New! Checkout our new GitHub homepage! Follow the latest activity of eZ Publish Developers on GitHub.com


News

eZ Platform v2.4 update

“We are well advanced in the development of eZ Platform v2.4 and it’s time for us to give you more visibility on coming changes to our plan. Version 2.4 is the fourth release in less than a year for eZ Platform version 2, and a lot of work has been done by our engineering team.”

Read the full blog by Roland Benedetti, Chief Product Officer at eZ.

We want your feedback on 'Unpublish'

Once again we ask your feedback for a small feature in eZ Platform. What action would you like to be executed if you unpublish in the future (scheduled operation)? Check out the poll on our forum and leave your feedback.

Note: we posted an earlier request for feedback - Are you using Oracle and/or an Oracle/eZ Platform connector? Feel free to leave a reply on this also.

Vote for eZ Commerce

eZ Commerce is participating in the E-Commerce Germany Awards. Time to leave your vote! Rules of Voting in E-commerce Germany Awards contest:

  • There are 10 categories - from every category ten companies will be promoted to the next round -> Jury Voting (the one with the highest amount of votes);
  • Results of the Public Voting will be determined by online voters - each voter has 8 votes, one for category;
  • In order to vote a Facebook account is necessary;
  • The voting period lasts from December 3 (1 PM), 2018 to December 21 (11:59 PM), 2018

Creating custom dropdowns in eZ Platform

“eZ Platform comes with a bunch of utilities that can help you build rich UI. They make your administration panel better in terms of UX and overall pleasure of using the eZ Platform CMS features. One of such utilities is a small component/library that enables you to implement custom dropdowns anywhere in the system.”

Read this full blog by Piotr Nalepa, Senior UI Developer at eZ, on the eZ Platform Developer Hub.

Symfony local web server for eZ Platform development

"At SymfonyCon 2018 in Lisbon the Symfony local web server was announced. As a Symfony framework app this works fine with eZ Platform. I find it to be a great option to run simple eZ Platform project that do not need all the complexity of setting up Nginx/Apache or Docker or whatever."

More on this by Jani Tarvainen from eZ on our Forum.

In Other News:

Resources

eZ related videos from Web Summer Camp 2018 released

Netgen has released all videos from Web Summer Camp 2018. This includes:

  • Site API for eZ Platform
  • Extending eZ Platform
  • eZ Cloud powered by platform.sh
  • and lots more

View the YouTube playlist from Netgen for a complete overview of available videos.

Looking for a bundle compatible with eZ Platform? Check out: https://ezplatform.com/Bundles.

Social Media

Follow us on Twitter, Facebook, LinkedIn, Google+, or YouTube, and join our Community for any help with eZ Platform or community-related questions.

Find eZ at These Events

For more events, make sure to check out this list.

Each week we publish a roundup of highlights from the eZ ecosystem. If you have any news or events to share, please contact me.

(Lead image credit: Susan Sermoneta, CC)

12/07/2018 10:21 am   ez.no/About-eZ/Blog   Mirror   Link  

Why the Editorial Workflow?

Organizations of all sizes often need to follow a specific (and sometimes complex) process involving several users when publishing content on their digital properties, including corporate websites, intranet portal, e-commerce websites and so on.

The question of how to manage workflow can be addressed in many ways. For example, small organizations do not necessarily need to manage the process through their CMS. Instead, a small team operating within the same space can simply delegate tasks directly and then ask for approval by communicating with one another. In this case, our Flex Workflow feature works perfectly.

However, managing the editorial process outside of a CMS is not ideal for some organizations and can be prone to errors. Indeed, larger or more distributed organizations may require a more complex system that is more effective when it comes to following a process for creating and publishing content.

A great example of this relates to businesses that are heavily regulated, such as governmental and financial institutions. In these cases, the system must assist with driving and enforcing an editorial workflow across many different users with differing roles and permissions. The system also needs to prevent the content from going through a divergent path that bypasses the current assigned workflow.

This capability is nothing new in the CMS world. Editorial workflows have existed for many years, but have tended to fail due to being tedious to use and an overall negative user experience. This has led organizations to compromise and split the process into two parts. First, the organization would manage and handle pre-published content outside of the CMS. Then they would use the CMS only for the final step, i.e. uploading and publishing the content.

An effective editorial workflow needs to be both simple to set up by administrators and easy for editors to use, even if the process is complex. And this is exactly what our new Editorial Workflow feature delivers.

Let’s dive deeper and discover more about the different capabilities of eZ’s Editorial Workflow and how it could be used in different use case scenarios.

What is the Editorial Workflow and how does it works?

The Editorial Workflow can be defined as a list of stages and transitions that the various contributors must go through in order to publish a piece of content. The workflow is created by the administrator who is responsible for defining and assigning each user his role and permissions. Different workflows can be defined in the system. A common way is for instance to define one workflow per content type.

Let’s look at a typical use case in which an editorial workflow could be implemented.

Use case for an editorial workflow:

A typical workflow example goes as follows: A bank is publishing a product brochure that is being created by several contributing users at different stages of the process. The resulting workflow will be responsible for notifying the group of users when an action has been completed. The users will also be notified whenever they have been assigned a task as well as the overall timeline of when the content needs to be completed.

Here is an example of a content flow diagram:

As mentioned earlier, any content type (including blog posts, articles, images, videos, products, etc.), can be assigned to the editorial workflow. The administrator can then define which group of users are assigned which content and what permissions they have at every stage of the process.

For example, the administrator can assign the visual and branding team to the design stage and the corporate compliancy team to the proofread stage.

Let’s take a quick look at how the Editorial Workflow feature works:

Workflow Prototype

What to expect in the future?

eZ Platform v.2.4 will only be the first iteration of the Editorial Workflow. In the future, we are considering adding many other features. In v.2.5, we hope to include the ability of administrators to create workflows via the admin panel, rather than configuration by developers in YML files. We are also considering improving tracking capabilities that will allow users to compare changes made to different versions of the workflow. The user will also be able to track at what stages these changes were made.

We are very excited about the upcoming release of eZ Platform v2.4. We believe that businesses will receive significant value from this new version, such as creating more accurate and consistent content; ensuring strong regulation requirements; easing up collaboration between team members; and improving overall productivity.

In the upcoming weeks, we will be releasing a sneak peek on the Form Builder block that is also expected to be shipped with eZ Platform v2.4. Until then, if you’re interested or have any questions, please feel free to leave a comment on this blog post or on www.discuss.ezplatform.com or www.portal.productboard.com/ezproduct. Feel free to reach out to us, too, at productmanagement@ez.no.

12/07/2018 09:21 am   ez.no/About-eZ/Blog   Mirror   Link  

Et un peu hors-sujet :

(En plus du flux RSS global, les billets veille et uniquement ceux là sont listés dans le flux RSS correspondant)

12/06/2018 06:15 am   pwet.fr/blog   Mirror   Link  

The eZ Platform administration interface has been totally redeveloped and many new and missing features have been added to it, offering a much bigger range of possibilities to users. The combination of its much-improved technical architecture and functional feature set also makes it a much better upgrade for existing projects running eZ Publish.

As you might know, we adopted a pace of four releases a year for eZ Platform, with one release supported for the long term, called the LTS release (“Long Term Support”); and the others are Fast Track releases, which are only supported for the short term, offering bleeding edge versions of our software. Our last LTS release was eZ Platform v1.13, released last December.

