Hello and welcome to php[tek] 2018 — the premier PHP conference and annual homecoming for the PHP Community. This conference will be our 13th annual, and php[architect] and One for All Events are excited to continue to host the event in Atlanta!
09:30 |
The Grumpy Programmer's Introduction to Unit Testing
Workshop by Chris Hartjes (7 hours, 30 minutes) What if you could learn how to write tests from someone who has been using them for a long time and also knows how to explain it in a way that cuts down on the fear and anxiety while teaching you what you need to go to get started immediately? In this full-day training, Chris will teach people the basics of writing tests using PHPUnit. Topics covered include: * high-level discussion of the role of testing *assertions *the Arrange-Act-Assert pattern *what a PHPUnit test file looks like and where to locate them *test doubles and when to use them *data providers *strategies for building test scenarios Attendees will need the following: a laptop with PHP 7.2 (or whatever the most stable version is), the most recent stable version of PHPUnit installed, and be ready to actually write tests. |
Docker for PHP Developers
Workshop by Chris Tankersley (7 hours, 30 minutes) Thanks to tools like Vagrant, Puppet/Chef, and Platform as a Service services like Heroku, developers are extremely used to being able to spin up a development environment that is the same every time. What if we could go a step further and make sure our development environment is not only using the same software, but 100% configured and set up like production. Docker will let us do that, and so much more. Docker is fast becoming an important part of many developers toolkits. Not only are more developers using it day-to-day, but it is also becoming an important tool for deployments. We'll look at what Docker is, why you should consider using it, and all of the features developers can take advantage of. |
|
Evolution of PHP Security
Workshop by Eric Mann (7 hours, 30 minutes) PHP is a secure, modern programming language suitable for any number of applications. As with any other language or tool, PHP can only be used securely if the developers using it wield their tools safely. This training class will walk through best practices in: - password management (including hashing) - credentials management (API keys) - data encryption (both local and remote) - data integrity (e.g., signing and authentication) - server hardening Attendees will leave with a better understanding PHP and how to use it in secure applications. Attendees should have an operable PHP environment before arriving (preferably PHP 7.2). They will be given a code repo to use during the training class which will demonstrate the principles being discussed and allow them to practice from-scratch implementations in code. |
09:00 |
Introduction to Event Sourcing and CQRS
Workshop by Beau Simensen (3 hours, 30 minutes) Have you heard about Event Sourcing and wondered what it is all about? Have you looked into it and wondered what sort of sorcery is going on behind the scenes that makes this magical technology work? Are you convinced you cannot possibly move your existing applications to be event sourced? Take a step back and learn how Event Sourcing can be applied to a simple database-backed object model with little to no fuss. From there, see how you can start adding read models and begin to see how Event Sourcing and CQRS (Command Query Responsibility Segregation) go hand in hand! |
Mastering REST API Tests With Codeception
Workshop by Michael Bodnarchuk (3 hours, 30 minutes) Everything is an API these days. Unlike web interfaces, APIs can't be tested manually, by hand. There is no other option than to write automated tests. Codeception provides the best set of tools to test REST effectively. Come to this tutorial to learn how to make stable APIs with tests. In this session we will cover: * using REST module with PhpBrowser or a framework of choice * testing data structures with JSONPath and JSONType * authentication in tests * managing test data * extending Codeception to validate responses with JSONSchema or Swagger |
|
PHP 7 Extension Writing
Workshop by Sara Golemon (3 hours, 30 minutes) Learn how to debug your favorite PHP extensions or even write a new one from scratch. This break-neck paced session will cover the most essential pieces of PHP's extension API and guide you towards how to contribute to your favorite language for the web. A Git repo with example code to follow along with will be available within a month of the event for attendees to download and follow along. |
|
Building On IoT Devices
Workshop by Jeff McGehee (3 hours, 30 minutes) What it is, how it got here, where it’s going, and how you can get involved. The web is now full of “things” instead of just servers and clients… But don’t get too alarmed; these “things” are just a new type of client (or server). This session will explain how these “things” came on the scene, where their ecosystems are pushing the creation of new technology, and why web developers are in the best spot to make an impact. Topics covered will include common types of embedded systems, common communication protocols, server back-ends, and the emerging world of IoT platforms as a service. After the talk, we’ll all get our hands dirty with an embedded device, a few sensors, and the internet. |
|
13:30 |
Scaling MongoDB
Workshop by Derick Rethans (3 hours, 30 minutes) In this presentation, Derick Rethans will explain how to scale MongoDB. Besides its schema-free functionality, a modern database like MongoDB is also a lot easier to scale up than traditional relational databases. He will cover replication, for failover capabilities and increased read performance, and "sharding" for dealing with larger sets of data and increased write performance. Each section will consist of theory, followed by instructions on how to set it up and deploy. At the end of the presentation, you will have a firm understanding of how and why scaling with MongoDB is so straightforward. |
