Yoeri shows how to automatically open a pull request when a new PHP security advisory appears. Nice little workflow that combines Laravel Health, Oh Dear, and GitHub Actions to keep apps patched quickly. Read more
We are thrilled to welcome the global Symfony community online on June 11-12, 2026, for SymfonyOnline June 2026. Get ready for deep-dive technical tracks! 🎤 Speaker announcement! Join Vincent Amstoutz, Lead Dev, Speaker & OSS Contributor, for…
Symfony 8.1.0 is about to be released. As for any other Symfony release, our backward compatibility promise applies and this means that you should be able to upgrade easily to 8.1 without changing anything in your code. During the last couple of months, we've…
Symfony 8.1.0 has just been released. Check the New in Symfony 8.1 posts on this blog to learn about the main features of this new stable release; or check the first beta release announcement to get the list of all its new features. Read the Symfony upgrade…
Affected versions Symfony versions >=2.8.0, =3.0.0, <3.1.0 of the Symfony UX Live Component component are affected by this security issue. The issue has been fixed in Symfony 2.36.0, 3.1.0. Description In symfony/ux-live-component,…
Affected versions Symfony versions >=2.8.0, =3.0.0, <3.1.0 of the Symfony UX Live Component component are affected by this security issue. The issue has been fixed in Symfony 2.36.0, 3.1.0. Description Symfony\UX\LiveComponent\Util\ChildComponentPartialRenderer::createHtml()…
Affected versions Symfony versions >=2.2.0, =3.0.0, <3.1.0 of the Symfony UX Autocomplete component are affected by this security issue. The issue has been fixed in Symfony 2.36.0, 3.1.0. Description The Stimulus controller shipped…
Affected versions Symfony versions >=2.22.0, =3.0.0, <3.1.0 of the Symfony UX Live Component component are affected by this security issue. The issue has been fixed in Symfony 2.36.0, 3.1.0. Description When using symfony/ux-live-component,…
Affected versions Symfony versions >=2.5.0, =3.0.0, <3.1.0 of the Symfony UX Live Component component are affected by this security issue. The issue has been fixed in Symfony 2.36.0, 3.1.0. Description Symfony\UX\LiveComponent\Controller\BatchActionController::__invoke()…
Affected versions Symfony versions >=2.8.0, =3.0.0, <3.1.0 of the Symfony UX Live Component component are affected by this security issue. The issue has been fixed in Symfony 2.36.0, 3.1.0. Description When a #[LiveProp] is typed…
Affected versions Symfony versions >=2.2.0, =3.0.0, <3.1.0 of the Symfony UX Autocomplete component are affected by this security issue. The issue has been fixed in Symfony 2.36.0, 3.1.0. Description Symfony\UX\Autocomplete\Doctrine\EntitySearchUtil::addSearchClause()…
Symfony UX 3.1.0 is the first feature release on the 3.x branch. It brings a brand-new Calendar Link component, provide() and inject() functions for Twig components, a modern custom element and Twig component for Turbo Mercure streams, Turbo Frame request…
Symfony UX 2.36.0 is a security release for the 2.x branch: it fixes seven vulnerabilities in the LiveComponent and Autocomplete packages, two of them rated medium severity. If your application depends on symfony/ux-live-component or symfony/ux-autocomplete,…
Release: datasette 1.0a31 Another significant alpha release, with two new headline features. Datasette now offers users with the necessary permissions the ability to both execute write queries against their database and to save stored queries (renamed from "canned queries") both privately and for use by other members of their Datasette instance. There's more detail in SQL write queries and stored queries in Datasette 1.0a31 on the Datasette blog, which now has three posts introducing new…
The most interesting thing about Anthropic's $65B Series H announcement is this line (emphasis mine): Since our Series G in February, adoption has continued to grow across global enterprise customers, and our run-rate revenue crossed $47 billion earlier this month. Anthropic have made a bit of a habit of sharing their "run-rate revenue" in this kind of announcement, which is an annualized projection of their current revenue - typically calculated by taking the most recent month and multiplying…