sqlite-utils 4.0rc1
sqlite-utils 4.0rc1
Release: sqlite-utils 4.0rc1 See sqlite-utils 4.0rc1 adds migrations and nested transactions. Tags: sqlite-utils
Lire
Temporary Cloudflare Accounts for AI agents
Temporary Cloudflare Accounts for AI agents
Temporary Cloudflare Accounts for AI agents The announcement says this is "for AI agents" but (as is pretty common these days) the AI hook isn't really necessary, this is an interesting feature for everyone else as well. Short version: you can now create a Cloudflare Workers project and run this, without even creating a Cloudflare account: npx wrangler deploy --temporary Cloudflare will deploy the application to a new, ephemeral project which will stay live for 60 minutes. I had GPT-5.5 xhigh…
Lire
A Week of Symfony #1016 (June 15–21, 2026)
A Week of Symfony #1016 (June 15–21, 2026)
This week, the Symfony book published its update for Symfony 8.1 in multiple languages. Meanwhile, we completed the New in Symfony 8.1 series, continued the New in Twig 4.0 series with articles about the sandbox and expression parsers, and launched a new…
Lire
Help Us Improve "Symfony: The Fast Track"
Help Us Improve "Symfony: The Fast Track"
A few days ago I announced the Symfony 8.1 edition of "The Fast Track", and then that it was available in nine languages. The book has always been free to read online at symfony.com/book. What changes today is not what you can read, but what you can do: the…
Lire
Architecture Decision Record
Architecture Decision Record
A concise explanation of ADRs: short documents that capture an important decision, the context behind it, and its consequences. Good practical advice on keeping them lightweight, readable, and useful over time. Read more
Lire
GitHub Actions Checkout Now Blocks Risky pull_request_target Checkouts
GitHub Actions Checkout Now Blocks Risky pull_request_target Checkouts
GitHub has released actions/checkout v7 with a new default protection aimed at one of the most persistent GitHub Actions supply chain risks: privileged workflows that check out and execute code from untrusted pull requests. The change makes actions/checkout refuse common “pwn request” patterns when workflows run under pull_request_target or certain workflow_run events. These workflows execute in the context of the base repository, giving them access to the base repo’s GITHUB_TOKEN, secrets,…
Lire
Quoting Sean Lynch
Quoting Sean Lynch
The real valuable capability MCP offers over skills/CLI is isolating the auth flow outside of the agent’s context window, and potentially out of the harness completely. [...] Maybe the idealized form of MCP is just an auth gateway for the API and nothing else. That’d still be a win. — Sean Lynch, comment on Hacker News Tags: model-context-protocol, llms, ai, generative-ai, skills
Lire
Introducing Repository Access Permissions and Custom Roles
Socket now supports more granular access control for organizations with Custom Roles and Repository Access Permissions, giving teams a more precise way to manage who can do what, and where they can do it. Modern engineering organizations rarely map cleanly to a single security team or a single set of repositories. A user might need to review alerts for one team's repositories, manage scans for another, or support a temporary project without gaining access to the entire organization. Access…
Lire
Building RAG in Laravel: Four Ingestion Bugs That Silently Wreck Retrieval
Building RAG in Laravel: Four Ingestion Bugs That Silently Wreck Retrieval
Every Laravel RAG tutorial builds the same ingestion pipeline (chunk, embed, store) and stops the moment the agent answers on screen. None of them check whether retrieval is any good. But retrieval quality is decided at ingestion, before the model runs once, and four decisions there fail with no error, no exception, no failed test: Chunking that severs the answer mid-sentence, so answer@1 falls while source hit@1 still looks healthy. An HNSW index built with vector_l2_ops while you query with…
Lire
Symfony UX 3.2.0 and 2.36.1 released
Symfony UX 3.2.0 and 2.36.1 are now available. Both releases fix two security issues, one in UX Icons and one in UX Toolkit, so every application using these packages should upgrade as soon as possible. On top of the security fixes, version 3.2.0 ships several…
Lire
Symfony AI Spotlight: One API to Rule Them All
Symfony AI Spotlight: One API to Rule Them All
Symfony AI is approaching its 1.0 release — so let’s take a tour. In this first post of this series, we introduce the Platform component — the foundation layer that connects your PHP application to the world of AI. The AI landscape is fragmented. Every provider…
Lire
CVE-2026-55877: XSS in symfony/ux-icons via unsanitized SVG content in local files and Iconify on-demand responses
CVE-2026-55877: XSS in symfony/ux-icons via unsanitized SVG content in local files and Iconify on-demand responses
Affected versions Symfony UX Icons versions >=2.17.0=3.0.0<3.2.0 are affected by this security issue. The issue has been fixed in Symfony UX Icons 2.36.1, 3.2.0. Description The ux_icon() Twig function is marked is_safe=['html'],…
Lire
CVE-2026-55878: Path Traversal in symfony/ux-toolkit Allows Arbitrary File Write and Read via Crafted Recipe Manifest
CVE-2026-55878: Path Traversal in symfony/ux-toolkit Allows Arbitrary File Write and Read via Crafted Recipe Manifest
Affected versions Symfony UX Toolkit versions >=2.32.0=3.0.0<3.2.0 are affected by this security issue. The issue has been fixed in Symfony UX Toolkit 2.36.1, 3.2.0. Description The ux:install console command installs files from a…
Lire
The PHP Ambassador Program is Open
The PHP Ambassador Program is Open
We are excited to announce that we have scheduled the first meeting for the PHP Ambassador Program! This is the second Special Interest Group launched by The PHP Foundation, and we are inviting you to be a part of it. As mentioned in our 2026 Strategy document, this group will be focused on improving the perception of PHP outside the PHP bubble. It will center on external advocacy and empowering the community to help tell the story of modern PHP in whatever capacity makes sense for them.…
Lire
Datasette Apps: Host custom HTML applications inside Datasette
Datasette Apps: Host custom HTML applications inside Datasette
Today we launched a new plugin for Datasette, datasette-apps, with this launch announcement post on the Datasette project blog. That post has the what, but I'm going to expand on that a little bit here to provide the why. The TL;DR Datasette Apps are self-contained HTML+JavaScript applications that run in a tightly constrained <iframe> sandbox hosted on your Datasette application. They can use JavaScript to run read-only SQL queries against data in Datasette, and can run write queries too…
Lire