Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Liip Blog:
A quick look on the current state of Drupal 8 (ecosystem)
Jul 08, 2016 @ 10:26:31

In a new post to the Liip blog Lennart Jegge shares a "quick look" at the current state of the Drupal 8 project and some of the issues some people are having making the transition.

Eight months ago Drupal 8.0.0 was released. Exciting news for drupalists. Since then comparing D8’s features to its predecessor is a topic in daily business. "Can drupal 8 do what we can do now with 7 today?". After playing around with D8 i get the feeling some crucial features are missing.

He shares some of the features he sees as still missing (a Top 10 wishlist) and how it seems difficult to get a good overview of the Drupal 8 ecosystem. Some modules have yet to be updated and rewrites can be difficult given the major "under the covers" changes to Drupal itself.

In the end the importance of a variety of mature modules that play together nicely is crucial when it comes to efficiency, maintainability and stability of a project
tagged: drupal8 ecosystem overview opinion features upgrade issues

Link: https://blog.liip.ch/archive/2016/07/07/quick-look-current-state-drupal-8-ecosystem.html

Zend Framework Blog:
Issues, Tags, and Closures (oh my)
Apr 14, 2016 @ 10:37:52

On the Zend Framework blog there's an update from Gary Hockin about some GitHub project-level changes that will be happening soon. He'll be doing some housekeeping on the current list of open issues in the main zf2 repository.

I want to make you aware of some upcoming changes to the issues that are currently logged in GitHub. We currently have 426 open issues that are logged against the (now) meta zf2 repository. The vast majority of these are now in the wrong place, as we've split our once monolithic single repository into the many single component repositories. These issues should be moved from the zf2 repository to the correct component that the issue relates to.

He's closed some issues in preparation and tagged others with a "To Be Closed" tag for later handling. By early May all issues tagged "To Be Closed" will be finished out and/or moved to the correct locations. This will leave the project with around 100 issues to manage and to move to the right locations.

tagged: zendframework2 github repository issues closing tagged

Link: http://framework.zend.com/blog/2016-04-11-issue-closures.html

Community News:
Laravel Internals Discussion Moves to Github
Mar 15, 2016 @ 10:18:47

The Laravel project has traditionally held discussions about the internals of the framework in an IRC channel on the Freenode.net network. The decision was made recently, however, to move the development over to GitHub (most likely to make it more accessible).

There's already several issues that have been posted on the Issues list in the GitHub repository including things around:

  • improving typecasting
  • decoupling Carbon (the date handling library)
  • a fluent interface for validation
  • enhancing the localization functionality

You can give feedback or start your own discussions by adding an issue to the list or just sharing your thoughts on current topics.

tagged: laravel community issues list internals github irc channel

Link: https://github.com/laravel/internals/issues

PEAR Blog:
PEAR server fully restored
Dec 15, 2015 @ 10:33:14

As is mentioned in this post to the PEAR blog the server hosting the packages and website has been fully restored as of December 11th and should be 100% functional again.

Our server sponsor eUKhost quickly provided us with a new machine after we told them the old had failed, and the last two weeks were spent setting it up to provide the same functionality as before.

This includes not only the pear.php.net site but also the bug tracker, manual and downloads handling. They share a bit about why it took so long to correct (mostly having to do with technological difficulties with the server provided by the host). While backups did exist, they were only for the packages themselves and XML file structure. Unfortunately this did not include the website and blog database or patch files in the bug tracker. The remainder of the post lists several other smaller things that went wrong in the process, all adding up to plenty of difficulties for Christian as he battled to get the server (and services) back up and running.

tagged: pear server issues restored postmortem details

Link: http://blog.pear.php.net/2015/12/11/server-fully-restored/

Paragon Blog:
Building Secure Web Applications in PHP
Sep 21, 2015 @ 16:15:56

The Paragon Initiative has posted an article to their blog talking about how to build secure applications in PHP. Rather than try to get into the specifics of specific vulnerabilities, they stay relatively high level and stick with concepts to keep in mind and steps you can follow to ensure your development practices are secure.

Whether you're planning the development of a brand new application or trying to prevent legacy code from causing a costly data breach, if you're going to be writing PHP, where should you begin? That is the question we will attempt to answer, in detail.

The article starts with an "easy way out" for those that don't feel like they know enough or just don't have the resources they need: hire consultants. With that out of the way, the article mentions two root causes for insecure apps: lack of knowledge about security and bad development habits. They then get into some suggestions about how you can learn to understand and prevent vulnerabilities in your own applications. They focus in on a few key places for PHP developers to pay attention to, complete with some charts showing the parts of the flow. The post ends with some advice on what do to if your site is compromised anyway and how to move forward.

tagged: secure application advice common issues developer

Link: https://paragonie.com/blog/2015/09/building-secure-web-applications-in-php

Evert Pot:
PSR-7 is imminent, and here's my issues with it.
Mar 04, 2015 @ 09:26:37

Evert Pot has written up a new post today with some of his thoughts about what's wrong with the PSR-7 proposal in the PHP-FIG. PSR-7 relates to a standardized interface for HTTP request and response handling.