In our original plan that we shared with you, we were looking at releasing version 2.4 as an LTS.  As of today, we still plan to release v2.4 at the end of December but as a Fast Track release. We decided to push the LTS back to the next release, eZ Platform v2.5, expected at the end of March 2019.

The reason for this change is that there are very valuable, much-needed features for the long term supported version of eZ Platform v2 that won’t be shipped in eZ Platform v2.4; or only partially shipped and not at the expected level of completion. These features range from technical ones (such as the support of Webpack Encore for Web asset delivery instead of using Assetic which is now deprecated and abandoned) to functional ones (especially a range of small yet very important improvements to the editorial experience). Realistically, these should be delivered in v2.5.

We are conscious of this change significantly impacting our customers who planned an upgrade of their project to an LTS version of eZ Platform version 2 in the coming quarter.  We think that overall, customers will be much better with an LTS release that really delivers on its promises and on which their projects can rely, without facing issues and needs for further upgrades, nor frustration of not benefiting from the full scope that will be reached in v2.5.

eZ Systems teams will be here during this phase to help as much as needed to adjust to this change. We will also make sure to communicate very soon regarding the technical changes to be expected between v2.4 and v2.5, and we’ll assign additional resources to make sure we can deliver beta and release candidates as early as possible to let technical teams prepare for an upgrade ahead of the final release.

For more information on the features expected, please have a look at our product release boards for v2.4 and v2.5. Please feel free to comment on each of these features.

If any questions, please feel free to reach out to productmanagement@ez.no or to your eZ Systems point of contact.

12/04/2018 08:30 am   ez.no/About-eZ/Blog   Mirror   Link  

Et un peu hors-sujet :

(En plus du flux RSS global, les billets veille et uniquement ceux là sont listés dans le flux RSS correspondant)

11/29/2018 06:59 am   pwet.fr/blog   Mirror   Link  

We finally wrote some proper documentation for Site API for eZ Platform and published the video of the workshop from Web Summer Camp 2018. Read on to find out why you need to use this.

11/28/2018 04:29 pm   www.netgen.hr/eng/Blog   Mirror   Link  

This week Symfony focused on fixing the last issues found in the upcoming Symfony 4.2 version, which will be released in two weeks. We also improved the way to handle .env files in Symfony apps. Lastly, we announced discounts to save up to 30% in some Symfony services and a new SymfonyLive conference in Lille (France) in 2019.

Symfony development highlights

This week, 21 pull requests were merged (18 in code and 3 in docs) and 20 issues were closed. Excluding merges, 16 authors made 565 additions and 202 deletions. See details for code and docs.

2.8 changelog:

  • e4a7fd8: [HttpFoundation] fixed trailing space for mime-type with parameters

3.4 changelog:

  • b74a086: [FrameworkBundle] deal with explicitly enabled workflow nodes
  • e166d96: [PhpUnit Bridge] used Composer to download phpunit
  • d0698b2: [Form] fixed empty data for compound date interval
  • 73d9804: [DependencyInjection] fixed taking lazy services into account when dumping the container
  • ab51fa8: [Cache] fixed optimizing Psr6Cache for AdapterInterface pools
  • 812a878: [Routing] removed duplicate schemes and methods for invokable controllers
  • 0f2d577: [HttpFoundation] fixed absolute Request URI with default port
  • 7f310b4: [Dotenv] properly parse backslashes in unquoted env vars

Master changelog:

  • 227cf2c: [Messenger] added a trait for synchronous query & command buses
  • 4c1e8bd: [HttpKernel, WebProfilerBundle] get the cached client mime type instead of guessing it again
  • f9414a8: [Lock] fixed PdoStore::putOffExpiration() and PdoStore::getHashedKey()

Newest issues and pull requests

They talked about us

Upcoming Symfony Events

Call to Action


Be trained by Symfony experts - 2018-11-26 Clichy - 2018-11-26 Clichy - 2018-11-26 Clichy
11/25/2018 02:54 am   Symfony Blog   Mirror   Link  

News

3 Years of Week in Review

3 years of Week in Review

3 years ago, we wrote and published the first Week in Review. It has since evolved in a format with regular sections such as news, resources, social media and events. Also, over time, the blog posts moved to our corporate website. You can view all past editions through the Developer Insights category blog.

We’ve shared some great news through this blog, from releases to the introduction of our mascot Pulley, new resources like eZ Platform Bundles and a lot more. Do let us know in the comments below if you have feedback on the Week in Review!

Security Advisories

Two security advisories have been published this week. Make sure to check out the details and take the necessary actions. Get notified in time through RSS.

eZ Platform Bundle List Redesigned

Bundles for eZ Platform are shared on the Bundle list, available on the eZ Platform developer hub. The design of this list has been improved, one notable improvement is filtering on categories, in which the Bundles are provided.

If you created a Bundle and made it available on Packagist, do let us know and have it added to the Bundle list!

American Museum of Natural History Launch

Congratulations to the American Museum of Natural History and eZ Partner Mugo Web on the launch of the new https://www.amnh.org! It serves the many needs of 9 million online visitors per year (from visit planning to showcasing exhibit objects and important scientific research) and also power apps and in-gallery kiosks for this engaging and iconic New York museum.

In Other News:

Resources

GraphQL Bundle v0.3.0

Bertrand Dunogier from eZ’s Product team has released the GraphQL bundle v0.3.0: “This is the 3rd release of the eZ Platform GraphQL integration. It makes the repository based, generated schema the main one, and completes most of its features.” Learn more about GraphQL in this article by Jani Tarvainen.

Looking for a bundle compatible with eZ Platform? Check out: https://ezplatform.com/Bundles.

Social Media

Follow us on Twitter, Facebook, LinkedIn, or YouTube, and join our Community for any help with eZ Platform or community-related questions.

Find eZ at These Events

For more events, make sure to check out this list.

Each week we publish a roundup of highlights from the eZ ecosystem. If you have any news or events to share, please contact me.

(Lead image credit: Lu Dabrowski, CC)

11/23/2018 09:21 am   ez.no/About-eZ/Blog   Mirror   Link  

News

3 Years of Week in Review

3 years of Week in Review

3 years ago, we wrote and published the first Week in Review. It has since evolved in a format with regular sections such as news, resources, social media and events. Also, over time, the blog posts moved to our corporate website. You can view all past editions through the Developer Insights category blog.

We’ve shared some great news through this blog, from releases to the introduction of our mascot Pulley, new resources like eZ Platform Bundles and a lot more. Do let us know in the comments below if you have feedback on the Week in Review!

Security Advisories

Two security advisories have been published this week. Make sure to check out the details and take the necessary actions. Get notified in time through RSS.

eZ Platform Bundle List Redesigned

Bundles for eZ Platform are shared on the Bundle list, available on the eZ Platform developer hub. The design of this list has been improved, one notable improvement is filtering on categories, in which the Bundles are provided.

If you created a Bundle and made it available on Packagist, do let us know and have it added to the Bundle list!

American Museum of Natural History Launch

Congratulations to the American Museum of Natural History and eZ Partner Mugo Web on the launch of the new https://www.amnh.org! It serves the many needs of 9 million online visitors per year (from visit planning to showcasing exhibit objects and important scientific research) and also power apps and in-gallery kiosks for this engaging and iconic New York museum.

