SymfonyWorld Online 2020
December 3 – 4, 2020
Watch the talks in video
Pre-keynote: Contributing to Symfony
Keynote: Bridging Communities via Symfony UX
Decoupling an application with Symfony Messenger
Quick response times are crucial. Time consuming tasks triggered in web requests should be executed asynchronously, if at all possible. In this talk I will give a short overview of what message queues are and then show a case study how we split up an application into smaller services and how we use message queues to coordinate the services.
PHP + Minecraft
Minecraft is extremely popular, but what happens when we combine it with PHP & Symfony? This talk is an adventure in using PHP for things outside of your comfort zone.
At the start, it seems that these do not work together at all. By reading files we can get information about what happens in Minecraft, from logs to the complete world. However, it gets truly interesting when we can change things in the world with PHP. This opens a lot of possibilities we will explore in this talk.
This talk requires no knowledge of Minecraft.
Symfony meets Cypress - E2E testing for symfony developers
When it comes to UI testing, some developers tend to be reluctant a lot. Are those tests slow, flaky, hard to write and maintain?
In my session, I want to introduce Cypress to you and explore its possibilities by writing first tests for the SymfonyCon website - so that we can overcome those concerns together.
The Serializer is an essential tool when building APIs with Symfony. Knowing it in more detail can save you a lot of time when you want to customize how your data is handled. In this talk we will look at how the Symfony Serializer works by default by having a deeper look at the provided Normalizers and then we will look at some use cases for customizing both how data is serialized and deserialized.
What's new in API Platform?
API Platform is a popular framework to build API-driven projects. The server component is built on top of Symfony. It enables to create modern, extensible and secure web APIs very easily: design the public data model, and that's all, you get a fully-featured API!
But API Platform also provides awesome client-side components (written in JS) working with the server component, and with any other modern REST API! These components include a smart admin builder and client generators supporting React, Vue, React Native, Next, Quasar and Vuetify! Last but not least, API Platform comes with the Docker images and the Kubernetes chart you'll need to deploy in production, in seconds.
Since its introduction during SymfonyLive Paris 2015, API Platform evolved a lot! It is now recognized as the easiest and most powerful set of tools to build and use new web APIs, even outside of the PHP world. During this talk, will discover the new best practices and the unknown gems provided by the framework.
Dependency Injection Demystified
Alexander M. Turek
The DependencyInjection component is the glue that holds our application together. In a modern Symfony application, we rely on auto-wiring, auto-configuration, and auto-discovery to magically generate the correct dependency tree for our application. But how do those automatisms work under the hood? What if they weren’t there?
We'll talk about many topics: default configuration via Symfony Flex • patterns: dependency injection and service location • services provided by bundles • service factories • dependency graphs • compiled containers • compile time vs runtime performance • the Container and ContainerBuilder classes • definitions, references, and aliases • autowiring • public vs. private services • inlining and removal of services • PSR-4 discovery • service tags and tagged iterator • autoconfiguration • compiler passes.
Better Console Applications
Console applications - whether part of a larger (Symfony-)application or standalone-tool - usually are the bash-script of PHP developers. Thereby one often leaves the path of clean code and hacks a very pragmatic solution. Despite the fact that a lot of these fast solutions remain in project and need to be maintained for longer. What to reason about while developing a console application and which simple tricks help to clean up your code, is shown by examples in this talk. How do I decouple my code from CLI runtime, how do I optimize long running processes and so on.
Streaming: an alternative to CRUD & batch processing
If a product or a company grows after its early stage, it’s not rare that there will be multiple systems or “services” communicating to each other. The two most common ways are by using APIs or batch processing.
In this talk, I will show you another way, message streaming. This less known technique has great maintenance and decoupling properties given that you understand its ordering and idempotence requirements, which we will discuss. We will also see how partitioning allows us to scale the streams in separate segments, while maintaining the previous requirements. We will wrap up by a summary of things to watch out for if you take this route after discovering why it might be very beneficial to your project(s).
