logging from Your Application
Dec 06, 2016 @ 11:53:48

On the DaedTech blog Erik Dietrich has written up a list of a few things he suggests avoiding when using logging functionality in your application. The suggestions range from the actual contents of the message out to some logging best practices.

It seems almost strange to talk about avoiding things while logging. After all, logging is your last line of defense or your salvation in many cases. [...] Well, it turns out that, while logging may be a highly inclusive activity in terms of what should be included, there are ways to create problems. You want to be liberal in terms of what you log, but judicious and wise in terms of how you log it. You don’t want to indulge in a feckless free-for-all when it comes to the calls you make to your application’s logger.

So what are these problems, and how to avoid them? Let’s take a look at some things that can come back to bite you.

He points out the following (common) bad practices he has seen during his time developing:

  • Forgetting Context
  • Cryptic Codes
  • Spamming the Log File
  • Unsafe Logging Calls
  • Mixing Application Logic with Logging

He ends the post with a suggestion of "sensible logging" - capturing as much meaningful information as possible while not overdoing it. Logs can be a powerful ally when hunting down an issue or trying to provide documentation of a security issue. Log wisely, log on purpose.

tagged: logging practices recommendation avoid list

Link: http://www.daedtech.com/avoid-things-logging-application/

Stovepipe Systems:
What are Bundles in Symfony?
Dec 06, 2016 @ 10:22:56

On the Stovepipe Systems Dev blog today Iltar van der Berg has shared a post about bundles, one of the key concepts in the Symfony ecosystem - what they are and some of the common features they all share.

People often refer to bundles as modules or re-usable code for Symfony applications. When a developer has experience with Symfony1 or another framework with the module concept, it might seem logical that this is what a bundle represents in Symfony.

So what is a bundle? When do you need one and what can it do? What's the difference between an AppBundle and a vendor Bundle?

He starts with the release of Symfony 2, including bundle support, and how common practices created hard dependencies between bundles. This created issues in the applications and reusability of the bundles (their whole purpose) so a solution was created: the AppBundle. This bundle shifted the emphasis away from the file structure of the bundles and more towards the domain they occupied, handling some "magic" references automatically for you.

As mentioned, the bundle provides an extension point. Other bundles for example, can hook in on your bundle because it contains some logic to expose information such as the directory of the bundle.

[...] The main purpose of a bundle however, is to provide an extension point for the Dependency Injection Container. When talking about this extension point, it revolves around adding, changing or removing service definitions.

tagged: symfony bundle introduction appbundle vendor

Link: https://stovepipe.systems/post/what-are-bundles-in-symfony

Laravel News:
Laravel Homestead 4.0 is released featuring support for PHP 7.1
Dec 06, 2016 @ 09:43:35

The Laravel News site has a new post announcing the release of the latest version of Laravel Homestead, the Vagrant-driven environment that makes it easy to set up a Laravel environment. In this latest version, 4.0, there's a few changes including a major one: support for PHP 7.1.

Laravel Homestead the Vagrant box for easily running Laravel on any platform has just released v4.0 that includes support for the just released PHP 7.1.

The upgrade is easy but the instructions do vary depending on how you have it installed.

They walk you through the steps for the upgrade:

  • Backup all your Homestead databases
  • update the Homestead Global installation (or per-project installation)
  • Destroy the current Vagrant box
  • Use "vagrant up" to download the latest version and bring the box back up

It's a pretty easy process that should be pretty painless. Everyone's setup is slightly different so there might be a few issues in your own upgrade and minor version releases will be made if there are issues because of the upgrade.

tagged: laravel homestead vagrant upgrade v4 release php71 support

Link: https://laravel-news.com/laravel-homestead-4-0-is-released-featuring-support-for-php-7-1

Community News:
Latest PECL Releases (12.06.2016)
Dec 06, 2016 @ 08:05:02

Latest PECL Releases:

  • vips 1.0.2
    - First stable release.

  • xdebug 2.5.0
    Sun, Dec 4, 2016 - xdebug 2.5.0
    • Added features:

      • Implemented issue #1232: add memory delta to HTML traces
      • Implemented issue #1365: Allow remote_connect_back to be set through XDEBUG_CONFIG

    = Fixed bugs:

