Join the Symfony community in Montreal on June 4, 2026, at L'Espace Quartier Latin (UQAM). This edition features 9 expert talks in a single day! Register now. 🎤 Speaker announcement! We are happy to welcome Thomas Durand, Architect, Code Owner,…
Symfony 8.1 ships many features related to the Console component, such as HTTP-less Symfony applications, method-based commands, and console argument resolvers. In addition, it includes several improvements to console command input handling. Pasting Images…
I cannot believe I'm saying this, but getting the literal Pope to canonize your product's specific technical limitations as a spiritual treatise is the single greatest act of vendor lobbying I have ever seen. — Corey Quinn, on Anthropic co-founder Christopher Olah's influence on Magnifica Humanitas Tags: ai-ethics, corey-quinn, anthropic, ai
Dropped this morning by the Vatican: Magnifica Humanitas of His Holiness Pope Leo XIV on Safeguarding the Human Person in the Time of Artificial Intelligence. This is a very interesting document. It's some of the clearest writing I've seen on the ethics of integrating AI into modern society. Pope Leo XIV chose the name Leo in honor of Pope Leo XIII, who is known for his 1891 Rerum novarum encyclical on "Rights and Duties of Capital and Labor". This story on Vatican News further clarifies the…
California Brown Pelican, Snowy Egret, California Sea Lion, Harbor Seal, in San Mateo County, CA, USWe took our new folding kayak out in the harbor and saw sea lions and harbor seals chilling on the docks.
An interesting take on how AI changes the build-versus-buy decision for packages. Shared problems can often be generated, while hard, external, or opinionated problems still benefit from well-maintained packages. Read more
Release: datasette 1.0a30 The big new feature in this alpha is a new customizable "Jump to..." menu, described in detail in The extensible "Jump to" menu in Datasette 1.0a30 on the Datasette blog. You can try it out by hitting / on latest.datasette.io - it looks like this: The new jump_items_sql() plugin hook allows plugins to add their own items to the set that's searched by the plugin. Tags: projects, datasette, annotated-release-notes
Release: datasette-agent 0.1a4 Taking advantage of the new makeJumpSections() JavaScript plugin hook added in Datasette 1.0a30, datasette-agent now presents this "Start a new agent chat" interface as part of the Jump to menu, any time you hit /: You can try this out by signing into agent.datasette.io using your GitHub account. Tags: datasette, datasette-agent
Release: datasette-fixtures 0.1a0 One of the smaller features in Datasette 1.0a30 is this: New documented datasette.fixtures.populate_fixture_database(conn) helper for creating the fixture database tables used by Datasette's own tests, intended for plugin test suites. This new plugin takes advantage of that API. You can try it out using uvx without even installing Datasette like this: uvx --prerelease=allow \ --with datasette-fixtures datasette \ --get /fixtures/roadside_attractions.json Which…
The most frustrating failure mode right now is that people submit issues that are not in their own voice. They contain an observed problem somewhere, but it has been thrown into a clanker and the clanker reworded it and made a huge mess of it. Typically, it was prompted so badly that the conclusions produced are more often than not inaccurate but always full of confidence. The result is complete guesswork on root causes, fake-minimal repros, suggested implementation strategies, analogies to…
Tool: Mad House — Usborne Creepy Computer Games Via Hacker News I learned that UK publisher Usborne published free PDFs of their 1980s Computer Books, some of which I remember working through on my Commodore 64 as a child. These were so great! Beautifully illustrated books with fun projects made up of code you could type into your own machine. I remember playing "Mad House" typed in from the 1983 book "Creepy Computer Games", so I fed that PDF into Claude and had it build an interactive version…
Socket researchers have identified an active crypto stealer supply chain attack spanning npm, PyPI, and Crates.io. The campaign, which Socket is tracking as TrapDoor, spans more than 34 malicious packages and 384+ related versions and artifacts across npm, PyPI, and Crates.io, with some already removed and others still live at the time of writing. The earliest package Socket observed was the PyPI package eth-security-auditor@0.1.0, uploaded on May 22, 2026 at 20:20:18 UTC, with the wheel…
This week, Symfony released 36 security advisories and published security releases 5.4.52, 6.4.40, 7.4.12, 8.0.12, 8.1.0 BETA3 and Twig 3.26.0. We also published an article about how we used Claude Mythos to analyze the Symfony and Twig codebases and uncover…
On the <dl> I learned a few new-to-me things about the <dl> element from this article by Ben Meyer: A <dt> can be followed by multiple <dd> You can optionally group the <dt> and <dd> elements in a <div> for styling - but only a <div>. You can label them using ARIA. They've been called "description lists", not "definition lists", since an HTML5 draft in 2008. So this is valid: <h2 id="credits">Credits</h2> <dl…
A compromise affecting the community-maintained Laravel Lang project has introduced remote code execution backdoors across multiple packages in the organization, including laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes , and laravel-lang/actions across roughly 700+ historical versions. The affected packages are not part of the official Laravel framework. They are third-party localization packages used by Laravel applications. However, applications that installed…