Jake and Michael return to discuss the introduction of further type-safety in PHP, BladeX, finite state machines, and rendering HTML emails.
Thanks to Spatie for sponsoring our show.
In this weeks episode we are lucky to be joined by Neal Brooks, a fellow developer of Edd’s at MyBuilder. We start off by discussing how he got into programming, QBasic and video driver shenanigans. From here, we move on to introduce his SymfonyLive London talk ‘Running Symfony on AWS Lambda’. We highlight what drew him to Lambda, and the new tooling that is making it easier to run PHP and frameworks (such as Symfony) on it. This leads us to cover his demo application, and explore handling assets using S3, database migrations and AWS resources using CloudFormation. Finally, we debate using catch-all gateway endpoints vs. dedicated gateway endpoints and Lambda performance.
- Neal Brooks on Twitter
- Neal Brooks - Medium
- SymfonyLive London 2018
- Running Symfony on AWS Lambda with Neal Brooks
- mnapoli/bref - Serverless framework for PHP
- return true to win
- Everything Serverless with Andy Raines - Three Devs and a Maybe
- Creating a ‘Winning’ Audio Lambda Service using Serverless, Polly and compiled SOX
- The Twelve-Factor App
- Session Management - Symfony
- Uploading Objects Using Pre-Signed URLs - Amazon S3
- Using a CDN - Symfony
- dittto/serverless-s3-assets - Uploads requested assets to S3 as part of Serverless deploy
- Mince Pie Challenge - Building a Serverless RESTful API and React Client
- MyBuilder Careers
- MyBuilder Tech Blog
In this weeks episode we are lucky to be joined by Scott Arciszewski to discuss all things Security. We start off by chatting about a recent talk he gave at DEF CON 25 and the importance of secure API design. From here we highlight Google Tink, misunderstandings of how PHP has changed over the years and what CVE’s are. This leads us on to delve into the tools and processes used within the reconnaissance phase of a security engagement. Finally, we briefly mention Quantum Computing and its impact on cryptography - followed by best practises for securely managing secrets within web applications.
- Paragon Initiative Enterprises
- Scott Arciszewski on Twitter
- NaCl - Networking and Cryptography library
- PHP Implementation? - google/tink - GitHub
- PHP RFC - Flexible Heredoc and Nowdoc Syntaxes
- Common Vulnerabilities and Exposures (CVE)
- Common Weakness Enumeration
- Nmap - the Network Mapper
- Burp Suite Scanner
- Puppy Linux
- klange/ponyos - My Little Unix, Kernels are Magic!
- Fiddler - Web Debugging Proxy
- Charles Web Debugging Proxy
- OWASP Zed Attack Proxy Project - OWASP
- How and Why Developers Use Asymmetric (Public Key) Cryptography in Real-World Applications
- Secrets, Secrets, Are No Fun - PHP Roundtable
- Keeping Credentials Secure in PHP
- Securing Credentials for PHP with Docker
- Vault by HashiCorp
- AWS Secrets Manager
Jake and Michael discuss all the latest Laravel releases, tutorials, and happenings in the community.
Sponsored by Honeybadger.
- Announcing Docker for PHP developers video course
- Luhn algorithm package for Laravel
- Laratables: Ajax support of DataTables in Laravel
- Bootstrap + Vue
- Visual Studio Code adds a GitHub Pull Request extension
- Sublime Merge
- Resolving conflicts with git mergetool
- Laravel health panel
- Interview: Antonio Ribeiro, package author and master of StackOverflow Laravel
- LaRecipe: Documentation with markdown in your Laravel projects
- Building Honeybadger for Laravel
- Laravel view models
- PHP 7.3's first Release Candidate is here
Jake and Michael return after a two month (!!) summer hiatus
This month the team discusses Safe PHP: throwing exceptions instead of returning false
Other topics include
- WavePHP is next week
- Inbox is signing off: find your favorite features in the new Gmail
- PHP: Final Keyword - Manual
- EU approves controversial Copyright Directive, including internet ‘link tax’ and ‘upload filter’
- (1) Joe Rogan Experience #1169 - Elon Musk - YouTube
- After Spying On You, Your Vizio TV Will Ask You to Sue
**Prior to publication Magento and Adobe announced that they would be monetizing the new bug bounty program hosted at HackerOne. For more information read the ZDNet article which covers the story as it is evolving. **
“We really do need to get to a place where the Magento community assumes the best until it sees the worst.” – Matt Asay. In this episode Kalen and Phillip unpack the changes to the bug bounty program and the community reaction to it. Listen now!