In Other News:

Resources

GraphQL Bundle v0.3.0

Bertrand Dunogier from eZ’s Product team has released the GraphQL bundle v0.3.0: “This is the 3rd release of the eZ Platform GraphQL integration. It makes the repository based, generated schema the main one, and completes most of its features.” Learn more about GraphQL in this article by Jani Tarvainen.

Looking for a bundle compatible with eZ Platform? Check out: https://ezplatform.com/Bundles.

Social Media

Follow us on Twitter, Facebook, LinkedIn, or YouTube, and join our Community for any help with eZ Platform or community-related questions.

Find eZ at These Events

For more events, make sure to check out this list.

Each week we publish a roundup of highlights from the eZ ecosystem. If you have any news or events to share, please contact me.

(Lead image credit: Lu Dabrowski, CC)

11/23/2018 09:21 am   eZ Systems News   Mirror   Link  

In HTML you can implement responsive images. That means that you specify multiple image variations (lower and higher resolution images) and let the browser pick the best fitting image for the given screen size. For a responsive website you want to render large images (higher resolution) on bigger screens like a desktop PC screen, and smaller images (lower resolution) on mobile phones.

11/22/2018 02:00 pm   Mugo Web Blog   Mirror   Link  

It’s the most wonderful time of the year: Black Friday deals! This year we’re super happy to offer you 4 great deals from the Symfony ecosystem to enhance your developer experience and web projects development:

For the first time ever on SymfonyCasts, get a one-time 40% discount off your new subscription or next renewal - using code BF2018. Get (or upgrade to) an annual subscription for max benefit! SymfonyCasts is the official video tutorial site for Symfony and the best way to learn it! Access to 90+ hours of video content to improve your Symfony skills. And, this is Ryan Weaver - Symfony Core Team member and documentation lead- who will teach you all about Symfony in videos. Subscribe now, the offer is only available for 2 days!

This year again, you can enjoy our Black Friday offer on all certifications! Buy your Symfony discounted certification voucher at 175€ instead of the regular 250€ or your Twig discounted certification voucher at 104,3€ instead of the regular 149€ and take the exam when you’re ready. You have a year from your date of purchase to take the exam. If you’re not ready yet to take the certification, you can buy it and get trained until you’re ready to take it and pass it. Plus since October 2018, it’s an online exam so it’s easier than ever to schedule your exam. Save money now and become certified from home!

Pick any yearly Business plans and start monitoring your projects' quality today with SymfonyInsight. The discounted Business Pro plan is now at 56€/month instead of 79€ and the discounted Business Enterprise plan at 98€/month instead of 139€. SymfonyInsight continuously analyzes your code to detect security risks, find bugs, provide actionable metrics and helps improve your projects in the long term through 100+ checks and guidelines. Enjoy our Black Friday offer, choose SymfonyInsight now for your PHP project quality!

Use the BlackFriday18 coupon to get a 20% discount on new yearly Premium and Enterprise subscriptions. Performance isn’t something you should care about once in a while and it’s even more relevant for the Black Friday/Cyber Monday period, when your eCommerce sites will be put under stress. Just try a quick Google search. It’s the same every year; even major brands get some downtime due to performance issues. Adopt now Blackfire to automate performance testing!

Don’t wait to buy your Black Friday offers, they won’t last for long!


Be trained by Symfony experts - 2018-11-26 Clichy - 2018-11-26 Clichy - 2018-11-26 Clichy
11/22/2018 07:37 am   Symfony Blog   Mirror   Link  

Et un peu hors-sujet :

(En plus du flux RSS global, les billets veille et uniquement ceux là sont listés dans le flux RSS correspondant)

11/22/2018 07:04 am   pwet.fr/blog   Mirror   Link  

This security advisory fixes two vulnerabilities in eZ Platform and in Legacy, and we strongly recommend that you install it as soon as possible. The issue is about how uploaded PHP and PHAR files are handled, and consists of two parts: 1. Web server configuration, and 2. Disabling the PHAR stream wrapper. All supported releases are affected.

1. WEB SERVER CONFIGURATION

The sample web server configuration in our documentation can in some cases allow the execution of uploaded PHP/PHAR code. This can be abused to allow priviledge escalation and breach of content access controls, among other things. Please ensure that your web server will not execute files in directories were files may be uploaded, such as web/var/ and ezpublish_legacy/var/

As an example, here is how you can make Apache return HTTP 403 Forbidden for a number of executable file types in your eZ Platform var directory. Please adapt it to your needs. It is then possible to enable logging of HTTP 403 in a separate log file if you wish, you could do this to see if someone is trying to abuse the server.

RewriteEngine On

# disable .php(3) and other extensions in the var directory
RewriteRule ^var/.*(?i)\.(php3?|phar|phtml|sh|exe|pl|bin)$ - [F]

Here is the same configuration, but for the Nginx web server:

location ~ ^/var/.*(?i)\.(php3?|phar|phtml|sh|exe|pl|bin)$ {
  return 403;
}

2. DISABLE PHAR STREAM WRAPPER

PHAR archives may be crafted such that its stream wrapper will execute them without being specifically asked to. With such files, any PHP file operation may cause deserialisation and execution. This may happen even if the file name suffix isn't ".phar". Any site that allows file uploads is at risk. Normally eZ Platform has no need for PHAR support. It's only used by Composer, and that is executed separately from eZ Platform. So one way to avoid this vulnerability is to disable the PHAR stream wrapper within eZ Platform. (If you know you need PHAR support, please consider other means to deal with this vulnerability. For example, enabling the wrapper only in those scripts/bundles that have to deal with such files.)

Disabling the stream wrapper should be done in:

  • eZ Platform (web/app.php)
  • CLI scripts (bin/console)
  • Legacy (index.php and CLI scripts)

To install, use Composer to update to one of the "Resolving versions" mentioned above, or apply these patches manually:
https://github.com/ezsystems/ezplatform/commit/9a0c52dc4535e4b3ce379f80222dc53f705a2cfd
https://github.com/ezsystems/ezpublish-legacy/commit/d21957bf202b091ab39dfb5be300f6c30be3933e

Have you found a security bug in eZ Publish or eZ Platform? See how to report it responsibly here: https://doc.ez.no/Security

11/21/2018 06:11 am   Security Advisories   Mirror   Link  

This security advisory fixes a vulnerability in eZ Platform, and we recommend that you install it as soon as possible. The issue is that the REST API may be made to disclose the names of all available site accesses. The severity of this depends on your installation, please consider your response accordingly.

To install, use Composer to update "ezsystems/ezpublish-kernel" to one of the "Resolving versions" mentioned above, or apply this patch manually:
https://github.com/ezsystems/ezpublish-kernel/commit/1551723ec134878a4cb598bfc5d900ba6164117a

Have you found a security bug in eZ Publish or eZ Platform? See how to report it responsibly here: https://doc.ez.no/Security

11/20/2018 08:20 am   Security Advisories   Mirror   Link  

This security advisory fixes a severe vulnerability in eZ Platform, and we recommend that you install it as soon as possible. In eZ Platform v2.3.x it is possible to bypass permission checks in a particular case. This means user data such as name and email (but not passwords or password hashes) can be read by unauthenticated users. This affects only v2.3.x. If you use v2.2.x or older you are not affected.

