PHP Yorkshire 2019
11 - 13 Apr 2019 at University of York

CQRS and Event Sourcing are challenging if approached for the first time, and especially if done from scratch. This tutorial will give you an understanding of what CQRS and ES are, including their complexities, advantages and pitfalls. We will help you with modelling, designing and implementing an application relying on these architectural patterns, guiding you through: Domain analysis Involved architectural components Data flow Synchronous/Asynchronous dispatching Implementing domain logic with aggregates Projections Scaling Testing https://www.phpyorkshire.co.uk/people/marco-pivetta/

Jenkins X is a project built on top of Jenkins designed to work in conjunction with Docker and Kubernetes. In this workshop, you will learn how to set up your own continuous integration and deployment pipelines using Jenkins X During the first day, you'll learn everything you need to know - all the underlying technologies; Docker, Jenkins and Kubernetes. In the second day, we'll build upon this knowledge while setting up our own Jenkins X cluster in the cloud. Workshop attendees should have a basic understanding of Docker and CI/CD already, however no existing knowledge of Kubernetes is required (although beneficial) https://www.phpyorkshire.co.uk/people/paul-dragoonis/

Websockets provides a way to have a persistent 2-way connection between your server and your client’s browser. This allows for more efficient communication than traditional front end mechanisms such as XHR or long polling, and allows for better web native applications as a result. Starting out with websockets in the browser has its complications, especially regarding how they can hook into your existing application. The tutorial will cover the basics of websockets, and then move on to PHP workers and the React event library for PHP. Using these we can implement PHP clients as part of a websocket application, allowing your existing stack to communicate with a websocket server and your users in the browser. The tutorial requires no existing familiarity with websockets or event-based frameworks, though basic knowledge of JavaScript and a reasonable knowledge of OOP PHP and PHP via CLI are recommended. Whilst the application will be generic there will be time to see how components could interact with your businesses existing projects, so you can deploy real time applications to benefit your users with minimal overhead. https://www.phpyorkshire.co.uk/people/mike-lehan/

"GraphQL represents a massive leap forward for API development." says GitHub. What can we do with it in PHP? This workshop will show you from the basic setup of your GraphQL Server with Symfony, possibly teach you some tricks on Symfony Flex and then start exploring a lot of the powers of GraphQL, handling a more complex schema, treating performance, security and versioning (Schema deprecation), if in time we'll also check some cool tech using promises to fetch data and get a grasp on how to avoid the n+1 issue on APIs. If you're an API developer this workshop might change your way of thinking about it! https://www.phpyorkshire.co.uk/people/renato-mefi/

Do you have difficulties writing effective, helpful tests up front? Have you heard of Domain Driven Design, but are you still unsure when and where to use value objects? Perhaps you've read some books or blog posts, but practical experience can be hard to come by. TDD and DDD are key skills for team members of highly effective, performant teams. Joop and Pim have done dozens of smaller and larger projects using TDD and DDD. They would love to share these good (and bad!) experiences with you! In this workshop you will learn the skills of TDD and DDD, and how to apply them effectively in a team. Asking the rights questions, writing useful tests and creating meaningful code. We can't wait to help you grasp TDD, DDD & Teamwork! https://www.phpyorkshire.co.uk/people/pim-elshoff-joop-lamerts/

Protecting your users’ data is the most important thing you will ever do as a developer, but it isn’t always easy to know where to start. Last year at PHP Yorkshire, we learned how to integrate the Privacy by Design framework into your development workflow. This year we're expanding on those lessons to learn how to integrate best privacy practice across your project on the governance, project, and code levels. You'll learn how to define a healthy approach to project privacy; integrate privacy as a fundamental project value; evaluate your project for gaps in resourcing and expertise; and access the growing body of code, design, and resource libraries available to help you along the way. https://www.phpyorkshire.co.uk/people/heather-burns/

Welcome to PHP Yorkshire 2019.

11

We often speak of open source as a meritocracy; everyone's patches are welcome. However with git used in the workplace as well as open source, being good at pull requests is a key career skill for all developers. This talk combines git tips, psychology and years of experience to present key information on working with pull requests. How to open one in a way that will make it more likely to be accepted without drama. How to review and evaluate a pull request so you don't regret it in the morning. How (and if) to merge pull requests, including those big words like rebasing and squashing. And how to close them, merged or not. This talk recommended for everyone who uses pull requests and wants to work on this key skill.

5

Traditional relational databases — ironically — are not that good at the complex relationships some modern applications need. Multiple joins and complex sub-queries can gradually take a toll on performance. Graph Databases, on the other hand, are all about relationships. In this talk we will look at using the popular Neo4j graph database with PHP to build efficient relational data for OmNomHub: not your average recipe site.