Little Bobby Tables Isn't Welcome Here
Workshop by Eric Mann (3 hours, 30 minutes) Making the top page of Hacker News is every developer’s dream---unless it’s because you were hacked. The OWASP Top Ten is required reading for every modern PHP developer. It enumerates the things to _not_ do while building an application. Still, it’s easy to trip up and accidentally violate a rule you think you’ve followed. Together, we’ll walk through a pre-built PHP application to find both where it’s blundered and how to fix its fatal mistakes. |
|
WordPress REST API Workshop
Workshop by Micah Wood (3 hours, 30 minutes) WordPress is the most common CMS in the world and has a very robust and customizable REST API. Join us as we discover how to create solutions decoupled from WordPress while still leveraging this popular CMS. Never looked into the WordPress API before? No worries! We'll start from the beginning! The WordPress REST API was fully integrated into WordPress core in version 4.7. There is a lot of buzz around the REST API, but just as many questions: - What is a REST API? - Why is it important? - When would I use it? - Is it secure? - How do I use it? - How can I customize it? If you are a developer and have even one of the questions above, you will want to join us as we get hands-on and explore the WordPress REST API in this three-hour workshop. It is entirely possible to sit back and enjoy the ride, but our goal is for you to get your hands dirty (figuratively, not literally). In order to get the most out of this workshop, please come prepared by doing the following: - Download a free copy of PostMan onto your laptop: https://www.getpostman.com/ - Setup a local installation of WordPress on your laptop: https://premium.wpmudev.org/blog/develop-wordpress-locally-mamp/ |
|
Practical Hands-On Accessibility Testing
Workshop by Nic Steenhout (3 hours, 30 minutes) Testing for web accessibility can feel daunting when you aren't accustomed to it. But with the growing requirements for sites to meet accessibility guidelines, it has become an inescapable part of a developer's life. Accessibility should be seen as a challenge, rather than a chore. This workshop will demonstrate an accessibility testing workflow that can be integrated into coding workflow and will include a review of automated testing, and hands-on manual testing using a variety of tools, from using the keyboard to using a screen reader application. We will work on real-life sites, as well as some code snippets. Participants will leave the workshop with a solid understanding of common accessibility barriers and methods to test for, and how to remediate these barriers. Attendees will need to bring their own laptop. Some software is required to be installed ahead of time. A detailed list will be made available to registered attendees two weeks before the workshop but include a screen reader, code inspection tools, color analyzer tools (all tools free for download). |
09:00 |
I Community and So Can You
Keynote by Lane Staples (1 hour) Community is a term often bandied about in tech circles, but what does it mean? Where is this community? What is community's hit point max, magic rating, and XP to next level? Does it have special abilities? How can individuals best connect with, contribute to, and benefit from the larger technical community? What's the end goal? So many questions! I don't have all of the answers, but I may have a few, so join us and let's share some community skillz. |
10:15 |
Biometrics: Fantastic Failure Point of the Future
Talk by Adam Englander (1 hour) This presentation attempts to prepare developers for the coming storm of biometric authentication. It is coming; for many, it is already here. Unfortunately, few of us have been prepared to select tools for utilizing biometric authentication properly. In this presentation, Adam Englander will express the special dangers of biometrics with regards to lifespan and storage. Due to the user's inability to change a biomteric, it is much more valuable to bad actors as the lifespan will undoubtedly exceed the lifespan of the cryptography. Any biometric database stolen today will likely be able to be cracked by the average computer in 20 years. This creates a unique problem many of us have not had to tackle before. We need a different mindset when thinking about biometrics. This presentation will try and give that much-needed perspective. |
PHP on Kubernetes
Talk by Chris Church (1 hour) Kubernetes is the choice for running autoscaling, resilient applications in containers. Containers divorce applications from servers in the same way that virtual machines divorced servers from hardware a generation ago. We cover lessons learned in bringing our existing PHP stack onto Kubernetes. This talk covers our experiences moving our PHP-based application stack onto Kubernetes from puppet-based virtual servers and embracing immutable infrastructure. In the process, we: * improved scalability over several orders of magnitude * simplified reuse of infrastructure components for new services * enhanced our security posture * reduced system costs through aggressive autoscaling In this talk, we will cover * Kubernetes concepts * Practical considerations when migrating to Kubernetes and Docker * How to configure and launch a PHP application in Docker and Kubernetes * How to handle scalability, deployments, cron jobs, and secret management |
|
How Will We Test All the Things?!