To install, use Composer to update "ezsystems/repository-forms" to the "Resolving versions" mentioned above, or apply this patch manually:
https://github.com/ezsystems/repository-forms/commit/ea82e136ec1ea40aca714abb79cc8e5bfece01e8

Have you found a security bug in eZ Publish or eZ Platform? See how to report it responsibly here: https://doc.ez.no/Security

11/20/2018 07:49 am   Security Advisories   Mirror   Link  

SymfonyLive Lille 2019 Conference Logo

We’re very pleased to inform you that we’ll organize for the first time ever a new conference in France! On top of the SymfonyLive Paris 2019, March 28-29, we’ll meet you next year in the great capital of Hauts de France region. Let’s meet in Lille on March 1st for a one-day conference about Symfony, PHP, their ecosystems… The conference will be a one-track event organized at the Auberge Stephane Hessel. We’d like to gather the Symfony community from the Hauts de France region and meet you in the dynamic city of Lille.

The Call for Papers is already open, you can already submit your talk proposals for the conference. The CFP is open until December 31st included.

The day before the conference on Thursday February 28th will be the usual pre-conference workshops day. The workshop topics will be soon announced. The combo tickets will be soon on sale at the unique price of 495€ (VAT excluded) for the 2-day pack (workshop and conference).

But you can already register to the conference at the unique price of 159€ (VAT excluded). Attention, we have a limited number of conference tickets on sale to 130 tickets, first come, first served!

We’re looking forward to welcome you at SymfonyLive Lille. See you on March 1st 2019!


La conférence SymfonyLive s’installe à Lille !

Nous sommes très heureux de vous annoncer que pour la première fois, nous allons organiser une nouvelle conférence SymfonyLive en France. En plus de la conférence de Paris des 28 et 29 mars 2019***, nous vous donnons rendez-vous l’an prochain dans la très belle capitale des Hauts de France ! **Retrouvez nous à Lille le vendredi 1er mars pour une journée de conférences sur Symfony, PHP, leurs écosystèmes… La conférence aura lieu à l’Auberge Stephane Hessel au cœur de la ville. Nous souhaitons rassembler la communauté Symfony de la région des Hauts de France et venir à votre rencontre dans la dynamique métropole lilloise.

Le Call for Papers est déjà ouvert, vous pouvez soumettre vos propositions de sujet pour la conférence dès maintenant. Le CFP est ouvert jusqu’au 31 décembre inclus.

Nous organisons la veille de la conférence, le jeudi 28 février, des formations pré-conférence, les sujets des formations seront bientôt annoncés. Les billets combo seront également bientôt en vente au tarif unique de 495€ HT le pack 2 jours (formations et conférence).

En attendant vous pouvez déjà vous inscrire à la conférence au tarif unique de 159€ HT. Attention, le nombre de places à la conférence est limité à 130 personnes, premiers inscrits, premiers servis !

Nous avons hâte de vous retrouver au SymfonyLive Lille 2019 quoi ! On se retrouve le 1er mars les biloutes !


Be trained by Symfony experts - 2018-11-26 Clichy - 2018-11-26 Clichy - 2018-11-26 Clichy
11/19/2018 09:33 am   Symfony Blog   Mirror   Link  

When Symfony 4.0 was released, the .env file was introduced as a way to set environment variables. The core of the system has not changed. But, thanks to recent updates to some core Symfony recipes, .env loading has some new features that can be enjoyed on any Symfony Flex project!

If you have an existing Symfony app (started before today), your app does not require any changes to keep working. But, if/when you are ready to take advantage of these improvements, you will need to make a few small updates.

What Changed Exactly?

But first, what changed? On a high-level, not much. Here's a summary of the most important changes:

  • A) The .env.dist file no longer exists. Its contents should be moved to your .env file (see the next point).
  • B) The .env file is now committed to your repository. It was previously ignored via the .gitignore file (the updated recipe does not ignore this file). Because this file is committed, it should contain non-sensitive, default values. Basically, the .env.dist file was moved to .env.
  • C) A .env.local file can now be created to override environment variables for your machine. This file is ignored in the new .gitignore.
  • D) When testing, your .env file is now read, making it consistent with all other environments. You can also create a .env.test file for test-environment overrides.

Point (D) is one of the main motivations behind these changes: it makes setting and overriding environment variables for your test environment a delight.

These improvements can be used in any Symfony Flex project (Symfony 3.4 or higher). Changes to the recipes (see below) make it possible to take advantage of the Symfony 4.2 feature - Define env vars per environment - in lower versions.

To take advantage of these, you will need to modify a few files in your existing app.

Updating My Application

Updating your existing application is optional, but just requires modifying a few files. To update, see: DotEnv: Update my Application in the Symfony Docs.

Bonus: --env & --no-debug Console Deprecations Removed

The --env and --no-debug were recently deprecated. However, based on community feedback and work on these new .env features, the deprecation has been reverted: the --env and --no-debug options will continue to work! And, the proper .env files will be loaded. For example, want to create the schema in your test environment using a customized DATABASE_URL in your .env.test file? That will work just like you expect:

1
$ php bin/console doctrine:schema:create --env=test

Have any questions? Let us know!

❤️ The Symfony Community


Be trained by Symfony experts - 2018-11-26 Clichy - 2018-11-26 Clichy - 2018-11-26 Clichy
11/19/2018 08:04 am   Symfony Blog   Mirror   Link  

This week, the second beta of Symfony 4.2 was published in preparation for its final release in two weeks. In order to simplify the maintenance of Symfony apps, we undeprecated the single-colon controller notation and also reverted the deprecation of --env and --no-debug console options.

Symfony development highlights

This week, 54 pull requests were merged (38 in code and 16 in docs) and 64 issues were closed (48 in code and 16 in docs). Excluding merges, 32 authors made 2,656 additions and 914 deletions. See details for code and docs.

2.8 changelog:

  • 26f321c: [Config] unset key during normalization
  • 893237d: [Form] invalidated forms on transformation failures
  • 32c0172: [Form] fixed keeping hash of equal \DateTimeInterface on submit
  • f975be2: [Form] fixed empty data for compound date types
  • b11ec05: [Validator] added the missing constraints instance checks

3.4 changelog:

  • 8dcefc9: [Workflow] fixed guard event names for transitions
  • 1ac042b: [PropertyAccessor] fixed unable to write to singular property using setter while plural adder/remover exist
  • 236565c: [DependencyInjection] don't fail on missing classes when resource tracking is disabled

4.1 changelog:

  • 28cd88e: [Workflow] fixed bug of buildTransitionBlockerList when many transition are enabled
  • c96325f: [Routing] generate(null) should throw an exception
  • e59e4e0: undeprecated the single-colon controller notation

Master changelog:

  • fb249f0: [Messenger] collect all stamps added on Envelope as collections
  • 3778585: [HttpKernel] fixed collecting uploaded files
  • 443f8ad: [FrameworkBundle] reverted deprecation of --env and --no-debug console options
  • 100f205: [VarExporter] fixed handling of __sleep()
  • 88891d5: [Messenger] added handled & sent stamps
  • ef75454: [Translation] made intl+icu format seamless by handling it in MessageCatalogue
  • f975be2: [Form] fixed empty data for compound date types
  • 429f500: [Debug] removed frames added by DebugClassLoader in stack traces

Newest issues and pull requests

They talked about us

Upcoming Symfony Events

Call to Action


Be trained by Symfony experts - 2018-11-26 Clichy - 2018-11-26 Clichy - 2018-11-26 Clichy
11/18/2018 04:20 am   Symfony Blog   Mirror   Link  

News

eZ Platform 2.3.2 released

eZ Platform 2.3.2 has been released. Check out the release notes on GitHub to see which improvements and/or bug fixes are included in this release.