PSR-7 is pretty close to completion. PSR-7 is a new 'PHP standard recommendation', put out by the PHP-FIG group, of which I'm a member of. [...] PSR-7 gets a lot of things right, and is very close to nailing the abstract data model behind HTTP, better than many other implementations in many programming languages.

But it's not perfect. I've been pretty vocal about a few issues I have with the approach. Most of this has fallen on deaf ears. I accept that I might be a minority in feeling these are problems, but I feel compelled to share my issues here anyway. Perhaps as a last attempt to sollicit change, or maybe just to get it off my chest.

He breaks up his thoughts into a few different categories, each with a summary and sometimes some code to help make his point a bit more clear. He talks about immutability, how objects will be immutable and shows an example of change in how Silex would have to function to follow the standard (with before/after). He then goes on to talk about the "issue with streams" and how the current proposal could allow for changing of the incoming request into a new one with new headers...not immutable. He ends the post talking about PSR-7's stance on buffering responses and how, even if his project doesn't adopt the PSR in the strictest sense, they may still take some inspiration from it.

tagged: psr7 issues opinion phpfig http standard request response

Link: http://evertpot.com/psr-7-issues/

Symfony Blog:
The Symfony 500 + 100 Challenge
Dec 12, 2014 @ 12:48:08

The Symfony blog pas posted something they're calling the Symfony 500 + 100 Challenge, an effort to kickstart some backlog cleanup of the number of issues currently in the project's backlog.

The end of the year is approaching, and we think that this is the best time to do some backlog cleaning before fresh starting the new year. Right now there are 728 pending issues in symfony/symfony repository and 177 issues in symfony/symfony-docs.

Some of those issues were reported a long time ago and they probably refer to Symfony versions that are no longer maintained. Others would have been fixed but not closed and there could also be some duplicates. That's why we ask your help to review all the pending issues in order to close irrelevant issues and achieve much more manageable levels: 500 issues or less for symfony/symfony and 100 issues or less for symfony/symfony-docs.

If you're interested in helping out, they've included a few steps to get you started locating and claiming an issue for you to work on. They also make suggestions on how to report back issues found on bugs, feature requests and general discussion items.

tagged: symfony challenge 500+100 issues bugfix featurerequest discussion

Link: http://symfony.com/blog/the-symfony-500-100-challenge

HHVM Blog:
HHVM 3.1.0
May 30, 2014 @ 11:56:54

On the HHVM blog today they've announce the release of the latest version of the popular project, version 3.1.0. This version fixes a few issues (including a segfault) and crossed into their semi-annual "lockdown" to work directly on the project.

If you remember last time we focused on framework unit tests, performance, and growing beards. This time, our frameworks were in good shape thanks to Fred and our Open Academy students, but our github story was not as pretty. At the start of lockdown we had 60 pull requests and nearly 450 issues. So our focus this time was github health and of course as always, perf.

In the end they closed out 251GitHub issues and made things 16% more efficient in the process. They list out some of the updates in this release including:

You can grab this latest release from the pre-build packages page on the GitHub project account.

tagged: hiphop vm hhvm release version github issues

Link: http://hhvm.com/blog/5195/hhvm-3-1-0

HipHop VM Blog:
Compatibility Update
Apr 22, 2014 @ 09:16:38

The HipHop VM blog has a new post today with some updates around the compatibility work they're doing getting popular PHP projects to work 100% on the platform (and have all unit tests pass).

Earlier this year we set an ambitious goal of passing the PHPUnit test suites of 20 popular frameworks by the end of June; at the time, we were passing on only 6! With a huge amount of help from the community (especially our OpenAcademy students), we’re proud to have hit this goal more than 2 months early, and we have more frameworks expected to reach 100% shortly.

Included in their list of projects/frameworks are things like Assetic, Composer, Doctrine2, Guzzle (v3), Laravel, Mockery and Monolog. Now that they've made significant strides to get the HHVM up to a greater level of compatibility, they're going to focus in on the issues list from GitHub to resolve problems there.

tagged: compatibility update framework project unittest bugs issues

Link: http://hhvm.com/blog/4841/compatibility-update

Manuel Stosic:
Understanding Zend Framework 3...before it's out!
Oct 31, 2013 @ 09:22:33

Manuel Stosic has a new post today talking about the upcoming Zend Framework v3 (not "coming soon", but coming) and three places you can follow to keep up on the latest in this version as it develops.

ZF3 is not close around the corner. It's still many, many months ahead. But there are reasons why you should bother and get information about ZF3 as soon as possible. If you understand why changes are introduced - and most of them are explained, some will be explained at a later point i guess - then you can spot errors in todays code already! You can improve your current code by knowing what's going to be "in" a couple of months away.

The three resources he points to are the Google Moderator group for ideas around the framework, issues on the Github repository tagged for ZF3 and a series of planned Google Hangouts where core developers will talk about the work on this new version and answer questions from those watching.

tagged: zendframework3 google moderator github issues hangouts

Link: http://samminds.com/2013/10/understanding-zend-framework-3-before-its-out/