Flux
Toutes les catégories

Web

897 articles

Building RAG in Laravel: Four Ingestion Bugs That Silently Wreck Retrieval
Programmation Web

Building RAG in Laravel: Four Ingestion Bugs That Silently Wreck Retrieval

Every Laravel RAG tutorial builds the same ingestion pipeline (chunk, embed, store) and stops the moment the agent answers on screen. None of them check whether retrieval is any good. But retrieval quality is decided at ingestion, before the model runs once, and four decisions there fail with no error, no exception, no failed test: Chunking that severs the answer mid-sentence, so answer@1 falls while source hit@1 still looks healthy. An HNSW index built with vector_l2_ops while you query with…

Freek Van der Herten
CVE-2026-55877: XSS in symfony/ux-icons via unsanitized SVG content in local files and Iconify on-demand responses
Programmation Web

CVE-2026-55877: XSS in symfony/ux-icons via unsanitized SVG content in local files and Iconify on-demand responses

Affected versions Symfony UX Icons versions >=2.17.0=3.0.0<3.2.0 are affected by this security issue. The issue has been fixed in Symfony UX Icons 2.36.1, 3.2.0. Description The ux_icon() Twig function is marked is_safe=['html'],…

Symfony Blog
CVE-2026-55878: Path Traversal in symfony/ux-toolkit Allows Arbitrary File Write and Read via Crafted Recipe Manifest
Programmation Web

CVE-2026-55878: Path Traversal in symfony/ux-toolkit Allows Arbitrary File Write and Read via Crafted Recipe Manifest

Affected versions Symfony UX Toolkit versions >=2.32.0=3.0.0<3.2.0 are affected by this security issue. The issue has been fixed in Symfony UX Toolkit 2.36.1, 3.2.0. Description The ux:install console command installs files from a…

Symfony Blog
The PHP Ambassador Program is Open
Programmation Web

The PHP Ambassador Program is Open

We are excited to announce that we have scheduled the first meeting for the PHP Ambassador Program! This is the second Special Interest Group launched by The PHP Foundation, and we are inviting you to be a part of it. As mentioned in our 2026 Strategy document, this group will be focused on improving the perception of PHP outside the PHP bubble. It will center on external advocacy and empowering the community to help tell the story of modern PHP in whatever capacity makes sense for them.…

The PHP Foundation
The PHP Podcast 2026.06.17
Programmation Web

The PHP Podcast 2026.06.17

🎙️ PHP Podcast – June 17, 2026 Hosts: Sara Golemon & Holly Schilling | Guests: Paul Reinheimer & Sean Coates Eric and John are still locked in the basement. Sara is literally on a boat in Spain. Normal show, totally normal. 🚢 Sara Broadcasts from a Harbor in A Coruña Sara is joining this week’s […] The post The PHP Podcast 2026.06.17 appeared first on PHP Architect.

PHP Architect
Why skipping Eloquent doesn’t mean skipping SQL injection protection
Programmation Web

Why skipping Eloquent doesn’t mean skipping SQL injection protection

Video version at: https://youtu.be/gAVfQhPw8Do A few weeks ago, I posted something on LinkedIn that ruffled some feathers. Here’s what I said: “Defaulting to the ORM for everything isn’t a best practice. It’s just the path of least resistance.” The replies came in fast, and a good chunk of them said the same thing: “That’s unsafe! […] The post Why skipping Eloquent doesn’t mean skipping SQL injection protection appeared first on PHP Architect.

PHP Architect