Sneak Peek eZ Platform v2.4

Amit Golan-Gutin, Product Marketing Manager at eZ Systems, takes a sneak peek into the Rich Text Block.

“With v2.4, editors will be happy to discover that they will be able to easily create a rich body of text, including text, images, and videos, directly in the Page Builder. Our goal is to make editors life easier when they are thinking of creating new content on to the page that is not planned to be reused anywhere else.”

Read the full article here.

Doc Landing Page Makeover

Have you visited our documentation site recently? If not, have a look! You will notice a makeover of the landing page, providing a clear overview of available topics.

Did you know you can contribute to our documentation? The source of our documentation lives on GitHub. Both user doc, and developer doc. And we welcome you to submit pull requests. Or, simply leave a message on our dedicated doc channel on Slack, in case you spot something incorrect or incomplete. Suggestions for improvements are also welcome.

In Other News:

Resources

Webinar Bridging the Gap Between Commerce and Content

Last week, eZ Systems hosted a webinar on the topic of bridging the gap between commerce and content. The recording of this webinar is available on YouTube.

 

Looking for a bundle compatible with eZ Platform? Check out: https://ezplatform.com/Bundles.

Social Media

Follow us on Twitter, Facebook, LinkedIn, Google+, or YouTube, and join our Community for any help with eZ Platform or community-related questions.

Find eZ at These Events

For more events, make sure to check out this list.

Each week we publish a roundup of highlights from the eZ ecosystem. If you have any news or events to share, please contact me.

(Lead image credit: Eva the Weaver, CC)

11/16/2018 11:53 am   ez.no/About-eZ/Blog   Mirror   Link  

News

eZ Platform 2.3.2 released

eZ Platform 2.3.2 has been released. Check out the release notes on GitHub to see which improvements and/or bug fixes are included in this release.

Sneak Peek eZ Platform v2.4

Amit Golan-Gutin, Product Marketing Manager at eZ Systems, takes a sneak peek into the Rich Text Block.

“With v2.4, editors will be happy to discover that they will be able to easily create a rich body of text, including text, images, and videos, directly in the Page Builder. Our goal is to make editors life easier when they are thinking of creating new content on to the page that is not planned to be reused anywhere else.”

Read the full article here.

Doc Landing Page Makeover

Have you visited our documentation site recently? If not, have a look! You will notice a makeover of the landing page, providing a clear overview of available topics.

Did you know you can contribute to our documentation? The source of our documentation lives on GitHub. Both user doc, and developer doc. And we welcome you to submit pull requests. Or, simply leave a message on our dedicated doc channel on Slack, in case you spot something incorrect or incomplete. Suggestions for improvements are also welcome.

In Other News:

Resources

Webinar Bridging the Gap Between Commerce and Content

Last week, eZ Systems hosted a webinar on the topic of bridging the gap between commerce and content. The recording of this webinar is available on YouTube.

 

Looking for a bundle compatible with eZ Platform? Check out: https://ezplatform.com/Bundles.

Social Media

Follow us on Twitter, Facebook, LinkedIn, Google+, or YouTube, and join our Community for any help with eZ Platform or community-related questions.

Find eZ at These Events

For more events, make sure to check out this list.

Each week we publish a roundup of highlights from the eZ ecosystem. If you have any news or events to share, please contact me.

(Lead image credit: Eva the Weaver, CC)

11/16/2018 11:53 am   eZ Systems News   Mirror   Link  

Contributed by
Roland Franssen
in #24263 and #28934.

Symfony Profiler provides detailed debug information about your applications. Sometimes it provides so much information that it may be overwhelming. That's why in Symfony 4.2 we've improved the log panel adding filters so you can see only the log messages you are interested in:

Filters are added to the log level and the log channel. They are created dynamically with JavaScript, so you can filter by your own custom channels too:


Be trained by Symfony experts - 2018-11-26 Clichy - 2018-11-26 Clichy - 2018-11-26 Clichy
11/16/2018 09:45 am   Symfony Blog   Mirror   Link  

Symfony 4.2.0-BETA2 has just been released. Here is a list of the most important changes:

  • bug #29190 [Debug][HttpKernel] remove frames added by DebugClassLoader in stack traces (@nicolas-grekas)
  • bug #29233 [FrameworkBundle] metadat _updat _threshold default value must be an int (@dunglas)
  • bug #29226 [Messenger] Improved message when handler class does not exist (@neeckeloo)
  • bug #29223 [Validator] Added the missing constraints instance checks (@thomasbisignani)
  • bug #28966 [PropertyAccessor] Fix unable to write to singular property using setter while plural adder/remover exist (@karser)
  • bug #29182 [Form] Fixed empty data for compound date types (@HeahDude)
  • bug #29224 [SecurityBundle] Fix remember-me cookie framework inheritance when session is disabled (@fbourigault)
  • bug #29220 [Translation] make intl+icu format seamless by handling it in MessageCatalogue (@nicolas-grekas)
  • feature #29166 [Messenger] Add handled & sent stamps (@ogizanagi)
  • bug #29209 [VarExporter] fix handling of sleep() (@nicolas-grekas)
  • bug #29196 [Messenger] Fix collecting messages (@ro0NL)
  • bug #29205 [Dotenv] skip loading "local" env twice (@nicolas-grekas)
  • bug #29204 [FrameworkBundle][WebServerBundle] Revert deprecation of --env and --no-debug console options (@chalasr)
  • bug #29191 [Routing] generate(null) should throw an exception (@nicolas-grekas)
  • bug #29199 [FrameworkBundle] conflict with Dotenv <4.2 to simplify recipes (@nicolas-grekas)
  • bug #29197 Revert "bug #29154 [FrameworkBundle] Define AP _ENV/AP _DEBUG from argv via Application::bootstrapEnv() (@nicolas-grekas)
  • bug #29185 [Form] Fixed keeping hash of equal DateTimeInterface on submit (@HeahDude)
  • bug #29183 [HttpKernel] Fix collecting uploaded files (@ro0NL)
  • bug #29141 [Workflow] Fixed bug of buildTransitionBlockerList when many transition are enabled (@Tetragramat, @lyrixx)
  • bug #29137 [Workflow][FrameworkBundle] fixed guard event names for transitions (@destillat, @lyrixx)
  • bug #29184 [WebProfilerBundle] Fix theme settings (@ro0NL)
  • feature #29159 [Messenger] collect all stamps added on Envelope as collections (@nicolas-grekas)
  • bug #29171 [Dotenv] load .env.dist when it exists and .env is not found (@nicolas-grekas)
  • bug #28731 [Form] invalidate forms on transformation failures (@xabbuh)
  • bug #29152 [Config] Unset key during normalization (@ro0NL)
  • bug #29165 [DI] align IniFileLoader to PHP bugfix #76965 (@nicolas-grekas)
  • bug #29154 [FrameworkBundle] Define AP _ENV/AP _DEBUG from argv via Application::bootstrapEnv() (@chalasr)
  • bug #29129 [Dotenv] add loadEnv(), a smoother alternative to loadForEnv() (@nicolas-grekas)
  • bug #29113 [Routing] fix dumping conditions that use the request (@nicolas-grekas)
  • bug #29115 Change butto _widget class to btn-primary (@neFAST)
  • bug #29131 [Dotenv] dont use getenv() to read SYMFON _DOTEN _VARS (@nicolas-grekas)
  • bug #29057 [HttpFoundation] replace any preexisting Content-Type headers (@nicolas-grekas)
  • bug #29076 [Serializer] Allow null values when denormalizing with constructor missing data (@danut007ro)
  • bug #29128 [FrameworkBundle] Cleaning translation commands and fix a bug for --all option (@yceruto)
  • bug #29104 [DI] fix dumping inlined services (@nicolas-grekas)
  • bug #29054 [VarDumper] fix dump of closures created from callables (@nicolas-grekas)
  • bug #29102 [DI] fix GraphvizDumper ignoring inline definitions (@nicolas-grekas)
  • bug #29090 LoggingTranslator should implement SymfonyContractsTranslationTranslatorInterface (@desmax)
  • bug #29095 [TwigBridge] require the needed symfony/contracts package (@xabbuh)
  • bug #29107 [DI] dont track classes/interfaces used to compute autowiring error messages (@nicolas-grekas)
  • bug #29094 Add samesite attribute to session cookie after session migration (@rpkamp)
  • bug #29080 [FrameworkBundle] fix deps (@ro0NL)