Elasticsearch with Symfony, from development to production
Search is at the core of many standard application, but building and deploying a full-text search engine is not trivial. One of your options is to implement Elasticsearch and in this talk I will show you the path, from development to production. We will also leverage the new Symfony HttpClient to communicate with the cluster more efficiently!
symfony 0.6 to Symfony 5: What I learned from the framework
I came to symfony (back then in lowercase) before the first stable version. We are now at version 5. Over all those years the framework has evolved massively. In this talk, I'll go through some of the lessons I learned from the evolution of the framework as well as the ecosystem around it, and how we can apply those lessons in our day-to-day work.
Lock & Semaphore: The gatekeepers of your resources
Released with Symfony 3.4, the Lock component allows you to limit concurrent access to shared resources. 3 years later, its little brother, the Semaphore component completes the range of tools at our disposal.
Well beyond the classic flock() or sem_acquire(), these components enable us to cover more complex use-cases such as maintaining a lock on several pages or integrating into a distributed and high availability infrastructure.
In this talk, through business examples, I'll show you how those components work. And we will see the possibilities they offer us as well as their limits.
Keynote: Modern Security with Symfony's Shiny new Security Component
Yes, Symfony's Security component is powerful. But... it's *also* complex. Can we have both? Power and flexibility with readable and expressive code?
We think so. That's why, in Symfony 5.1 & 5.2, the security component was rebuilt and *reimagined*. Complexity was stripped away, logic was centralized and intelligent hook points were added.
The result is a security system that can *do* more with code that you can understand.
In this talk, I'll introduce you to the new security component and show you how to activate and migrate to it (hint: it's simple!). We'll also dive into some of the new possibilities, like streamlined custom authenticators (bye Guard!), centralized "login throttling", magic login links, 2fa and more!
And since no security talk would be complete without API authentication, I'll give you a quick guide to how *you* should implement API auth and how that fits into the new system.
Pre-keynote: News from the Symfony World
Keynote: For the Users - tech, ethics and you
More than ever, tech's impact on the world is being felt in 2020, and the world is pushing back, strongly. Governments want to regulate the Internet (or create whole new ones), even as a handful of companies wield massive power over the network's future.
What role should we play in these discussions -- as technologists, as Open Source contributors, as employees of tech companies, and not least as citizens? Should we just be diligent craftsman who focus on the task at hand, or take a more active, broad role? And who do we write all of this code for, anyway?
Jordi Boggiano , Nils Adermann
Composer has permanently altered the way of PHP development over the last decade. The tool's second major version comes with new features and many improvements to functionality and performance. The most important changes will be highlighted in this talk. We'll show you what you need to know to upgrade your own projects and explain some of the background which lead to version 2.
Internationalize your Symfony application, the right way
Translating an application is a big step while you develop an international project. Translation process of an application can be very tough. It can remain laborious even after the first release.
So, we have a new type of workmate: dear developers, product owners, designers, let me introduce translators with whom we will have to work efficiently!
Together, we will have to make sure that the translations stay up to date on production. How? This is exactly what we will be talking about in this conference. Tools like php-translation bundle, Loco or Transifex will be very useful to your team. We will plug them in Symfony to create an efficient workflow. We will also define responsibilities for developers, translators and designers. Everything to ease the translation process from development environment to production without any pain! At the end of this talk, you will be looking forward to implementing these amazing solutions!
Dropping ACID: Schema design for e-commerce
When designing a schema for e-commerce applications, we have to keep certain things in mind: data retention rules require duplicating large chunks of data, leading to complex schemas in any relational database. Modern database systems can help us solve this problem, but we seldom use their features when designing schemas. In this talk, we will take a look at some strategies on how to design more efficient schemas for certain database systems, and how to effectively drop ACID at work.
The absolute beginner's guide to Domain Driven Design with Symfony
DDD is one of the most effective ways to address business problems, but it can be overwhelming to get started with. Even armed with the theory, beginning the journey is mysterious and finding answers to specific implementation details can be tough and scary.
In this talk we'll demystify the terminology and work out the most important aspects of DDD you'll need to get you going. Then, by exploring and implementing a sample business domain, we'll discover such things as:
- How DDD entities differ from Doctrine entities
- What an aggregate root actually is
- How to organise your code
- How to define a bounded context
- How a domain service differs from an application service
Finally, we'll wire it all together with Symfony 5. So if you've been wanting to get started with DDD for a while but never knew how or where to start then this talk is for you.