Talk by Christian Crews (1 hour) This will be a walkthrough of Etsy’s, still in progress, journey from a shared manual test team to a more self-service functional/UI automation system. It’s a tale of endeavoring to continue to deliver products with high quality through company restructuring and lots of organizational change. During her first year at Etsy, Christian went from being a very people-centric QA Manager to a more hands-on technical lead. The transition was very eye-opening. Many other companies are endeavoring to make a similar change. She learned some important lessons along the way that seem useful regardless of whether one’s product quality system is manual or fully automated. Topics covered will include quality metrics, code coverage, various types of automated testing, postmortems, post-launch incident monitoring and reporting, consumer sentiment, and retrospectives. |
|
How PHP Ticks
Talk by Sara Golemon (1 hour) A look into the internals of PHP; how it came to be, how it works, and how PHP 7 leapt far out in front of its predecessor on performance and memory consumption with some thoughts on what's next for PHP 8. This talk is less about practicalities and more of an abstract view of the engine for theoretical's sake. |
|
11:30 |
Essential Software Skills You Didn't Learn in School (Tools and Processes 101)
Talk by Jamie Anne Harrell, MBA (1 hour) Did you recently graduate from school or a coding boot camp? In this talk, we'll introduce you to the blind spots in your training that are holding you back from being a successful software developer, and help you create a plan to fill the voids. In the first installment of Jamie's Zero-2-FTE series, we explore your "unknown unknowns"---which probably include some of the basic skills and tools you'll need to be a successful software developer you likely didn't learn in school. This talk focuses on the processes and tools you need. If talk of configuration management, heads, branches, bugs, unit and integration testing, and release processes are new to you, this is a great place to start! While we can't teach you everything there is to know about all these topics in a single session, at least you'll now know what you don't know---and have a path and plan to learn it. |
Dragging Old Frameworks Into the Future With Limited Kicking and Screaming
Talk by Joe Ferguson (1 hour) Joe's career has been filled with legacy projects he's been tasked with bringing into the modern PHP world. He'll share experiences specifically with refactoring a Kohana framework project and the steps his team is taking to modernize the code base while introducing new features and continuing to deliver releases for their customers. Join us as we learn about dragging old legacy projects into the future of modern PHP development without much kicking and screaming. |
|
Move Over Graphite, Prometheus Is Here
Talk by Michael Heap (1 hour) We all agree metrics are important, and Graphite's a great tool for capturing them. However, in the last few years, the metrics space has released lots of great tools that blow Graphite out of the water---one of which is Prometheus from SoundCloud. Prometheus allows you to query any dimension of your data while still storing it in a highly efficient format. Together, we'll take a look at how to get started with Prometheus, including how to create dashboards with Grafana and alerts using AlertManager. By the time you leave, you'll understand how Prometheus works and will be itching to add it to your projects! |
|
Building for the PHP Command Line Interface
Talk by Steve Grunwell (1 hour) Executing PHP from the command line enables us to interact with our applications in new and interesting ways: from performing site maintenance to scaffolding new projects, CLI tools like WP-CLI, Artisan, and Drush make it easy to interface with our code without ever opening a browser. Attendees will be introduced to popular PHP CLI tools and their default capabilities. We'll discuss characteristics of good CLI scripts, strong use-cases for writing custom commands, then write several CLI programs across different platforms. |
|
13:30 |
Is It Too Late to Learn How to Program? How Being a Developer Changed My Life.
