This communiqué originally appeared on Symfony Station.
Welcome to this week's Symfony Station communiqué. It's your review of the essential news in the Symfony and PHP development communities focusing on protecting democracy.
There's good content in all of our categories, so please take your time and enjoy the items most relevant and valuable to you.
This is why we publish on Fridays. So you can savor it over your weekend.
Or jump straight to your favorite section via our website.
Once again, thanks go out to Javier Eguiluz and the team at Symfony for sharing our communiqué in their Week of Symfony.
My opinions will be in bold. And will often involve cursing. Because humans. Especially tech bros.
Symfony
As always, we will start with the official news from Symfony.
This week, the upcoming Symfony 7.3 version entered its feature freeze period to tweak and polish its new features before releasing it at the end of May 2025. In addition, we celebrated the SymfonyLive Berlin 2025 conference and announced a new Symfony meetup in Tunis.
March 31 – April 6, 2025 A Week of Symfony #953
They also have:
SymfonyOnline June 2025: What's New in Symfony 7.3
SensiLabs has:
SymfonyLive Paris 2025 : conférences, fun et immersion!
Featured Item
Lead Dev writes:
Under pressure to embrace AI, developers are growing frustrated by misguided mandates and are left to clean up any collateral damage inflicted on their codebase.
AI coding mandates are driving developers to the brink
This Week
Les Tilleuls Coop shares:
Le SymfonyLive Paris 2025 comme si vous y étiez - Jour 2
DarkCypher explores:
Symfony/Validator pour les règles fonctionnelles
Tomas Votruba examines:
Upgrading Sensio Security Annotation: The Full Story
Jérémy DeCool shares:
Structurez votre code explicitement avec la "Screaming Architecture"
How To
Tihomir Manushev has:
Fixing OWASP API 5: 2023 — Broken Function Level Authorization in Symfony 7
Fixing OWASP API 6: 2023 — Unrestricted Access to Sensitive Business Flows in Symfony 7
LaurentMN has:
Stop Fighting File Uploads: VichUploader Is The Advanced Symfony File Magic Answer
Forget Messy Monoliths — Here’s How To Split Your Symfony 7 Project Into Clean, Functional Bundles.
Bhavin Nakrani shows us:
How to Schedule Cron Jobs in Symfony Like a Pro
Pentest shares:
Prevent Cross-Site Scripting (XSS) in Symfony: A Comprehensive Guide
Platforms
Laminas asks:
Mezzio101: What Defines a Middleware Architecture?
eCommerce
PrestaShop has:
PrestaShop Core Monthly - March 2025
Shopware has:
Shopware Apps vs. Plugins – Real-Life Example with Code
CMSs
Sulu has:
Concrete CMS has:
Concrete CMS April 2025 Monthly Roundup
TYPO3 has:
Members Have Selected Four Ideas to be Funded in Quarter 2/2025
Faktor E looks at:
Joomla has:
Upcoming security release on April 8th
Ezone shows us:
How to Submit to Joomla Extension Directory Effectively
In Grav CMS news, Jeremy Gonyea is:
Building an Off-Ramp from WordPress with DDEV
I love Grav CMS.
Drupal has:
Announcing the Drupal CMS desktop application
Unfortunately, the Project Browser doesn’t work for me.
Matt Glaman notes:
Drupal is delivering innovation beyond major versions
Gabor Hojtsy says:
Drupal now has three Composer UIs!
Acquia blog is:
Discovering Drupal: A Journey into an Exceptional CMS
Drupal Easy shares:
DrupalCon Atlanta 2025 sessions not to be missed - according to me (ultimike)
My list from last week is a little more focused.
Sergiu Nagailic has the best review so far of:
CKeditor also has one:
DrupalCon Atlanta Wrap Up: Building an (Even Better) Drupal
Zoocha does as well:
DrupalCon Atlanta: Drupal Community & Roadmap Highlights
Drunomics explores:
Lupus Decoupled Drupal: Drupals Backend-Stärke mit Frontend-Freiheit verbinden
Jakob Rockowitz shares:
My Drupal, AI, and Schema.org Manifesto
Balint Pekker shares an:
Amazee opines on:
Why Drupal is Still One of the Best CMS Choices
The DropTimes reports:
Building Drupal Europe: Local Communities, Global Vision
UI Suite Is Announcing a New Display Builder: Pierre Dureau Interview
Metadrop compares:
Please just say no to failwind and bootcrap. In modern Drupal this is what SDCs are for along with the upcoming Experience Builder and well-designed themes.