    • Fixed issue #1168: Added defensive check to prevent infinite loop
    • Fixed issue #1242: Xdebug on Windows with Eclipse has issues with breakpoint IDs
    • Fixed issue #1343: Wrong values of numerical keys outside 32bit range
    • Fixed issue #1357: Function signature using variadics is reported as being not executed
    • Fixed issue #1361: Remote debugging connection issues with Windows (Anatol Belski)
    • Fixed issue #1373: Crash in zend_hash_apply_with_arguments when debugging, due to unset symbol table
  • ev 1.0.4
    Fix: memory leak in PHP 7.0.13
  • sqlsrv 4.0.0
    This release contains the PHP 7 port of the SQLSRV and PDO_SQLSRV drivers, and does not provide backwards compatibility with PHP 5. Binding output parameter using emulate prepare is not supported.
  • yaconf 1.0.3
    - Fixed ISSUE #19 (Memory leak on foreach and reference)
  • mongodb 1.2.0
    ** Bug * [PHPC-316] - config.w32 should define MONGOC_ENABLE_SASL * [PHPC-447] - Windows builds should generate libmongoc and libbson config and version files * [PHPC-481] - Windows reports wrong mongoc and libbson versions * [PHPC-520] - Document driver dependencies * [PHPC-525] - Demonstrate non-empty $filter argument in Query constructor example * [PHPC-530] - Document MongoDBDriverServer type constants * [PHPC-554] - Rephrase unsupported/corrupt BSON messages * [PHPC-625] - Document that persistent sockets should not be re-used after forking * [PHPC-673] - Cursor::isDead() returns true despite cursor being alive * [PHPC-674] - Advise users to install pkg-config for building the driver * [PHPC-693] - Unacknowledged WriteResults have null counts * [PHPC-728] - Wrong example on how to provide client certificate * [PHPC-748] - CursorID is not properly expressed on 32-bit platforms * [PHPC-756] - fromJSON() should not evaluate bson_error_t.message as boolean * [PHPC-762] - undefined symbol: mongoc_write_concern_is_acknowledged * [PHPC-788] - Timestamp on 32-bit platforms breaks * [PHPC-790] - UTCDateTime constructor should truncate floats * [PHPC-794] - BulkWrite::update() silently ignores invalid arguments * [PHPC-801] - Empty ReadConcern and WriteConcern should serialize to BSON documents * [PHPC-804] - Timestamp and UTCDateTime constructors should accept integers in strict types mode * [PHPC-838] - Javascript objects are always serialized as BSON code types without scope

    ** Epic * [PHPC-542] - Remove dependency on mongoc private symbols

    ** Improvement * [PHPC-359] - Ensure read preference tags sets serialize as documents * [PHPC-424] - Validate that read preference tag set is an array of documents * [PHPC-433] - Persist topology state between requests * [PHPC-486] - Add syntax highlighting to BSON persistence articles * [PHPC-637] - Remind users that connection URIs should be encoded * [PHPC-654] - Implement comparison handlers for BSON types * [PHPC-676] - Do not allow BulkWrite objects to be executed multiple times * [PHPC-684] - Report bypassDocumentValidation in BulkWrite debug output * [PHPC-705] - Do not unnecessarily wrap filters in $query * [PHPC-721] - Javascript constructor should throw if code contains null bytes * [PHPC-724] - Regex constructor should throw if pattern or flags contain null bytes * [PHPC-726] - Allow cross-platform serialization of Timestamp and UTCDateTime * [PHPC-731] - Parse Timestamp argument as strings to accept large integers * [PHPC-739] - Rename "javascript" to "code" in Javascript BSON class * [PHPC-741] - Use consistent exceptions for BSON initialization methods * [PHPC-742] - Regex constructor should default flags arg to empty string * [PHPC-744] - Improve error messages for invalid Decimal128 and ObjectID strings * [PHPC-746] - Default Manager URI to "mongodb://" * [PHPC-754] - Remove libmongoc-priv system dependency in config.m4 * [PHPC-755] - Remove include of private mongoc-trace.h

    ** New Feature * [PHPC-459] - BSON objects should implement JsonSerializable * [PHPC-460] - BSON classes should support PHP serialization and var_export() * [PHPC-498] - ReadPreference, ReadConcern, and WriteConcern should serialize to BSON * [PHPC-536] - UTCDateTime constructor should default to current time and accept DateTimeInterface * [PHPC-552] - Implement ObjectID::getTimestamp() method * [PHPC-619] - Implement Decimal 128 type spec * [PHPC-716] - Support new readConcern level "linearizable" * [PHPC-729] - Implement __toString() method for Javascript and Binary * [PHPC-730] - Implement getCode() and getScope() for Javascript * [PHPC-734] - Support providing collation per operation * [PHPC-752] - Allow users to set a limit on acceptable staleness * [PHPC-757] - Implement The MongoDB Handshake Protocol * [PHPC-786] - Support appname in URI array options