Keynote by Alicia Carr (45 minutes) Learn how and why---after being inspired by a 16 year old---Alicia V. Carr wanted to become an iOS mobile developer at the age of 51. Many believe women and those of Alicia's age are out of touch with technology. Alicia will discuss the challenges she faced as a self-taught, female African-American iOS developer responsible for creating a domestic violence app dedicated to helping victims escape. Unconscious bias has affected Alicia and many other women in tech; the tech community must open their arms and embrace change. |
14:30 |
Syncing Validation Constraints Between the Server and Client
Talk by Betsy Gamrat (1 hour) Client-side validation helps users and reduces invalid submissions to the server. Server-side validation protects the users, the application, and the server. Server-side validation is a must, but if you want to use client-side validation, how can you sync the validation constraints? We'll begin by discussing the differences between client and server-side validation; then, we'll cover how you can synchronize the validation between the client and server to help users and ensure valid data is sent to the server. The first approach will demonstrate the use of straight PHP, using an .ini file as the source for the validation constraints. The next method will use it with Symfony form field attributes and finally synchronized validation with Doctrine ORM annotations will be demonstrated. |
Effective Code Review
Talk by Dave Liddament (1 hour) "There are many benefits of code review---lower development costs, increased code quality, quick up-skilling and on-boarding of team members. Despite these benefits many teams don’t have code review as part of their process at all, while others don’t get the gains they should. This talk outlines the business case for code review and explores how to make code review effective, specifically looking at: * Expectations of what can be achieved with code review. * What should be covered by code review (including example code). * What should not be covered by code review. * How to write code that makes code review easy. * What makes good code review comments. * What makes good responses to code review comments. Finally, to wrap up, you'll be shown how to enable a code review with GitHub. Spoiler alert---it can be done it under five minutes! So if you are on a team that isn’t using code review, or isn’t using it effectively, then you should be at this talk. " |
|
Building Facial Recognition Services With JavaScript and Amazon Web Services (AWS)
Talk by Kesha Williams (1 hour) Facial recognition is everywhere from Facebook to security, gaming, stores, airports, etc., and its use is only growing. Facial recognition is popular because facial images exist of almost everyone. You've got driver's license photos, identity badges from where you work, library cards, warehouse club cards, social media, and the list goes on. The FBI has said its database includes 4.3 million plus "civil images"---those taken for non-criminal purposes. With the advent of several facial recognition APIs and the innovation leader, Amazon, throwing its hat in the ring with Amazon Rekognition, the technology will become even more commonplace than it is today. Attend this talk to learn about advances in facial recognition and how to integrate facial recognition into your apps using Node.js, JavaScript, AWS Lambda, AWS API Gateway, and AWS DynamoDB. |
|
MySQL 8---A New Beginning
Talk by Dave Stokes (1 hour) MySQL 8 is a major redesign of the most popular database on the web. It will have a true data dictionary (no more .frm, MYI, or other little files) which means you can have millions of tables within a schema. Windowing functions and common table expressions are available, as well as multi-plane character support (because you need emojis in your data), user roles, more JSON functions, and big optimizer improvements. There will be a better "out of the box" user experience. You will also learn what happened to MySQL 6 and MySQL 7. |
|
15:45 |
Don’t Eat Grandma: Common Grammatical Issues in Technical Writing
Talk by Kara Ferguson (1 hour) As a copy editor working in tech, Kara Ferguson sees many of the same flaws in writing over and over again. Being a developer isn’t only about writing code. Devs must be able to communicate via verbal and written means properly. Sometimes, it’s something as simple as writing an email or message in Slack to a coworker, or contributing to the much-dreaded documentation. For some, it’s sharing your knowledge via authoring blog posts, articles, or books. Even conference speakers spend hours writing text for their slides. In this talk, she’ll point out some of the most common and most frustrating grammatical issues such as double spacing after punctuation, how and when to use a comma, and how grammar can help you assert your expertise on the topic of your choice! |
Managing Dependencies Is More Than "Composer Update"
Talk by Nils Adermann (1 hour) We build our projects on the shoulders of giants---using third-party dependencies. But how well do we know them; what risks do they pose? Learn how to assess and minimize these risks and how to manage dependencies effectively. This talk covers a broad range of dependency management subjects, from assessing and minimizing risk to your business from BC breaks or failing external APIs, all the way to hands-on tips for working with Composer in the real world---e.g., how to solve composer.lock merge conflicts when other team members modified the file. |
|
Let's Get Random: Under the Hood of PHP 7's CSPRNG