Ryan Szrama stresses:
The Moral Imperative to Compensate Free Software Authors
Previous
JoliCode shows us:
Comment migrer du type array vers JSON avec Doctrine
Maico Orazio examines:
Il componente Workflow di Symfony: semplificare i flussi di lavoro complessi
PHP
This Week
Jarosław Szutkowski looks at:
Mocking API Requests in Unit Tests
Terence Eden shares:
An opinionated HTML Serializer for PHP 8.4
YuvaSec explores:
One SQL Query That Could Destroy Your Entire Database (And How Hackers Use It)
David Duymelinck says:
PHP: Stop using the identical comparison operator everywhere
Thierry Feuzeuj examines:
Parallel batch processing with Temporal
Mehmet Turgay Akalin looks at:
Bridging PHP and HTMX: A Technical Review of htmxphp
Hmm.
Patoliya Infotech explores:
Leveraging PHP Streams for Efficient File and Network Handling
The PHP Foundation has its:
PHP Core Security Audit Results
Morteza Poussane says:
It’s Time to Rethink PHP Package Management: Meet phpkg
JoliCode shares:
À la découverte de PIE, l’alternative moderne à PECL pour les extensions PHP
More Programming
Declan Chidlow states:
Open Project shows us:
How to create, configure and manage your projects with OpenProject
Bleeping Computer reports:
Malicious VSCode extensions infect Windows with cryptominers
TechCrunch reports:
AI models still struggle to debug software, Microsoft study shows
The Register reports:
Return of Redis creator bears fruit with vector set data type
Mozilla has:
Default styles for h1 elements are changing
Fighting for Democracy
Here we feature several items from each section of Battalion's weekly "Defending Democracy" report.
Get all the news from the front of democracy's battle against autocracy via its latest "Defending Democracy" post. And please follow Battalion via RSS or on the Fediverse at [email protected]. Or even Bluesky if that floats your boat.
Please visit Symfony Stations Support Ukraine page to learn how you can help kick Russia out of Ukraine (eventually, like ending apartheid in South Africa).
The cyber response to Russia’s War Crimes and other douchebaggery
Tech Policy reports:
Understanding the EU's Digital Services Act Enforcement Against X
Hamish Campbell examines:
The rise of fascism and the openweb response
This approach is a very large part of techno-anarchism.
The Evil Empire Strikes Back
Mother Jones reports:
The Shocking Far-Right Agenda Behind the Facial Recognition Tech Used by ICE and the FBI
Bit Defender reports:
Russian bots hard at work spreading political unrest on Romania's internet
Cybersecurity/Privacy
The Register reports:
That massive GitHub supply chain attack? It all started with a stolen SpotBugs token
If you are using Microsoft software, you almost deserve this.
Clubic reports:
Surveillance, fin du chiffrement : Proton pourrait quitter la Suisse
Fediverse
The Fediverse Report has:
IFTAS is:
Staying the Course: Our Continuing Mission
If you care about the Fediverse, please join me and make a financial contribution to IFTAS.
Other Slightly Federated Social Media
The Fediverse Report has:
TechCrunch reports:
Bluesky’s latest update adds chat reactions and an Explore page, similar to X
CTAs (aka show us some free love)
- That’s it for this week. Please share this communiqué.
- Also, please join our newsletter list for The Payload. Joining gets you each week's communiqué in your inbox (a day early).
- Follow us on Flipboardor at @[email protected] on Mastodon for daily coverage.
Do you own or work for an organization that would be interested in our promotion opportunities? Or supporting our journalistic efforts? If so, please get in touch with us.
More importantly, if you are a Ukrainian company with coding-related products, we can offer free promotion on our Support Ukraine page. Or, if you know of one, get in touch.
You can find a vast array of curated evergreen content on our communiqués page.
Author
Reuben Walker
Founder
Symfony Station
Top comments (0)