    ** Question * [PHPC-723] - Blocking connect() leads to cumulative timeouts for multiple inaccessible servers

    ** Task * [PHPC-313] - BSON should throw when encountering 64-bit integer on 32-bit platform * [PHPC-416] - Document SSL options * [PHPC-504] - Document how RP, RC, and WC are serialized to BSON * [PHPC-533] - Remove PHONGO_API macro for exported functions * [PHPC-584] - Remove MkDocs documentation in favor of PHP.net documentation * [PHPC-600] - Manager::getServers() should use mongoc_client_get_server_descriptions() * [PHPC-601] - Cursor::getServer() should not access mongoc_cursor_t.client * [PHPC-602] - Create command cursors with mongoc_cursor_new_from_command_document() * [PHPC-603] - Use mongoc_read_prefs_t getters instead of accessing struct fields directly * [PHPC-604] - WriteConcern::getJournal() should use mongoc_write_concern_journal_is_set() * [PHPC-605] - Rely on libmongoc's socket handling and SSL implementation * [PHPC-606] - Use mongoc_server_description_t public API * [PHPC-607] - Manager::selectServer() should use mongoc_client_select_server() * [PHPC-609] - Ensure client URI handling uses libmongoc public API * [PHPC-610] - Client construction should use mongoc_write_concern_is_valid() * [PHPC-611] - WriteResult::isAcknowledged() should use mongoc_write_concern_is_acknowledged() * [PHPC-618] - Implement SDAM Monitoring spec * [PHPC-629] - Upgrade libbson and libmongoc to 1.4.0 * [PHPC-630] - Update bson_visitor_t for unsupported type function pointer * [PHPC-653] - Document WriteResult, WriteConcernError, and WriteError classes * [PHPC-659] - Update bson_visitor_t for decimal 128 type function pointer * [PHPC-662] - Use mongoc_bulk_operation_get_hint() * [PHPC-663] - Use mongoc_bulk_operation_get_write_concern() * [PHPC-664] - Use mongoc_write_concern_get_w() * [PHPC-665] - Remove private libmongoc and libbson header includes * [PHPC-680] - BulkWrite::count() should return number of operations instead of estimated round-trips * [PHPC-682] - Do not use mongoc_bulk_operation_t private API in BulkWrite debug handler * [PHPC-687] - Consolidate struct definitions for PHP 5 and 7 * [PHPC-688] - Do not use mongoc_cursor_t private API in Cursor debug handler * [PHPC-689] - Query and command execution should use mongoc_cursor_set_hint() * [PHPC-703] - Update configure scripts for upstream SSL changes * [PHPC-704] - Do not set "mongodb.debug" based on Manager's $driverOptions["debug"] * [PHPC-708] - Port http://php.net/manual/en/mongo.security.php to the new docs/driver * [PHPC-718] - Define extension dependencies * [PHPC-751] - Document MongoDBBSONDecimal128 * [PHPC-758] - Disable Decimal128 for bundled libbson and libmongoc 1.4.0 * [PHPC-761] - Remove BSON_NAMESPACE constant * [PHPC-769] - Javascript serialization, export, and dump should always include scope field * [PHPC-777] - Document MongoDBDriverReadConcern::LINEARIZABLE * [PHPC-779] - Switch serialization from O type to C type * [PHPC-780] - Document persistent connection behavior * [PHPC-783] - Use mongoc_collection_find_with_opts() for Query execution * [PHPC-789] - Remove __wakeup from BSON/* classes * [PHPC-791] - Upgrade libbson and libmongoc to 1.5.0 * [PHPC-796] - Use flexible opts for BulkWrite update and delete * [PHPC-799] - Create notice for all third party libraries * [PHPC-805] - Query "partial" option is now "allowPartialResults" * [PHPC-806] - Document Query options for mongoc_collection_find_with_opts() * [PHPC-807] - Document "collation" option for Query and BulkWrite update/delete * [PHPC-824] - SDAM spec update : Update the topology from each handshake * [PHPC-826] - Document that socket paths must be URL-encoded * [PHPC-827] - Update Max Staleness implementation * [PHPC-829] - BSON Regex flags must be alphabetically ordered



PHPStan: Find Bugs In Your Code Without Writing Tests!
Dec 05, 2016 @ 13:25:38

In this post on Medium.com Ond?ej Mirtes introduces a tool that can be use to statically analyze your PHP application and locate bugs without the need for tests - PHPStan.

Keeping up with modern PHP practices leads to codebases where we can be sure about types of a lot of data, converging with statically typed languages, although the dynamic nature is still present. Modern PHP codebases are similar to the ones in languages people make much less fun of. Object-oriented code, dependency injection and usage of established design patterns are truly common nowadays.

Which led me to the idea of a static analysis tool for PHP that would substitute the role of the compiler from other languages. I’ve spent a lot of time working on it and I’ve been employing its various development versions checking our codebase for more than a year.

It’s called PHPStan, it’s open-source and free to use.