Want to upgrade to this new release? Fortunately, because Symfony protects backwards-compatibility very closely, this should be quite easy. Read our upgrade documentation to learn more.

Want to be notified whenever a new Symfony release is published? Or when a version is not maintained anymore? Or only when a security issue is fixed? Consider subscribing to the Symfony Roadmap Notifications.


Be trained by Symfony experts - 2018-11-26 Clichy - 2018-11-26 Clichy - 2018-11-26 Clichy
11/15/2018 11:21 pm   Symfony Blog   Mirror   Link  

Why we created the Rich Text Block

When working in eZ Platform with the Page Builder, two main scenarios occur:

          1. An editor assembles pages from pre-existing content (i.e. article, blogs, galleries, you name it)

          2. An editor needs to create new content for the page they are working on

While the second scenario is possible up through v2.3 of eZ Platform using the Embed block and “content on the fly” feature in the Universal Discovery Widget, it’s still a bit tedious for editors.

We thought there was room for substantial improvement here and decided to reduce the amount of time and steps required for editors to achieve this goal.

That’s where the Rich Text Block comes in. The Rich Text Block lets editors create new content for pages built within the Page Builder in a quicker, easier way, without ever leaving the Page Builder.

We aim at improving the editorial experience wherever we can in eZ Platform. Following many discussions with customers and partners around this new feature, we’re pleased to finally ship the Rich Text Block in eZ Platform v2.4.

How does the Rich Text Block work?

Creating content should be a natural and simple process that does not require too many steps.

The Rich Text Block is a very simple new block for the Page Builder. It lets editors edit the content of the block freely by using the Online Editor, the same as the one used by the Rich Text field type. The user just needs to drag and drop the block onto the page and can then jump straight to using all the features available in the Online Editor.

The content editors create is only available on the page they are working on. (Please note that content created using the Rich Text Block will not be stored as a content item and therefore cannot be reused in different locations).

This means editors can produce content for pages without dealing with additional content items or choosing which content type to use and where to store them. Instead, editors can work directly on the page, without all the extra steps or questions.

As based on the already existing Online Editor, The Rich Text Block comes with all the editorial capabilities that are included with it such as styling, images, links, custom tags and tables. This allows editors to achieve much more than just simple headings or body text.

Let’s take a quick look at how the Rich Text Block works.

Creating content in the Rich Text Block

It is important to note that the Rich Text Block can be customized and extended by developers. All customization regarding the online editor (i.e. configuring custom tags and styling) are done within the editor itself, which means it will be customized for the Rich Text Block but also for any field using the Rich Text field type.

When to use the Rich Text Block

It is helpful to use the Rich Text Block when you do not want to reuse the content you’ve created in different places across your website or elsewhere using APIs. In other word, it’s good for content that is purely and only made for one specific page.

Conversely, if you do want to reuse the content you’ve produced, then we recommend using the Embed Block, which stores all content created as a content item in the content repository.

What to expect in the future

We are very excited for the upcoming release of eZ Platform v2.4. We believe that the Rich Text Block and other features will significantly improve the overall editorial experience. The Rich Text Block will be a great addition to the Page Builder, which was first introduced in v2.2.
In the upcoming weeks, we’ll release a sneak peek at the workflow that is also expected to be shipped with v2.4. Until then, if you’re interested or have any questions, please feel free to leave a comment here or on discuss.ezplatform.com and reach out to us, too, at productmanagement@ez.no.

11/15/2018 11:22 am   ez.no/About-eZ/Blog   Mirror   Link  

Why we created the Rich Text Block

When working in eZ Platform with the Page Builder, two main scenarios occur:

  1. An editor assembles pages from pre-existing content (i.e. article, blogs, galleries, you name it)
  2. An editor needs to create new content for the page they are working on

While the second scenario is possible up through v2.3 of eZ Platform using the Embed block and “content on the fly” feature in the Universal Discovery Widget, it’s still a bit tedious for editors.

We thought there was room for substantial improvement here and decided to reduce the amount of time and steps required for editors to achieve this goal.

That’s where the Rich Text Block comes in. The Rich Text Block lets editors create new content for pages built within the Page Builder in a quicker, easier way, without ever leaving the Page Builder.

We aim at improving the editorial experience wherever we can in eZ Platform. Following many discussions with customers and partners around this new feature, we’re pleased to finally ship the Rich Text Block in eZ Platform v2.4.

How does the Rich Text Block work?

Creating content should be a natural and simple process that does not require too many steps.

The Rich Text Block is a very simple new block for the Page Builder. It lets editors edit the content of the block freely by using the Online Editor, the same as the one used by the Rich Text field type. The user just needs to drag and drop the block onto the page and can then jump straight to using all the features available in the Online Editor.

The content editors create is only available on the page they are working on. (Please note that content created using the Rich Text Block will not be stored as a content item and therefore cannot be reused in different locations).

This means editors can produce content for pages without dealing with additional content items or choosing which content type to use and where to store them. Instead, editors can work directly on the page, without all the extra steps or questions.

As based on the already existing Online Editor, The Rich Text Block comes with all the editorial capabilities that are included with it such as styling, images, links, custom tags and tables. This allows editors to achieve much more than just simple headings or body text.

Let’s take a quick look at how the Rich Text Block works.

Creating content in the Rich Text Block

It is important to note that the Rich Text Block can be customized and extended by developers. All customization regarding the online editor (i.e. configuring custom tags and styling) are done within the editor itself, which means it will be customized for the Rich Text Block but also for any field using the Rich Text field type.

When to use the Rich Text Block

It is helpful to use the Rich Text Block when you do not want to reuse the content you’ve created in different places across your website or elsewhere using APIs. In other word, it’s good for content that is purely and only made for one specific page.

Conversely, if you do want to reuse the content you’ve produced, then we recommend using the Embed Block, which stores all content created as a content item in the content repository.

What to expect in the future

We are very excited about the upcoming release of eZ Platform v2.4. We believe that the Rich Text Block and other features will significantly improve the overall editorial experience. The Rich Text Block will be a great addition to the Page Builder, which was first introduced in v2.2.
In the upcoming weeks, we’ll release a sneak peek at the workflow that is also expected to be shipped with v2.4. Until then, if you’re interested or have any questions, please feel free to leave a comment here or on discuss.ezplatform.com and reach out to us, too, at productmanagement@ez.no.