Talk by Sammy Kaye Powers (1 hour) What is random? If you think about it, describing randomness is quite difficult; and so is generating random numbers for computers. If you get it wrong, you can open your app to serious security exploits. Unfortunately true randomness is a non-trivial achievement for computers. In fact, using weak sources of randomness can leave your application open to myriad vulnerabilities. Enter: a good cryptographically secure pseudorandom number generator (CSPRNG). We'll discuss the importance of using good sources of randomness, the CSPRNG options we had in PHP 5.x, and how the new [CSPRNG functions in PHP 7](http://php.net/csprng) work under the hood. Learn how to get it right in this talk about PHP's cryptographically secure RNG. |
|
APIs at Scale Require More Than Fast PHP
Talk by Stephen F. Johnston Jr. (1 hour) Using PHP to process 1000s of API events per second per machine and millions of events per minute is not simply a matter of tuning PHP. This talk will cover proven, battle-tested strategies for building, testing, monitoring and scaling PHP APIs. This talk will cover system tuning, PHP tuning and response tuning that apply to any API, as well as Lumen tuning, and will also cover specific capabilities in Google Cloud such as auto-scaling, tracing and load balancing. This is not a theoretical talk or a talk not backed by real-world experience. I will be covering specific lessons learned and implemented to process billions of monthly API events. I will cover specific examples, caveats, and alternatives along the way. I've spent the last year scaling the API architecture and code at PubWise to handle millions of events per minute and to auto scale nearly without limit. We've moved through three phases of architecture based on scaling needs and learned a ton in the process. I want to pass on what we've learned. |
|
17:00 |
How To Monitor Your Database
Talk by Baron Schwartz (1 hour) Quick: what does your application really do to the database? Maybe you're not really sure, but you might have some ideas. You'll find when you measure and learn the truth, it will surprise you. Mental models of application/database interactions are almost always wrong, for the same reasons you rarely write bug-free code in general. This talk is about how you can monitor your database so you can learn what it's _really_ doing. When you can do this, you'll become a much better engineer, not only building better systems but also making your team members heroes too. Here's what you'll learn: * Why quality of service (QoS) is the best definition of performance * The four golden signals of QoS * The difference between measuring the workload and measuring the resources * How to find and fix any performance problem * How to find inefficiency and optimization opportunities * How to diagnose incidents quickly * How to see what your ORM or service tier is doing behind the scenes |
Resilient Systems in PHP
Talk by Brian Sanders (1 hour) You've built the perfect PHP application, and now it's time to release it into the wild. Will you bask in the glory of your success, or will you find yourself inundated with outages? When your PHP app is running on your laptop, it's easy to get the insights you need into the health and functionality of your web apps. Your production deployment topology can be a different story. How will you get the visibility you need to diagnose production failures? Better still, can you design and build systems that degrade gracefully when usage spikes or integrations fail? This talk will present a process for breaking down your application into well-factored segments and architectural patterns that enable self-healing. |
|
Six Languages in 60 Minutes
Talk by Chris Tankersley (1 hour) Every developer has their favorite language. Yours is probably PHP. Any well-rounded developer should be at least a bit familiar with multiple languages, even if they do not use them day-to-day. New languages can help put a different perspective on problems, and there are times where PHP might not be the best pick. There are a plethora of languages out there which can be used for web development, but also server-side scripting, tooling, general app development, or anything under the sun. Why choose a compiled language over dynamic? What are some quirks of different langauges? In sixty minutes, we will look at Go, C, Python, Bash, C#, and Lua and compare them to PHP. Break out of your shell and learn a few new languages you might want to add to your skillset. |
|
IBM Watson & PHP, A Practical Demonstration
Talk by Clark Everetts (1 hour) Can you find how much of your inventory is on hand or allocated? Which product lines your customers are buying, and in what volume? Can you do it hands-free? In this session, we demonstrate live how **IBM Watson** can help an inventory or sales manager understand how much stock is available, who is buying and selling it, and spot important trends. We *leverage speech-to-text, text-to-speech, natural language processing, good ol’ SQL, and train a chatbot engine* to implement more than a chatbot: a *hands-free, truly interactive* application, powered by Watson in the cloud, using inventory, customer, and sales data. [Update] As attendees know, the demonstration of the Waston Assistant (Conversation) chatbot didn't happen because *I could not find the chatbot instance in my account!* I finally figured out that IBM Cloud created a *new* empty Assistant instance within my workspace, and of course my chatbot was in the original instance. These instance screens look identical (except for the missing chatbot). If you experience the same thing, click the "change" button on the upper right, and you'll see a list of instances within the workspace. |
