Released a #PHPStan extension which reports risky use of PSR3 compilant loggers

PHPStan Extension at https://github.com/staabm/phpstan-psr3

See https://peakd.com/hive-168588/@crell/using-psr-3-placeholders-properly for the background/examples - authored by Larry Garfield (Crell)

https://redd.it/1k50q2j
@r_php

New in Symfony 7.3: Invokable Commands and Input Attributes
https://symfony.com/blog/new-in-symfony-7-3-invokable-commands-and-input-attributes?utm_source=Symfony%20Blog%20Feed&utm_medium=feed

https://redd.it/1k50wy9
@r_php

Best Practices for uploads/ Directory Versioning and Filesystem Permissions in Symfony

# Question de support

# Question 1 : Gestion des versions du répertoire uploads/

Faut-il :

Versionner un répertoire `public/uploads/` vide (avec `.gitkeep`) tout en ignorant son contenu via `.gitignore` ? Exemple :/public/uploads/\ !/public/uploads/.gitkeep
Ou y a-t-il une meilleure solution pour s’assurer que le répertoire existe après le déploiement ?

# Question 2 : Autorisations du système de fichiers pour uploads/

Est-ce que ces approches sont recommandées ?

1. Utilisation des ACL (préféré) : \`\`\`bashHTTPDUSER=$(ps axo user,comm | grep -E '\[a\]pache|\[h\]ttpd|\[\_\]www|\[w\]ww-data|\[n\]ginx' | grep -v root | head -1 | cut -d\\ -f1)Pour var/ (cache + logs) et uploads/

sudo setfacl -dR -m u:"$HTTPDUSER":rwX -m u:$(whoami):rwX public/uploads sudo setfacl -R -m u:"$HTTPDUSER":rwX -m u:$(whoami):rwX public/uploads

Question de support
Question 1 : Gestion des versions du répertoire uploads/
Faut-il :
Versionner un répertoire public/uploads/ vide (avec .gitkeep) tout en ignorant son contenu via .gitignore ?
Exemple :
/public/uploads/
!/public/uploads/.gitkeep



Ou y a-t-il une meilleure solution pour s’assurer que le répertoire existe après le déploiement ?
Question 2 : Autorisations du système de fichiers pour uploads/
Est-ce que ces approches sont recommandées ?
Utilisation des ACL (préféré) :

    Pour var/ (cache + logs) et uploads/
    
    HTTPDUSER=$(ps axo user,comm | grep -E '[a]pache|[h]ttpd|[_]www|[w]ww-data|[n]ginx' | grep -v root | head -1 | cut -d\  -f1)
    sudo setfacl -dR -m u:"$HTTPDUSER":rwX -m u:$(whoami):rwX public/uploads
    sudo setfacl -R -m u:"$HTTPDUSER":rwX -m u:$(whoami):rwX public/uploads

s

# Support Question

# Question 1: Versioning the uploads/ Directory

Should we:

* Version an empty public/uploads/ directory (with .gitkeep) while ignoring its content via .gitignore? Example:/public/uploads/\* !/public/uploads/.gitkeep 
* Or is there a better alternative to ensure the directory exists after deployment?

# Question 2: Filesystem Permissions for uploads/

Are these the recommended approaches?

1. Using ACL (preferred): \`\`\`bashHTTPDUSER=$(ps axo user,comm | grep -E '\[a\]pache|\[h\]ttpd|\[\_\]www|\[w\]ww-data|\[n\]ginx' | grep -v root | head -1 | cut -d\\ -f1)For var/ (cache + logs) and uploads/ 

sudo setfacl -dR -m u:"$HTTPDUSER":rwX -m u:$(whoami):rwX public/uploads sudo setfacl -R -m u:"$HTTPDUSER":rwX -m u:$(whoami):rwX public/uploads

    Support Question
    Question 1: Versioning the uploads/ Directory
    Should we:
    Version an empty public/uploads/ directory (with .gitkeep) while ignoring its content via .gitignore?
    Example:
    /public/uploads/*
    !/public/uploads/.gitkeep
    
    
    
    Or is there a better alternative to ensure the directory exists after deployment?
    Question 2: Filesystem Permissions for  uploads/
    Are these the recommended approaches?
    Using ACL (preferred):
    

bash
For var/ (cache + logs) and uploads/

HTTPDUSER=$(ps axo user,comm | grep -E 'apache|httpd|_www|www-data|nginx' | grep -v root | head -1 | cut -d\ -f1)
sudo setfacl -dR -m u:"$HTTPDUSER":rwX -m u:$(whoami):rwX public/uploads
sudo setfacl -R -m u:"$HTTPDUSER":rwX -m u:$(whoami):rwX public/uploads

2. User/Group Permissions:
- Should the webserver user (e.g., www-data) and deployer user be in the same group?
- Example setup:

      sudo usermod -a -G www-data deployer  # Add deployer to www-data group
      sudo chown -R deployer:www-data var/ public/uploads/
      sudo chmod -R 775 var/ public/uploads/  # RWX for owner/group, RX for others
    
    2. **User/Group Permissions**:
    - Should the webserver user (e.g., `www-data`) and deployer user be in the same group?
    - Example setup:
      

bash
sudo usermod -a -G www-data deployer # Add deployer to www-data group
sudo chown -R deployer:www-data var/

public/uploads/
sudo chmod -R 775 var/ public/uploads/ # RWX for owner/group, RX for others


https://redd.it/1k539wi
@r_php

Pre-RFC Associated Types

Posting this on Reddit, because why not.

