PHP Annotated – February 2023

Greetings everyone!

Welcome to the January installment of PHP Annotated, where we’ll catch up on the most exciting things that have happened in the PHP world over the last month, including curated news, articles, tools, and videos.

News

PHP 8.0.28, PHP 8.1.16, and PHP 8.2.3 have been released.

❗️These are security updates with fixes for CVE-2023-0568, CVE-2023-0567, and CVE-2023-0662.

For the time being, if you’re still using PHP 7.4, Remi’s Repository has updates with backported security fixes. Keep in mind, however, that this repository is a best-effort project that depends on how much spare time Remi can give it. This means there are no guarantees about future updates, as it is only meant to give users more time to migrate.

Laravel v10 has been released.

Here are a few resources to help you learn more about this update:

Laracasts: What’s New in Laravel 10 by Jeffrey Way.

Laravel 10: the mindful upgrade guide by Benjamin Crozat.

The new Process facade in Laravel 10 by Marcel Pociot.

laravel/pennant by the Laravel team. This new package arrived with Laravel 10 and provides feature flags for your applications.

One of the major changes announced by the team was the addition of type declarations across the entire Laravel packages set.
This led to issues for users in controller stubs. And after some time, the Laravel team decided to remove type declarations from them altogether.

All the drama about the Controller return types??? pic.twitter.com/ObyJr26rMp

— Martin Joo (@mmartin_joo) February 20, 2023

Decided to just remove return types on controller stubs ?

Add them in if you want them. ✅ https://t.co/9K8KLowcBY

— Taylor Otwell ? (@taylorotwell) February 19, 2023

PHPUnit 10 is out.
After 2 years of development, Sebastian Bergmann and the PHPUnit team announced this major release.

This release is to PHPUnit what PHP 7 was to PHP: a massive cleanup, refactoring, and modernization that lays the groundwork for future development.

It brings attributes, static data providers, less error notice magic, and a simpler event system.

Check out this interview with the author of PHPUnit, published on the Release Radar channel: PHP Release Radar – Episode 14: PHPUnit 10.0.

One of the internal changes in this release is the new event system, which affects PHPUnit extension developers. Learn more in this Extending PHPUnit with its new event system post by Andreas Möller.

A big release for the PER coding style is coming.

The aim of the PER coding style is to make code easier to read and put an end to most questions like “should I add space here?” or “should this statement be on a separate line?”, allowing you to spend time on the things that really matter.PER is a rolling document, which means that instead of creating multiple PSRs, the team is going to tag multiple versions.

Version 1.0.0 was a copy of PSR-12. In the next version, the focus will be on updating the specification to include the latest PHP features and fixing any problems.

You can leave your feedback on the GitHub Issues tab at https://github.com/php-fig/per-coding-style.

PHP Core

Most of the Core news is covered in detail in the PHP Core Roundup series from the PHP Foundation, so we’ll only mention it briefly:

RFC: Asymmetric Visibility
Ilija Tovilo and Larry Garfield have received the feedback they needed and will probably present a revised version of this RFC, but for now they will focus on the proposal to add hooks and accessors for properties.

RFC: Readonly amendments #PHP 8.3
class Foo { public function __construct(
public readonly DateTime $bar,
) {}

public function __clone()
{
$this->bar = clone $this->bar; // This produces a Fatal error in PHP <8.2
// and will work in PHP 8.3+
}
}

$foo = new Foo(new DateTime());
$foo2 = clone $foo;

? RFC: Path to Saner Increment/Decrement operators #PHP 8.3
George Peter Banyard proposes to make the behavior of the ++` and `– operators consistent.

? RFC: Pass Scope to Magic Accessors #PHP 8.3
Nicolas Grekas and Ilija Tovilo propose to pass the calling scope to magic accessors as a way to make getting it trivial.

In the discussion, community members suggested adding a separate function that returns the scope correctly, so RFC authors might pivot to that idea.

? RFC: Typed class constants #PHP 8.3
Benas Seliuginas and Máté Kocsis propose to allow type declarations on contents in classes and interfaces.

Here is some example code to demonstrate the problem and how typed constants will help:

interface I { const TEST = „Test“; // We may naively assume that I::TEST is a string.
}

class Foo implements I {
const TEST = []; // But it may be an array…
}

class Bar extends Foo {
const TEST = null; // Or null
}

? RFC: Working With Substrings #PHP 8.3
Thomas Hruska has implemented quite a few quality-of-life improvement functions for PHP, and this is the first RFC to bring some of them into the core to optimize the handling of substrings.

PhpStorm

PhpStorm 2023.1 Early Access Program Is Open
You can already try new features from the upcoming major release, such as:

Possibility to run PHP scripts on 3v4l.org.
Performance improvements, including shared indexes for popular PHP packages.
Many improvements to the new UI.
Custom Regexp-based search and replace inspections.

Command Line Launcher – A PhpStorm plugin that helps you run and manage terminal commands. You can use it to launch servers, Docker, or even run commands on a remote server.

