Founder of Les-Tilleuls.coop (worker-owned cooperative). Creator of API Platform, FrankenPHP, Mercure.rocks, Vulcain.rocks and of some Symfony components.
You may have noticed the recent fuss about the compromise of event-stream, a popular NPM package: event-stream is a transitive dependency of many popular JavaScript projects including Vue, Angular, Gatsby and VSCode (some of them are using a version that isn’t affected by the attack). This attack raised, again, the problem of the JS dependency…
There is an easy way to generate a Symfony compliant password hash from the command line. Assuming you’re using the bcrypt algorithm (the preferred choice according to Symfony’s security best practices), the default cost (13) and you have PHP >= 5.5 installed, just run the following command: php -r “echo password_hash(‘ThePassword’, PASSWORD_BCRYPT, [‘cost’ => 13]) . PHP_EOL;” It will…
I create and I see more and more web applications sharing the same powerful architecture: Server-side, a REST API built with the popular Symfony framework and its ecosystem (especially FOSRestBundle, JMSSerializerBundle and sometimes BazingaHateoasBundle for hypermedia APIs). Client-side, a SPA built with Google’s AngularJS consuming the REST API provided by the server with Restangular or a similar library. These components share the same philosophy (built…