09:00 |
Fire up your PHP App Performance with Blackfire.io
Talk by Beau Simensen (1 hour) Join us on a tour of Blackfire.io, a profiling tool for PHP. You will get a brief look at what profiling means and why it is important. You'll see how to create, read, and analyze performance profiles. You'll also take a look at more advanced functionality like performance management automation. |
PHP, gRPC, and Microservices
Talk by Brian Akins (1 hour) You don't have to leave PHP to get the benefits of a microservice architecture. PHP fits well in the world of containers, orchestration, and service meshes. This talk will discuss deploying PHP applications as both gRPC clients and servers. We'll discuss deployment of PHP applications into Kubernetes and integration with a service mesh based on Envoy. PHP applications can easily expose metrics to systems like Prometheus. This talk will show techniques for deploying existing PHP applications into the "Cloud Native" ecosystem. MailChimp has been doing this as we migrate our PHP monolith. |
|
Developing a Culture of Mentorship
Talk by Tessa Kriesel (1 hour) It’s easy to spend your entire day, heads down, coding projects without thinking twice about the other developers around you. We often get too absorbed with completing our immediate deadlines to spend any time considering the future of our projects, the future of our teams. By not mentoring new developers we are failing our future. We are failing at providing new developers with the industry experience they need to be a one-day successful candidate for our teams. Let’s talk about ways we can contribute to mentoring new developers in our teams and our communities. |
|
PHP 7.x – The New New PHP
Talk by Larry Garfield (1 hour) PHP 5.3 was released in 2009. Even with PHP 7.2 out now, 5.3 and 5.4 still account for over 40% of all production servers. PHP 7 brings numerous improvements to PHP, from minor syntactic enhancements to major engine changes to a new, stronger type system but what does it mean for developers? It’s time to paint a clear picture of why everyone should move to 7.0 (or 7.1), and how to get code ready for the latest version of PHP. In this talk, we’ll look at some handy tools and techniques to ease the migration. |
|
10:15 |
What's New in Xdebug?
Talk by Derick Rethans (1 hour) In this talk, Derick Rethans will cover the latest additions to Xdebug. Although it is now 15 years old, many features have been added in the last few years and months. Derick will introduce and explain these new features, and some more notable features added in the last few years. More specifically, new features for remote debugging, filters for tracing and code coverage, and of course all the other new features in Xdebug 2.6. |
Making the Most out of MySQL
Talk by Gabriela Davila Ferrara (1 hour) MySQL 5.7 is two years old, and adoption is growing. The new JSON data type shines as the most talked feature in this version. But, they are by no means the only awesome thing it has to offer. Learn how to manipulate JSON fields and how generated columns can help you index data and more. This talk will teach you how to properly do a _GROUP BY_ without being stuck in the new default mode of MySQL 5.7. Changing the default won't solve your problem. It's a temporary fix to hide something much more significant: the code that needs to be fixed. Generated columns are a concept available in databases such as Oracle and MS SQL Sever. MySQL, however, is one of the biggest open source databases to implement it and this is very helpful when using JSON data types. Knowledge of JSON data type is required for this talk. |
|
Accessibility and Security
Talk by Nic Steenhout (1 hour) We often hear about security and accessibility. But we rarely hear how these two mission-critical topics interact. This talk explores several areas where web accessibility and security interact, and how to preserve both elements so that sites are secure but usable by everyone. We don’t set out to create barriers, but some policies or code can have unintended consequences. Security can create barriers to access for users, with or without disabilities. However, security doesn’t have to reduce accessibility! Does your application use CAPTCHA or session timeouts? Does it validate data, or get users to confirm entered data before transactions? Is there data loss after re-authenticating? If you answered yes to any of these, this session’s for you. We will begin with a brief overview of the business case for accessibility. We will then explore the main security features impacting accessibility. Relevant W3C accessibility guidelines and techniques will also be investigated. Finally, a list of online resources will be provided. |
|
Greener Pastures: Infrastructure From the Ground Up
Talk by Steve Grunwell (1 hour) In late 2016, Steve Grunwell left his comfortable agency position as a Lead Web Engineer to join a small media startup as its first Director of Technology. One of the major draws to the startup was its complete lack of technical debt: he'd be in charge of deciding everything they used, from hosting platforms, platforms, and office tools. The opportunity was perhaps the greenest of fields Steve had ever laid eyes upon. While the company ended up not being the right fit for him, the lessons learned from researching, evaluating, and deploying the solutions have informed recommendations and decisions in his career post-startup. Attendees will gain insight into the technology needs and available solutions for a small, web-based publisher, and the criteria which led to each decision. |