The post goes on to talk about some of the checks that PHPStan performs (with more information available in the project's README). He also talks about the performance of the tool, how to extend it and configuring it for "strictness". He ends the post by pointing out that, despite the title of the article, he still encourages writing tests, just making sure they're "meaningful ones" that test more than just syntax.

tagged: phpstan static analysis tool tests evaluation

Link: https://medium.com/@ondrejmirtes/phpstan-2939cd0ad0e3#.23491arlh

SitePoint PHP Blog:
Sending PHP Event Messages to Remote Logstash on Windows
Dec 05, 2016 @ 12:20:09

The SitePoint PHP blog has a recently posted tutorial showing you how to send event messages from PHP to a remote Logstash server running your PHP on a system with Windows installed. Logstash's goal is to centralize the logging in your environment, allowing you to input log information from a wide range of sources and stored in an Elasticsearch database.

By opening this article you’ve endeavored yourself to expanding your knowledge of PHP applications as part of event-based distributed systems. You’ll be given a quick intro into what we are referring to when we say event messages, what Logstash is, and why it is so cool.

If you’ve already heard of Beats or understand you can run Logstash locally to ship logs to another Logstash instance or directly to a datastore such as Elasticsearch, this article is still for you and will show you an easy-to-configure-and-run, hopefully more effective and certainly fun-to-use alternative.

They start with the quick introduction to Logstash and how the event handling they'll add in later will relay messages over to the waiting server. A code example is included showing how to manually write to rsyslog, pointing out that it and Logstash use a similar protocol to receive messages. The tutorial then shows how to view the messages in the log to ensure they're making it correctly and how to use this agent to stream messages over to the waiting server.

tagged: sitepoint event messages remote logstash windows agent tutorial

Link: https://www.sitepoint.com/sending-php-event-messages-to-remote-logstash-on-windows/

Symfony Finland:
Symfony Flex set to enable RAD (Rapid Application Development)
Dec 05, 2016 @ 11:58:37

On the Symfony Finland site there's a post that gets into the details of one of the new advancements in the Symfony ecosystem recently announced by Fabien Potencier at SymfonyCon Berlin 2016 - Symfony Flex.

The Symfony team has acknowledged this gap in their offering. And at SymfonyCon Berlin 2016 project lead Fabien Potencier announced what is known as Symfony Flex. Details are not precise, as I was not attending conference, but the tag line for Symfony Flex is: "Composition over Inheritance"

In essence it seems that Flex will allow for zero-config installation of Bundles. This is done using a Composer plugin. You will simply install packages with Composer and if the Bundle supports it, Composer will also author the necessary integration code and configuration.

As with any new thing, Flex support will start out pretty limited but as it grows in support the community should help it thrive in the Symfony ecosystem. The first release of the tooling for Flex will be available in early 2017.

tagged: symfony flex composer package bundle composition installation

Link: https://www.symfony.fi/entry/symfony-flex-to-enable-rad-rapid-application-development

Ben Ramsey:
Building PHP Projects on AWS CodeBuild
Dec 05, 2016 @ 10:54:48

Ben Ramsey has a post to his site sharing the process he's worked up to deploy PHP applications on AWS Codebuild, a new service from Amazon Web Services that fills the niche for an easy to spin up and use build server.

The main highlight of re:Invent is always the keynotes and the new services and features announcements they make during the keynotes. One of the new services caught my attention, and I decided to give it a try. That service is AWS CodeBuild.

CodeBuild is designed to be used as part of the AWS CodePipeline, but it may also be used by itself. [...] Out of the box, CodeBuild provides some managed images that you may use to build your projects. These include environments for Android, Java, Python, Ruby, Golang, and Node.js. PHP is missing from this list, but since you’re able to use other images, I decided to see how easy it is to get up and running on CodeBuild with a PHP project. I chose to try out my ramsey/uuid library for a simple test.

He walks you through the creation of a new CodeBuild instance (complete with screenshots of the UI) and how to configure your project, explaining each of the settings as he goes. He includes the full build command he's using for the library running tests, a lint check and codesniffer checks for formatting. He shows how to get the project to build and what the UI will show when the build is successful (all green).

tagged: project aws codebuild pipeline library tutorial setup build server amazon

Link: https://benramsey.com/blog/2016/12/aws-codebuild-php/

Laravel News:
Changes coming to the Laravel release cycle
Dec 05, 2016 @ 09:20:35

On the Laravel News site there's an announcement posted about a change in the Laravel release schedule, an update from the original 2013 announcement.

Yesterday, Taylor announced on Twitter that this is going to be changing to a January and July cycle, pushing each release out a month from its current schedule.

This has two primary advantages for the development team and the first is it allows more time for testing after Symfony’s release. The second advantage is it’ll better coincide with Laracon, the yearly Laravel conference.

This means a bit of a delay on the release of the next major version of the framework (v5.4) but only by one month. The six month cycle will then resume after that slight delay. You can find out more about the remainder of the release cycle in the original post based on Taylor's comments at Laracon 2013.

tagged: laravel release cycle update taylorotwell delay symfony laracon

Link: https://laravel-news.com/release-cycle-changes