PHP has its own treasure chest of classic mistakes that surprises even the most seasoned expert : code that dies just by changing its namespace, strpos() that fails to find strings or arrays that changes without touching them. Do that get on your nerves too? Let’s make a list of them, so we can always teach them to the new guys, spot them during code reviews and kick them out of our code once and for all. Come on, you’re not frightening us?

Curious about all the hype around Machine Learning and Artificial Intelligence? Heard of "Neural Networks" and "Deep Learning" but confused about what it really means? In this talk, you'll see what Artificial Neural Networks (ANN) look like and how they can "learn". And along the way, you'll discover how you can build your own ANN, with PHP of course!

10

"I can't test this code because it's legacy. I need to update the code to make it testable. How can I manage that, without breaking existing functionality? I'll need to write some tests, but... argh!" We've all been there! In this talk we'll look at safe ways to refactor 'untestable' code to make it testable - without breaking any existing functionality. Promise! Then, further changes will be much easier!

6

The days of hand-crafted artisanal servers are long over. Modern web applications need to be able to run on many different servers without code changes. Not just different hosting providers, but different environments on the same hosting provider. Whether you're using a legacy dev/stage/prod setup or a modern branch-is-environment host, modern hosting imposes some requirements on your application design but also offers a huge potential for new and powerful tools. In this session, we'll explore some key guidelines for building a cloud-friendly application, as well as look at some architectural options that a modern hosting platform enables.

Food to eat.

16

So you think you know PHP? But do you really? We all compare and test data on nearly every other line in our code, be it input validation, an if-statement, a switch or determining what to display and how. So of course we are all experts on how to do these tests and comparisons…. Or are we? No matter whether you are a beginner or an expert, come and join in the fun for the Big “Why equal doesn’t equal” Quiz, test your knowledge and learn about defensive programming and the quirks of a loose type programming language along the way.

5

Long story short: an application is born, an application grows, an application becomes unmaintainable. Often the functionalities added to the application are independent-enough but they end up anyway in the main code base increasing the code size, complexity and coupling. A common strategy to raise application maintainability and extensibility is to have external plugins/bundles/modules keeping the application core as smallest as possible. In this session you will see challenges and solutions when building plugin-based application architectures. By allowing “plugins” you will get third party extensions, independent release cycles, less dependencies and many other advantages.

We’re all familiar with things like HTTP codes and content types, but there’s so much more we can do when developing an API to make life easier for consumers. How many times have you used an API only to find out that every endpoint is slightly different - some use snake_case, others camelCase, sometimes the field is called id, sometimes it’s user_id. How about pagination? Error responses? What about API documentation? Trying to standardise on all these things can kill an engineering team. There are so many options out there it’s difficult to know where to start. Come along and learn what works for our team! We’ll cover contentious topics (should the version be in the URL or a header?), lesser-known standards that are great (RFC 7807 springs to mind) and a couple of things that aren’t an issue right up until they’re a really big issue (like pagination).

Those teams working in an agile fashion will usually bring the tester in as early as possible in the development cycle — often during the planning stages — to find potential problems before they create work to fix. But checking for potential technical problems is only a small part of what the QA team can do in this stage. The QA team has a wide scope to make the product as good as it can be. This allows the tester to use not just their technical knowledge, but their non-technical knowledge, in their quest for quality. In this talk, we will be outlining those non technical disciplines that a tester has, from historian to lawyer, and even spy. Testers will come away from this talk full of ideas of questions to ask of their product, while other members of the team will come away with a greater understanding of the knowledge a good tester can bring to the table. Items covered will include accessibility, data protection, misuse of a product, and being culturally sensitive.

The media is full of stories about “hackers” finding and exploiting vulnerabilities in web-accessible systems – not just web applications. You may also have been the target of such an attack. How can you prepare to deal with such incidents, and who are you going to call when you notice you are the latest victim? What is a SOC and how does it relate to CKC analysis? What is the lifecycle of a cyber security incident? Who should be responsible for overseeing a coordinated response? All these questions, and many more, will be answered in the talk.

12

Free Software. Open Source. Software Freedom. Free as in Speech or Free as in Beer? We're all familiar with the buzzwords, the catchphrases, and slogans. We all know the "GPL vs BSD" debate, and have probably participate in it at some point. But what do they mean, really? Is Open Source really just a friendlier name for Free Software, or is there something more to it? Yes. Yes there is. Free Software, at its core, is a philosophical, cultural, and political movement. It is a part of, and inspiration for, the Free Culture movement. A movement born of a simple belief: That you should have control of your own digital destiny, and that it is immoral to deprive people of that right. Let's try to recollect where our community came from, and the principles upon which it was founded.

After party.