|
11:30 |
Take Command
Talk by Betsy Gamrat (1 hour) Turbocharge your development with Linux commands. There are some cases where the command line is the fastest way to find files or content, read log files, sort and filter data, and do brute force editing. This session will cover my favorite commands, what they do, and how they can save time during development. In this session I'll show you how to use **php**, **node**, **find**, **grep**, **sort**, **uniq**, **cut**, **tail**, **watch**, **rm** and **sed** to save time when developing web applications. You should have some experience with the Linux command line; for example be able to **ssh** into a server and use **ls**. |
Give Great Interviews
Talk by Brian Sanders (1 hour) How does your organization screen for top PHP talent? You can develop a fair and challenging interview structure which finds the best new coworkers. The interviews we give often mimic those we experienced as candidates ourselves. But are the questions we're asking really finding us the best new coworkers? This talk will look at different interviewing techniques, different approaches to technical interviews, as well as recent research to help build a fair and repeatable interview process for your team. Learn how to keep your interview process objective and repeatable. |
|
Maintaining Homestead
Talk by Joe Ferguson (1 hour) Laravel's Homestead project is the second most downloaded public Vagrant environment. Initially designed to be a full-featured local development environment focused on making Laravel developer's experience easier Homestead has grown into a solid, well-rounded LAMP stack Vagrant environment for nearly any PHP project. Join us as we review the features and inner workings of Homestead, explore some features you may not be aware of, and even take a trip deep into the operations process of how we build and deliver the best vagrant environment for the PHP community. We'll also cover extending Homestead and making it work for your custom applications and how you can easily share the customized environment with your teammates, coworkers, or contributors. |
|
Modern Testing With Codeception: Tips and Tricks
Talk by Michael Bodnarchuk (1 hour) Codeception is the popular PHP testing framework. Unlike other testing frameworks, Codeception provides an experience of full-stack testing. Learn how to test Laravel / Symfony applications effectively and how to drive your tests with Selenium. In this talk, we will cover how to write tests effectively with: *browser tests with Codeception and Selenium (using PageObjects) *how to write and execute feature files (BDD) with Codeception *framework-based tests for Symfony, Laravel, Zend *what makes a perfect API test and more. |
|
13:30 |
Strategies for Transitioning Into Leadership
Keynote by Eric Muntz (45 minutes) In this talk, Eric Muntz will walk through his discovery of the differences between being a developer and being in a leadership role as a developer. He'll also discuss his transition into leadership and how he started developing systems to allow for experimentation in leadership. Eric will talk through the difficulty of *measuring* experiments in leadership and how to get feedback from your teams and adjacent colleagues in a timely, usable manner. It turns out your fellow leaders will become your first team, and that's the next strategy---*get advice*! Lastly, he'll talk through stories about how transparency and providing insight into *how* decisions are made, *how* they affect your teams and the rest of the company, and a *timeline* for rolling them out. |
14:30 |
60 to 0: Large-Scale Test Suite Parallalization With Privet
Talk by Andy Lindeman (1 hour) Writing automated tests is now a well-accepted best practice of application development. But over time, slow test runs can become an albatross around the neck of developer productivity. At Salesforce/Pardot, our large-scale PHP application has thousands of automated tests that could take well over an hour to run in serial. But with the help of a test parallelization tool we built called Privet (that will be open sourced in early 2018), we can run the entire test suite in five minutes, enabling our developers to deploy many times per day and run the tests on every Git branch. In this talk, I share our journey from a 30-minute build, to a manually balanced build, through ultimately automating the process. I also share some challenges we had to overcome along the way, and some we're still figuring out. |
As Easy as Falling off a Log (Or Writing to One)
Talk by Brent Laminack (1 hour) Logging is more than just appending to a file. Logging can be a critical piece of infrastructure that allows reconstructing what happened over disparate systems for security auditing, debugging and error post-mortems. Without it, you're flying blind. Starting with plain old _error_log()_, we move up the food chain to _syslog_ and examine its capacities and limitations. Next, will be an introduction to one of the better open source PHP logging packages---_MonoLog_. We'll show how it's built into Laravel and how to call it from MySQL. All this is for naught without some way to sort and filter the thousands of logging messages. We'll demonstrate a modern open-source syslogging package: _Graylog_. We will demonstrate how to search and sort the messages we created in our PHP apps. We'll also look at some of the ways _Graylog_ provides to work around the limitations of _Syslog_ using _Graylog_ *extractors* which are the easiest to use and how to construct easy-to-parse messages in our PHP code. |