11/15/2018 11:22 am   eZ Systems News   Mirror   Link  

Contributed by
Nicolas Grekas
in #27009.

A cache stampede is a type of cascading failure that can occur when systems come under very high load. Consider a web application that caches some page to improve performance. When the cached version of that page expires and the server is under very heavy load, multiple users may be requiring the same uncached page, which could lead to the collapse of the system via exhausting shared resources.

There are multiple techniques to protect against "cache stampede". In Symfony 4.2 we added one called probabilistic early expiration, to the Cache component (we also added a lock-based one for when the cache is cold.)

This technique solves the stampede problem forcing the regeneration of the cached values before they expire. Whenever a value is read from the cache, the application makes a "probabilistic decision" to decide whether the value must be regenerated or not. Thanks to the formula used, the sooner the expiration of the cached value, the higher the probability of recomputing it.

In order to give better control of this "probabilistic decision", the get() method of CacheInterface has added a third optional argument called beta. It's a float value that defaults to 1.0, which provides optimal stampede protection.

Most of the times you don't have to care about this parameter. Symfony provides the right default value to protect your apps. However, you can set it to an arbitrary value or to 0 to disable this protection or to INF to force an immediate expiration of the cached value:

1
2
3
4
5
6
7
8
// this closure will be called when a cache key is missing from the backend
$callback = function () { ... return $computedValue; };

// when undefined, beta = 1.0
$productsCount = $cache->get('stats.products_count', $callback);

// beta = INF to force the immediate expiration of this cached value
$productsCount = $cache->get('stats.products_count', $callback, INF);

Be trained by Symfony experts - 2018-11-26 Clichy - 2018-11-26 Clichy - 2018-11-26 Clichy
11/15/2018 03:38 am   Symfony Blog   Mirror   Link  

Downstream — Trip 8

On the previous trip I walked from Teddington Lock to the Golden Jubilee Bridges. On this walk, I am finishing the series by going to the Thames Barrier. Getting to the start this time was easy peasy, with just a Tube ride down to Embankment.

Day 10 — Golden Jubilee Bridges to Thames Barrier

When I exited Embankment station, the rain had just stopped, and it felt very cold. The weather forecast indicated that it would get sunny, but I was very sceptical. I crossed the Golden Jubilee Bridges slowly, taking my time taking some photos and video of the London Eye. I considered taking a timelapse, but realised I had done so earlier for London in Fives, when the weather was much better.

The moment I made it to the south bank of the Thames, the Sun came out, and I was happy that I had brought my sun glasses. Not only was the Sun low, it also reflected a lot on the puddles on the ground.

This part of the Thames and Thames Part are right in the middle of London, and hence usually very busy with both commuters and tourists. Once the Sun came out, it therefore quickly became slow going, with lots of people going around the puddles in zigzaggy fashion.

The tide was out, which meant that there were quite a few people out on the river bed as well, to seek fortunes. There are still many bridges here, and definitely many landmarks and tourist attractions.

The best known is probably the Tower of London and Tower Bridge. The Victorian Tower Bridge (1894) is significantly younger than the Norman Tower (1078), which was built by the Normans after they invaded in 1066. The contrast behind the older Tower and Tower Bridge and the tall buildings of The City and City Hall is much starker still.

Beyond Tower Bridge, and the big yacht Kismet, the Thames Path becomes its quiet self again, with people going about their weekend morning business. The walk was now a lot more pleasant as I didn't have to dodge around people all the time. With the tide so low, many of the former docks now showed their muddy bottom, which made for some great photos.

After coming around the corner at Rotherhithe, the Thames Path loops nearly 270° degrees around The City, where dark clouds and rainbows loomed over on the North bank of the Thames, all the way to Greenwich. At Greenwich, the path goes along the Cutty Sark, a 19th century tea clipper which is now a museum. After crossing the square at the former Royal Naval College, the scenery turns quickly from "lovely residential area" into "industrial", which persists nearly all the way to the Thames Barrier.

Some interesting landmarks are the Millennium Dome. You can now walk across the roof, which is precisely what some people were doing when I came past. The Emirates Air Line flew high overhead between the two banks of the Thames as I was making my way further downstream.

After just over 300 kilometres of walking in 56 hours, while burning 25 000 calories, I then made it to the Thames Barrier, London's flood defence barrier. The barrier marks the end of the official Thames Path, although it is possible to extend it to the river Darent, where it then connects to the London LOOP that I walked a few years ago.

With the Thames Path done, it's time to look for the next adventure—I've my eyes on Hadrians Wall ;-).


Photos from my Adventure on the Thames Path are available on Flickr, and all videos on Vimeo. You can also see all the photos on a map.

11/13/2018 03:12 am   derickrethans.nl   Mirror   Link  

Ce texte est une traduction de l'excellent Less Snake Oil, More Context par Surma.

Obtenir de bonnes performances sur le web est un défi permanent. Les développeur·ses essaient et essaieront encore d'en repousser les limites et c'est une bonne chose. Je ne veux pas changer cela.

Je veux changer comment nous — en tant que communauté — approchons, analysons et comprenons les problèmes de performances. Je vois souvent des questions du type « Quel est la meilleure manière de faire X ? », « Quel bibliothèque est la plus rapide pour réaliser Y ? ». Il semble que nous aimions les superlatifs mais lorsqu'il s'agit de performance, ils peuvent être contre-productifs.

Appliquer généreusement la poudre de perlimpinpin aux zones concernées

ou autrement dit « Des règles pas des outils ». Alex Russell a utilisé « Poudre de perlimpinpin » dans un tweet (NDT: Alex Russel étant anglophone, il a utilisé Snake oil) et je pense que cette expression transmet parfaitement à la fois l'opacité et le manque de fiabilité de ce type de traitement.

Quelques exemples :

  • Une animation est saccadée. Utilisez will-change: transform sur l'élément animé.
  • N'utilisez pas forEach(), les boucles for sont plus rapides.
  • Pour une chargement plus rapide, groupez les ressources.
  • N'utilisez pas le sélecteur * car il est lent.

Tout ceci est vrai dans un contexte particulier. Il faut bien comprendre une chose : la lenteur ou une animation saccadée n'est qu'un symptôme, pas une maladie. Ce qui est donc nécessaire ici, c'est une procédure de diagnostique différentiel. La fluidité d'une animation peut être gâchée pour de nombreuses raisons mais il est probable qu'une soit réellement en cause. Par exemple, si l'effet saccadé est causé par le ramasse miette traitant de gros morceaux de données à chaque frame, will-change: transform n'aura aucun effet positif. Au contraire, cette déclaration augmentera la pression sur la mémoire et pourrait même empirer le phénomène.

Je ne me souviens pas qui a énoncé « Si vous ne l'avez pas mesuré, ce n'est pas lent » mais cette phrase résonne en moi même si se concentrer sur la mesure peut mener à la Frénésie du Microbenchmark™️.

Note : pour le reste de ce billet, je vais parler d'optimisations en terme de vitesse mais tout ceci s'applique à d'autres types d'optimisations comme la réduction de l'empreinte mémoire.

Microbenchmarks

J'ai noté que récemment une grande attention était portée vers les microbenchmarks. Dans un microbenchmark, on essaie de départager deux approches en les exécutant plusieurs milliers de fois en isolation pour déterminer quelle solution est la plus rapide.