Why 0.1 + 0.2 != 0.3, or the mysterious world of floating-point numbers.
Yes, running the above expression in PHP, and in a lot of other languages, will confirm that 0.1 + 0.2 does not equal to 0.3.
But this weird behavior is explainable and even justified.
Floating point numbers can open you up a completely new universe.
Provided of course that they are properly used.
This talk will go through a bit of theory, and a lot of concrete examples.
From the Gulf War to the Quake graphics engine, via the Ariane 5 space rocket, we will see the benefits and the potential dangers of using floating-point numbers.
From these examples, we will extract some lessons we can translate into our day to day development practices.
And finally, the talk will cover when to use floating-point numbers, and when to avoid them, like when managing prices or billing, and what are the alternatives in those cases.
WebAuthn – Technology and integration in a Symfony project
We live in a world where everybody uses passwords every day to sign in to all kind of websites and services.
So it is clear that passwords are a critical point in cyber security. Unfortunately, they are also the biggest weakness in IT systems as they're responsible for 80% of all security breaches.
However, better solutions exist. For example, the FIDO2 project with the standard WebAuthn allows users to connect to websites without a password.
The modern and fast HttpClient
Bruno Henrique De Souza
Due to the growing number of companies using APIs and service-oriented architecture, the need and use of an HTTP client is becoming even more evident. There are many options being offered in the IT market. Symfony decided to provide its own client; one that is different from all the others since its conception.
This talk will give you the details to understand the main differences between this client and the others: why it's faster and more modern, the options it provides, and how its design integrates nicely into existing apps, providing a component that spans from simple needs to unique and advanced features (async, streaming, HTTP/2 push, ServerSentEvents, etc.)
Get Social! Implementing Social Login in your Symfony Project
You build a beautiful application, only to have users drop off at the registration step. It's a challenge many of us have struggled with. Social login can lower the bar for users, and increase conversion in your on-boarding funnel.
Implementing it can be very straightforward, but what happens when you need something more specific for your application? And how do you make sure the entire round-trip is tested properly? We'll discover all the pitfalls and challenges and how to solve them in this talk.
What I learned trying to make Symfony and API Platform way faster
Working on a big symfony project with a quite common stack (API with APIP, lots of doctrine entities and all config in YAML files), we experienced performances issues in both dev and prod mode.
I took my headband lamp (hi blackfire) and dug. I learned A LOT and discovered quite a few issues that results to a lot of pull requests that got merged.
This talk will be a feedback of the process used and the lessons learned. It will be both practical and theoric.
How Math, Science, and Star Trek Explain the Value of Team Diversity
The greatest asset of open source software is the ability to fork and improve. When it comes to tech culture, are we accepting all pull requests? Can we be better?
If so, how? To the science!
This session explores the mathematical algorithms and scientific studies describing the advantage of diverse teams. We’ll dive into existing research and real-world situations that solved complex problems. We’ll also explore a mathematician’s theory that “diversity trumps ability.”
We’ll also explore how Star Trek played a pivotal role in being the allegory for this concept.
Attendees will take away concrete ideas, examples, and processes to, hopefully, increase the output of their team in the long-term.
With Symfony 4.4, your secrets will be well kept!
Since Symfony 4.4 is available a new utility that was created during the hackathon organized with the European Commission on security. It allows you to store your secrets thanks to the libsodium library. How does it work? Is it really safe? For 40 minutes we will immerse ourselves in the algorithms that make libsodium and Symfony's secrets a reliable security solution.
Password Hashing and You
At one point or another, odds are strong that users will need to create an account on our site, and we will likely be asking of them to create a password.
The question then becomes: How should we store the password?
While this is something we typically "let frameworks worry about", it is important to understand what the stakes are, current and emerging threats, as well as current best practices of this field.
Keynote: What's new in PHP 8.0?
PHP 8.0 comes with many long-awaited features: A just-in-time compiler, attributes, union types, and named arguments are just a small part of the list. As a major version, it also includes some backward-incompatible changes, which are centered around stricter error handling and enhanced type safety. Let's have an overview of the important changes in PHP 8.0 and how they might affect you!
Did you miss SymfonyWorld Online 2020?
Join us at an upcoming conference!