|
Beat the Bugs, Before They Beat You
Talk by Dave Liddament (1 hour) “In this world nothing can be said to be certain, except death and taxes.” Software developers have a third certainty. Bugs. Regardless of experience and skill level, all developers introduce bugs into their code. The longer these bugs fester, the more expensive the consequences of them become. So to improve the quality of our software we need to find bugs fast, ideally before they even end up entering the codebase. This talk is aimed at beginner to intermediate level software developers. It introduces the concepts: type hints, assertions, and value objects. We'll then look at how these techniques can be combined with modern IDEs to: * reduce the chance of introducing bugs * minimize the cost associated with any bugs that do slip through the net * safely refactor code so we can rename classes, methods, and variables to be more explicit This talk will leave you with plenty of tips on how to write cleaner code with fewer bugs. And best of all you can apply them the next time you write code. |
|
Composer Best Practices 2018
Talk by Nils Adermann (1 hour) Not certain you're making full use of Composer's capabilities? Overwhelmed by the number of commands, options and configuration choices? Composer has become the standard tool for Dependency Management in PHP. While we continuously work on improving Composer's usability and documentation, it covers a vast amount of functionality and use cases, and Dependency management itself remains a challenge for software development. Apart from the latest changes in Composer this session will cover details on version constraints, stabilities, semantic versioning, and the correct use of the lock file. We'll also cover helpful tips for everyday interaction with Composer, such as the right options to use during development, testing and deployment, or commands useful for debugging solver problems. You should already be familiar with Composer and be eager to learn more tips and tricks. |
|
15:45 |
Cryptography Advances in PHP 7.2
Talk by Adam Englander (1 hour) There were some pretty substantial cryptography advances in PHP 7.2. Most of these changes were made to make advanced cryptography easier to use. That’s a good thing for developers and end users alike. The addition of libsodium is a game changer. It makes synchronous and asynchronous cryptography a no-brainer and adds better hashing than we've ever had. Argon2i for passwords is pretty substantial as well. We’ll go over the changes and have some practical examples of each. Developers need to know about these advances and just how awesome they are. |
Building Actions for Google Assistant Using JavaScript
Talk by Kesha Williams (1 hour) Hands-free is the future of internet services due to the artificial intelligence (AI) discipline of natural language processing. Google Assistant, released in 2016, realizes the promise of voice as a more natural and frictionless way to interact with technology. Although not the first product of its type on the market, Google Assistant outshines its competitors. During this talk, learn how to interact with Google Assistant and the steps required to teach this AI to become smarter. This talk explores the creation of Actions and the Dialogflow (formerly API.AI) platform by peaking under the covers of an existing Action. Attendees will hear from a developer's point of view the major differences in development and implementation between Google Assistant and its competitors. Attendees are exposed to creating Actions using Node.js, JavaScript, Dialogflow, Google Cloud Platform, and Google Cloud Functions. |
|
Gutenberg Comes to WordPress
Talk by Sal Ferrarello (1 hour) WordPress is changing its default editor experience with the introduction of a JavaScript-powered block-based editor called Gutenberg. The Gutenberg editor is a major evolution in the editing experience of WordPress and is slated for inclusion in WordPress 5.0, which is scheduled to be released sometime in 2018. While the plugin is still changing rapidly, by May 2018 this should be more stable, and perhaps Gutenberg will even be merged into WordPress core. We'll look at this new editing experience and how we as developers can even further extend Gutenberg with our own custom blocks. |
|
MySQL Without the SQL == Oh My!
Talk by Dave Stokes (1 hour) MySQL's Document Store lets you use MySQL as a schema-less, NoSQL document database via the new MySQL protocol and X DevAPI; This means you can use MySQL without having to write structured query language (SQL) queries, messy SQL strings in your beautiful code, or setting up tables! Perform all the CRUD without SQL while retaining the power and reliability of MySQL Database on the back end. Come learn what you need to start using the MySQL Document Store today! |
|
17:00 |
Machine Ethics and Emerging Technologies
Keynote by Paul Fenwick (1 hour) Technology is advancing at a faster rate than society’s expectations, and many technologies go from the being the stuff of science-fiction to being consumer-available, with very little in the way of discussion in between. But with the increasing rate of progress comes many questions that are uncomfortable to contemplate, and which may be dangerous to ignore. When should an autonomous vehicle sacrifice itself and its owner to protect others? What happens when medical expert systems work on behalf of insurance agencies rather than patients? What happens when the world’s weapon systems—including combat drones—are able to make lethal decisions without human involvement? |