Comprenez-moi bien, les microbenchmarks ont une utilité, j'en ai même écrit et comme beaucoup d'autres avant moi. Ce sont des outils intéressants en particulier avec des frameworks comme BenchmarkJS qui permet d'obtenir des nombres statistiquement signifiants. En revanche, les frameworks de benchmark ne sont d'aucune aide pour s'assurer que votre benchmark a réellement un sens. Si vous ne connaissez pas ce que vous êtes en train de tester, les résultats peuvent mener à une mauvaise interprétation. Par exemple, dans mon billet sur le deep-cloning, je vérifiais les performances de const copyOfX = JSON.parse(JSON.stringify(x)). Il s'avère que V8 possède un cache d'objets. Le fait de réutiliser la même valeur x fois dans les tests a faussé les résultats. En réalité, je testais le cache plus qu'autre chose. Et si Mathias n'avait pas lu mon article, je ne l'aurais jamais découvert.

Compromis

Imaginons que vous ayez écrit ou trouvé un microbenchmark avec un sens. Il montre que vous devriez plutôt utiliser l'approche A au lieu de l'approche B. Il est important de comprendre que passer de B à A ne va pas uniquement rendre le code plus rapide. Quasiment toutes les optimisations de performance sont un compromis entre la vitesse et autre chose. Dans la plupart des cas, vous abandonnez un peu de lisibilité, d'expressivité et/ou d'idiomatisme. Ces propriétés ne se verront pas dans vos mesures pour autant il ne faut pas les ignorer. Le code devrait être écrit pour les humain·es (ce qui inclut le/la futur·e vous) mais pas l'ordinateur.

C'est là où les microbenchmarks nous abusent. Être capable de réaliser une opération plus rapidement ne signifie pas que le compromis en terme d'expressivité soit valable. En se basant sur des résultats de microbenchmarks, certaines personnes prendront pour évident que A est mieux que B et donc que vous devriez toujours mettre en œuvre A. C'est ainsi que la poudre de perlimpinpin est faite. Une partie du problème vient du fait qu'il est difficile de quantifier l'expressivité. À quel point un bout de code doit-il être plus rapide pour justifier une perte de lisibilité ? 10% ? 20% ?

Un point à propos de l'analyse statique et des transpilers s'impose. Il est possible d'écrire du code lisible et idiomatique tout en délivrant une version moins lisible et plus performante en production. Des outils comme @babel/present-env permettent d'écrire du JavaScript moderne et idiomatique sans avoir à se soucier de la prise en charge par les navigateurs et des implications en terme de performance. Le compromis ici se fait sur la taille et l'impénétrabilité du code généré. Certaines fonctionnalités ne peuvent être transformées qu'avec une importante augmentation de la taille du code ce qui détériore les temps de téléchargement et de compilation. La transformation des générateurs est un exemple extrême de ce phénomène. Un exécuteur de générateur doit être ajouté tout en rendant les fonctions génératrices significativement plus lourdes. Une fois encore, ce n'est pas une raison pour ne pas utiliser les générateurs ou pour ne pas les transformer. En revanche, c'est une information importante pour prendre une décision. Il s'agit encore et toujours de faire des compromis.

Exemple de transformation d'une fonction génératrice par Babel

Budgets

Dans ce domaine, les budgets peuvent aider. Il est important de budgétiser différents aspects de votre projet. Pour les applications web, les préconisations RAIL constitue un choix populaire. Si vous souhaitez construire une application tournant à 60 images par seconde, vous avez 16ms par frame. Pour produire une interface qui paraît fluide, il faut répondre visuellement aux action des utilisateur·rices en moins de 100ms. À partir du moment où vous avez des budgets, vous pouvez profiler votre application et vérifier si vous restez dans les limites fixées. Et si ce n'est pas le cas, vous savez par où commencer les travaux d'optimisation.

Les budgets contextualisent les coûts. Imaginons que vous ayez un bouton dans votre interface qui lorsqu'il est utilisé entraîne la récupération avec fetch() et l'affichage à l'écran des dernières données liées aux stocks. Avec l'appel réseau, le traitement des données et le rendu, le délai entre le clic de l'utilsateur·rice et l'affichage est de 60ms. Nous somme parfaitement dans les préconisations RAIL abordées plus haut avec même une marge de 40ms ! Si vous considérez l'utilisation d'un worker pour le traitement des données, la communication entre les fils d'exécution impliquera un délai supplémentaire. Par expérience, ce délai est de l'ordre d'une frame (16ms) ce qui donne un total de 76ms.

Si vous aviez à prendre une décision avec un état d'esprit microbenchmark — en regardant uniquement les nombres sans contexte — la solution à base de workers vous paraîtra une mauvaise idée. Cependant, la vraie question n'est pas « Quelle est la solution la plus rapide ? » mais plutôt « Quel compromis puis-je faire ? » ou encore « Mon budget me permet-il de le faire ? » Dans l'exemple du worker, nous payons 16ms mais cette dépense rentre facilement dans les 40ms de marge par rapport à notre budget RAIL. Ce que nous obtenons en retour dépend de votre perspective; dans cet exemple je souhaite me concentrer sur la robustesse. Si le serveur envoie une énorme structure JSON liée aux stocks, le décodage prendra un temps considérable pendant lequel le main thread sera bloqué. En décodant et traitant les données dans un worker, le main thread sera épargné et l'usage de l'application restera fluide.

Capture d'écran du benchmark six-speed

Prenons un autre exemple : jusqu'à il y a un an environ, utiliser une boucle for of pour parcourir un tableau était 17 fois plus lent qu'une boucle for classique (Note : six-speed a été mis en place en avril 2017. Depuis, de nombreux changements ont été apportés à V8 et Babel). À cause de ces résultats, certaines personnes évitent toujours les boucles for of.

Penchons nous sur des chiffres concrets : en parcourant un tableau de 100 éléments dans Chrome 55 (sorti en décembre 2016, avant le lancement de six-speed) avec un boucle for of puis un boucle for classique, j'obtiens :

  • boucle for of : 134µs
  • boucle for classique : 65µs

Sans conteste, la boucle for classique est plus rapide (dans Chrome 55) mais la boucle for of donne une vérification implicite des limites et rend le corps de la boucle plus lisibe en évitant l'utilisation d'un index. Y'a t il un intérêt à gagner ~60µs ? ça dépend mais la plupart du temps la réponse est non. Si vous utilisez des boucles for of dans un chemin critique (comme du code qui construit chaque frame dans une application WebGL), c'est peut-être le cas. Cependant, si vous ne parcourez que quelques dizaines d'éléments lorsque l'utilisateur·rice clique sur un bouton, je ne m'embêterais même pas à penser aux performances. Je choisis toujours la lisibilité. Et pour information, dans Chrome 70, les deux types de boucle ont exactement les mêmes performances. Un grand merci à l'équipe travaillant sur V8 !

Capture d'écran d'un benchmark de boucles for

Ça dépend (du contexte)

Bref, il n'existe aucune optimisation de performance qui soit toujours bonne. En fait, il n'y a pratiquement aucune optimisation de performance qui soit généralement bonne. Les pré-requis techniques, les audiences, les appareils et les priorités sont trop différentes d'un contexte à un autre. Ça dépend. Si vous voulez mon conseil, voici comme j'essaie d'aborder les optimisations :

  1. Définir un budget
  2. Mesurer
  3. Optimiser les parties qui explosent le budget
  4. Prendre une décision en tenant compte du contexte
11/12/2018 01:25 am   pwet.fr/blog   Mirror   Link