Tools

crwlrsoft/crawler 1.0 – A library for Rapid (Web) Crawler and Scraper Development.
Check out these 10 good Reasons to use the crwlr Library.

olvlvl/composer-attribute-collector – A convenient and near zero-cost way to retrieve the targets of PHP 8 attributes.

brick/json-mapper – This maps JSON data to strongly typed PHP DTOs.
As suggested on the /r/php subreddit, there are quite a few mature alternatives:

boxblinkracer/phpunuhi – PHPUnuhi is an easy composable framework for validating and managing translations.

markrogoyski/itertools-php – This package provides a huge set of functions for working with iterable collections. Its main difference from other collection libraries, like Laravel or Doctrine collections, is that it does not transform iterables into arrays, which means it should be much more memory efficient when working with generators, for example.

Crell/mastobot – A simple personal scheduling bot for Mastodon accounts.
For more details, read the Mastobot: For your Fediverse PHP posting needs blog post by Larry Garfield.

paratestphp/paratest – Version 7.0 of this parallel testing support for PHPUnit has been released.

TheDragonCode/benchmark – A simple tool for comparing the time it takes to execute two different code blocks.

parsica-php/parsica – A parser builder with unusual syntax: $parser = between(char(‚{‚), char(‚}‘), atLeastOne(alphaChar()));

Sammyjo20/Saloon 2.0 – The idea of this package is to simplify the creation of SDKs for services or organize access to different APIs in a single style.

yiisoft/validator – A powerful validator package from the Yii framework that can also be used independently.

Symfony

How TaggedLocator Can Help You Design Better Symfony Application by Gregoire Pineau.

Optimizing OneToMany Doctrine collections by Yan Ivanov.

API Platform 3.1 is out! – Built on top of Symfony, this mature framework allows you to create REST and GraphQL APIs and much more.

Laravel

Fix your Laravel exceptions with AI by Marcel Pociot.

Using Laravel Sanctum to create dynamic abilities by Freek Van der Herten.

You might not need a repository in Laravel: 3 alternatives by Mazen Touati.

Request-Level Validation by Tighten.

How to Improve Your Laravel Application’s Security Using a CSP by Ashley Allen.

Testing JSON:API Endpoints with PestPHP by Steve (King) McDougall.

Managing Routes in a large Laravel application by Steve (King) McDougall.

Other Frameworks

Yii news 2023, issue 1 by Wilmer Arambula.
Spiral/framework v3.6.0 – You might already know about RoadRunner, but the team behind it also develops this impressive framework.

In the latest release, they made a unique feature for PHP frameworks – isolated memory scopes in a container with support for fibers. This will help limit memory leaks in the long-running (daemon) PHP applications.

Another interesting idea in the framework is the use of CLI commands to make PHP attributes.

Misc

How to extend lifetime of legacy PHP applications by Ayesh Karunaratne (PHP.Watch).

Hakana: Taking Hack Seriously by Matt Brown from Slack, and author of Psalm.

Matt announced a new static analyzer for Hack called Hakana. It is based on Psalm and written in Rust.

Hakana is a lot faster than Psalm, but it is not compatible with PHP. Although Matt notes, that making it compatible should be possible:

Though it wouldn’t be easy, companies with extremely large PHP codebases might consider forking Hakana and altering it to analyze PHP code.

Good Bye, Monorepo by Tomas Votruba.

Documenting the system under test in PHPUnit by Andreas Möller.

PHP Development Server <= 7.4.21 – Remote Source Disclosure – A vulnerability analysis.

PHP wishlist:

The pipe operator by Seb De Deyne .
4 things I’d like to see in a future version of PHP by Ryan Chandler.
And if you want more, here is one from Brent: What I would change about PHP.

PHPLift – Compatibility Guide

Announcing a project I’ve been working on for some time now: PHPLift.

It’s a guide to help you with upgrading the PHP version of your apps. This is a work in progress, so I’ll be adding more content regularly. I hope this helps someone. Happy upgrading!https://t.co/TLJDvW6Jyh

— ?? Anna Filina @[email protected] (@afilina) February 6, 2023

Wow! You can strongly type local variables in #PHP! The variable references a typed property of an anonymous class created underneath.https://t.co/qMP0TkQrOT

There’s even a Composer package with declarations of all primitive types.https://t.co/EOv8FFtGeH

— Sergii Shymko (@SergiiShymko) February 8, 2023

Video

In case you missed it, Brent and Roman are now doing a video version of PHP Annotated. Check out the latest installment and be sure to subscribe to the PHP Annotated YouTube channel.

? Using PHP and AI to build a Markdown to Video convertor.

Community


PHP city by Proxify.io.

The PHP community is unbeatable

— Code With Dary (@codewithdary) January 31, 2023

Conferences

In-person events are in full swing. Check out these upcoming big PHP gigs worth visiting and applying to present at:

Php[tek] – Chicago (US), May 16-18, 2023.

phpday 2023 – Verona (Italy), May 18-19, 2023.

International PHP Conference – Berlin (Germany), May 22-26, 2023.

And if you are wondering when the next PHP meetup is, Tomas Votruba has got you covered with his lovely friendsofphp.org meetup aggregator. There is also a calendar on php.net – Events: March 2023.

If you have any interesting or useful links to share via PHP Annotated, please leave a comment on this post or send me a tweet.

Subscribe
to PHP Annotated

Roman Pronskiy

Product marketing manager for @PhpStorm, had a hand in creation of @The PHP Foundation.

Twitter | GitHub

The PhpStorm Blog : The Lightning-Smart IDE for PHP Programming | The JetBrains Blog

Read More

Latest News

PHP-Releases

PHP 8.3.15 released!

PHP 8.2.27 released!

PHP 8.1.31 released!

Generated by Feedzy