Skip to content

Kévin Dunglas

Founder of Les-Tilleuls.coop (worker-owned cooperative). Creator of API Platform, FrankenPHP, Mercure.rocks, Vulcain.rocks and of some Symfony components.

Menu
  • Talks
  • Resume
  • Sponsor me
  • Contact
Menu

Tag: Security

NPM dependency hell: comparison with Symfony, Laravel and API Platform

Posted on November 28, 2018May 11, 2023 by Kévin Dunglas

You may have noticed the recent fuss about the compromise of event-stream, a popular NPM package: event-stream is a transitive dependency of many popular JavaScript projects including Vue, Angular, Gatsby and VSCode (some of them are using a version that isn’t affected by the attack). This attack raised, again, the problem of the JS dependency…

Read more

Generate a Symfony password hash from the command line

Posted on December 22, 2014December 23, 2014 by Kévin Dunglas

There is an easy way to generate a Symfony compliant password hash from the command line. Assuming you’re using the bcrypt algorithm (the preferred choice according to Symfony’s security best practices), the default cost (13) and you have PHP >= 5.5 installed, just run the following command: php -r “echo password_hash(‘ThePassword’, PASSWORD_BCRYPT, [‘cost’ => 13]) . PHP_EOL;”  It will…

Read more

DunglasAngularCsrfBundle: protect your Symfony / AngularJS apps against CSRF attacks

Posted on January 2, 2014January 3, 2014 by Kévin Dunglas

I create and I see more and more web applications sharing the same powerful architecture: Server-side, a REST API built with the popular Symfony framework and its ecosystem (especially FOSRestBundle, JMSSerializerBundle and sometimes BazingaHateoasBundle for hypermedia APIs). Client-side, a SPA built with Google’s AngularJS consuming the REST API provided by the server with Restangular or a similar library.  These components share the same philosophy (built…

Read more
  • 1
  • 2
  • Next

Social

  • Bluesky
  • GitHub
  • LinkedIn
  • Mastodon
  • X
  • YouTube

Links

  • API Platform
  • FrankenPHP
  • Les-Tilleuls.coop
  • Mercure.rocks
  • Vulcain.rocks

Subscribe to this blog

Top Posts & Pages

  • FrankenPHP’s New Features: Thread Autoscaling, Mostly Static Binaries, deb and RPM Packages, Caddy 2.10…
  • FrankenPHP: The Modern Php App Server, written in Go
  • JSON Columns and Doctrine DBAL 3 Upgrade
  • FrankenPHP 1.3: Massive Performance Improvements, Watcher Mode, Dedicated Prometheus Metrics, and More
  • FrankenPHP Is Now Officially Supported by The PHP Foundation
  • Symfony's New Native Docker Support (Symfony World)
  • Running Laravel Apps With FrankenPHP (Laracon EU)
  • Securely Access Private Git Repositories and Composer Packages in Docker Builds
  • 6x faster Docker builds for Symfony and API Platform projects
  • Webperf: Boost Your PHP Apps With 103 Early Hints

Tags

Apache API API Platform Buzz Caddy Docker Doctrine FrankenPHP Go Google GraphQL HTTP/2 Hydra hypermedia Hébergement Javascript JSON-LD Kubernetes La Coopérative des Tilleuls Les-Tilleuls.coop Lille Linux Mac Mercure Messagerie Instantanée MySQL performance PHP Punk Rock Python React REST Rock'n'Roll Schema.org Security SEO SEO Symfony Symfony Live Sécurité Ubuntu Web 2.0 webperf XHTML XML

Archives

Categories

  • DevOps (85)
    • Ubuntu (68)
  • Go (19)
  • JavaScript (46)
  • Mercure (7)
  • Opinions (91)
  • PHP (172)
    • API Platform (77)
    • FrankenPHP (11)
    • Laravel (1)
    • Symfony (97)
    • Wordpress (6)
  • Python (14)
  • Security (15)
  • SEO (25)
  • Talks (46)
© 2025 Kévin Dunglas | Powered by Minimalist Blog WordPress Theme