Yoeri shows how to automatically open a pull request when a new PHP security advisory appears. Nice little workflow that combines Laravel Health, Oh Dear, and GitHub Actions to keep apps patched quickly. Read more
We are thrilled to welcome the global Symfony community online on June 11-12, 2026, for SymfonyOnline June 2026. Get ready for deep-dive technical tracks! 🎤 Speaker announcement! Join Vincent Amstoutz, Lead Dev, Speaker & OSS Contributor, for…
Symfony 8.1.0 is about to be released. As for any other Symfony release, our backward compatibility promise applies and this means that you should be able to upgrade easily to 8.1 without changing anything in your code. During the last couple of months, we've…
Symfony 8.1.0 has just been released. Check the New in Symfony 8.1 posts on this blog to learn about the main features of this new stable release; or check the first beta release announcement to get the list of all its new features. Read the Symfony upgrade…
Affected versions Symfony versions >=2.8.0, =3.0.0, <3.1.0 of the Symfony UX Live Component component are affected by this security issue. The issue has been fixed in Symfony 2.36.0, 3.1.0. Description In symfony/ux-live-component,…
Affected versions Symfony versions >=2.8.0, =3.0.0, <3.1.0 of the Symfony UX Live Component component are affected by this security issue. The issue has been fixed in Symfony 2.36.0, 3.1.0. Description Symfony\UX\LiveComponent\Util\ChildComponentPartialRenderer::createHtml()…
Affected versions Symfony versions >=2.2.0, =3.0.0, <3.1.0 of the Symfony UX Autocomplete component are affected by this security issue. The issue has been fixed in Symfony 2.36.0, 3.1.0. Description The Stimulus controller shipped…
Affected versions Symfony versions >=2.22.0, =3.0.0, <3.1.0 of the Symfony UX Live Component component are affected by this security issue. The issue has been fixed in Symfony 2.36.0, 3.1.0. Description When using symfony/ux-live-component,…
Affected versions Symfony versions >=2.5.0, =3.0.0, <3.1.0 of the Symfony UX Live Component component are affected by this security issue. The issue has been fixed in Symfony 2.36.0, 3.1.0. Description Symfony\UX\LiveComponent\Controller\BatchActionController::__invoke()…
Affected versions Symfony versions >=2.8.0, =3.0.0, <3.1.0 of the Symfony UX Live Component component are affected by this security issue. The issue has been fixed in Symfony 2.36.0, 3.1.0. Description When a #[LiveProp] is typed…
Affected versions Symfony versions >=2.2.0, =3.0.0, <3.1.0 of the Symfony UX Autocomplete component are affected by this security issue. The issue has been fixed in Symfony 2.36.0, 3.1.0. Description Symfony\UX\Autocomplete\Doctrine\EntitySearchUtil::addSearchClause()…
Symfony UX 3.1.0 is the first feature release on the 3.x branch. It brings a brand-new Calendar Link component, provide() and inject() functions for Twig components, a modern custom element and Twig component for Turbo Mercure streams, Turbo Frame request…
Symfony UX 2.36.0 is a security release for the 2.x branch: it fixes seven vulnerabilities in the LiveComponent and Autocomplete packages, two of them rated medium severity. If your application depends on symfony/ux-live-component or symfony/ux-autocomplete,…
Save the date! SymfonyOnline June 2026 will take place online on June 11-12, 2026, with 15 expert speakers streaming directly to you. 🎤 Speaker announcement! Guillaume Loulier, Technical Expert, SensioLabs, will be taking the virtual stage to present…
A fun look at making coding assistants talk less, and what that actually saves in practice. The main takeaway is that shorter replies help, but most token cost still comes from the actual work: reading, reasoning, coding, and checking. Read more