Flux
Couleur d'accent
Toutes les catégories

Web

1370 articles

The PHP Foundation’s Elizabeth Barron to keynote JetBrains PHPverse 2026
Programmation Web

The PHP Foundation’s Elizabeth Barron to keynote JetBrains PHPverse 2026

PHP has undergone a remarkable transformation in recent years, and The PHP Foundation has played a major role in contributing to the development and maintenance of the language. The upcoming JetBrains PHPverse conference is a great opportunity to reflect on what has been done to reinforce PHP's position as a robust, modern language for web development. Elizabeth Barron, The PHP Foundation’s Executive Director, is joining the lineup of JetBrains PHPverse 2026 speakers with a keynote talk…

The PHP Foundation
Branching Workflows: Choosing the Right Git Strategy for Your Team
Programmation Web

Branching Workflows: Choosing the Right Git Strategy for Your Team

Video version at: https://youtu.be/R_-NG_frTiw Last month, two developers on a team I was working with both merged their branches to main within minutes of each other. The first merge was fine but the the second introduced a conflict in a shared service class that nobody caught until the CI pipeline deployed a broken build to […] The post Branching Workflows: Choosing the Right Git Strategy for Your Team appeared first on PHP Architect.

PHP Architect
CVE-2026-48807: Sandbox `__toString()` policy bypass via `Traversable` in `join`/`replace` and `in`/`not in` operators
Programmation Web

CVE-2026-48807: Sandbox `__toString()` policy bypass via `Traversable` in `join`/`replace` and `in`/`not in` operators

Affected versions Twig versions <=3.26.0 are affected by this security issue. The issue has been fixed in Twig 3.27.0. Description This is a residual bypass of CVE-2026-47732 / GHSA-pr2w-4gpj-cpq4 left after the initial fix for unguarded __toString()…

Symfony Blog
CVE-2026-46636: Sandbox filter, tag and function allow-list bypass when sandbox state changes between renders
Programmation Web

CVE-2026-46636: Sandbox filter, tag and function allow-list bypass when sandbox state changes between renders

Affected versions Twig versions <=3.26.0 are affected by this security issue. The issue has been fixed in Twig 3.27.0. Description The per-template filter, tag and function allow-list check is compiled into the checkSecurity() method of each Template…

Symfony Blog
CVE-2026-48805: Sandbox state regression in deprecated internal wrappers in `src/Resources/core.php`
Programmation Web

CVE-2026-48805: Sandbox state regression in deprecated internal wrappers in `src/Resources/core.php`

Affected versions Twig versions <=3.26.0 are affected by this security issue. The issue has been fixed in Twig 3.27.0. Description The 3.26.0 source-policy hardening changed the signature of CoreExtension::checkArrow() to take a boolean $isSandboxed…

Symfony Blog
CVE-2026-48808: Sandbox property allowlist bypass via the `column` filter under `SourcePolicyInterface`
Programmation Web

CVE-2026-48808: Sandbox property allowlist bypass via the `column` filter under `SourcePolicyInterface`

Affected versions Twig versions <=3.26.0 are affected by this security issue. The issue has been fixed in Twig 3.27.0. Description This is a residual bypass of CVE-2026-46635 / GHSA-vcc8-phrv-43wj that only affects sandboxing enabled through SourcePolicyInterface…

Symfony Blog
The PHP Foundation Impact and Transparency Report 2025
Programmation Web

The PHP Foundation Impact and Transparency Report 2025

Executive Summary PHP turned 30 in 2025. With The PHP Foundation's support, the PHP project marked the year by shipping PHP 8.5. The PHP Foundation also launched PIE 1.0, initiated a project to modernize PHP's stream layer, and authored roughly 42% of all commits to PHP's core. This work was supported by 536 sponsors and individual contributors, and it could not have happened without them. At the end of 2025, The PHP Foundation consisted of 8 volunteer board members, an Executive Director…

The PHP Foundation
Esc