A few weeks ago, motivated by the RFC about allowing never as a parameter type, I started writing a proof of concept for "Associated Types" which are "generics"/"template" types limited to interfaces as they do not have a lot of the complexity relating to generic types on concrete classes, as the bound type can be determined at compile time rather than run-time.

Internals email post is: https://externals.io/message/127165

PoC on GitHub is: https://github.com/php/php-src/pull/18260

https://redd.it/1k571ns
@r_php

SymfonyOnline June 2025: Inside a Financial App Breach: Debugging a Million-Dollar Bug
https://symfony.com/blog/symfonyonline-june-2025-inside-a-financial-app-breach-debugging-a-million-dollar-bug?utm_source=Symfony%20Blog%20Feed&utm_medium=feed

https://redd.it/1k570ir
@r_php

Think of an Elephpant - Championing PHP as a Community
https://liamhammett.com/think-of-an-elephpant

https://redd.it/1k59s03
@r_php

New in Symfony 7.3: Assets Pre-Compression
https://symfony.com/blog/new-in-symfony-7-3-assets-pre-compression?utm_source=Symfony%20Blog%20Feed&utm_medium=feed

https://redd.it/1k5tpcy
@r_php

Large/enterprise inertia examples

Looking for some large-enterprise level inertia projects as I’m interested in seeing what different design patterns others are using in their projects. I lead a very small development team so don’t get a lot of exposure to well written large scale Laravel code.

I’m assuming most of the good stuff will be private, so if anyone is open, I’d be happy to pay consulting cost/sign whatever to run me through it.

Otherwise if anyone knows any good public gh repos?


https://redd.it/1k5u80p
@r_php

fromJson(), Force Create Many & Automatic Eager Loading in Laravel 12.8
https://youtu.be/3ktZMAv1Fi8

https://redd.it/1k5xr23
@r_php

NativePHP for mobile - Android support drops next week
https://laravel-news.com/nativephp-mobile-v1

https://redd.it/1k5yvzw
@r_php

How we Maintain Dozens of Symfony Workflows with Peace
https://tomasvotruba.com/blog/how-we-maintain-dozens-of-symfony-workflows-with-peace

https://redd.it/1k5zgzu
@r_php

I've never extended a class or used the protected function.

Hi all,

Edit: I program in OOP. At least I think I do? Every new tool has a class, view and controller. I include classes I reuse over and over again such as database class.

I've been trying to diversify my knowledge and fill in gaps as I've been at my current company 5 years and have self taught a lot of the knowledge I have regarding PHP and full stack dev work. I've never really found a use case for extending classes or sub classes but I generally follow an MVC structure.

Could someone link me a case study for using these techniques as when I look it up and see the explanation I still struggle to apply it to my daily work. I also have an innate feeling that being self taught I'm lacking a lot of knowledge that might come in useful later down the line.

Or perhaps something thats like a codex of whats industry standard coding in php backend these days?

https://redd.it/1k61910
@r_php

SymfonyOnline June 2025: FormFlow: Build Stunning Multistep Forms
https://symfony.com/blog/symfonyonline-june-2025-formflow-build-stunning-multistep-forms?utm_source=Symfony%20Blog%20Feed&utm_medium=feed

https://redd.it/1k62t1b
@r_php

Livewire Starter Kit

I know this sounds petty but it’s kinda sucks that if you want the rest of the UI elements, you need to pay for it. I know folks worked hard on it but at this point, I thought Laravel would bring out their own at least.

Anyone sign up for Flux UI? I think I might bite the bullet.



https://redd.it/1k6ixrg
@r_php

Laravel 12 + Spatie Roles & Permissions + Starter Kit 🔥
https://youtu.be/vUSBqp5pUtk?si=q5JoFh3VN69MN2eY

https://redd.it/1k6l664
@r_php

New in Symfony 7.3: Global Translation Parameters
https://symfony.com/blog/new-in-symfony-7-3-global-translation-parameters?utm_source=Symfony%20Blog%20Feed&utm_medium=feed

https://redd.it/1k6ms11
@r_php

What does "Core PHP" means ?

I got call for the job opening of PHP Developer. HR manager asked my if know core php. I don't what that's mean. Please elaborate from a development perspective.

https://redd.it/1k6pc9k
@r_php

Frozen Time Testing, Transaction Callbacks & Memoized Cache in Laravel 12.9
https://youtu.be/9PeNUFdlRs8

https://redd.it/1k6qlz9
@r_php

PHPverse: a free, online event on June 17th to celebrate PHP's 30th birthday
https://lp.jetbrains.com/phpverse-2025/?utm_source=reddit.com&utm_medium=social&utm_campaign=phpverse2025&utm_content=laravel

https://redd.it/1k6qxak
@r_php

I am a PHP developer, not a Vue Developer

Sick of seeing jobs for “PHP Laravel Developer” then in the requirements they also want Vue and Inertia experience.

I purposely don’t do frontend, I work really hard and keep up to the date with the latest in the PHP world.

Some jobs even want Kubernetes / Terraform in top of PHP and Vue. So you want me to manage the servers and infrastructure, write the code, maintain the database and also build the frontend?

From experience people who try to do everything in a role aren’t the best developers.

I made my developers choose between frontend and backend and sent them on their way to be the best they could in that area. It made a huge different to quality and output.

In my opinion trying to build teams with full stacks in every area of the codebase is a recipe for disaster.


https://redd.it/1k6rcgt
@r_php